碼上快樂

相關內容    簡體    繁體

Jfinal報錯sql injection violation, multi-statement not allow

本文轉載自   查看原文   2018-08-17 10:59   1101    JFinal

Jfinal報錯:

com.jfinal.plugin.activerecord.ActiveRecordException: java.sql.SQLException: sql injection violation, multi-statement not allow 

 

public List<WarningFormDoc> findDocByPatrolRecordId(String patrolRecordId){
   String sql="select * from warning_form_doc where PATROL_RECORD_ID = " + patrolRecordId;
   return WarningFormDoc.dao.find(sql);
}

改為:
public List<WarningFormDoc> findDocByPatrolRecordId(String patrolRecordId){
   String sql="select * from warning_form_doc where PATROL_RECORD_ID = ?";
   return WarningFormDoc.dao.find(sql, patrolRecordId);
}

原因可能存在sql注入報錯;




免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 druid連接池報錯:sql injection violation, multi-statement not allow springboot java.sql.SQLException: sql injection violation, multi-statement not allow : update XXX(table) mybatis 一次執行多條SQL MySql+Mybatis+Druid之SqlException:sql injection violation, multi-statement not allow mybatis使用批量修改語句報錯 multi-statement not allow springboot druid 數據庫多SQL錯誤multi-statement not allow SpringBoot+Mybatis+Druid批量更新 multi-statement not allow異常 SpringBoot+Mybatis+Druid批量更新 multi-statement not allow異常 mysql報錯Multi-statement transaction required more than 'max_binlog_cache_size' bytes of storage druid sql黑名單 報異常 sql injection violation, part alway true condition not allow Druid 的 WallFilter 拋出 sql injection violation, comment not allow 問題的解決方法
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM