第1种:在Java代码中添加sql通配符。

string wildcardname = "%tom%";
list<name> names = mapper.selectLike(wildcardname);
<select id="selectLike">
    select * from users where name like #{value}
</select>

第2种:在sql语句中拼接通配符,会引起sql注入

string wildcardname = "tom";
list<name> names = mapper.selectLike(wildcardname);
<select id="selectLike">
    select * from users where name like "%"#{value}"%"
</select>

标签: none

添加新评论