问题描述:
[多选]
下面哪个代码是不安全的,可能存在sqI注入漏洞?
A.<select id="selectStudentByName" parameterClass="String" resultClass="Student"> select name,birth,score from tbl_student where name like "%$name$%" </select>
B.stmt = connection、prepareStatement("select * from articles where uid=?"); stmt、setlnt(1,id);rs = stmt、executeQuery0;
C.stmt = connection、prepareStatement("select * from articles where title like "%" + keyword + "%" order by id"); rs = stmt、executeQuery0;
D.<select id="selectStudentByld" parameterClass="int" resultClass="Student"> select * from tbl_student where id=#id# </select>
参考答案:查看无
答案解析:无
☆收藏
答案解析:无
☆收藏
上一篇:以下属于垂直越权访问是?
下一篇:关于第三方组件的使用方式正确的是?
- 我要回答: 网友(216.73.216.136)
- 热门题目: 1.员工在转正之后提出离职申请, 2.生熟食品的加工工具及容器应分 3.库房內应设置数量足够的物品存