Mybatis學習筆記16 - bind標簽
阿新 • • 發佈:2019-02-04
resources 方式 tst input open 但是 sys turn data
1、${}拼串進行模糊查詢,不安全
示例代碼:
接口定義:
package com.mybatis.dao;
import com.mybatis.bean.Employee;
import java.util.List;
public interface EmployeeMapper {
public List<Employee> getEmpsTestInnerParameter(Employee employee);
}
mapper定義:
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.mybatis.dao.EmployeeMapper">
<select id="getEmpsTestInnerParameter" resultType="com.mybatis.bean.Employee">
<if test="_databaseId==‘mysql‘">
select * from tbl_employee
<if test="_parameter!=null">
<!--模糊查詢,${}可以進行拼串,但是這種方式不安全-->
where last_name like ‘%${lastName}%‘
</if>
</if>
<if test="_databaseId==‘oracle‘">
select * from employees
<if test="_parameter!=null">
where last_name = #{_parameter.lastName}
</if>
</if>
</select>
</mapper>
測試代碼:
package com.mybatis.demo;
import com.mybatis.bean.Department;
import com.mybatis.bean.Employee;
import com.mybatis.dao.EmployeeMapper;
import org.apache.ibatis.io.Resources;
import org.apache.ibatis.session.SqlSession;
import org.apache.ibatis.session.SqlSessionFactory;
import org.apache.ibatis.session.SqlSessionFactoryBuilder;
import org.junit.Test;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.List;
public class MyTest {
public SqlSessionFactory getSqlSessionFactory() throws IOException {
String resource = "mybatis-config.xml";
InputStream inputStream = Resources.getResourceAsStream(resource);
return new SqlSessionFactoryBuilder().build(inputStream);
}
@Test
public void test() throws IOException {
SqlSessionFactory sqlSessionFactory = getSqlSessionFactory();
SqlSession openSession = sqlSessionFactory.openSession(true);
try {
EmployeeMapper mapper = openSession.getMapper(EmployeeMapper.class);
Employee employee = new Employee("e");
List<Employee> list = mapper.getEmpsTestInnerParameter(employee);
for (Employee emp : list) {
System.out.println(emp);
}
} finally {
openSession.close();
}
}
}
2、使用bind標簽進行模糊查詢
示例代碼一:
接口定義:
package com.mybatis.dao;
import com.mybatis.bean.Employee;
import java.util.List;
public interface EmployeeMapper {
public List<Employee> getEmpsTestInnerParameter(Employee employee);
}
mapper定義:
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.mybatis.dao.EmployeeMapper">
<select id="getEmpsTestInnerParameter" resultType="com.mybatis.bean.Employee">
<!-- bind:可以將OGNL表達式的值綁定到一個變量中,方便後來引用這個變量的值 -->
<bind name="_lastName" value="‘%‘+lastName+‘%‘"/>
<if test="_databaseId==‘mysql‘">
select * from tbl_employee
<if test="_parameter!=null">
where last_name like #{_lastName}
</if>
</if>
<if test="_databaseId==‘oracle‘">
select * from employees
<if test="_parameter!=null">
where last_name = #{_parameter.lastName}
</if>
</if>
</select>
</mapper>
測試代碼:
package com.mybatis.demo;
import com.mybatis.bean.Department;
import com.mybatis.bean.Employee;
import com.mybatis.dao.EmployeeMapper;
import org.apache.ibatis.io.Resources;
import org.apache.ibatis.session.SqlSession;
import org.apache.ibatis.session.SqlSessionFactory;
import org.apache.ibatis.session.SqlSessionFactoryBuilder;
import org.junit.Test;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.List;
public class MyTest {
public SqlSessionFactory getSqlSessionFactory() throws IOException {
String resource = "mybatis-config.xml";
InputStream inputStream = Resources.getResourceAsStream(resource);
return new SqlSessionFactoryBuilder().build(inputStream);
}
@Test
public void test() throws IOException {
SqlSessionFactory sqlSessionFactory = getSqlSessionFactory();
SqlSession openSession = sqlSessionFactory.openSession(true);
try {
EmployeeMapper mapper = openSession.getMapper(EmployeeMapper.class);
Employee employee = new Employee("e");
List<Employee> list = mapper.getEmpsTestInnerParameter(employee);
for (Employee emp : list) {
System.out.println(emp);
}
} finally {
openSession.close();
}
}
}
示例代碼二:
接口定義:
package com.mybatis.dao;
import com.mybatis.bean.Employee;
import java.util.List;
public interface EmployeeMapper {
public List<Employee> getEmpsTestInnerParameter(Employee employee);
}
mapper定義:
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.mybatis.dao.EmployeeMapper">
<select id="getEmpsTestInnerParameter" resultType="com.mybatis.bean.Employee">
<!-- bind:可以將OGNL表達式的值綁定到一個變量中,方便後來引用這個變量的值 -->
<!--_代表任意一個字符-->
<bind name="_lastName" value="‘_‘+lastName+‘%‘"/>
<if test="_databaseId==‘mysql‘">
select * from tbl_employee
<if test="_parameter!=null">
where last_name like #{_lastName}
</if>
</if>
<if test="_databaseId==‘oracle‘">
select * from employees
<if test="_parameter!=null">
where last_name = #{_parameter.lastName}
</if>
</if>
</select>
</mapper>
測試代碼:
package com.mybatis.demo;
import com.mybatis.bean.Department;
import com.mybatis.bean.Employee;
import com.mybatis.dao.EmployeeMapper;
import org.apache.ibatis.io.Resources;
import org.apache.ibatis.session.SqlSession;
import org.apache.ibatis.session.SqlSessionFactory;
import org.apache.ibatis.session.SqlSessionFactoryBuilder;
import org.junit.Test;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.List;
public class MyTest {
public SqlSessionFactory getSqlSessionFactory() throws IOException {
String resource = "mybatis-config.xml";
InputStream inputStream = Resources.getResourceAsStream(resource);
return new SqlSessionFactoryBuilder().build(inputStream);
}
@Test
public void test() throws IOException {
SqlSessionFactory sqlSessionFactory = getSqlSessionFactory();
SqlSession openSession = sqlSessionFactory.openSession(true);
try {
EmployeeMapper mapper = openSession.getMapper(EmployeeMapper.class);
Employee employee = new Employee("i");
List<Employee> list = mapper.getEmpsTestInnerParameter(employee);
for (Employee emp : list) {
System.out.println(emp);
}
} finally {
openSession.close();
}
}
}
Mybatis學習筆記16 - bind標簽