1. 配置文件
<!-- 動態映射 -->
<!-- 基本用法 -->
<select id="dynamicSelect" parameterClass="user" resultClass="user">
<![CDATA[
select
loginid,
username,
loginpassword
from users
]]>
<dynamic prepend="WHERE">
<!-- 注意like的兩種用法 oracle連接字符串符合爲||,SqlServer爲+-->
<isNotEmpty prepend="AND" property="username">
(username like '%'+#username#+'%')
</isNotEmpty>
<!-- 此種方式,會引起Sql注入攻擊,傳入參數"ad' or '%'='" -->
<isNotEmpty prepend="AND" property="loginid">
loginid like '%$loginid$%'
</isNotEmpty>
</dynamic>
</select>
<!-- Iterate用法 ,實現In查詢-->
<select id="dynamicIterate" parameterClass="java.util.Map" resultClass="user">
<![CDATA[
select
loginid,
username,
loginpassword
from users
]]>
<iterate prepend=" where loginid in " property="userlist" open="(" close=")" conjunction=",">
'$userlist[].loginid$'
</iterate>
</select>
<!-- 動態映射實現or查詢 -->
<select id="dynamicOr" parameterClass="user" resultClass="user">
<![CDATA[
select
loginid,
username,
loginpassword
from users
where 1=1
]]>
<!-- 當username和loginid都不爲空時,需要再追加and (1=1 -->
<dynamic>
<isEmpty property="username">
<isEmpty prepend="and" property="loginid">
(1=1
</isEmpty>
</isEmpty>
</dynamic>
<dynamic prepend=" and (">
<isNotEmpty prepend="or" property="username">
username like '%'+#username#+'%'
</isNotEmpty>
<isNotEmpty prepend="or" property="loginid">
loginid=#loginid#
</isNotEmpty>
</dynamic>
) order by loginid desc
</select>
2.生成測試類
/**
* 基本查詢,模仿Sql注入攻擊
* @return
* @throws IOException
* @throws SQLException
*/
List<Users> DynamicSelect() throws IOException, SQLException
{
Users user=new Users();
//user.setLoginid("ad");
//模擬Sql注入攻擊,查詢出所有的用戶
user.setLoginid("ad' or '%'='");
user.setUsername("理員");
SqlMapClient client=SqlClientFactory.getClientMap();
client.startTransaction();
List<Users> list=(List<Users>)client.queryForList("user_space.dynamicSelect",user);
client.commitTransaction();
return list;
}
/**
* 動態映射實現Or查詢
* @return
* @throws IOException
* @throws SQLException
*/
List<Users> DynamicSelectOr() throws IOException, SQLException
{
Users user=new Users();
user.setLoginid("");
user.setUsername("");
SqlMapClient client=SqlClientFactory.getClientMap();
client.startTransaction();
List<Users> list=(List<Users>)client.queryForList("user_space.dynamicOr",user);
client.commitTransaction();
return list;
}
/**
* Iterate實現in查詢
* @return
* @throws IOException
* @throws SQLException
*/
List<Users> DynamicSelectIterate() throws IOException, SQLException
{
Map<String,List<Users>> map=new HashMap<String,List<Users>>();
List<Users> list=new ArrayList<Users>();
Users user=new Users();
user.setLoginid("admin");
list.add(user);
user=new Users();
user.setLoginid("leon");
list.add(user);
map.put("userlist", list);
SqlMapClient client=SqlClientFactory.getClientMap();
client.startTransaction();
List<Users> resultList=(List<Users>)client.queryForList("user_space.dynamicIterate",map);
client.commitTransaction();
return resultList;
}
