sql注入问题优化,order by 里面不能用下面这种方式,为了防止sql注入,验证输入的值是否合法,比如只能包含英文,数字和下划线应以英文开头
Map<String, Object> parameters = new HashMap<>();
sql.append(" where (lzbh like :keyword or lzmc like :keyword)");
parameters.put("keyword", "%" + page.getKeyword() + "%");
countSql.append(" qxdm = :qydm");
parameters.put("qydm", page.getQydm());
List<Long> bsmList
sql.append(" where bsm in(:bsmList)");
parameters.put("bsmList", bsmList);
查询时
Query query = entityManager.createNativeQuery(sql.toString());
parameters.forEach(query::setParameter);
数组到排序
notEmptyList.sort(Comparator.comparing(StationQueryVO::getCurrentValue).reversed());
List<HouseBuildingExcelDTO> excelDTOList = ModelMapperUtil.getStrictModelMapper().map(list, new TypeToken<List<HouseBuildingExcelDTO>>() { }.getType()); CaseReportDO db = ModelMapperUtil.getStrictModelMapper().map(req, CaseReportDO.class);
pg数据库 date格式化
to_char(date_time,'yyyymmddHH24MIss')
List<LandCoverDO> dbList = iLandCoverMapper.findByGaMarkId(id);
if(dbList == null || dbList.isEmpty()){
return null;
}
LandCoverDTO dto = new LandCoverDTO();
//分组
Map<String, List<LandCoverDO>> grouping = dbList.stream().collect(Collectors.groupingBy(LandCoverDO::getDlmc));
List<NameDoubleValueVO> stat = new ArrayList<>();
//遍历分组里面的数据
grouping.forEach((dlmc, landCoverDOList) -> {
double totalArea = landCoverDOList.stream().mapToDouble(LandCoverDO::getGa_gdjmj).sum();
stat.add(new NameDoubleValueVO(dlmc, totalArea));
});
//排序
stat.sort(Comparator.comparing(NameDoubleValueVO::getValue).reversed());
提取对象数组里面的某个字段
List<String> lastTask = lastTasks.stream()
.map(HistoricActivityInstance::getActivityId)
.limit(1)
.collect(Collectors.toList());
base64
private static final org.apache.commons.codec.binary.Base64 base64 = new org.apache.commons.codec.binary.Base64();
fastjson解析null值问题: 解决 null的属性不显示问题
JSONObject.toJSONString(jsonMap,SerializerFeature.WriteMapNullValue);
mysql 的sql 里面 的 where 1=1 在最后的查询语句里面会被优化调。但是这个where 1=1 可能会造成查询的性能问题。比如只有 where 1=1 ,后面没有其他的查询条件了,会造成全表扫描,影响查询性能
