区别如下:
1.#{}传参能防止sql注入,使用#传入参数时,sql语句解析时会加上双引号,当作字符串来解析。
select * from student where name=#{name} select * from student order by ${grade}
mybatis生成对应的sql语句:
select * from student where name="guo" select * from student order by grade
#{}用于查询参数传递,处理时加双引号;${}多用于排序,对参数不作处理。