MyBatis笔记——参数处理
占位符
MyBatis 中,想要读取 mapper方法中的形参,占位符分为两种:${} 和 #{}。
${}
${}是使用 字符串拼接的方式进行占位
mapper
User selectUserById(int id);
mapper.xml
<select id="selectUserById" resultType="com.zxb.mybatis.pojo.User">
select * from t_user where id = ${id}
</select>
test
@Test
public void testSelectById() throws IOException {
SqlSession sqlSession = SqlSessionUtils.getSqlSession();
ParameterMapper parameterMapper = sqlSession.getMapper(ParameterMapper.class);
log.info("user = {}",parameterMapper.selectUserById(4));
}
日志信息
2024-04-24 11:15:33 189 [main] DEBUG com.zxb.mybatis.mapper.ParameterMapper.selectUserById - ==> Preparing: select * from t_user where id = 4
2024-04-24 11:15:33 210 [main] DEBUG com.zxb.mybatis.mapper.ParameterMapper.selectUserById - ==> Parameters:
2024-04-24 11:15:33 271 [main] DEBUG com.zxb.mybatis.mapper.ParameterMapper.selectUserById - <== Total: 1
#{}
#{}是使用 占位符填充的方式进行占位
mapper
User selectUserById(int id);
mapper.xml
<select id="selectUserById" resultType="com.zxb.mybatis.pojo.User">
select * from t_user where id = #{id}
</select>
test
@Test
public void testSelectById() throws IOException {
SqlSession sqlSession = SqlSessionUtils.getSqlSession();
ParameterMapper parameterMapper = sqlSession.getMapper(ParameterMapper.class);
log.info("user = {}",parameterMapper.selectUserById(4));
}
日志信息
2024-04-24 11:30:38 714 [main] DEBUG com.zxb.mybatis.mapper.ParameterMapper.selectUserById - ==> Preparing: select * from t_user where id = ?
2024-04-24 11:30:38 740 [main] DEBUG com.zxb.mybatis.mapper.ParameterMapper.selectUserById - ==> Parameters: 4(Integer)
2024-04-24 11:30:38 810 [main] DEBUG com.zxb.mybatis.mapper.ParameterMapper.selectUserById - <== Total: 1使用${},容易被sql注入
如:parameterMapper.selectUserByName("1 or 1=1")
${} 的使用场景
like 模糊匹配
mysql 的 like 语句如下:
select * from t_user where username like '%张%'
如上 like 匹配的是字符串 %?%,如果使用 #{} 的话,填入参数就会变成:
select * from t_user where username like '%'张'%'
此时,就需要使用字符串拼接 ${}:
prepare
select * from t_user where username like '%' + '张' + '%'
result
select * from t_user where username like '%张%'
like 模糊匹配 使用 #{}
select * from t_user where username like "%"#{username}"%"
或 使用concat拼接字符串
select * from t_user where username like concat('%',#{username},'%')
参数自动转换
当传入形参时,mybatis可以通过 arg0、arg1 或 param0、param1 来自动填入形参
<select>
select * from t_user where username = #{arg0} or username = #{arg1}
</select>
@param自定义参数名称
从 MyBatis 3.5.2 版本开始,可以通过 @Param 注解自定义参数名称。
例如,在 Mapper 中的方法:
List<User> getUserList(@Param("name") String name, @Param("age") Integer age);
在 XML 配置文件中的 SQL 语句中,可以通过 #{name} 和 #{age} 来引用这两个参数。
<select id="getUserList" resultType="User">
select * from user where name = #{name} and age = #{age}
</select>
这样就可以自定义参数名称,使得 SQL 语句更加易读和易维护。
SpringBoot 简化
在 Spring Boot 中,如果参数名称与 SQL 语句中的参数名称一致,你可以直接在 SQL 中使用参数名,而不需要额外使用 @Param 注解。这是因为 Spring Boot 默认使用了基于参数名称的命名规则。
例如,在 Mapper 中的方法:
List<User> getUserList(String name, Integer age);
在 XML 配置文件中的 SQL 语句中,可以直接使用参数名 #{name} 和 #{age} 来引用这两个参数。
<select id="getUserList" resultType="User">
select * from user where name = #{name} and age = #{age}
</select>
这种方式能够使得代码更加清晰易读,但需要注意的是,这种方式要求参数名称在 SQL 语句中是唯一的,否则会出现参数引用不明确的情况。
xml 自动匹配
在 XML 配置文件中的 SQL 语句中,可以直接使用参数名 #{name} 和 #{age} 来引用这两个参数。
xml<select id="getUserList" resultType="User">
select * from user where name = #{name} and age = #{age}
</select>
MyBatis 参数自动处理
MyBatis可以对传入和返回的参数进行自动处理,如下:
处理Map数据
mapper:
User checkUserByMap(Map<String, Object> map);
mapper.xml:
<select id="checkUserByMap" resultType="com.zxb.mybatis.pojo.User">
select * from t_user where username = #{username} and password = #{password}
</select>
test:
@Test
public void testCheckUserByMap() throws IOException {
SqlSession sqlSession = SqlSessionUtils.getSqlSession();
ParameterMapper parameterMapper = sqlSession.getMapper(ParameterMapper.class);
Map<String, Object> map = new HashMap<>();
map.put("username", "张三");
map.put("password", "123");
log.info("user={}", parameterMapper.checkUserByMap(map));
}
处理对象
mapper:
Integer insertUser(User user);
mapper.xml:
<insert id="insertUser">
insert into t_user values(null, #{username}, #{password}, #{age}, #{sex}, #{email})
</insert>
test:
@Test
public void testInsertUser() throws IOException {
SqlSession sqlSession = SqlSessionUtils.getSqlSession();
ParameterMapper parameterMapper = sqlSession.getMapper(ParameterMapper.class);
User user = new User();
user.setUsername("王五");
user.setPassword("je2");
user.setSex('男');
user.setAge(19);
user.setEmail("kk@qq.com");
Integer i = parameterMapper.insertUser(user);
log.info("影响了:{}行", i);
parameterMapper.selectAllUsers().forEach(user1 -> log.info("user = {}", user1));
}
弹性处理对象
在 xml 中,可以使用<where><if test=""></test></where> 标签来弹性处理对象,如果参数符合就自动填入
mapper:
List<User> selectUser(User user);
mapper.xml:
<select id="selectUser" resultType="com.zxb.mybatis.pojo.User">
select * from t_user
<where>
<if test="username != null">
select username = #{username}
</if>
<if test="password != null">
and password = #{password}
</if>
<if test="age != null">
and age = #{age}
</if>
<if test="sex != ''">
and sex = #{sex}
</if>
<if test="email != null">
and email = #{email}
</if>
</where>
</select>
test:
@Test
public void testSelectUser() throws IOException {
SqlSession sqlSession = SqlSessionUtils.getSqlSession();
ParameterMapper parameterMapper = sqlSession.getMapper(ParameterMapper.class);
User user = new User();
user.setUsername("张三");
parameterMapper.selectUser(user).forEach(user1 -> log.info("user = {}", user1));
user = new User();
user.setSex('女');
parameterMapper.selectUser(user).forEach(user1 -> log.info("user = {}", user1));
}
result:
2024-04-23 16:29:47 350 [main] DEBUG com.zxb.mybatis.mapper.ParameterMapper.selectUser - ==> Preparing: select * from t_user WHERE username = ?
2024-04-23 16:29:47 371 [main] DEBUG com.zxb.mybatis.mapper.ParameterMapper.selectUser - ==> Parameters: 张三(String)
2024-04-23 16:29:47 439 [main] DEBUG com.zxb.mybatis.mapper.ParameterMapper.selectUser - <== Total: 1
2024-04-23 16:29:47 453 [main] INFO com.zxb.mybatis.test.ParameterMapperTest - user = User(id=2, username=张三, password=123, age=22, sex=男, email=123@163.com)
2024-04-23 16:29:47 453 [main] DEBUG com.zxb.mybatis.mapper.ParameterMapper.selectUser - ==> Preparing: select * from t_user WHERE sex = ?
2024-04-23 16:29:47 454 [main] DEBUG com.zxb.mybatis.mapper.ParameterMapper.selectUser - ==> Parameters: 女(String)
2024-04-23 16:29:47 508 [main] DEBUG com.zxb.mybatis.mapper.ParameterMapper.selectUser - <== Total: 10
2024-04-23 16:29:47 509 [main] INFO com.zxb.mybatis.test.ParameterMapperTest - user = User(id=6, username=钱七, password=def, age=24, sex=女, email=def@qq.com)
2024-04-23 16:29:47 509 [main] INFO com.zxb.mybatis.test.ParameterMapperTest - user = User(id=8, username=周九, password=jkl, age=30, sex=女, email=jkl@qq.com)
2024-04-23 16:29:47 509 [main] INFO com.zxb.mybatis.test.ParameterMapperTest - user = User(id=10, username=郑十一, password=pqr, age=26, sex=女, email=pqr@qq.com)
2024-04-23 16:29:47 510 [main] INFO com.zxb.mybatis.test.ParameterMapperTest - user = User(id=12, username=张十三, password=vwx, age=32, sex=女, email=vwx@qq.com)
2024-04-23 16:29:47 510 [main] INFO com.zxb.mybatis.test.ParameterMapperTest - user = User(id=15, username=钱十六, password=567, age=31, sex=女, email=567@qq.com)
2024-04-23 16:29:47 510 [main] INFO com.zxb.mybatis.test.ParameterMapperTest - user = User(id=17, username=周十八, password=abc, age=27, sex=女, email=abc@qq.com)
2024-04-23 16:29:47 510 [main] INFO com.zxb.mybatis.test.ParameterMapperTest - user = User(id=19, username=郑二十, password=ghi, age=33, sex=女, email=ghi@qq.com)
2024-04-23 16:29:47 510 [main] INFO com.zxb.mybatis.test.ParameterMapperTest - user = User(id=21, username=张二十二, password=mno, age=29, sex=女, email=mno@qq.com)
2024-04-23 16:29:47 510 [main] INFO com.zxb.mybatis.test.ParameterMapperTest - user = User(id=23, username=赵二十四, password=stu, age=25, sex=女, email=stu@qq.com)
2024-04-23 16:29:47 510 [main] INFO com.zxb.mybatis.test.ParameterMapperTest - user = User(id=26, username=周二十七, password=234, age=24, sex=女, email=234@qq.com)
实现批量删除
原理:使用 mysql 语句
delete from t_user where id in ('1','2','3')
<delete id="deleteMore">
delete from t_user where id in (${ids})
</delete>
```java
Integer i = sqlMapper.deleteMore("1,2,3");
