安全问题 标签

常见漏洞防御 之 防SQL注入的三种方式 有更新!

  |   0 评论   |   813 浏览

看以下三种SQL语句

String sql1 = "select * from user where username = '"+username+"' and password = '"+password+"'";
		
		String sql2 ="select * from user where username = :username and password = :password";
		
		String sql3 = "select * from user where username = ? and password = ?";