-
模糊查询like用法实例(Bee)
like通过两个匹配符%和_进行模糊查询.
%: 匹配任意个任意字符
_: 匹配一个字符
以下以userid为例, 在数据库中的值如下图所示:
V1.11及之前版本, 使用Op.like, 需要判断值是否为空字段,是否只含有匹配符(%和_)
Op.like可以创建比左右匹配更复杂的模糊查询,但需要防止,最终的值只包含有匹配符(%和_)
在V1.17( 1.17.0.9) 中,能明确%使用在左还是右,还是同时使用在左右, 则应该选用:likeLeft,likeRight,likeLeftRight;
Bee框架会对这三种用法的值进行转义(匹配符%,由框架添加), 转义后值中的%(如果有),只代表符号%.
where 条件中,不建议只使用not like一个过滤条件(结合其它条件使用则可以)- public class LikeTest {
- public static void main(String[] args) {
- test();
- }
- public static void test() {
- try{
- Suid suid = BeeFactory.getHoneyFactory().getSuid();
- Orders orders = new Orders();
- Condition condition=BF.getCondition();
- // condition
- .op("1=1 -- userid", Op.like, "bee%") // test invalid field
- .op("userid", Op.like, "bee%") //模糊查询
- // .op("userid", Op.like, "%") //模糊查询 只有%或_, 从1.17开始,Bee会抛出异常.
- .op("userid", Op.like, "_")
- .op("userid", Op.like, "")
- 使用Op.like,调用方需要对传入的字符进行过滤,特别是1.17之前的版本.
- // ;
- List
list2 =null; - list2=suid.select(orders, condition);
- // for (int i = 0; i < list2.size(); i++) {
- // Logger.info(list2.get(i).toString());
- // }
- condition=BF.getCondition();
- condition.op("userid", Op.like, "test\\%"); //userid是test%
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- condition=BF.getCondition();
- condition.op("userid", Op.like, "test%"); //test开头的
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- condition=BF.getCondition();
- condition.op("userid", Op.like, "test_"); //test开头有5个字符的
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- condition=BF.getCondition();
- condition.op("userid", Op.like, "test\\_"); //userid是test_
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- condition=BF.getCondition();
- condition.op("userid", Op.likeLeft, "test"); //likeLeft
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- condition=BF.getCondition();
- condition.op("userid", Op.likeRight, "test"); //likeRight
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- condition=BF.getCondition();
- condition.op("userid", Op.likeLeftRight, "test"); //likeLeftRight
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- condition=BF.getCondition();
- condition.op("userid", Op.likeLeft, "test%"); //likeLeft
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- System.out.println(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>");
- // condition=BF.getCondition();
- // condition.op("userid", Op.likeLeft, ""); //likeLeft
- // list2 = suid.select(orders, condition);
- // for (int i = 0; i < list2.size(); i++) {
- // Logger.info(list2.get(i).toString());
- // }
- // condition=BF.getCondition();
- // condition.op("userid", Op.likeLeft, null); //likeLeft
- // list2 = suid.select(orders, condition);
- // for (int i = 0; i < list2.size(); i++) {
- // Logger.info(list2.get(i).toString());
- // }
- condition=BF.getCondition();
- condition.op("userid", Op.likeLeft, "test\\%"); //likeLeft
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- condition=BF.getCondition();
- condition.op("userid", Op.likeLeft, "test_"); //likeLeft
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- condition=BF.getCondition();
- condition.op("userid", Op.likeLeft, "test\\u0025"); //likeLeft
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- System.out.println(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>2");
- condition=BF.getCondition();
- condition.op("userid", Op.like, "\\\u0025\\\u0025"); //like \u0025 is % 转义 \%是\\\u0025
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- condition=BF.getCondition();
- condition.op("userid", Op.likeLeft, "\\\u0025"); //like \u0025 is % 转义 \%是\\\u0025
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- //查询 userid=\u0025
- condition=BF.getCondition();
- condition.op("userid", Op.like, "\\\\u0025"); //like \u0025 is %
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- }catch (Exception e) {
- Logger.error("In ConditionExam (Exception):"+e.getMessage());
- e.printStackTrace();
- }
- }
- }
like需要防止是否会受到攻击,而暴露整个表的数据.
where 条件中,不建议只使用not like一个过滤条件(结合其它条件使用则可以)
最终的值只包含有匹配符(%和_)
- /**
- * V1.11及之前版本, 使用Op.like, 需要判断值是否为空字段,是否只含有匹配符(%和_)
- *
Op.like可以创建比左右匹配更复杂的模糊查询,但需要防止,最终的值只包含有匹配符(%和_) - *
在V1.17( 1.17.0.9) 中,能明确%使用在左还是右,还是同时使用在左右, 则应该选用:likeLeft,likeRight,likeLeftRight - *
where 条件中,不建议只使用not like一个过滤条件(结合其它条件使用则可以) - * @author Kingstar
- * @since 1.17
- */
- public class LikeEnhanceTest {
- private static PreparedSql preparedSql = BF.getPreparedSql();
- private static Suid suid = BF.getSuid();
- public static void main(String[] args) {
- try {
- Map
- map.put("name", "");
- selectNoPage(CustomSql.getCustomSql("example.autosql.like.isNotNull"), map);
- // example.autosql.like.isNotNull=select * from orders where
name like #{%name} - // name的值非null,会保留
之前的内容,但name的值为空字符,会有注入风险,所以报错. - } catch (Exception e) {
- e.printStackTrace();
- }
- Condition condition = null;
- List
list2 = null; - Orders orders = new Orders();
- try {
- condition = BF.getCondition();
- condition
- // .op("1=1 -- userid", Op.like, "bee%") // test invalid field
- // .op("userid", Op.like, "bee%") //模糊查询
- .op("userid", Op.like, "%") // 模糊查询 只有%或_, 从1.17开始,Bee会抛出异常.
- // .op("userid", Op.like, "_")
- // .op("userid", Op.like, "")
- // 使用Op.like,调用方需要对传入的字符进行过滤,特别是1.17之前的版本.
- ;
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
- try {
- condition = BF.getCondition();
- condition.op("userid", Op.like, "\u0025"); // like \u0025 is %
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
- try {
- condition = BF.getCondition();
- condition.op("userid", Op.like, "\u005f"); // like \u005f is _
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
- try {
- condition = BF.getCondition();
- condition.op("userid", Op.like, "\u0025\u0025"); // like \u0025 is %
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
- try {
- condition = BF.getCondition();
- condition.op("userid", Op.likeLeft, ""); // likeLeft
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
- try {
- condition = BF.getCondition();
- condition.op("userid", Op.likeLeft, null); // likeLeft
- list2 = suid.select(orders, condition);
- for (int i = 0; i < list2.size(); i++) {
- Logger.info(list2.get(i).toString());
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
- // PreparedSqlExam.java
- PreparedSql preparedSql = BF.getPreparedSql();
- String sql3_2 = CustomSql
- .getCustomSql("osql.example.entity.selectOrdersLikeNameViaMap2"); // %name
- Map
- // map2.put("name", "Bee");
- // map2.put("name", ""); //1.17之前的版本,需要判断传入的值不能为空字符,%,_.
- // case "%"
- try {
- map2.put("name", "%");
- // map2.put("name", "_");
- // map2.put("name", null);
- preparedSql.select(sql3_2, new Orders(), map2);// map
- } catch (Exception e) {
- e.printStackTrace();
- }
- // case ""
- try {
- map2 = new HashMap<>();
- map2.put("name", ""); // 1.17之前的版本,需要判断传入的值不能为空字符,%,_.
- preparedSql.select(sql3_2, new Orders(), map2);// map
- } catch (Exception e) {
- e.printStackTrace();
- }
- // case "_"
- try {
- map2 = new HashMap<>();
- map2.put("name", "_"); // 1.17之前的版本,需要判断传入的值不能为空字符,%,_.
- preparedSql.select(sql3_2, new Orders(), map2);// map
- } catch (Exception e) {
- e.printStackTrace();
- }
- // case null
- //[WARN] the parameter value in like is null !
- try {
- map2 = new HashMap<>();
- map2.put("name", null); // 1.17之前的版本,需要判断传入的值不能为空字符,%,_.
- preparedSql.select(sql3_2, new Orders(), map2);// map
- } catch (Exception e) {
- e.printStackTrace();
- }
- System.out.println("finished!");
- }
- private static void selectNoPage(String sql, Map
- List
list3 = preparedSql.select(sql, new Orders(), map);// map - }
- }
-
相关阅读:
ICCV 2023 | SuS-X:仅靠类别名称微调CLIP模型,剑桥大学联合DeepMind出品
【高性能计算】CUDA
机器学习中常用的分类算法总结
5G与UWB定位技术融合的四种方式
如何用一个插件解决 Serverless 灰度发布难题?
Harbor仓库概述
六、python Django REST framework GET参数处理[过滤、排序、分页]
等参单元与数值积分
Springboot对MVC、tomcat扩展配置
BRPC学习
- 原文地址:https://blog.csdn.net/abckingaa/article/details/126074366
