处理可能存在的sql注入问题

src/main/resources/mapper_xml/DepotItemMapperEx.xml

@@ -170,7 +170,7 @@
         select ifnull(sum(BasicNumber),0) as BasicNumber from jsh_depothead dh
         INNER JOIN jsh_depotitem di on dh.id=di.HeaderId  and ifnull(di.delete_Flag,'0') !='1'
         where dh.type='入库'
-        and di.MaterialId = ${mId} and di.DepotId = ${depotId}
+        and di.MaterialId = #{mId} and di.DepotId = #{depotId}
         and ifnull(dh.delete_Flag,'0') !='1'
     </select>
 
@@ -179,7 +179,7 @@
         INNER JOIN jsh_depotitem di on dh.id=di.HeaderId  and ifnull(di.delete_Flag,'0') !='1'
         where dh.type='出库'
         and dh.SubType!='调拨'
-        and di.MaterialId = ${mId} and di.DepotId = ${depotId}
+        and di.MaterialId = #{mId} and di.DepotId = #{depotId}
         and ifnull(dh.delete_Flag,'0') !='1'
     </select>