阅读量:139
mybatis拼接sql注入的方法:
利用if语句实现,xml代码如下。
<select id="dynamicIfTest" parameterType="Blog" resultType="Blog">select * from t_blog where 11 = 1
and title = #{title}
and content = #{content}
and owner = #{owner}
</select>