Oracle 使用 druid 时,由于版本过低(1.0.16)报 nested exception is java.sql.SQLException: sql injection violation, class com.alibaba.druid.sql.dialect.oracle.ast.stmt.OracleBlockStatement not allow
批量插入数据:
<insert id="11111" parameterType="java.util.ArrayList">
begin
<foreach collection="list" item="item" separator=";">
insert into table(**,**)VALUES(**,**)
</foreach>
;end;
</insert>
解决问题:
- 将druid换成高版本,同时密码也要用对应的版本加密(我们用的是1.1.9)
- 将批量插入换一种写法,如:
<insert id="insert" parameterType="java.util.ArrayList">
insert into table(
XXX,
)
<foreach collection="list" item="item" index="index" separator="union all">
select
#{item.XXX,jdbcType=VARCHAR},
from dual
</foreach>
</insert>