1. if
This statement would provide an optional text search type of functionality.
<select id="findActiveBlogWithTitleLike" resultType="Blog">
SELECT * FROM BLOG
WHERE state = 'ACTIVE'
<if test="title != null">
AND title = #{title}
</if>
</select>
2. choose, when, otherwise
Sometimes we don’t want all of the conditionals to apply, instead we want to choose only one case among many options.
<select id="findActiveBlogLike" resultType="Blog">
SELECT * FROM BLOG WHERE state = 'ACTIVE'
<choose>
<when test="title != null">
AND title = #{title}
</when>
<when test="author != null and author.name != null">
AND author_name = #{author.name}
</when>
<otherwise>
AND featured = 1
</otherwise>
</choose>
</select>
3. set
The set element can be used to dynamically include columns to update, and leave out others.
A:
<update id="updateAuthorIfNecessary">
update Author
<set>
<if test="username != null">username=#{username},</if>
<if test="password != null">password=#{password},</if>
<if test="email != null">email=#{email},</if>
<if test="bio != null">bio=#{bio}</if>
</set>
where id=#{id}
B:
</update>
<update id="updateAuthorIfNecessary">
update Author set
<if test="username != null">username=#{username},</if>
<if test="password != null">password=#{password},</if>
<if test="email != null">email=#{email},</if>
<if test="bio != null">bio=#{bio}</if>
where id=#{id}
</update>
If bio is null
A. update Author set username = 'xx', password= 'xx', email = 'xx'[not has , due to <set> tag will remove it] where id = 'x'
B. update Author set username = 'xx', password= 'xx', email = 'xx', where id = 'x'
4. foreach
The foreach element is very powerful, and allows you to specify a collection, declare item and index variables that can be used inside the body of the element. It also allows you to specify opening and closing strings, and add a separator to place in between iterations. The element is smart in that it won’t accidentally append extra separators.
<select id="selectPostIn" resultType="domain.blog.Post">
SELECT *
FROM POST P
WHERE ID in
<foreach item="item" index="index" collection="list"
open="(" separator="," close=")">
#{item}
</foreach>
</select>
1. trim
<trim prefix="WHERE" prefixOverrides="AND |OR ">
...</trim>
Sample:
select * from user
<trim prefix="WHERE" prefixoverride="AND |OR">
<if test="name != null and name.length()>0"> AND name=#{name}</if>
<if test="gender != null and gender.length()>0"> AND gender=#{gender}</if>
</trim>
If name and gender are not null, the SQL will be like this: select * from user where name = 'xx' and gender = 'xx'.
prefix:前綴
prefixoverride: remove 1st AND/OR
update user
<trim prefix="set" suffixoverride="," suffix=" where id = #{id} ">
<if test="name != null and name.length()>0"> name=#{name} , </if>
<if test="gender != null and gender.length()>0"> gender=#{gender} , </if>
</trim>
If name and gender are not null, the SQL will be like this: update user set name='xx' , gender='xx' where id='x'.
suffix: 後綴
suffixoverride: remove last character “,”
where: search condition
Note
A)Escape character in MyBatis XML
Sample:
where id >= 1(wrong)
where id >= 1(correct)
http://www.cnblogs.com/baizhanshi/p/5778692.html
By default, using the #{} syntax will cause MyBatis to generate PreparedStatement properties and set the values safely against the PreparedStatement parameters (e.g. ?). While this is safer, faster and almost always preferred, sometimes you just want to directly inject a string unmodified into the SQL Statement. For example, for ORDER BY, you might use something like this:
ORDER BY ${columnName}
Here MyBatis won't modify or escape the string.
NOTE It's not safe to accept input from a user and supply it to a statement unmodified in this way. This leads to potential SQL Injection attacks and therefore you should either disallow user input in these fields, or always perform your own escapes and checks.