mybatis how to distinguish the difference between the $ and #
# | $ |
Incoming data into a character string type, the incoming data and double quotation marks. If the SQL statements in order by # user_id #, if the incoming value is **, so when the value is parsed into sql order by "**", if the incoming value is id, it is parsed into sql order by "id". | Is directly spliced incoming data into SQL statements which, for example, order by $ user_id $ ** If the incoming is then parsed SQL statements will become order by ** If the incoming value is then parsed SQL id statement becomes order by id. |
# Will largely prevent the injected SQL statements | $ SQL statement can not prevent injection |
In general use # | $ Passed in a column name or table name can be used to pass dynamic parameters |