MyBatis高级查询

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">

<!-- namespace表示命名空间  保证它是唯一   cn.itsource.mybatis.dao.impl.ProductDaoImpl + id="getUserById"-->
<mapper namespace="_02_highquery.EmployeeMapper">
    <!-- id名称和ProductMapper接口方法一样-->
    <select id="query" resultType="_02_highquery.Employee" parameterType="_02_highquery.EmployeeQuery">
        select * from employee
        <where>
            <include refid="whereSql"></include>
        </where>
    </select>
    <!--抽取sql通过include refid="whereSql"引用-->
    <sql id="whereSql">
        <if test="keywords != null">
            <!-- /* and name like %${keywords}% or password like %${keywords}%*/ -->
            <!-- (1)不行-->
            <!--  and name like %#{keywords}% or password like %#{keywords}% -->
            <!-- (2)可以使用 拼接字符串 存在sql注入-->
            <!-- and name like '%${keywords}%' or password like '%${keywords}%' -->
            <!-- (3) concat函数-->
              and name like concat("%",#{keywords},"%")
        </if>
        <if test="minAge != null">
            and age >= #{minAge}
        </if>
        <!-- 转义1)-->

        <!--<if test="maxAge != null">
            and age &lt;= #{maxAge}
        </if>-->
        <!-- 写法(2)CDATA XML-->
        <if test="maxAge != null">
            <![CDATA[
                 and age <= #{maxAge}
              ]]>
        </if>
    </sql>






</mapper>
posted on 2019-11-01 12:22 哦哟这个怎么搞阅读(306) 评论(0) 收藏举报
刷新页面返回顶部
ruijiege

公告

MyBatis高级查询
