常见漏洞防御 之 防SQL注入的三种方式 有更新!
看以下三种SQL语句
String sql1 = "select * from user where username = '"+username+"' and password = '"+password+"'"; String sql2 ="select * from user where username = :username and password = :password"; String sql3 = "select * from user where username = ? and password = ?";