log4j配置文件:log4j.properties
# Global logging configuration
log4j.rootLogger = ERROR,stdout
# MyBatis logging configuration...
log4j.logger.top.mootong = DEBUG
# Console output...
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%5p [%t] -%m%n
持久类:Customer.java
package top.mootong.po;
public class Customer {
private Integer id;
private String userName;
private String jobs;
private String phone;
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getUserName() {
return userName;
}
public void setUserName(String userName) {
this.userName = userName;
}
public String getJobs() {
return jobs;
}
public void setJobs(String jobs) {
this.jobs = jobs;
}
public String getPhone() {
return phone;
}
public void setPhone(String phone) {
this.phone = phone;
}
@Override
public String toString() {
return "Customer{" +
"id=" + id +
", userName='" + userName + '\'' +
", jobs='" + jobs + '\'' +
", phone='" + phone + '\'' +
'}';
}
}
映射文件:CusteomerMapper.xml
insert into t_customer(username,jobs,phone) values (#{username},#{jobs},#{phone})
update t_customer set username=#{username},jobs=#{jobs},phone=#{phone} where id =#{id}
delete from t_customer where id=#{id}
*元素是配置文件的根元素,它包含一个namespace属性,该属性为这个元素指定了唯一的命名空间,通常会设置成”包名+SQL映射文件名“的形式
*在定义的SQL查询语句中,“#{}”用于表示一个占位符,相当于?,而“#{id}”表示该占位符待接收参数的名称为id。
MyBatis配置文件:mybatis-config.xml
*配置文件一方面配置了环境(数据源),另一方面配置了映射文件的位置
测试类:MyBatisTest
package top.mootong.top.mootong.test;
import org.apache.ibatis.session.SqlSession;
import org.junit.Test;
import top.mootong.po.Customer;
import top.mootong.util.SqlSessionUtil;
public class MybatisTest {
private String resource = "mybatis-config.xml";
@Test
public void findCustomerByIdTest() throws Exception {
SqlSession sqlSession = SqlSessionUtil.getSqlSession(resource);
Customer customer = sqlSession.selectOne("top.mootong.mapper.CustomerMapper.findCustomerById",1);
System.out.println(customer);
sqlSession.close();
}
}
*SQL语句中的" " 用 来 拼 接 S Q L 的 字 符 串 , 即 不 加 解 释 的 原 样 输 出 " {}"用来拼接SQL的字符串,即不加解释的原样输出" "用来拼接SQL的字符串,即不加解释的原样输出"{value}"表示要拼接的简单类型参数;
*使用${}无法避免参数注入的问题,所以既要实现模糊查询,又要防止SQL注入,可以使用concat()函数进行拼接:
select * from t_customer where username like concat('%',#{value},'%')
insert into t_customer(username,jobs,phone) values (#{username},#{jobs},#{phone})
*#{username}会查找参数对象的username属性;
update t_customer set username=#{username},jobs=#{jobs},phone=#{phone} where id =#{id}
delete from t_customer where id=#{id}