SQL
关注
分享
扫一扫
左林右李02
mt实时数据平台研发
展开
-
常见的sql注入及修复方式
常见代码疏漏 对于mysql 1.将 WHERE some_field = ‘${变量}’ 替换为 WHERE some_field = #{param} 2.将 like ‘%${变量}%’ 替换为 like concat(’%’, #{变量}, ‘%’) 3.将 like concat(’%’, ${变量}, ‘%’) 替换成 like concat(’%’, #{变量}, ‘%’) 将 WHERE some_field IN (${变量}) 替换为 WHERE `some_field` IN &l原创 2022-01-25 11:17:17 · 3172 阅读 · 0 评论 -
连续进出店小于1h的记录去重
SELECT t2.*, sum(t2.mergeFLag) OVER (PARTITION BY t2.pid ORDER BY t2.stime ROWS BETWEEN UNBOUNDED PRECEDING AND CURRENT ROW) AS flag FROM (SELECT *,...原创 2020-01-09 16:43:11 · 120 阅读 · 0 评论