Doing so makes the SQL easier to maintain and secures your application from SQL injection attacks.
这样做可使SQL更加易于维护,且可使您的应用程序免受SQL注入攻击。
In an SQL injection attack, a program creates an SQL command and sends it to an SQL interpreter.
在SQL注入攻击中,程序会创建一个SQL命令,并将其发送给SQL解释器。
A SQL injection vulnerability occurs when a user is able to pass SQL code directly to the application in such a way that the code will be executed in a query.
如果用户能够将SQL代码直接传递给应用程序,此代码将在一个查询中执行,那么就可能发生SQL注入攻击。
应用推荐