1. The difference between the $ and #
- $ # {} {} And can get the value in the map object property value or pojo
- # {}: Is pre-compiled form, set the parameter to the sql statement, preventing sql injection
- $ {}: Value taken directly assembled in the sql statement; poses security issues
2. $ # and usage
2.1 table, sorting as a variable, you must use $ {}
select * from ${year}_salary where xxx;
select * from tbl_employee order by ${f_name} ${order}
# {2.2} can be used to place a # {}
Interface mapping file SQL statement: select * from t_employee where empId = $ {empId} and empName = # {empName}
execute precompiled SQL statement: select * from t_employee where empId = 2 and empName =?