多条件查询时,拼接原生sql语句的方法

代码完善:
/*
* @author:  张齐
* @说明:  根据前台用输入的查询条件,得到一个原生查询语句
* @param  searchCondition 参数数组
* @return SQLQuery 返回的原生sql语句
*/
public SQLQuery getSqlQuery(String[] searchCondition){

     List<Object> searchParamList = new ArrayList<Object>();
StringBuffer sbuf = new StringBuffer("select * from v_sms_mobile ");
boolean judge = false;
if(searchCondition[0]!=null&&!searchCondition[0].trim().equals("")){
sbuf.append(" where content like ?");
searchParamList.add("%"+searchCondition[0]+"%");
judge = true;
}
    if(searchCondition[1]!=null&&!searchCondition[1].trim().equals("")){
    if(judge){
    sbuf.append(" and description like ?");
    judge = false;
    }else{
    sbuf.append(" where description liek ?");
    judge = true;
    }
    searchParamList.add("%"+searchCondition[1]+"%");
    }
    if(searchCondition[2]!=null&&!searchCondition[2].trim().equals("")){
    if(judge){
    sbuf.append(" and status =?");
    judge = false;
    }else{
    sbuf.append(" where status =?");
    judge = true;
    }
    searchParamList.add(searchCondition[2]);
    }
if(searchCondition[3]!=null&&!searchCondition[3].trim().equals("")){
if(judge){
sbuf.append(" and mobile like ?");
    judge = false;
}else{
sbuf.append(" where mobile like ?");
    judge = true;
}
searchParamList.add("%"+searchCondition[3]+"%");


//当开始和结束时间都不为空时
if(searchCondition[4]!=null&&!searchCondition[4].trim().equals("")&&searchCondition[5]!=null&&!searchCondition[5].trim().equals("")){
if(judge){
sbuf.append(" and sendDate >=? and sendDate <=?");
    judge = false;
}else{
sbuf.append(" where sendDate >=? and sendDate <=?");
    judge = true;
}
SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd");

try {
searchParamList.add(sdf.parse(searchCondition[4]));
searchParamList.add(new Date(sdf.parse(searchCondition[5]).getTime()+1*24*60*60*1000L));
} catch (ParseException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
//当开始时间不空,结束时间为空时,则默认结束时间为当前时间
/*if(searchCondition[4]!=null&&!searchCondition[4].trim().equals("")&&searchCondition[5]==null&&searchCondition[5].trim().equals("")){
if(judge){
sbuf.append(" and sendDate >=? and sendDate <=?");
    judge = false;
}else{
sbuf.append(" where sendDate >=? and sendDate <=?");
    judge = true;
}
SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd");

try {
searchParamList.add(sdf.parse(searchCondition[4]));
searchParamList.add(new Date(new Date().getTime()+1*24*60*60*1000L));
} catch (ParseException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}*/
       if(searchCondition[6]!=null&&!searchCondition[6].trim().equals("")){
       if(judge){
    sbuf.append(" and code like ?");
    judge = false;
    }else{
    sbuf.append(" where code like ?");
    judge = true;
    }
       searchParamList.add("%"+searchCondition[6]+"%");
       }
   if(searchCondition[7]!=null&&!searchCondition[7].trim().equals("")){
   if(judge){
sbuf.append(" and reportErrorCode like ?");
    judge = false;
}else{
sbuf.append(" where reportErrorCode like ?");
    judge = true;
}
   searchParamList.add("%"+searchCondition[7]+"%");
   }
   Session session = getSessionFactory().getCurrentSession();
   SQLQuery sqlQuery = session.createSQLQuery(sbuf.toString());
  for(int i=0;i<searchParamList.size();i++)
  sqlQuery.setParameter(i, searchParamList.get(i));
return sqlQuery;

}
这样写比上一次那样写的好处:
1.防止依赖注入
2.当切换数据库时可以不用改写后台代码。这种写法是通用写法,不会因为随着数据库的改变而去更换代码。

你可能感兴趣的:(sql)