<if test="parameter=! null"> returns 1
822 views
Skip to first unread message
Joy
Apr 15, 2021, 3:04:34 AM4/15/21
to mybatis-user
In my Spring MVC project,
I made a typo <if test = "parameter =! null"> instead of <if test ="parameter != null">
then, mybatis returns 1.
mybatis version : 3.4.5
mybatis-spring version : 1.3.2
Database : Oracle Database 12c Enterprise Edition Release 12.2.0.1.0
Spring Framework version : 4.3.16.RELEASE
Java version : 1.8
Here is the code
- parameter = '1234'
---[ code ]------------------------------------
SELECT
A, B, C
FROM
TABLE
WHERE
1=1
<if test = "parameter =! null">
AND column = #{parameter}
</if>
---[
expectation SQL ]------------------------------------
SELECT
A, B, C
FROM
TABLE
WHERE
1=1
AND column = '1234'
---[ result SQL ]------------------------------------
SELECT
A, B, C
FROM
TABLE
WHERE
1=1
AND column = 1
I already fix the typo and my project works well now
But I wanna figure out how does it works!
I mean,, I wanna know why mybatis returns only 1 not '1' or null.
Thank you for your supports!
M Huzaifah
Apr 15, 2021, 9:14:48 AM4/15/21
to mybati...@googlegroups.com
Because you are using #{parameter} not ${parameter}
Regards
--
You received this message because you are subscribed to the Google Groups "mybatis-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mybatis-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/mybatis-user/3a46164e-9636-4b1b-8836-a7eb024c6c81n%40googlegroups.com.
Message has been deleted
Joy
Apr 15, 2021, 9:09:45 PM4/15/21
to mybatis-user
OH I just remembered that the difference between # and $.
#{parameter} changes 123 to '123'
and ${parameter} just return 123.
That's not the right answer for my question.
But Thank you for your attention!
then, I have one more question.
As I know, the 'test' in the tag is for checking conditions.
but I can put some value in the parameter inside of 'test'.
is it a bug? or intended grammar?
Guy Rouillier
Apr 15, 2021, 10:15:13 PM4/15/21
to mybati...@googlegroups.com
The difference between #{} vs ${} is that the first is a proper SQL parameter, while the second is a text substitution. So, in general, you should use the first to protect against potential SQL injection, especially with end-user input data.
I don't understand what you mean by "put some value in the parameter inside of 'test'". Please provide an actual example.
--
Guy Rouillier
To view this discussion on the web visit https://groups.google.com/d/msgid/mybatis-user/8e9401a9-5abc-492e-9021-9d11c7882632n%40googlegroups.com.
Joy
Apr 15, 2021, 10:56:05 PM4/15/21
to mybatis-user
Hi,
here's an example.
---[ code ]------------------------------------
SELECT
A, B, C
FROM
TABLE
WHERE
1=1
<if test = "param = '1234' and param != ''">
AND column = #{parameter}
</if>
---[ result SQL ]------------------------------------
SELECT
A, B, C
FROM
TABLE
WHERE
1=1
AND column = '1234'
how does it work?
Guy Rouillier
Apr 17, 2021, 3:55:01 AM4/17/21
to mybati...@googlegroups.com
Oh, okay, thanks for the example, that helps to understand. No, that is not a bug, constants are allowed.
--
Guy Rouillier
To view this discussion on the web visit https://groups.google.com/d/msgid/mybatis-user/74bf0c2c-2667-44b3-8a1c-4e5a53233b17n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages