java自定义sql占位符替换工具

java自定义sql占位符替换工具

PlaceholderParse


/**
 * 自定义sql占位符替换工具
 *
 * @author ming
 * @version 1.0.0
 * @date 2022/5/25 16:40
 **/
public class PlaceholderParse {

    private static final String SQL_INJECT_CHARS;

    private PlaceholderParse() {
    }

    static {
        SQL_INJECT_CHARS = "([';]+|(--)+|(\\\\s+([aA][nN][dD])\\\\s+)+|(\\\\s+([oO][rR])\\\\s+)+)";
    }

    public static String parse(String openToken, String closeToken, String text, Object... args) {
        if (args == null || args.length <= 0) {
            return text;
        }
        int argsIndex = 0;
        if (text == null || text.isEmpty()) {
            return "";
        }

        char[] src = text.toCharArray();
        int offset = 0;
        // search open token
        int start = text.indexOf(openToken, offset);
        if (start == -1) {
            return text;
        }

        final StringBuilder builder = new StringBuilder();
        StringBuilder expression = null;

        while (start > -1) {
            if (start > 0 && src[start - 1] == '\\') {
                // this open token is escaped. remove the backslash and continue.
                builder.append(src, offset, start - offset - 1).append(openToken);
                offset = start + openToken.length();
            } else {
                // found open token. let's search close token.
                if (expression == null) {
                    expression = new StringBuilder();
                } else {
                    expression.setLength(0);
                }

                builder.append(src, offset, start - offset);
                offset = start + openToken.length();
                int end = text.indexOf(closeToken, offset);
                while (end > -1) {
                    if (end > offset && src[end - 1] == '\\') {
                        // this close token is escaped. remove the backslash and continue.
                        expression.append(src, offset, end - offset - 1).append(closeToken);
                        offset = end + closeToken.length();
                        end = text.indexOf(closeToken, offset);
                    } else {
                        expression.append(src, offset, end - offset);
                        break;
                    }
                }
                if (end == -1) {
                    // close token was not found.
                    builder.append(src, start, src.length - start);
                    offset = src.length;
                } else {
                    ///仅仅修改了该else分支下的个别行代码
                    String tmp = args[argsIndex] == null ? "" : args[argsIndex].toString();
                    String value = (argsIndex <= args.length - 1) ? tmp : expression.toString();
                    builder.append(value);

                    offset = end + closeToken.length();

                    argsIndex++;
                }
            }
            start = text.indexOf(openToken, offset);
        }

        if (offset < src.length) {
            builder.append(src, offset, src.length - offset);
        }

        return builder.toString();
    }

    public static String parse0(String text, Object... args) {
        return PlaceholderParse.parse("${", "}", text, args);
    }

    public static String parse1(String text, Object... args) {
        return PlaceholderParse.parse("{", "}", text, args);
    }

    public static String parse2(String text, Object... args) {
        return PlaceholderParse.parse("#{", "}", text, args);
    }

    public static String filterInject(Object param) {
        String res = param.toString().replaceAll(SQL_INJECT_CHARS, "");
        return (param instanceof Number) ? param + "" : res;
    }

}
posted @ 2022-05-27 10:49  itwetouch  阅读(869)  评论(0编辑  收藏  举报