1.ifThis statement would provide an optional text search type of functionality.SELECT * FROM BLOGWHERE state = ‘ACTIVE’AND title = #{title}2.choose, when, otherwiseSometimes we don’t want all of the conditionals to apply, instead we want to choose only one case among many options.SELECT * FROM BLOG WHERE state = ‘ACTIVE’AND title = #{title}AND author_name = #{author.name}AND featured = 13.setThesetelement can be used to dynamically include columns to update, and leave out others.A:update Authorusername=#{username},password=#{password},email=#{email},bio=#{bio}where id=#{id}B:update Authorsetusername=#{username},password=#{password},email=#{email},bio=#{bio}where id=#{id}If bio is nullA. update Authorset username = ‘xx’, password= ‘xx’, email= ‘xx’[not has ,due to tag will remove it] where id = ‘x’B. update Authorset username = ‘xx’, password= ‘xx’, email= ‘xx’,where id = ‘x’4.foreachTheforeachelement is very powerful, and allows you to specify a collection, declare item and index variables that can be used inside the body of the element. It also allows you to specify opening and closing strings, and add a separator to place in between iterations. The element is smart in that it won’t accidentally append extra separators.SELECT *FROM POST PWHERE ID inopen=”(” separator=”,” close=”)”>#{item} 1.trimprefix=“WHERE”prefixOverrides=“AND |OR “>…Sample:select * from userprefixoverride=”AND |OR”> AND name=#{name} AND gender=#{gender}If nameand gender are not null, the SQL will be like this: select * from user wherename = ‘xx’ and gender = ‘xx’.prefix:前缀prefixoverride: remove 1stAND/ORupdate usersuffixoverride=”,” suffix=” where id = #{id} “> name=#{name} , gender=#{gender} ,If nameand gender are not null, the SQL will be like this: update user set name=’xx’ , gender=’xx’where id=’x’.suffix: 后缀suffixoverride: remove last character “,”where: search condition NoteA)Escape character in MyBatis XMLSample: where id >= 1(wrong)where id >= 1(correct) B)mybatis中#{}和${}的区别http://www.cnblogs.com/baizhanshi/p/5778692.htmlBy default, using the #{} syntax will cause MyBatis to generate PreparedStatement properties and set the values safely against the PreparedStatement parameters (e.g. ?). While this is safer, faster and almost always preferred, sometimes you just want to directly inject a string unmodified into the SQL Statement. For example, for ORDER BY, you might use something like this:ORDER BY ${columnName}Here MyBatis won’t modify or escape the string.NOTE It’s not safe to accept input from a user a开发云主机域名nd supply it to a statement unmodified in this way. This leads to potential SQL Injection attacks and therefore you should either disallow user input in these fields, or always perform your own escapes and checks.
微信扫一扫 
