#与$
相同点:替换传入参数
例:
select * from user where id = #{params};
select * from user where id = ${params};
传入123入参
select * from user where id = "123";
select * from user where id = 123;
不同点:#号接收参数固定都为字符串,$符号可以多种类型包括sql语句注入;
例:
select id, #{params} as params1 from user where id = #{params};// 只能用来作为参数
select id, ${params} as params2 from ${params} where id = ${params};// 可以用来作为sql语句、参数
传入123
select id, "123" as params1 from user where id = "123";// 只能用来作为参数
select id, 123 as params2 from 123 where id = 123// 可以用来作为sql语句、参数
如果传入user; delete from user;--
select id, "user; delete from user;--" as params1 from user where id = "user; delete from user;--";// 只能用来作为参数
select id, "user; delete from user;--" as params2 from user; delete from user;-- where id = 123// 可以用来作为sql语句、参数
然后,第二天你就可以哭了!
多多指教!!!