MyBatis mapper文件中的变量引用方式#{}与${}的差别
- ${}用于sql的拼接。group by 字段 ,order by 字段,表名,字段名等没法使用占位符的就需要使用${}
- #{}取值,传递参数,就是一个占位符,可以防止SQL注入
<select id="get" parameterType="java.util.Map" resultMap="test">
SELECT
<include refid="sql_column_list" />
FROM test
<trim prefix="WHERE" prefixOverrides="AND">
<include refid="sql_condition" />
</trim>
<if test="orderBy != null">
ORDER BY ${orderBy}
</if>
LIMIT 1
</select>
<if test="condition.userId != null and condition.userId != ''">
AND user_id = #{condition.userId ,jdbcType=VARCHAR}
</if>