XsqlFilterResult----动态生成sql语句的类,过滤一些为空的查询条件 .
2013-03-25 16:15
741 查看
XsqlBuilder用于可以动态构造sql语句,避免在构造sql时使用过多的 if 判断,与SafeSqlProcesser集成提供防止sql注入攻击,与DataModifier集成完成数据类型的转换
动态构造sql示例:
Java代码
![](http://images.cnblogs.com/icon_copy.gif)
![](http://images.cnblogs.com/icon_star.png)
String
xsql = "select * from user where 1=1
/~ and username = {username} ~/
/~ and password = {password} ~/
/~ and age = [age] ~/
/~ and sex = [sex] ~/"
Map filters = new HashMap();
filters.put("username", "badqiu");
filters.put("age", "12");
filters.put("sex", "");
XsqlFilterResult result = xsqlBuilder.applyFilters(xsql,filters);
[java]
view plaincopyprint?
String xsql = "select * from user where 1=1 /~ and username = {username} ~/ /~ and password = {password} ~/ /~ and age = [age] ~/ /~ and sex = [sex] ~/" Map filters = new HashMap(); filters.put("username", "badqiu"); filters.put("age", "12"); filters.put("sex", ""); XsqlFilterResult result = xsqlBuilder.applyFilters(xsql,filters);
构造生成的结果result.getXsql()将会等于
Sql代码
![](http://images.cnblogs.com/icon_copy.gif)
![](http://images.cnblogs.com/icon_star.png)
select * fromuserwhere 1=1 and username={username} andage=12
[sql]
view plaincopyprint?
select * from user where 1=1 and username={username} and age=12
被过滤删除的段: /~ and password = {password} ~/这一段由于在filters中password不存在而没有被构造出来 /~ and sex = [sex] ~/由于sex的值为空串也没有被构造出来
最后result.acceptedFilters值
Java代码
![](http://images.cnblogs.com/icon_copy.gif)
![](http://images.cnblogs.com/icon_star.png)
Map
acceptedFilters = result.getAcceptedFilters();
会等于:
{username=badqiu}
[java]
view plaincopyprint?
Map acceptedFilters = result.getAcceptedFilters(); 会等于: {username=badqiu}
相关符号介绍:
/~ segment... ~/ 为一个条件代码块 {key} 过滤器中起标记作用的key,作为后面可以替换为sql的?,或是hql的:username标记 [key] 将直接替换为key value
数据类型转换示例:
select * from user where and 1=1 /~ age={age?int} ~/ 将会将Map filters中key=age的值转换为int类型
项目地址:http://code.google.com/p/rapid-xsqlbuilder/
下载地址:http://rapid-xsqlbuilder.googlecode.com/files/xsqlbuilder-1.0.zip
动态构造sql示例:
Java代码
![](http://images.cnblogs.com/icon_copy.gif)
![](http://images.cnblogs.com/icon_star.png)
String
xsql = "select * from user where 1=1
/~ and username = {username} ~/
/~ and password = {password} ~/
/~ and age = [age] ~/
/~ and sex = [sex] ~/"
Map filters = new HashMap();
filters.put("username", "badqiu");
filters.put("age", "12");
filters.put("sex", "");
XsqlFilterResult result = xsqlBuilder.applyFilters(xsql,filters);
[java]
view plaincopyprint?
String xsql = "select * from user where 1=1 /~ and username = {username} ~/ /~ and password = {password} ~/ /~ and age = [age] ~/ /~ and sex = [sex] ~/" Map filters = new HashMap(); filters.put("username", "badqiu"); filters.put("age", "12"); filters.put("sex", ""); XsqlFilterResult result = xsqlBuilder.applyFilters(xsql,filters);
String xsql = "select * from user where 1=1 /~ and username = {username} ~/ /~ and password = {password} ~/ /~ and age = [age] ~/ /~ and sex = [sex] ~/" Map filters = new HashMap(); filters.put("username", "badqiu"); filters.put("age", "12"); filters.put("sex", ""); XsqlFilterResult result = xsqlBuilder.applyFilters(xsql,filters);
构造生成的结果result.getXsql()将会等于
Sql代码
![](http://images.cnblogs.com/icon_copy.gif)
![](http://images.cnblogs.com/icon_star.png)
select * fromuserwhere 1=1 and username={username} andage=12
[sql]
view plaincopyprint?
select * from user where 1=1 and username={username} and age=12
select * from user where 1=1 and username={username} and age=12
被过滤删除的段: /~ and password = {password} ~/这一段由于在filters中password不存在而没有被构造出来 /~ and sex = [sex] ~/由于sex的值为空串也没有被构造出来
最后result.acceptedFilters值
Java代码
![](http://images.cnblogs.com/icon_copy.gif)
![](http://images.cnblogs.com/icon_star.png)
Map
acceptedFilters = result.getAcceptedFilters();
会等于:
{username=badqiu}
[java]
view plaincopyprint?
Map acceptedFilters = result.getAcceptedFilters(); 会等于: {username=badqiu}
Map acceptedFilters = result.getAcceptedFilters(); 会等于: {username=badqiu}
相关符号介绍:
/~ segment... ~/ 为一个条件代码块 {key} 过滤器中起标记作用的key,作为后面可以替换为sql的?,或是hql的:username标记 [key] 将直接替换为key value
数据类型转换示例:
select * from user where and 1=1 /~ age={age?int} ~/ 将会将Map filters中key=age的值转换为int类型
项目地址:http://code.google.com/p/rapid-xsqlbuilder/
下载地址:http://rapid-xsqlbuilder.googlecode.com/files/xsqlbuilder-1.0.zip
相关文章推荐
- XsqlFilterResult----动态生成sql语句的类,过滤一些为空的查询条件
- XsqlFilterResult----动态生成sql语句的类,过滤一些为空的查询条件
- Jfinal适用于条件查询的动态SQL语句生成工具
- 动态生成SQL查询条件定制表单及语句的脚本
- 使用反射让linq实现动态查询, 类似拼接sql语句的where 条件
- 动态sql语句拼接查询条件
- 使用SQL查询语句时,数组动态赋值SQL IN ()作为条件条件一个
- 在SQL存储过程内拼条件,动态生成SQL语句执行
- Mybatis:关于动态生成sql语句的一些问题
- MySQL中动态生成多条件查询语句
- hibernate根据条件动态组装sql/hql语句(仿ibatis动态查询语句功
- hibernate常用查询语句动态生成类(包括条件和无条件查询)
- 使用SQL查询语句时,数组动态赋值SQL IN ()作为条件条件一个
- 你必须掌握的一些常见的SQL语句,包含单表查询、高级查询(连接查询、复合条件查询、嵌套查询)
- 动态生成多条件查询语句
- hibernate常用查询语句动态生成类(包括条件和无条件查询)
- oracle 查询语句根据参数值来动态生成条件
- Hibernate_根据条件动态组装sql/hql语句(仿ibatis动态查询语句功能)
- 分享一些常见的SQL语句,包含单表查询、高级查询(连接查询、复合条件查询、嵌套查询等)。
- MyBatis中动态SQL语句完成多条件查询