The difference between the # and $ symbols in the Mybatis.xml file and the processing of mathematical symbols

1.#{} represents a placeholder symbol that can be implemented by #{} to set values in the placeholder PreparedStatement, automate Java type and JDBC type conversions, and#{} can effectively prevent SQL injection . #{} can receive either a simple type value or a Pojo property value. If ParameterType transmits a single simple type value, #{} can be a value or other name in parentheses.

Using the # passed in parameter is, the SQL statement parsing is added "", such as SELECT * FROM table where name = #{name}, the incoming name is Xiao Li, then the last print is

SELECT * FROM table where name = ' Xiao Li ' is parsed as a string, so the benefit compared to $ is more obvious right, #{} can prevent SQL injection, if you pass in the parameter is single quotes ', then if you use ${}, this way will be error.

Another scenario is if you want to do a dynamic sort, such as an order by column, this time be sure to use ${}, because if you use #{}, then the print will be

SELECT * FROM table order BY ' name ', this is useless.

That is, it is best not to use #.

2.

If you use >,<,>=,<= in Mapper.xml to destroy XML-formatted symbols, you can cause
Mybaits cannot parse the XML file properly.

The workaround is to write the SQL statement in the <! [Cdata[sql statement in]]>
<select id= "test" resulttype= "Java.lang.Integer" >
<! [cdata[
Select 1<2
]]>
</select>

The difference between the # and $ symbols in the Mybatis.xml file and the processing of mathematical symbols