输入参数:parameterType
一. SQL语句中输入参数编辑中,#{}、${}
的区别
1.类型为 简单类型(8个基本类型+String)
a.
#{任意值}
${value} ,其中的标识符只能是value
b.
#{}自动给String类型加上’’ (自动类型转换)
${} 原样输出,但是适合于 动态排序(动态字段)
select stuno,stuname,stuage from student where stuname = #{value}
select stuno,stuname,stuage from student where stuname = '${value}'
<select id="queryStudentByStuname" resultType="student" parameterType="String">
<!--传进去的是数据库表中的字段名,所有是string类型-->
select stunum,stuname,graname from student order by ${value}desc
</select>
动态排序:
select stuno,stuname,stuage from student order by ${value} asc
c.
#{}可以防止SQL注入(把输入参数加单引号变成常量)
${}不防止(输入什么就是什么)
2.对象类型
#{属性名}
${属性名}
二. ${}、#{}相同之处:
a.都可以 获取对象的值 (嵌套类型对象)
i.获取对象值:
模糊查询,方式一:
select stuno,stuname,stuage from student where stuage= #{stuAge} or stuname like #{stuName}
Student student = new Student();
student.setStuAge(24);
student.setStuName("%w%");
List<Student> students = studentMapper.queryStudentBystuageOrstuName(student) ;//接口的方法->SQL
模糊查询,方式二:
select stuno,stuname,stuage from student where stuage= #{stuAge} or stuname like '%${stuName}%'
student.setStuName("w");
ii.嵌套类型对象
实体类:
public class Address {
private String homeAddress;
private String schoolAddress;
public class Student {
private int stuNum;
private String stuName;
private int stuAge;
private String graName;
private boolean stuSex;
private Address address;// Address为嵌套的对象
Mapper.xml中:
<!-- 级联 -->
<select id="queryStudentByAddress" parameterType="student" resultType="student">
select stunum,stuname,stuage from student where homeaddress=#{address.homeAddress} or schooladdress='${address.schoolAddress}'
</select>
三. 输入参数为:HashMap(Map<String,Object>)
输入参数为:HashMap(Map<String,Object>)
parameterType=“HashMap”,用HashMap替换student对象
SQL语句:where stuage=#{stuAge}
匹配:用map中的key值 匹配 占位符#{stuAge},如果匹配成功(key值等于stuAge),就用map的相应value替换占位符