The difference between D and ibatis in # $

Recommended for you: Get network issues from WhatsUp Gold. Not end users.
In Ibatis we use SqlMap Sql query to reference parameters, the distinction between symbolic # and $met in the parameters in the reference, # can be pre compiled, type matching, and $does not match the data type. 

Summarized as follows: 

1.#The incoming data as a string, such as #user_id_list# passed is 1,2,3, the SQL statement is generated in this way, in ('1,2,3')  , of course, can not be;

2.$The incoming data generated directly in SQL, such as #user_id_list# passed is 1,2,3, the SQL statement is generated in this way, in (1,2,3) that's right. 

3.#Can significantly prevent SQL injection. 

4.$Cannot SQL injection. 

5.$General way for incoming database objects. For example into the table name. 

6 in general can be used # don't use$. 

Intuitively 

#str# The results are  'str' 

$str$ The results are  str 

In addition   ## can only be used in certain parts of the $$can be used anywhere in the   for example, order by $str$ 

You can even write directly to   $str$  the order by this string in the str came in. 

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download

Posted by Phyllis at November 17, 2013 - 7:15 PM