May 16, 2021 MyBatis
Mode 1:$ this way, simple, but can not prevent SQL injection, so it is not recommended to use
LIKE '%${name}%'
Mode 2: #
LIKE "%"#{name}"%"
Interested to see: The difference between the ones in Mybatis is the same as the one in the "
Mode 3: String stitching
AND name LIKE CONCAT(CONCAT('%',#{name},'%'))
Mode 4: Bind label
- <select id="searchStudents" resultType="com.example.entity.StudentEntity"
- parameterType="com.example.entity.StudentEntity">
- <bind name="pattern1" value="'%' + _parameter.name + '%'" />
- <bind name="pattern2" value="'%' + _parameter.address + '%'" />
- SELECT * FROM test_student
- <where>
- <if test="age != null and age != '' and compare != null and compare != ''">
- age
- ${compare}
- #{age}
- </if>
- <if test="name != null and name != ''">
- AND name LIKE #{pattern1}
- </if>
- <if test="address != null and address != ''">
- AND address LIKE #{pattern2}
- </if>
- </where>
- ORDER BY id
- </select>
Mode 5: written in java code
param.setUsername("%CD%"); Write directly when passing on a ginseng in java code
<if test="username!=null"> AND username LIKE #{username}</if>
Then mapper writes directly in the . . .