1. 程式人生 > >Mybatis學習筆記16 - bind標簽

Mybatis學習筆記16 - bind標簽

resources 方式 tst input open 但是 sys turn data

1、${}拼串進行模糊查詢,不安全

示例代碼:

接口定義:
package com.mybatis.dao;

        import com.mybatis.bean.Employee;

        import java.util.List;

public interface EmployeeMapper {
    public List<Employee> getEmpsTestInnerParameter(Employee employee);
}


mapper定義:
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.mybatis.dao.EmployeeMapper">
    <select id="getEmpsTestInnerParameter" resultType="com.mybatis.bean.Employee">
        <if test="_databaseId==‘mysql‘">
            select * from tbl_employee
            <if test="_parameter!=null">
                <!--模糊查詢,${}可以進行拼串,但是這種方式不安全-->
                where last_name like ‘%${lastName}%‘
            </if>
        </if>
        <if test="_databaseId==‘oracle‘">
            select * from employees
            <if test="_parameter!=null">
                where last_name = #{_parameter.lastName}
            </if>
        </if>
    </select>
</mapper>


測試代碼:
package com.mybatis.demo;

import com.mybatis.bean.Department;
import com.mybatis.bean.Employee;
import com.mybatis.dao.EmployeeMapper;
import org.apache.ibatis.io.Resources;
import org.apache.ibatis.session.SqlSession;
import org.apache.ibatis.session.SqlSessionFactory;
import org.apache.ibatis.session.SqlSessionFactoryBuilder;
import org.junit.Test;

import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.List;

public class MyTest {
    public SqlSessionFactory getSqlSessionFactory() throws IOException {
        String resource = "mybatis-config.xml";
        InputStream inputStream = Resources.getResourceAsStream(resource);
        return new SqlSessionFactoryBuilder().build(inputStream);
    }

    @Test
    public void test() throws IOException {
        SqlSessionFactory sqlSessionFactory = getSqlSessionFactory();
        SqlSession openSession = sqlSessionFactory.openSession(true);
        try {
            EmployeeMapper mapper = openSession.getMapper(EmployeeMapper.class);
            Employee employee = new Employee("e");
            List<Employee> list = mapper.getEmpsTestInnerParameter(employee);
            for (Employee emp : list) {
                System.out.println(emp);
            }
        } finally {
            openSession.close();
        }
    }
}

2、使用bind標簽進行模糊查詢

示例代碼一:

接口定義:
package com.mybatis.dao;

import com.mybatis.bean.Employee;

import java.util.List;

public interface EmployeeMapper {
    public List<Employee> getEmpsTestInnerParameter(Employee employee);
}


mapper定義:
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.mybatis.dao.EmployeeMapper">
    <select id="getEmpsTestInnerParameter" resultType="com.mybatis.bean.Employee">
        <!-- bind:可以將OGNL表達式的值綁定到一個變量中,方便後來引用這個變量的值 -->
        <bind name="_lastName" value="‘%‘+lastName+‘%‘"/>
        <if test="_databaseId==‘mysql‘">
            select * from tbl_employee
            <if test="_parameter!=null">
                where last_name like #{_lastName}
            </if>
        </if>
        <if test="_databaseId==‘oracle‘">
            select * from employees
            <if test="_parameter!=null">
                where last_name = #{_parameter.lastName}
            </if>
        </if>
    </select>
</mapper>


測試代碼:
package com.mybatis.demo;

import com.mybatis.bean.Department;
import com.mybatis.bean.Employee;
import com.mybatis.dao.EmployeeMapper;
import org.apache.ibatis.io.Resources;
import org.apache.ibatis.session.SqlSession;
import org.apache.ibatis.session.SqlSessionFactory;
import org.apache.ibatis.session.SqlSessionFactoryBuilder;
import org.junit.Test;

import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.List;

public class MyTest {
    public SqlSessionFactory getSqlSessionFactory() throws IOException {
        String resource = "mybatis-config.xml";
        InputStream inputStream = Resources.getResourceAsStream(resource);
        return new SqlSessionFactoryBuilder().build(inputStream);
    }

    @Test
    public void test() throws IOException {
        SqlSessionFactory sqlSessionFactory = getSqlSessionFactory();
        SqlSession openSession = sqlSessionFactory.openSession(true);
        try {
            EmployeeMapper mapper = openSession.getMapper(EmployeeMapper.class);
            Employee employee = new Employee("e");
            List<Employee> list = mapper.getEmpsTestInnerParameter(employee);
            for (Employee emp : list) {
                System.out.println(emp);
            }
        } finally {
            openSession.close();
        }
    }
}

示例代碼二:

接口定義:
package com.mybatis.dao;

import com.mybatis.bean.Employee;

import java.util.List;

public interface EmployeeMapper {
    public List<Employee> getEmpsTestInnerParameter(Employee employee);
}


mapper定義:
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.mybatis.dao.EmployeeMapper">
    <select id="getEmpsTestInnerParameter" resultType="com.mybatis.bean.Employee">
        <!-- bind:可以將OGNL表達式的值綁定到一個變量中,方便後來引用這個變量的值 -->
        <!--_代表任意一個字符-->
        <bind name="_lastName" value="‘_‘+lastName+‘%‘"/>
        <if test="_databaseId==‘mysql‘">
            select * from tbl_employee
            <if test="_parameter!=null">
                where last_name like #{_lastName}
            </if>
        </if>
        <if test="_databaseId==‘oracle‘">
            select * from employees
            <if test="_parameter!=null">
                where last_name = #{_parameter.lastName}
            </if>
        </if>
    </select>
</mapper>


測試代碼:
package com.mybatis.demo;

import com.mybatis.bean.Department;
import com.mybatis.bean.Employee;
import com.mybatis.dao.EmployeeMapper;
import org.apache.ibatis.io.Resources;
import org.apache.ibatis.session.SqlSession;
import org.apache.ibatis.session.SqlSessionFactory;
import org.apache.ibatis.session.SqlSessionFactoryBuilder;
import org.junit.Test;

import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.List;

public class MyTest {
    public SqlSessionFactory getSqlSessionFactory() throws IOException {
        String resource = "mybatis-config.xml";
        InputStream inputStream = Resources.getResourceAsStream(resource);
        return new SqlSessionFactoryBuilder().build(inputStream);
    }

    @Test
    public void test() throws IOException {
        SqlSessionFactory sqlSessionFactory = getSqlSessionFactory();
        SqlSession openSession = sqlSessionFactory.openSession(true);
        try {
            EmployeeMapper mapper = openSession.getMapper(EmployeeMapper.class);
            Employee employee = new Employee("i");
            List<Employee> list = mapper.getEmpsTestInnerParameter(employee);
            for (Employee emp : list) {
                System.out.println(emp);
            }
        } finally {
            openSession.close();
        }
    }
}

Mybatis學習筆記16 - bind標簽