1、js url 穿带#（特殊字符）的参数，#后面内容无法传递，会被识别成hash值

a:使用replace

b、encode，decode

encodeURIComponent(encodeURIComponent(machinecode))

java.net.URLDecoder.decode(machinecode,"UTF-8");

2、数据库行记录锁和表锁命令

查看行锁/记录所/分布式锁
select A.sid, b.serial#, decode(A.type,     'MR', 'Media Recovery',     'RT','Redo Thread',     'UN','User Name',     'TX', 'Transaction',     'TM', 'DML',     'UL', 'PL/SQL User Lock',     'DX', 'Distributed Xaction',     'CF', 'Control File',     'IS', 'Instance State',     'FS', 'File Set',     'IR', 'Instance Recovery',     'ST', 'Disk Space Transaction',     'TS', 'Temp Segment',     'IV', 'Library Cache Invalida-tion',     'LS', 'Log Start or Switch',     'RW', 'Row Wait',     'SQ', 'Sequence Number',     'TE', 'Extend Table',     'TT', 'Temp Table',     'Unknown') LockType, c.object_name, b.username, b.osuser, decode(a.lmode,   0, 'None',             1, 'Null',             2, 'Row-S',             3, 'Row-X',             4, 'Share',             5, 'S/Row-X',             6, 'Exclusive', 'Unknown') LockMode, B.MACHINE,D.SPID from v$lock a,v$session b,all_objects c,V$PROCESS D where a.sid=b.sid and a.type in ('TM','TX') and c.object_id=a.id1 AND B.PADDR=D.ADDR;
/解锁
alter system kill session '709,51971'
/查看表被锁
select   p.spid,a.serial#, c.object_name,b.session_id,b.oracle_username,b.os_user_name   from   v$process   p,v$session   a,   v$locked_object   b,all_objects   c   where   p.addr=a.paddr   and   a.process=b.process   and   c.object_id=b.object_id

3、preparedstatement，效率高，预编译sql，使用？占位符，不能改变sql结构，防止sql注入