mybatis拼接sql注入的方法:
利用if语句实现,xml代码如下。
<select id="dynamicIfTest" parameterType="Blog" resultType="Blog">select * from t_blog where 11 = 1
<if test="title != null">
and title = #{title}
</if>
<if test="content != null">
and content = #{content}
</if>
<if test="owner != null">
and owner = #{owner}
</if>
</select>