安全问题标签

常见漏洞防御之防SQL注入的三种方式 ^有更新！

2017-03-07 | 0 评论 | 5,438 浏览

看以下三种SQL语句

String sql1 = "select * from user where username = '"+username+"' and password = '"+password+"'";
		
		String sql2 ="select * from user where username = :username and password = :password";
		
		String sql3 = "select * from user where username = ? and password = ?";