public static class SqlTokenParser {
static SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
public static String handleSql(String sql, Map<String,Object> tableKeys, Map<String,Object> paramKeys){
if(CollectionUtils.isEmpty(tableKeys) && !CollectionUtils.isEmpty(paramKeys))
return handleParamSql(sql,paramKeys);
if(!CollectionUtils.isEmpty(tableKeys) && CollectionUtils.isEmpty(paramKeys))
return handleParamSql(sql,tableKeys);
if(!CollectionUtils.isEmpty(tableKeys) && !CollectionUtils.isEmpty(paramKeys))
return handleParamSql(handleTableSql(sql,tableKeys),paramKeys);
return sql;
}
private static String handleTableSql(String sql, Map<String,Object> keys){
TokenHandler handler = new TokenHandler() {
@Override
public String handleToken(String content) {
return (String) keys.get(content);
}
};
GenericTokenParser parser = new GenericTokenParser("${", "}", handler);
return parser.parse(sql);
}
private static String handleParamSql(String sql, Map<String,Object> keys){
Map<String,String> paramMap = new HashMap<>();
for(Map.Entry<String,Object> entry:keys.entrySet()){
String key = entry.getKey();
Object value = entry.getValue();
if(value instanceof Number){
paramMap.put(key,value.toString());
}
else if(value instanceof Date){
value = simpleDateFormat.format(value);
paramMap.put(key,"\""+value.toString()+"\"");
}
else{
paramMap.put(key,"\""+value.toString()+"\"");
}
}
TokenHandler handler = new TokenHandler() {
@Override
public String handleToken(String content) {
return paramMap.get(content);
}
};
GenericTokenParser parser = new GenericTokenParser("#{", "}", handler);
return parser.parse(sql);
}
}
使用GenericTokenParser模仿mybatis进行sql的占位符的替换
最新推荐文章于 2024-07-21 12:35:52 发布
本文介绍了如何在Java中使用SqlTokenParser处理SQL语句,通过handleParamSql和handleTableSql方法,实现参数化查询并适配不同数据类型(如日期)。确保了SQL注入安全的同时提高了代码效率。
摘要由CSDN通过智能技术生成