sql injection violation, syntax error: syntax error, error in :‘**‘expect IDENTIFIER, actual IDENTIF
tags: Mybatis Exception solution database mysql java rear end
Contents of this article
Second, the cause of the error
java.sql.SQLException: sql injection violation, syntax error: syntax error, error in :'soft YaHei UI'"><span style="color:', expect IDENTIFIER, actual IDENTIFIER pos 1935, line 5, column 1136, token IDENTIFIER YaHei
1. Background description
Project structure: Springboot(2.0.1) + Mybatis(3.4.1) + CKEditor(4.8)
Recently, when the article was published, the background SQL statement suddenly reported an error,java.sql.SQLException: sql injection violation, syntax error: syntax error, error in :'soft YaHei UI'"><span style="color:', expect IDENTIFIER, actual IDENTIFIER pos 1935, line 5, column 1136, token IDENTIFIER YaHei, It is said that there is a problem with SQL injection; it has been running online and stably, why suddenly it reports SQL exception? The figure below is the SQL statement printed by MyBatis. After analysis, Microsoft YaHei UI is recognized as a separator. Eventually lead to SQL INSERT statement error.
Second, the cause of the error
According to the error message printed out in the log,java.sql.SQLException: sql injection violation, syntax error: syntax error, error in :'soft YaHei UI'"><span style="color:', expect IDENTIFIER, actual IDENTIFIER pos 1935, line 5, column 1136, token IDENTIFIER YaHei,SQL abnormality, grammatical error, analysis shows that it must be the incorrect assembly of the SQL statement that caused the injection failure. Copying the log information to the database and beautifying the SQL comparison found that when I published the article, some characters were recognized as separators, and the result was that the SQL injection failed.
Three, the solution
According to the cause of the error, there are several solutions:
3.1 Scheme One
Delete the symbol or text recognized as a separator in the rich text editor, and then give it to Mybatis for analysis.
3.2 Scheme Two
Modify the text font in the rich text editor, as long as it is not recognized as a separator by Mybatis. In response to this error, the solution I took was to change the text font in the rich text editor from Microsoft Yahei to Times New Roman.
end!
Intelligent Recommendation
MySQL error: cause: java.sql.sqlexception: SQL Injection Violation, Syntax error: Syntax Error, Error in
wrong description: Solve: It is behind a rowLess add a comma , Plus it....
java.sql.SQLException: sql injection violation, syntax error: TODO QUES
Abnormal record, I have encountered similar problems, but because I have not recorded, I have been investigated for nearly two hours, I remember to remember! ! ! See an abnormal description Abnormal c...
Remember SQL error: SYNTAX Error: Syntax Error, Expect rparen, Actual Literal_Float T1
When using the column name, if the alias is the beginning of the number, usedruid-spring-boot-starterWhen I report T1 is the table where the column starting is not the beginning of the number. usedrui...
sql injection violation, syntax error: ERROR. token: FROM, pos: 125: select error
wrong description: solve: That is, there is an extra "," after the select statement, just delete it image.png...
syntax error, expect RPAREN, actual IDENTIFIER pos 375, token IDENTIFIER INTEGER
Use mysql to list every day of the current month: Tested in Navicat with data, in the XML file in the code, the Postman test interface, although there is data, but Report: com.alibaba.druid.sql.parser...
More Recommendation
syntax error, expect RPAREN, actual IDENTIFIER pos 391, line 3, column 95, token IDENTIFIER INTEGER
Use MSQL to query daily work assessment data: In the database management tool Navicat, you can test the run success, but use the Postman call interface test in the code, there is an error: SYNTAX Erro...
uncategorized SQLException; SQL state [null]; error code [0]; sql injection violation, syntax error
uncategorized SQLException; SQL state [null]; error code [0]; sql injection violation, syntax error: ERRORSQLException Summary: The main record of the abnormalities encountered when I wrote SQL in the...
com.alibaba.fastjson.JSONException: syntax error, expect {, actual string, p
what's the situation? Added escaped \, causing the parsing to fail. This is the reason for the error. Replace all \ with null, and then replace "{ with {....
JSONException: syntax error, expect [, actual {, pos 0
Problems arise when using layui dynamic form, when you need to convert a bean object to jsonarry (seems layui default json format is jsonArray) This exception occurs toString method override Solution ...
"message": "syntax error, expect {, actual EOF"
Encounter "message": "syntax error, expect {, actual EOF" problem Because the project needs to call someone else's interface, so today with the postman client interface to test it ...