Memo: $ and #, <![cdata[ ]]>

1. $ and #
In ibatis/MyBatis, when we use SqlMap for Sql query, we need to quote parameters. The distinction between symbols # and $ encountered in parameter reference is, # can be precompiled, type matching, and $ Data type matching is not performed, and it is directly used as string splicing, so pay attention to the risk of SQL injection.

The role of $ is actually string concatenation,
select * from $tableName$
is equivalent to
StringBuffer sb = new StringBuffer(256);
sb.append("select * from ").append(tableName);
sb.toString(); #Used

for variable substitution
select * from table where id = #id#
Equivalent to
prepareStement = stmt.createPrepareStement("select * from table where id = ?")
prepareStement.setString(1,'abc');

for the variable part, # should be used, which can effectively prevent sql injection. In the future, # will use prepareStement, which will also improve efficiency;
$ is just a simple character splicing. For non-variable parts, you can only use $, in fact , In many occasions, $ also has many practical meanings.
For example :
select * from $tableName$ performs a unified query for different tables.

Also refer to: http://developer.51cto.com/art/200907/138063.htm


2. <![cdata[ ]]>
In fact, this is the usage of xml, because it is often seen in mybatis, so it is also explained here.
In xml, '<' and '&' are special characters that require special processing, which can be included in <![cdata[ ]]>.