1 Mapper XML
- select
- insert, update and delete
- sql
- Parameters
- Result Maps
- Auto-mapping
- cache
2 Parameters
2.1 简单参数
Parameters are very powerful elements in MyBatis. For simple situations, probably 90% of the cases, there's not much to them。
Parameters 是 MyBatis 中非常强大的元素。在简单使用中,90%的情况下参数都很少。
<select id="selectUsers" resultType="User">
select id, username, password
from users
where id = #{id}
</select>
The example above demonstrates a very simple named parameter mapping.The parameterType is set to int, so therefore the parameter could be named anything.
上面的例子描述了一个非常简单的命名参数映射。parameterType 被设置为 int,因此参数可以随意命名。
Primitive or simple data types such as Integer and String have no relevant properties, and thus will replace the full value of the parameter entirely. However, if you pass in a complex object, then the behavior is a little different.
原生类型或简单的数据类型,比如 Integer 和 String,是没有关联属性的,因此它会完全用参数值来替代。但是,如果你传入的是一个复杂的对象,那么情况就不太一样。
<insert id="insertUser" parameterType="User">
insert into users (id, username, password)
values (#{id}, #{username}, #{password})
</insert>
If a parameter object of type User was passed into that statement, the id, username and password property would be looked up and their values passed to a PreparedStatement parameter.
如果一个 User 类型的对象参数被传入这个语句,那么 id、username 和 password 属性会被查找并且它们的值会被传入 PreparedStatement 参数中。
That's nice and simple for passing parameters into statements. But there are a lot of other features of parameter maps.
这样将参数传入语句是很好的也很简单。不过参数映射的功能远不止于此。
2.2 复杂参数
First, like other parts of MyBatis, parameters can specify a more specific data type.
首先,像 MyBatis 的其他部分一样,参数可以指定一个更加明确的数据类型。
- javaType,jdbcType
#{property,javaType=int,jdbcType=NUMERIC}
Like the rest of MyBatis, the javaType can almost always be determined from the parameter object, unless that object is a HashMap. Then the javaType should be specified to ensure the correct TypeHandler is used.
像 MyBatis 的其他部分一样,除了 HashMap 对象,javaType 通常可以由参数对象确定。这时 javaType 应该被指定以确保使用正确的 TypeHandler。
NOTE The JDBC Type is required by JDBC for all nullable columns, if null is passed as a value. You can investigate this yourself by reading the JavaDocs for the PreparedStatement.setNull() method.
注意,如果传入的是 null 值,那么对于所有可空的列,就要指定 JDBC 类型。阅读 PreparedStatement.setNull() 方法的 JavaDocs 来获取更多信息。
- TypeHandler
To further customize type handling, you can also specify a specific TypeHandler class (or alias)。
为了更加定制化地使用类型处理,你也可以指定一个具体的 TypeHandler 类(或别名)。
#{age,javaType=int,jdbcType=NUMERIC,typeHandler=MyTypeHandler}
So already it seems to be getting verbose, but the truth is that you'll rarely set any of these.
尽管看起来变的越来越繁琐,但事实上你很少会设置这些。
- numericScale
For numeric types there's also a numericScale for determining how many decimal places are relevant.
对于 numeric 类型,有一个 numericScale 属性来确定相关的小数位数。
#{height,javaType=double,jdbcType=NUMERIC,numericScale=2}
- mode
Finally, the mode attribute allows you to specify IN, OUT or INOUT parameters.
最后,mode 属性允许你指定 IN, OUT 或 INOUT 参数。
If a parameter is OUT or INOUT, the actual value of the parameter object property will be changed, just as you would expect if you were calling for an output parameter. If the mode=OUT (or INOUT) and the jdbcType=CURSOR (i.e. Oracle REFCURSOR), you must specify a resultMap to map the ResultSet to the type of the parameter. Note that the javaType attribute is optional here, it will be automatically set to ResultSet if left blank with a CURSOR as the jdbcType.
如果一个参数是 OUT 或 INOUT ,那么参数对象属性的具体值就会被改变,就像你在获取输出参数时所期望的那样。如果 mode=OUT (或 INOUT) 并且 jdbcType=CURSOR (即 Oracle REFCURSOR),那么你必须指定一个 resultMap 来映射 ResultSet 到对应的参数类型上。注意 javaType 属性在这里是可选的,如果不设置并且 jdbcType=CURSOR,它将会被自动设置为 ResultSet。
#{department, mode=OUT, jdbcType=CURSOR, javaType=ResultSet, resultMap=departmentResultMap}
MyBatis also supports more advanced data types such as structs, but you must tell the statement the type name when registering the out parameter. For example (again, don't break lines like this in practice):
MyBatis 也支持更高级的数据类型,比如结构体,但是你必须在外部参数注册时告诉其语句类型名称。 例如(在实际使用中要像这样不能换行):
#{middleInitial, mode=OUT, jdbcType=STRUCT, jdbcTypeName=MY_TYPE, resultMap=departmentResultMap}
Despite all of these powerful options, most of the time you'll simply specify the property name, and MyBatis will figure out the rest. At most, you'll specify the jdbcType for nullable columns.
尽管有这么多强大的选项可供使用,但大多数时候你只需要简单地指定属性名称,MyBatis 会自己推断出其他的。顶多要为可空的列指定 jdbcType。
#{firstName}
#{middleInitial,jdbcType=VARCHAR}
#{lastName}
2.3 字符串替换
By default, using the #{} syntax will cause MyBatis to generate PreparedStatement properties and set the values safely against the PreparedStatement parameters (e.g. ?).
默认情况下,使用 #{} 语法会使 MyBatis 生成 PreparedStatement 属性并且安全地设置参数(就像 ?一样)。
While this is safer, faster and almost always preferred, sometimes you just want to directly inject an unmodified string into the SQL Statement. For example, for ORDER BY, you might use something like this:
尽管这样更安全、更快速并且通常是首选的,不过有时候你只想将一个不转义的字符串直接注入到 SQL 语句中。例如, 对于 ORDER BY ,你可能想这样使用:
ORDER BY ${columnName}
Here MyBatis won't modify or escape the string.
这样 MyBatis 就不会修改或者转义字符串。
NOTE It's not safe to accept input from a user and supply it to a statement unmodified in this way. This leads to potential SQL Injection attacks and therefore you should either disallow user input in these fields, or always perform your own escapes and checks.
注意使用这种方式接收用户输入并将它不加修改地应用于语句是不安全的。这将导致潜在的 SQL 注入攻击,因此你应当禁止用户输入这些字段,或者自行转义和检验。
最后
说明:MyBatis 官网提供了简体中文的翻译,但个人觉得较为生硬,甚至有些地方逻辑不通,于是自己一个个重新敲着翻译的(都不知道哪里来的自信...),有些地方同官网翻译有出入,有些倔强地保留了自己的,有的实在别扭则保留了官网的,这些都会在实践中一一更正。鉴于个人英文能力有限,文章中保留了官方文档原英文介绍(个别地方加以调整修剪),希望有缘看到这里的朋友们能够有自己的理解,不会被我可能错误或不合理的翻译带跑偏(〃'▽'〃),欢迎指正!
当前版本:mybatis-3.5.0
官网文档:MyBatis
官网翻译:MyBatis 简体中文
项目实践:MyBatis Learn
