iBatis是一个基于SQL映射支持Java和·NET的持久层框架,相对Hibernate和ApacheOJB等“一站式”ORM解决方案而言,iBatis 是一种“半自动化”的ORM实现。
driver=com.mysql.jdbc.Driver url=jdbc:mysql://127.0.0.1:3306/test username=root password=root
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE sqlMapConfig PUBLIC "-//ibatis.apache.org//DTD SQL Map Config 2.0//EN" "http://ibatis.apache.org/dtd/sql-map-config-2.dtd"> <sqlMapConfig> <!-- 引用JDBC属性的配置文件 --> <properties resource="com/ligang/SqlMap.properties"/> <!-- 使用JDBC的事务管理 --> <transactionManager type="JDBC"> <!-- 数据源 --> <dataSource type="SIMPLE"> <property name="JDBC.Driver" value="${driver}"/> <property name="JDBC.ConnectionURL" value="${url}"/> <property name="JDBC.Username" value="${username}"/> <property name="JDBC.Password" value="${password}"/> </dataSource> </transactionManager> <!-- 这里可以写多个实体的映射文件 --> <sqlMap resource="com/ligang/Student.xml"/> </sqlMapConfig>
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE sqlMap PUBLIC "-//ibatis.apache.org//DTD SQL Map 2.0//EN" "http://ibatis.apache.org/dtd/sql-map-2.dtd"> <sqlMap> <!-- 通过typeAlias使得我们在下面使用Student实体类的时候不需要写包名 --> <typeAlias alias="Student" type="com.ligang.Student"/> <!-- id表示select里的sql语句,resultClass表示返回结果的类型 --> <select id="findAll" resultClass="Student"> select * from student </select> <!-- parameterClass表示参数的内容 --> <select id="findByID" parameterClass="String" resultClass="Student"> select * from student where id = #id# </select> <insert id="insertStudent" parameterClass="Student"> insert into Student(id,name,age,address) values(#id#,#name#,#age#,#address#) <!-- 返回自动增长值 --> <selectKey resultClass="String" keyProperty="id"> select @@identity as inserted </selectKey> </insert> <delete id="deleteStudentByID" parameterClass="String"> delete from student where id = #id# </delete> <delete id="deleteStudent" parameterClass="Student"> delete from Student where id = #id# </delete> <update id="updateStudent" parameterClass="Student"> update student set name=#name#,age=#age#,address=#address# where id = #id# </update> <!-- 模糊查询,使用$代替#。此种方法就是去掉了类型检查,使用字符串连接,不过可能会有sql注入风险--> <select id="selectByLike" parameterClass="String" resultClass="Student"> select * from student where name like ‘%$name$%‘ </select> <!-- 多条件组合查询 --> <!-- 方法一(对象构造查询参数) --> <!-- 项目中在写ibatis中的sql语句时,where user_id in (#user_id_list# ),运行时总是不行,这里不该用#,而应该用$,区别如下: 1.#是把传入的数据当作字符串,如#user_id_list#传入的是1,2,则sql语句生成是这样,in (‘1,2‘) ,当然不可以 2.$传入的数据直接生成在sql里,如#user_id_list#传入的是1,2,则sql语句生成是这样,in(1,2) 这就对了. 3.#方式能够很大程度防止sql注入. 4.$方式无法方式sql注入. 5.$方式一般用于传入数据库对象.例如传入表名. 6.一般能用#的就别用$. 直观的说 #str# 出来的效果是 ‘str‘ $str$ 出来的效果是 str 另外 ##只能用在特定的几个地方 $$可以用在任何地方 比如 order by $str$ 你甚至可以直接写 $str$ 把 order by 这个字串放在str里传进来 --> <select id="findByCon1" parameterClass="Student" resultClass="Student"> select * from student where name like ‘%$name$%‘ and age >= #age# </select> <!-- 方法二(map封装查询参数) --> <parameterMap class="java.util.HashMap" id="paramMap"> <parameter property="name"/> <parameter property="age"/> </parameterMap> <select id="findByCon2" parameterMap="paramMap" resultClass="Student"> select * from student where name like ? and age >= ? </select> </sqlMap>
package com.ligang; import java.io.IOException; import java.io.Reader; import java.sql.SQLException; import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; import com.ibatis.common.resources.Resources; import com.ibatis.sqlmap.client.SqlMapClient; import com.ibatis.sqlmap.client.SqlMapClientBuilder; public class StudentDaoImpl implements StudentDao { public static SqlMapClient sqlMapClient = null; static{ try { Reader reader = Resources.getResourceAsReader("com/ligang/SqlMapConfig.xml"); sqlMapClient = SqlMapClientBuilder.buildSqlMapClient(reader); } catch (IOException e) { e.printStackTrace(); } } public List<Student> findAll() { List<Student> list = null; try { list = sqlMapClient.queryForList("findAll"); } catch (SQLException e) { e.printStackTrace(); } return list; } public Student findByID(String id){ Student student = null; try { student = (Student) sqlMapClient.queryForObject("findByID", id); } catch (SQLException e) { e.printStackTrace(); } return student; } public void addStudent(Student student){ try { sqlMapClient.insert("insertStudent",student); } catch (SQLException e) { e.printStackTrace(); } } public void deleteStudentByID(String id){ try { sqlMapClient.delete("deleteStudentByID",id); } catch (SQLException e) { e.printStackTrace(); } } public void deleteStudent(Student student){ try { sqlMapClient.delete("deleteStudent",student); } catch (SQLException e) { e.printStackTrace(); } } public void updateStudent(Student student){ try { sqlMapClient.update("updateStudent", student); } catch (SQLException e) { e.printStackTrace(); } } public List<Student> findByCon(String name){ List<Student> stuList = new ArrayList<Student>(); try { stuList = sqlMapClient.queryForList("selectByLike",name); } catch (SQLException e) { e.printStackTrace(); } return stuList; } public List<Student> findByCon(Student student){ List<Student> stuList = new ArrayList<Student>(); try { stuList = sqlMapClient.queryForList("findByCon1",student); } catch (SQLException e) { e.printStackTrace(); } return stuList; } public List<Student> findByCon(Map map){ List<Student> stuList = new ArrayList<Student>(); try { stuList = sqlMapClient.queryForList("findByCon2",map); } catch (SQLException e) { e.printStackTrace(); } return stuList; } }
原文:http://blog.csdn.net/ligang2585116/article/details/43410697