spring-expression
实现功能:比如将“select * from user where name like #{name} and age>#{age}”模板,根据User user = new User();的属性替换得到最终字符串。
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-expression</artifactId>
<version>5.0.0.RELEASE</version>
</dependency>
代码:
User user = new User();
user.setAge(20);
user.setName(“zhangwei”);
SpelExpressionParser parser = new SpelExpressionParser();
ParserContext context = new TemplateParserContext(“#{“,”}”);//sql注入问题
Expression exp = parser.parseExpression(“select * from user u where name = ‘#{name}’ and age >= #{age};”,context );
System.out.println(exp.getValue(user));
//结果:select * from user u where name = ‘zhangwei’ and age >= 20;