当前位置:网站首页>模糊查询like用法实例(Bee)
模糊查询like用法实例(Bee)
2022-08-02 20:29:00 【abckingaa】
like通过两个匹配符%和_进行模糊查询.
%: 匹配任意个任意字符
_: 匹配一个字符
以下以userid为例, 在数据库中的值如下图所示:
V1.11及之前版本, 使用Op.like, 需要判断值是否为空字段,是否只含有匹配符(%和_)
Op.like可以创建比左右匹配更复杂的模糊查询,但需要防止,最终的值只包含有匹配符(%和_)
在V1.17( 1.17.0.9) 中,能明确%使用在左还是右,还是同时使用在左右, 则应该选用:likeLeft,likeRight,likeLeftRight;
Bee框架会对这三种用法的值进行转义(匹配符%,由框架添加), 转义后值中的%(如果有),只代表符号%.
where 条件中,不建议只使用not like一个过滤条件(结合其它条件使用则可以)
public class LikeTest {
public static void main(String[] args) {
test();
}
public static void test() {
try{
Suid suid = BeeFactory.getHoneyFactory().getSuid();
Orders orders = new Orders();
Condition condition=BF.getCondition();
// condition
.op("1=1 -- userid", Op.like, "bee%") // test invalid field
.op("userid", Op.like, "bee%") //模糊查询
// .op("userid", Op.like, "%") //模糊查询 只有%或_, 从1.17开始,Bee会抛出异常.
.op("userid", Op.like, "_")
.op("userid", Op.like, "")
使用Op.like,调用方需要对传入的字符进行过滤,特别是1.17之前的版本.
// ;
List<Orders> list2 =null;
list2=suid.select(orders, condition);
// for (int i = 0; i < list2.size(); i++) {
// Logger.info(list2.get(i).toString());
// }
condition=BF.getCondition();
condition.op("userid", Op.like, "test\\%"); //userid是test%
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
condition=BF.getCondition();
condition.op("userid", Op.like, "test%"); //test开头的
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
condition=BF.getCondition();
condition.op("userid", Op.like, "test_"); //test开头有5个字符的
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
condition=BF.getCondition();
condition.op("userid", Op.like, "test\\_"); //userid是test_
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
condition=BF.getCondition();
condition.op("userid", Op.likeLeft, "test"); //likeLeft
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
condition=BF.getCondition();
condition.op("userid", Op.likeRight, "test"); //likeRight
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
condition=BF.getCondition();
condition.op("userid", Op.likeLeftRight, "test"); //likeLeftRight
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
condition=BF.getCondition();
condition.op("userid", Op.likeLeft, "test%"); //likeLeft
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
System.out.println(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>");
// condition=BF.getCondition();
// condition.op("userid", Op.likeLeft, ""); //likeLeft
// list2 = suid.select(orders, condition);
// for (int i = 0; i < list2.size(); i++) {
// Logger.info(list2.get(i).toString());
// }
// condition=BF.getCondition();
// condition.op("userid", Op.likeLeft, null); //likeLeft
// list2 = suid.select(orders, condition);
// for (int i = 0; i < list2.size(); i++) {
// Logger.info(list2.get(i).toString());
// }
condition=BF.getCondition();
condition.op("userid", Op.likeLeft, "test\\%"); //likeLeft
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
condition=BF.getCondition();
condition.op("userid", Op.likeLeft, "test_"); //likeLeft
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
condition=BF.getCondition();
condition.op("userid", Op.likeLeft, "test\\u0025"); //likeLeft
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
System.out.println(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>2");
condition=BF.getCondition();
condition.op("userid", Op.like, "\\\u0025\\\u0025"); //like \u0025 is % 转义 \%是\\\u0025
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
condition=BF.getCondition();
condition.op("userid", Op.likeLeft, "\\\u0025"); //like \u0025 is % 转义 \%是\\\u0025
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
//查询 userid=\u0025
condition=BF.getCondition();
condition.op("userid", Op.like, "\\\\u0025"); //like \u0025 is %
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
}catch (Exception e) {
Logger.error("In ConditionExam (Exception):"+e.getMessage());
e.printStackTrace();
}
}
}like需要防止是否会受到攻击,而暴露整个表的数据.
where 条件中,不建议只使用not like一个过滤条件(结合其它条件使用则可以)
最终的值只包含有匹配符(%和_)
/**
* V1.11及之前版本, 使用Op.like, 需要判断值是否为空字段,是否只含有匹配符(%和_)
* <br>Op.like可以创建比左右匹配更复杂的模糊查询,但需要防止,最终的值只包含有匹配符(%和_)
* <br>在V1.17( 1.17.0.9) 中,能明确%使用在左还是右,还是同时使用在左右, 则应该选用:likeLeft,likeRight,likeLeftRight
* <br>where 条件中,不建议只使用not like一个过滤条件(结合其它条件使用则可以)
* @author Kingstar
* @since 1.17
*/
public class LikeEnhanceTest {
private static PreparedSql preparedSql = BF.getPreparedSql();
private static Suid suid = BF.getSuid();
public static void main(String[] args) {
try {
Map<String, Object> map = new HashMap<>();
map.put("name", "");
selectNoPage(CustomSql.getCustomSql("example.autosql.like.isNotNull"), map);
// example.autosql.like.isNotNull=select * from orders where <if isNotNull>name like #{%name}</if>
// name的值非null,会保留<if isNotNull></if>之前的内容,但name的值为空字符,会有注入风险,所以报错.
} catch (Exception e) {
e.printStackTrace();
}
Condition condition = null;
List<Orders> list2 = null;
Orders orders = new Orders();
try {
condition = BF.getCondition();
condition
// .op("1=1 -- userid", Op.like, "bee%") // test invalid field
// .op("userid", Op.like, "bee%") //模糊查询
.op("userid", Op.like, "%") // 模糊查询 只有%或_, 从1.17开始,Bee会抛出异常.
// .op("userid", Op.like, "_")
// .op("userid", Op.like, "")
// 使用Op.like,调用方需要对传入的字符进行过滤,特别是1.17之前的版本.
;
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
} catch (Exception e) {
e.printStackTrace();
}
try {
condition = BF.getCondition();
condition.op("userid", Op.like, "\u0025"); // like \u0025 is %
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
} catch (Exception e) {
e.printStackTrace();
}
try {
condition = BF.getCondition();
condition.op("userid", Op.like, "\u005f"); // like \u005f is _
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
} catch (Exception e) {
e.printStackTrace();
}
try {
condition = BF.getCondition();
condition.op("userid", Op.like, "\u0025\u0025"); // like \u0025 is %
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
} catch (Exception e) {
e.printStackTrace();
}
try {
condition = BF.getCondition();
condition.op("userid", Op.likeLeft, ""); // likeLeft
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
} catch (Exception e) {
e.printStackTrace();
}
try {
condition = BF.getCondition();
condition.op("userid", Op.likeLeft, null); // likeLeft
list2 = suid.select(orders, condition);
for (int i = 0; i < list2.size(); i++) {
Logger.info(list2.get(i).toString());
}
} catch (Exception e) {
e.printStackTrace();
}
// PreparedSqlExam.java
PreparedSql preparedSql = BF.getPreparedSql();
String sql3_2 = CustomSql
.getCustomSql("osql.example.entity.selectOrdersLikeNameViaMap2"); // %name
Map<String, Object> map2 = new HashMap<>();
// map2.put("name", "Bee");
// map2.put("name", ""); //1.17之前的版本,需要判断传入的值不能为空字符,%,_.
// case "%"
try {
map2.put("name", "%");
// map2.put("name", "_");
// map2.put("name", null);
preparedSql.select(sql3_2, new Orders(), map2);// map
} catch (Exception e) {
e.printStackTrace();
}
// case ""
try {
map2 = new HashMap<>();
map2.put("name", ""); // 1.17之前的版本,需要判断传入的值不能为空字符,%,_.
preparedSql.select(sql3_2, new Orders(), map2);// map
} catch (Exception e) {
e.printStackTrace();
}
// case "_"
try {
map2 = new HashMap<>();
map2.put("name", "_"); // 1.17之前的版本,需要判断传入的值不能为空字符,%,_.
preparedSql.select(sql3_2, new Orders(), map2);// map
} catch (Exception e) {
e.printStackTrace();
}
// case null
//[WARN] the parameter value in like is null !
try {
map2 = new HashMap<>();
map2.put("name", null); // 1.17之前的版本,需要判断传入的值不能为空字符,%,_.
preparedSql.select(sql3_2, new Orders(), map2);// map
} catch (Exception e) {
e.printStackTrace();
}
System.out.println("finished!");
}
private static void selectNoPage(String sql, Map<String, Object> map) {
List<Orders> list3 = preparedSql.select(sql, new Orders(), map);// map
}
}
边栏推荐
猜你喜欢
php 单引号 双引号 -> => return echo
你是几星测试/开发程序员?技术型选手王大拿......
A brief discussion on the transformation of .NET legacy applications
Electrical diagram of power supply system
信息学奥赛一本通(1258:【例9.2】数字金字塔)
"A daily practice, happy water problem" 1374. Generate a string with an odd number of each character
![LeetCode 622 设计循环队列[数组 队列] HERODING的LeetCode之路](/img/dc/ba5a0c3f6a58283d79c5916376e49e.png)
LeetCode 622 设计循环队列[数组 队列] HERODING的LeetCode之路
【流媒体】推流与拉流简介
Packages and packages, access modifiers
广东省数字经济发展指引 1.0之建成数据安全保障体系
随机推荐
Which thread pool does Async use?
广东省数字经济发展指引 1.0之建成数据安全保障体系
Packages and packages, access modifiers
二丙二醇甲醚醋酸酯
How to quickly compare two byte arrays for equality in .NET
Details in C# you don't know
供电系统电气图
2022年金九银十,Android面试中高频必问的问题汇总
数字孪生助力智慧城市可视化建设
ImageNet下载及处理
The five classification of software testing
Golang source code analysis: juju/ratelimit
实现fashion_minst服装图像分类
Flink Yarn Per Job - 创建启动Dispatcher RM JobManager
WPF development through practical 】 【 automatic production management platform
什么是 IDE
ALV concept explanation
【手撕AHB-APB Bridge】~ AMBA总线 之 APB
js how to get the browser zoom ratio
Triacetin是什么化学材料