标签:
// order by 排序
//<![CDATA[ 值 ]]> 过滤符号
//${}方式会引发SQL注入
//#{} 解析的是占位符
<![CDATA[ order by ${参数1} ${参数2} ]]>
例子:
SQL:select * from A where A.id=#{id}
id=hello
解析:select * from A where A.id=?
SQL:select * from A where A.id=#{id}
id=hello
解析:select * from A where A.id=hello
标签:
原文地址:http://www.cnblogs.com/xiaoxinbok/p/5740180.html
