项目中要用到模糊查询,我想到了like,但是项目用的是hibernate,查询语句都是拼接出来的,不能直接用like % ? %的形式,需要拼接字符串,并对 ? 中的字符进行特殊处理(escaped),否则查询中还可能出现问题。只针对(名字、编号这类字符数据)
hql.append(" and u.userName like ?");
v.add("%" + Utils.escapeSearchWord(user.getUserName().trim()) + "%");
public static String escapeSearchWord(String str) {
if ("AND".equals(str) || "OR".equals(str) || "NOT".equals(str)) {
str = '\\' + str;
}
StringBuffer sb = new StringBuffer();
for (int i = 0; i < str.length(); i++) {
char c = str.charAt(i);
// These characters are part of the query syntax and must be escaped
if (c == '_') {
sb.append('\\');
}
sb.append(c);
}
return sb.toString();
}
hql.append(" and u.userName like ?");
v.add("%" + Utils.escapeSearchWord(user.getUserName().trim()) + "%");
public static String escapeSearchWord(String str) {
if ("AND".equals(str) || "OR".equals(str) || "NOT".equals(str)) {
str = '\\' + str;
}
StringBuffer sb = new StringBuffer();
for (int i = 0; i < str.length(); i++) {
char c = str.charAt(i);
// These characters are part of the query syntax and must be escaped
if (c == '_') {
sb.append('\\');
}
sb.append(c);
}
return sb.toString();
}