Hibernate之关于HQL语句参数的绑定
2016-03-15 13:31
513 查看
参数绑定优点:
(1)安全性
防止用户恶意输入条件和恶意调用存储过程
(2)提高性能
底层采用JDBC的PreparedStatement预定义sql功能,后期查询直接从缓存中获取执行
一,参数绑定两种方式
(1)命名参数形式
命名参数以':'开头,通过Query提供的类型绑定方法,绑定参数
实例:
(2)位置参数形式
位置参数以'?'表示位置,位置从0开始,同样通过Query接口提供的方法设定对应位置参数的值
实例:
控制台结果:
二,Query接口提供绑定以下类型的参数
query.setBinary() 绑定映射类型为binary的参数
query.setByte() 绑定映射类型为byte的参数
query.setBoolean() 绑定映射类型为boolean的参数
query.setBigInteger() 绑定映射类型为integer的参数
query.setBigDecimal() 绑定映射类型为decimal的参数
query.setCharacter() 绑定映射类型为character的参数
query.setCalendar() 绑定映射类型为calendar的参数
query.setDate() 绑定映射类型为date的参数
query.setDouble() 绑定映射类型为double的参数
query.setString() 绑定映射类型为string的参数
query.setText() 绑定映射类型为text的参数
query.setTime() 绑定映射类型为time的参数
query.setTimestamp() 绑定映射类型为timestamp的参数
以上方法均重载成两种形式,命名绑定和位置绑定
三,Hibernate三种特殊绑定参数
(1)setEntity():绑定实体
实例,根据关联关系:
Select * from order where customer_ID='1';
(2)setParameter():绑定任意类型参数
实例:
执行结果:
(3)setProperties():绑定对象属性,参数名必须与实体属性名一致
实例:
(1)安全性
防止用户恶意输入条件和恶意调用存储过程
(2)提高性能
底层采用JDBC的PreparedStatement预定义sql功能,后期查询直接从缓存中获取执行
一,参数绑定两种方式
(1)命名参数形式
命名参数以':'开头,通过Query提供的类型绑定方法,绑定参数
实例:
package com.lanhuigu.hibernate.test; import java.util.List; import org.hibernate.Query; import org.hibernate.Session; import org.hibernate.SessionFactory; import org.hibernate.Transaction; import org.hibernate.cfg.Configuration; import com.lanhuigu.hibernate.entity.Customer; public class TestHQL { public static void main(String[] args) throws Exception{ Configuration cfg = new Configuration().configure(); SessionFactory sessionFactory = cfg.buildSessionFactory(); Session session = sessionFactory.openSession(); Transaction tr = session.beginTransaction(); //1.创建Query对象与 Query query = session.createQuery("from Customer where name=:v_name and email = :v_email order by name desc");//降序,desc不可以去掉,去掉就升序了 //2.命名参数动态绑定查询条件 query.setString("v_name", "test"); query.setString("v_email", "123456789@qq.com"); //3.分页 query.setFirstResult(0);//从什么位置开始,默认为0 query.setMaxResults(1);//最多检出的条数 //4.执行SQL List list = query.list(); //5.输出结果 for (int i = 0;i<list.size();i++) { Customer customer = (Customer) list.get(i); System.out.println(customer.getName()); } //6.事务提交 tr.commit(); //7.关闭session session.close(); } }控制台结果:
Hibernate: select customer0_.ID as ID1_0_, customer0_.NAME as NAME2_0_, customer0_.EMAIL as EMAIL3_0_, customer0_.PASSWORD as PASSWORD4_0_, customer0_.PHONE as PHONE5_0_, customer0_.ADDRESS as ADDRESS6_0_, customer0_.SEX as SEX7_0_, customer0_.IS_MARRIED as IS8_0_, customer0_.DESCRIPTION as DESCRIPT9_0_, customer0_.IMAGE as IMAGE10_0_, customer0_.BIRTHDAY as BIRTHDA11_0_, customer0_.REGISTERED_TIME as REGISTE12_0_, customer0_.HOME_PROVINCE as HOME13_0_, customer0_.HOME_CITY as HOME14_0_, customer0_.HOME_STREET as HOME15_0_, customer0_.HOME_ZIPCODE as HOME16_0_, customer0_.COMP_PROVINCE as COMP17_0_, customer0_.COMP_CITY as COMP18_0_, customer0_.COMP_STREET as COMP19_0_, customer0_.COMP_ZIPCODE as COMP20_0_ from CUSTOMERS customer0_ where customer0_.NAME=? and customer0_.EMAIL=? order by customer0_.NAME desc limit ? test
(2)位置参数形式
位置参数以'?'表示位置,位置从0开始,同样通过Query接口提供的方法设定对应位置参数的值
实例:
package com.lanhuigu.hibernate.test; import java.util.List; import org.hibernate.Query; import org.hibernate.Session; import org.hibernate.SessionFactory; import org.hibernate.Transaction; import org.hibernate.cfg.Configuration; import com.lanhuigu.hibernate.entity.Customer; public class TestHQL { public static void main(String[] args) throws Exception{ Configuration cfg = new Configuration().configure(); SessionFactory sessionFactory = cfg.buildSessionFactory(); Session session = sessionFactory.openSession(); Transaction tr = session.beginTransaction(); //1.创建Query对象与 Query query = session.createQuery("from Customer where name=? and email =? order by name desc");//降序,desc不可以去掉,去掉就升序了 //2.位置表示参数绑定 query.setString(0, "test"); query.setString(1, "123456789@qq.com"); //3.分页 query.setFirstResult(0);//从什么位置开始,默认为0 query.setMaxResults(1);//最多检出的条数 //4.执行SQL List list = query.list(); //5.输出结果 for (int i = 0;i<list.size();i++) { Customer customer = (Customer) list.get(i); System.out.println(customer.getName()); } //6.事务提交 tr.commit(); //7.关闭session session.close(); } }
控制台结果:
Hibernate: select customer0_.ID as ID1_0_, customer0_.NAME as NAME2_0_, customer0_.EMAIL as EMAIL3_0_, customer0_.PASSWORD as PASSWORD4_0_, customer0_.PHONE as PHONE5_0_, customer0_.ADDRESS as ADDRESS6_0_, customer0_.SEX as SEX7_0_, customer0_.IS_MARRIED as IS8_0_, customer0_.DESCRIPTION as DESCRIPT9_0_, customer0_.IMAGE as IMAGE10_0_, customer0_.BIRTHDAY as BIRTHDA11_0_, customer0_.REGISTERED_TIME as REGISTE12_0_, customer0_.HOME_PROVINCE as HOME13_0_, customer0_.HOME_CITY as HOME14_0_, customer0_.HOME_STREET as HOME15_0_, customer0_.HOME_ZIPCODE as HOME16_0_, customer0_.COMP_PROVINCE as COMP17_0_, customer0_.COMP_CITY as COMP18_0_, customer0_.COMP_STREET as COMP19_0_, customer0_.COMP_ZIPCODE as COMP20_0_ from CUSTOMERS customer0_ where customer0_.NAME=? and customer0_.EMAIL=? order by customer0_.NAME desc limit ? test
二,Query接口提供绑定以下类型的参数
query.setBinary() 绑定映射类型为binary的参数
query.setByte() 绑定映射类型为byte的参数
query.setBoolean() 绑定映射类型为boolean的参数
query.setBigInteger() 绑定映射类型为integer的参数
query.setBigDecimal() 绑定映射类型为decimal的参数
query.setCharacter() 绑定映射类型为character的参数
query.setCalendar() 绑定映射类型为calendar的参数
query.setDate() 绑定映射类型为date的参数
query.setDouble() 绑定映射类型为double的参数
query.setString() 绑定映射类型为string的参数
query.setText() 绑定映射类型为text的参数
query.setTime() 绑定映射类型为time的参数
query.setTimestamp() 绑定映射类型为timestamp的参数
以上方法均重载成两种形式,命名绑定和位置绑定
三,Hibernate三种特殊绑定参数
(1)setEntity():绑定实体
实例,根据关联关系:
Customer customer=(Customer)session.load(Customer.class,"1"); Query query=session.createQuery("from Order order where order.customer=:customer "); query. setEntity("customer",customer); List list=query.list();执行结果:
Select * from order where customer_ID='1';
(2)setParameter():绑定任意类型参数
实例:
package com.lanhuigu.hibernate.test; import java.util.List; import org.hibernate.Query; import org.hibernate.Session; import org.hibernate.SessionFactory; import org.hibernate.Transaction; import org.hibernate.cfg.Configuration; import com.lanhuigu.hibernate.entity.Customer; public class TestHQL { public static void main(String[] args) throws Exception{ Configuration cfg = new Configuration().configure(); SessionFactory sessionFactory = cfg.buildSessionFactory(); Session session = sessionFactory.openSession(); Transaction tr = session.beginTransaction(); //1.创建Query对象与 Query query = session.createQuery("from Customer where name=:v_name and IS_MARRIED=:V_IS_MARRIED order by name desc");//降序,desc不可以去掉,去掉就升序了 //2.setParameter()绑定任意类型的参数 query.setParameter("v_name", "test");//string query.setParameter("V_IS_MARRIED", 0);//boolean //3.分页 query.setFirstResult(0);//从什么位置开始,默认为0 query.setMaxResults(1);//最多检出的条数 //4.执行SQL List list = query.list(); //5.输出结果 for (int i = 0;i<list.size();i++) { Customer customer = (Customer) list.get(i); System.out.println(customer.getName()); } //6.事务提交 tr.commit(); //7.关闭session session.close(); } }
执行结果:
Hibernate: select customer0_.ID as ID1_0_, customer0_.NAME as NAME2_0_, customer0_.EMAIL as EMAIL3_0_, customer0_.PASSWORD as PASSWORD4_0_, customer0_.PHONE as PHONE5_0_, customer0_.ADDRESS as ADDRESS6_0_, customer0_.SEX as SEX7_0_, customer0_.IS_MARRIED as IS8_0_, customer0_.DESCRIPTION as DESCRIPT9_0_, customer0_.IMAGE as IMAGE10_0_, customer0_.BIRTHDAY as BIRTHDA11_0_, customer0_.REGISTERED_TIME as REGISTE12_0_, customer0_.HOME_PROVINCE as HOME13_0_, customer0_.HOME_CITY as HOME14_0_, customer0_.HOME_STREET as HOME15_0_, customer0_.HOME_ZIPCODE as HOME16_0_, customer0_.COMP_PROVINCE as COMP17_0_, customer0_.COMP_CITY as COMP18_0_, customer0_.COMP_STREET as COMP19_0_, customer0_.COMP_ZIPCODE as COMP20_0_ from CUSTOMERS customer0_ where customer0_.NAME=? and IS_MARRIED=? order by customer0_.NAME desc limit ? test
(3)setProperties():绑定对象属性,参数名必须与实体属性名一致
实例:
package com.lanhuigu.hibernate.test; import java.util.List; import org.hibernate.Query; import org.hibernate.Session; import org.hibernate.SessionFactory; import org.hibernate.Transaction; import org.hibernate.cfg.Configuration; import com.lanhuigu.hibernate.entity.Customer; public class TestHQL { public static void main(String[] args) throws Exception{ Configuration cfg = new Configuration().configure(); SessionFactory sessionFactory = cfg.buildSessionFactory(); Session session = sessionFactory.openSession(); Transaction tr = session.beginTransaction(); //1.创建Query对象与 Query query = session.createQuery("from Customer where name=:name and IS_MARRIED=:married order by name desc");//降序,desc不可以去掉,去掉就升序了 //2.setProperties()绑定对象属性 Customer customerParam = new Customer(); customerParam.setName("test"); customerParam.setMarried(false); query.setProperties(customerParam); //3.分页 query.setFirstResult(0);//从什么位置开始,默认为0 query.setMaxResults(1);//最多检出的条数 //4.执行SQL List list = query.list(); //5.输出结果 for (int i = 0;i<list.size();i++) { Customer customer = (Customer) list.get(i); System.out.println(customer.getName()); } //6.事务提交 tr.commit(); //7.关闭session session.close(); } }执行结果:
Hibernate: select customer0_.ID as ID1_0_, customer0_.NAME as NAME2_0_, customer0_.EMAIL as EMAIL3_0_, customer0_.PASSWORD as PASSWORD4_0_, customer0_.PHONE as PHONE5_0_, customer0_.ADDRESS as ADDRESS6_0_, customer0_.SEX as SEX7_0_, customer0_.IS_MARRIED as IS8_0_, customer0_.DESCRIPTION as DESCRIPT9_0_, customer0_.IMAGE as IMAGE10_0_, customer0_.BIRTHDAY as BIRTHDA11_0_, customer0_.REGISTERED_TIME as REGISTE12_0_, customer0_.HOME_PROVINCE as HOME13_0_, customer0_.HOME_CITY as HOME14_0_, customer0_.HOME_STREET as HOME15_0_, customer0_.HOME_ZIPCODE as HOME16_0_, customer0_.COMP_PROVINCE as COMP17_0_, customer0_.COMP_CITY as COMP18_0_, customer0_.COMP_STREET as COMP19_0_, customer0_.COMP_ZIPCODE as COMP20_0_ from CUSTOMERS customer0_ where customer0_.NAME=? and IS_MARRIED=? order by customer0_.NAME desc limit ? test
相关文章推荐
- BZOJ3924: [Zjoi2015]幻想乡战略游戏
- file控件样式
- SQL语法——GROUP BY
- Android系统自带样式(android:theme)详解
- CSS实现水平垂直居中小结
- Window.Open详解
- struts2 跳转类型 result type=chain、dispatcher、redirect(redirect-action)
- Mybatis学习记录(二)----mybatis开发dao的方法
- 10个有关RESTful API良好设计的最佳实践(转)
- vs显示解决方案
- 图片的略小图图片不显示的处理方法
- Maven 手动添加 JAR 包到本地仓库
- [置顶] Android官方开发文档Training系列课程中文版:目录
- bnuoj 4359无爱编号(数位dp)
- MyBatis学习笔记-基本用法
- SYN6101型 RS485子钟
- MySQL—一个单引号引发的MYSQL性能损失
- java多线程编程
- 腾讯2016春季实习生(技术运营岗)招聘电话面试题汇集。
- 时频计量系统解决方案