mybatis 利用mysql盲注
来源:互联网 发布:java.util.date怎么用 编辑:程序博客网 时间:2024/06/05 16:45
<span style="font-family:Comic Sans MS;font-size:12px;"><?xml version="1.0" encoding="UTF-8"?><!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd"><mapper namespace="com.test.dao.TAcntMapper">//对应的mapperjava存在的地址 <resultMap id="BaseResultMap" type="com.test.entity.TAcnt">//对应的实体存在的地址,下面是它里面的字段 <id column="SYS_ID" jdbcType="DECIMAL" property="sysId" /> <result column="OBJ_ID" jdbcType="VARCHAR" property="objId" /> <result column="OBJ_NAME" jdbcType="VARCHAR" property="objName" /> <result column="OBJ_DESCRIPTION" jdbcType="VARCHAR" property="objDescription" /> <result column="CREATOR" jdbcType="VARCHAR" property="creator" /> <result column="CREATE_TIME" jdbcType="TIMESTAMP" property="createTime" /> <result column="UPDATE_OPERATOR" jdbcType="VARCHAR" property="updateOperator" /> <result column="UPDATE_TIME" jdbcType="TIMESTAMP" property="updateTime" /> <result column="CLIENT_CHK_FLAG" jdbcType="DECIMAL" property="clientChkFlag" /> <result column="CELL_PHONE" jdbcType="VARCHAR" property="cellPhone" /> <result column="REG_EMAIL" jdbcType="VARCHAR" property="regEmail" /> <result column="GENDER" jdbcType="DECIMAL" property="gender" /> <result column="QQ_NO" jdbcType="VARCHAR" property="qqNo" /> <result column="WEB_URL" jdbcType="VARCHAR" property="webUrl" /> </resultMap>
<sql id="Example_Where_Clause"> <where> <foreach collection="oredCriteria" item="criteria" separator="or"> <if test="criteria.valid"> <trim prefix="(" prefixOverrides="and" suffix=")"> <foreach collection="criteria.criteria" item="criterion"> <choose> <when test="criterion.noValue"> and ${criterion.condition} </when> <when test="criterion.singleValue"> and ${criterion.condition} #{criterion.value} </when> <when test="criterion.betweenValue"> and ${criterion.condition} #{criterion.value} and #{criterion.secondValue} </when> <when test="criterion.listValue"> and ${criterion.condition} <foreach close=")" collection="criterion.value" item="listItem" open="(" separator=","> #{listItem} </foreach> </when> </choose> </foreach> </trim> </if> </foreach> </where> </sql> <sql id="Update_By_Example_Where_Clause"> <where> <foreach collection="example.oredCriteria" item="criteria" separator="or"> <if test="criteria.valid"> <trim prefix="(" prefixOverrides="and" suffix=")"> <foreach collection="criteria.criteria" item="criterion"> <choose> <when test="criterion.noValue"> and ${criterion.condition} </when> <when test="criterion.singleValue"> and ${criterion.condition} #{criterion.value} </when> <when test="criterion.betweenValue"> and ${criterion.condition} #{criterion.value} and #{criterion.secondValue} </when> <when test="criterion.listValue"> and ${criterion.condition} <foreach close=")" collection="criterion.value" item="listItem" open="(" separator=","> #{listItem} </foreach> </when> </choose> </foreach> </trim> </if> </foreach> </where> </sql> <sql id="Base_Column_List"> SYS_ID , OBJ_ID , OBJ_NAME , OBJ_DESCRIPTION , CREATOR , CREATE_TIME , UPDATE_OPERATOR , UPDATE_TIME , CLIENT_CHK_FLAG , CELL_PHONE , REG_EMAIL , GENDER , QQ_NO , WEB_URL </sql>
<sql id="From_join"> from T_ACNT </sql> <select id="selectByExample" parameterType="com.test.entity.TAcntCriteria" resultMap="BaseResultMap"> select <if test="distinct"> distinct </if> <include refid="Base_Column_List" /> <include refid="From_join" /> <if test="_parameter != null"> <include refid="Example_Where_Clause" /> </if> <if test="orderByClause != null"> order by ${orderByClause} </if> </select> <select id="selectByPrimaryKey" parameterType="BigDecimal" resultMap="BaseResultMap"> select <include refid="Base_Column_List" /> <include refid="From_join" /> where SYS_ID = #{sysId,jdbcType=DECIMAL} </select> <delete id="deleteByExample" parameterType="com.test.entity.TAcntCriteria">
delete from T_ACNT <if test="_parameter != null"> <include refid="Example_Where_Clause" /> </if> </delete> <insert id="insert" parameterType="com.test.entity.TAcnt"> insert into T_ACNT ( OBJ_ID , OBJ_NAME , OBJ_DESCRIPTION , CREATOR , CREATE_TIME , UPDATE_OPERATOR , UPDATE_TIME , CLIENT_CHK_FLAG , CELL_PHONE , REG_EMAIL , GENDER , QQ_NO , WEB_URL ) values ( #{objId,jdbcType=VARCHAR} , #{objName,jdbcType=VARCHAR} , #{objDescription,jdbcType=VARCHAR} , #{creator,jdbcType=VARCHAR} , #{createTime,jdbcType=TIMESTAMP} , #{updateOperator,jdbcType=VARCHAR} , #{updateTime,jdbcType=TIMESTAMP} , #{clientChkFlag,jdbcType=DECIMAL} , #{cellPhone,jdbcType=VARCHAR} , #{regEmail,jdbcType=VARCHAR} , #{gender,jdbcType=DECIMAL} , #{qqNo,jdbcType=VARCHAR} , #{webUrl,jdbcType=VARCHAR} ) </insert> <select id="countByExample" parameterType="com.test.entity.TAcntCriteria" resultType="java.lang.Integer"> select count(*) <include refid="From_join" /> <if test="_parameter != null"> <include refid="Example_Where_Clause" /> </if> </select> <update id="updateByExample" parameterType="map"> update T_ACNT setOBJ_ID = #{record.objId,jdbcType=VARCHAR} , OBJ_NAME = #{record.objName,jdbcType=VARCHAR} , OBJ_DESCRIPTION = #{record.objDescription,jdbcType=VARCHAR} , CREATOR = #{record.creator,jdbcType=VARCHAR} , CREATE_TIME = #{record.createTime,jdbcType=TIMESTAMP} , UPDATE_OPERATOR = #{record.updateOperator,jdbcType=VARCHAR} , UPDATE_TIME = #{record.updateTime,jdbcType=TIMESTAMP} , CLIENT_CHK_FLAG = #{record.clientChkFlag,jdbcType=DECIMAL} , CELL_PHONE = #{record.cellPhone,jdbcType=VARCHAR} , REG_EMAIL = #{record.regEmail,jdbcType=VARCHAR} , GENDER = #{record.gender,jdbcType=DECIMAL} , QQ_NO = #{record.qqNo,jdbcType=VARCHAR} , WEB_URL = #{record.webUrl,jdbcType=VARCHAR} <if test="_parameter != null"> <include refid="Update_By_Example_Where_Clause" /> </if> </update> <update id="updateByPrimaryKeySelective" parameterType="com.test.entity.TAcnt"> update T_ACNT <set> <if test="objId != null"> OBJ_ID = #{objId,jdbcType=VARCHAR}, </if> <if test="objName != null"> OBJ_NAME = #{objName,jdbcType=VARCHAR}, </if> <if test="objDescription != null"> OBJ_DESCRIPTION = #{objDescription,jdbcType=VARCHAR}, </if> <if test="creator != null"> CREATOR = #{creator,jdbcType=VARCHAR}, </if> <if test="createTime != null"> CREATE_TIME = #{createTime,jdbcType=TIMESTAMP}, </if> <if test="updateOperator != null"> UPDATE_OPERATOR = #{updateOperator,jdbcType=VARCHAR}, </if> <if test="updateTime != null"> UPDATE_TIME = #{updateTime,jdbcType=TIMESTAMP}, </if> <if test="clientChkFlag != null"> CLIENT_CHK_FLAG = #{clientChkFlag,jdbcType=DECIMAL}, </if> <if test="cellPhone != null"> CELL_PHONE = #{cellPhone,jdbcType=VARCHAR}, </if> <if test="regEmail != null"> REG_EMAIL = #{regEmail,jdbcType=VARCHAR}, </if> <if test="gender != null"> GENDER = #{gender,jdbcType=DECIMAL}, </if> <if test="qqNo != null"> QQ_NO = #{qqNo,jdbcType=VARCHAR}, </if> <if test="webUrl != null"> WEB_URL = #{webUrl,jdbcType=VARCHAR}, </if> </set> where SYS_ID = #{sysId,jdbcType=DECIMAL} </update></mapper></span>
0 0
- mybatis 利用mysql盲注
- mysql利用mybatis查时间
- 利用Mybatis插入数据到MySQL中
- 利用mybatis 执行mysql是遇到的bug
- 利用Intellij+MAVEN搭建Spring+Mybatis+MySql+SpringMVC项目详解
- eclipses利用Mybatis关联Mysql自动生成JavaBean和mybatis配置文件
- Mybatis Mysql
- mybatis缓存利用
- 利用Intellij+MAVEN搭建Bootstrap+Spring+Mybatis+MySql+SpringMVC项目详解
- 一、使用IDEA,利用maven整合ssm框架(spring+springmvc+mybatis+mysql))
- 【Mybatis】利用mybatis-paginator实现分页
- mybatis 利用log4j 打印sql
- 利用mybatis实现物理分页
- 利用mybatis-paginator实现分页
- Mybatis利用log4j输出sql
- 利用mybatis-generator生成ORM
- 利用Mybatis实现修改功能
- springmvc+mybatis 利用pagehelper分页
- 两个文件的回调简单记录一下
- 常用算法整理:二分查找
- MongoDB 3.2.7 for rhel6.4 副本集-分片集群部署
- Linux下源码编译安装node.js
- spring注解
- mybatis 利用mysql盲注
- NOIP11.15模拟 T2 三部曲
- Node.js 中文乱码解决---响应中文乱码
- iOS10.0自带的刷新控件UIRefreshControl简介
- 奥巴马精彩演讲:我们为什么要上学
- archlinux技巧
- POJ 1861 克鲁斯卡尔算法
- UILable 高度自适应方法汇总
- linux内核升级或者patch 后修改kernel开机启动顺序