What is the difference between $ and # In ibatis?

Transferred from:

Http://www.blogjava.net/lsbwahaha/archive/2009/04/16/266026.html

 

When I write an SQL statement in ibatis in a project, where user_id in (# user_id_list #) is always unavailable during running. I checked it online to find out if it was not used #, instead, use $ to check the difference between # and $.
Summary:
1. # It refers to the input data as a string, for example, # user_id_list # If the input is 1 or 2, the SQL statement is generated like this. In ('1, 2'), of course not.

2. $ the incoming data is directly generated in the SQL statement. For example, if # user_id_list # is 1 or 2, the SQL statement is generated. In (1, 2) is correct.

3. # The method can prevent SQL injection to a great extent.

4. The $ method cannot be used for SQL injection.

5. The $ method is generally used to pass in database objects, for example, the table name.

6. Generally, you can use # instead of $.

Intuitively speaking
# STR # The result is 'str'
$ STR $ returns Str

### It can only be used in specific places $ it can be used in any place, such as order by $ STR $

You can even directly write $ STR $ and put the order by string in Str.