https://blog.csdn.net/lin_tuer/article/details/54809330mysql
https://github.com/mysqljs/mysql#escaping-query-valuesgit
sql注入,由字符串拼接github
or、and、union等sql
SELECT * FROM `users` where username = 'cnloop'and 1=1--''
分號等api
SELECT * FROM `users` where username = 'cnloop';SELECT VERSION()--''
經過轉義特換的方式解決oop