mysql - JavaEE JdbcTemplate 商城列表属性筛选SQL一般怎么写
不知道用户现在什么参数,SQL怎么写,一个一个判断是否为空?
那 jdbcTemplate.query(sql, rowMapper, ...); 这个里面呢
不知道用户现在什么参数,SQL怎么写,一个一个判断是否为空?
那 jdbcTemplate.query(sql, rowMapper, ...); 这个里面呢
巴扎黑2017-04-17 12:04:35
https://github.com/hongliuliao/yuetu-orm/blob/master/src/com/finallygo...
Refer to this getSelectSql method, obj is an object composed of all query conditions
巴扎黑2017-04-17 12:04:35
Didn’t the front-end page obtain what the user selected and send the content selected by the user to the backend? The backend would know what the user selected and then assemble the sql. This may cause sql injection problems. You can judge Is the value passed down legal?
天蓬老师2017-04-17 12:04:35
Tell the truth! This function may not be as simple as directly querying with sql. You have simplified the problem