报错如下 :
Caused by: java.sql.SQLException: sql injection violation, syntax error: syntax error, error in :'AS g where 1=1 ORDER BY companycod', expect RPAREN, actual WHERE pos 192, line 1, column 187, token WHERE : select * from ((select companycode, companycname, comtype,comlevel,enable from ggcompany ) union (select companycode, companycname, comtype,comlevel,validind from f_ggcompany ) AS g where 1=1 ORDER BY companycode desc )
at com.alibaba.druid.wall.WallFilter.checkInternal(WallFilter.java:799)
at com.alibaba.druid.wall.WallFilter.check(WallFilter.java:781)
at com.alibaba.druid.wall.WallFilter.statement_executeQuery(WallFilter.java:527)
at com.alibaba.druid.filter.FilterChainImpl.statement_executeQuery(FilterChainImpl.java:2828)
at com.alibaba.druid.filter.FilterAdapter.statement_executeQuery(FilterAdapter.java:2503)
at com.alibaba.druid.filter.FilterEventAdapter.statement_executeQuery(FilterEventAdapter.java:302)
at com.alibaba.druid.filter.FilterChainImpl.statement_executeQuery(FilterChainImpl.java:2828)
at com.alibaba.druid.proxy.jdbc.StatementProxyImpl.executeQuery(StatementProxyImpl.java:221)
at com.alibaba.druid.pool.DruidPooledStatement.executeQuery(DruidPooledStatement.java:291)
at org.nutz.dao.impl.sql.run.NutDaoExecutor._runSelect(NutDaoExecutor.java:246)
at org.nutz.dao.impl.sql.run.NutDaoExecutor.exec(NutDaoExecutor.java:53)
... 81 common frames omitted
Caused by: com.alibaba.druid.sql.parser.ParserException: syntax error, error in :'AS g where 1=1 ORDER BY companycod', expect RPAREN, actual WHERE pos 192, line 1, column 187, token WHERE
at com.alibaba.druid.sql.parser.SQLParser.printError(SQLParser.java:288)
at com.alibaba.druid.sql.parser.SQLParser.accept(SQLParser.java:296)
at com.alibaba.druid.sql.parser.SQLSelectParser.parseTableSource(SQLSelectParser.java:685)
at com.alibaba.druid.sql.parser.SQLSelectParser.parseFrom(SQLSelectParser.java:666)
at com.alibaba.druid.sql.dialect.postgresql.parser.PGSelectParser.query(PGSelectParser.java:134)
at com.alibaba.druid.sql.parser.SQLSelectParser.select(SQLSelectParser.java:59)
at com.alibaba.druid.sql.dialect.postgresql.parser.PGSQLStatementParser.parseSelect(PGSQLStatementParser.java:331)
at com.alibaba.druid.sql.dialect.postgresql.parser.PGSQLStatementParser.parseSelect(PGSQLStatementParser.java:40)
at com.alibaba.druid.sql.parser.SQLStatementParser.parseStatementList(SQLStatementParser.java:149)
at com.alibaba.druid.sql.parser.SQLStatementParser.parseStatementList(SQLStatementParser.java:83)
at com.alibaba.druid.wall.WallProvider.checkInternal(WallProvider.java:624)
at com.alibaba.druid.wall.WallProvider.check(WallProvider.java:578)
at com.alibaba.druid.wall.WallFilter.checkInternal(WallFilter.java:786)
... 91 common frames omitted
感觉使用union 这个关键字后, 系统就报错了, SQL在navicat里面运行能够查询出数据, 但是在程序中就报错, 网上也没有找到对应的解决方案, 都是说使用关键字做字段了, 但是我这里面没有用关键词做字段, 是在是不知道怎么解决这个问题了