diff --git a/stream-plugin/stream-plugin-mybatis-plus/src/main/java/org/dromara/streamquery/stream/plugin/mybatisplus/engine/utils/SqlInjectionUtilSq.java b/stream-plugin/stream-plugin-mybatis-plus/src/main/java/org/dromara/streamquery/stream/plugin/mybatisplus/engine/utils/SqlInjectionUtilSq.java
index 5bf794d293c58b3f0f8330cf60292e5ebb2256ed..d423194f476afb78b0b2af0279edea3ba3cc0758 100644
--- a/stream-plugin/stream-plugin-mybatis-plus/src/main/java/org/dromara/streamquery/stream/plugin/mybatisplus/engine/utils/SqlInjectionUtilSq.java
+++ b/stream-plugin/stream-plugin-mybatis-plus/src/main/java/org/dromara/streamquery/stream/plugin/mybatisplus/engine/utils/SqlInjectionUtilSq.java
@@ -29,7 +29,7 @@ public class SqlInjectionUtilSq {
           "(insert|delete|update|select|create|drop|truncate|grant|alter|deny|revoke|call|execute|exec|declare|show|rename|set)\\s+.*(into|from|set|where|table|database|view|index|on|cursor|procedure|trigger|for|password|union|and|or)|(select\\s*\\*\\s*from\\s+)",
           Pattern.CASE_INSENSITIVE);
   private static final Pattern SQL_COMMENT_PATTERN =
-      Pattern.compile("(or|union|--|#|/*|;)", Pattern.CASE_INSENSITIVE);
+          Pattern.compile("(['\"]?.*(\\bor\\b|\\bunion\\b|--|#|\\/\\*|;))", Pattern.CASE_INSENSITIVE);
 
   public SqlInjectionUtilSq() {}