lua和java防注入

lua样例

local sql = "SELECT * FROM t_base_person WHERE person_id=%s and bureau_id=%s"
sql = string.format(sql, ngx.quote_sql_str(person_id), ngx.quote_sql_str(bureau_id))

java样例

String sql = "select * from t_base_person where person_id=? and bureau_id=? limit 10";
List<Record> list = Db.find(sql,person_id,bureau_id);
上一篇:iOS7新JavaScriptCore框架入门介绍


下一篇:给定时器settimeout、setInterval调用传递参数