** sql注入问题:sql的特殊关键字与字符串拼接。会造成安全性的问题 1输入名随便,输入密码:a’ or ‘a’=’a sql:select* from user where username=‘123’ and password=‘a’ or ‘a’=‘a’ ** // 1.获取链接 conn=JDBCUtils.getConnection(); //2.定义语句的SQL sql=select* from user where username='+username+' and password='+password+';
