This is written in some of their own problems, some do not know, some things memory blurred, if any friend found the mistake, thank you for correcting in time, we learn more exchange, thank you ~
How 1,sql injection works to prevent SQL injection
SQL injection (SQL injection): by inserting a SQL command into a Web form to submit or entering a query string for a domain name or page request, the result is to spoof the server to execute a malicious Sql command.
Prevent SQL injection:
1, never trust the user's input, to verify the user's input, you can pass the regular expression, or limit the length, the single quotation mark and the double "-" to convert and so on.
2, do not expose the server error message to the user.
3, do not use dynamically assembled SQL, you can use parameterized SQL or directly use stored procedures for data query access.
4, both the client and the server need to validate the passed parameters
Refer to the original and some bloggers ' practices:
Http://www.cnblogs.com/hkncd/archive/2012/03/31/2426274.html
http://blog.csdn.net/stilling2006/article/details/8526458/
http://blog.csdn.net/garfielder007/article/details/54432322
Structure of the 2,java heap and the permanent generation of pairs (renamed to meta-space after Java8)
Heap memory is used to hold objects and arrays created by new
Permanent generation (to be sorted): http://www.cnblogs.com/paddix/p/5309550.html
Https://www.nowcoder.com/questionTerminal/5c3dc3914da548e5b0617f4da9da7488?pos=208&orderByHotValue=1
3, Regular expression
This is still to see the Novice tutorial ... http://www.runoob.com/regexp/regexp-syntax.html
4, Multithreading topic: Create 3 Threads First output 1-5, second output 6-10, third output 11-15, first output 16-20 and so on (to write)
5, object-oriented design pattern
Some of the questions I encountered on the Java test