druid报异常 “sql injection violation, part alway true condition not allow”的解决方案

使用durid连接池组件，执行sql时发现异常如下：

Caused by: java.sql.SQLException: sql injection violation, part alway true condition not allow : select t.id，t.name ,from sys_testt where (t.tid = 'sys' or ''='sys') and (t.tname like '%%' or ''='')

	at com.alibaba.druid.wall.WallFilter.check(WallFilter.java:714)

	at com.alibaba.druid.wall.WallFilter.connection_prepareStatement(WallFilter.java:240)

	at com.alibaba.druid.filter.FilterChainImpl.connection_prepareStatement(FilterChainImpl.java:448)

	at com.alibaba.druid.filter.FilterAdapter.connection_prepareStatement(FilterAdapter.java:928)

	at com.alibaba.druid.filter.FilterEventAdapter.connection_prepareStatement(FilterEventAdapter.java:122)

	at com.alibaba.druid.filter.FilterChainImpl.connection_prepareStatement(FilterChainImpl.java:448)

	at com.alibaba.druid.proxy.jdbc.ConnectionProxyImpl.prepareStatement(ConnectionProxyImpl.java:342)

	at com.alibaba.druid.pool.DruidPooledConnection.prepareStatement(DruidPooledConnection.java:318)

	at sun.reflect.GeneratedMethodAccessor26.invoke(Unknown Source)

	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

	at java.lang.reflect.Method.invoke(Method.java:597)

	at com.jfinal.plugin.activerecord.SqlReporter.invoke(SqlReporter.java:72)

	at $Proxy5.prepareStatement(Unknown Source)

	at com.jfinal.plugin.activerecord.DbPro.find(DbPro.java:334)

	at com.jfinal.plugin.activerecord.DbPro.find(DbPro.java:349)

	... 43 more

 解决方案：

参数filters： 属性类型是字符串，通过别名的方式配置扩展插件，常用的插件有：
监控统计用的filter:stat 日志用的filter:log4j 防御sql注入的filter:wall。

把 filters配置中 去掉 wall即可。

druid详细参数配置地址：https://github.com/alibaba/druid/wiki/DruidDataSource%E9%85%8D%E7%BD%AE%E5%B1%9E%E6%80%A7%E5%88%97%E8%A1%A8