人事管理系统6

ABCDEEE72025-04-30 16:22

模糊查询

DepartmentMapper.xml :

复制代码 
<select id="findDepartmentListByName" resultMap="BaseResultMap">
select
<include refid="Base_Column_List"/>
from department
where dname like '%${dname}%' /*where dname like concat('%',#
{dname},'%')*/
order by establishmentdate desc
limit #{start},#{limit}
</select>
<!--#会把传入的String类型自动加上引号,其他数据类型不会加引号,此处会变成'%'开发部'%',语法错
误-->
<!--$把传入的数据直接显示在sql语句中,不会添加引号,此处会变成'%开发部%'-->
<select id="getTotalDepartmentsByName" resultType="int">
select count(*) from department where dname like '%${dname}%'
</select>

{} :不安全 直接拼接 SQL ,容易被 SQL 注入攻击利用。 select \* from user where username = '{username}'
若用户输入 admin' or '1'='1 会直接执行
select * from user where username='admin' or '1'='1'
${} 是拼接符
#{} :安全
通过预编译方式传参,防止 SQL 注入
select * from user where username = #{username}
#{} 是占位符
DepartmentMapper.java :

复制代码 
List<Department> findDepartmentListByName(@Param("dname") String
dname,@Param("start") int start,@Param("limit") int limit);
int getTotalDepartmentsByName(@Param("dname") String dname);

DepartmentService.java :

复制代码 
Result getDepartmentsListByName(String dname, int start, int limit);

DepartmentServiceImpl.java :

复制代码 
@Override
public Result getDepartmentsListByName(String dname, int start, int limit) {
List<Department> departmentList =
departmentMapper.findDepartmentListByName(dname, start, limit);
int totalDepartments = departmentMapper.getTotalDepartmentsByName(dname);
Result result = new Result();
result.setCode(0);
result.setMsg("查找成功!");
result.setCount(totalDepartments);
result.setData(departmentList);
return result;
}

DepartmentController.java :

复制代码 
@GetMapping("/department/listbyname")
@ResponseBody
public Result listByName(@RequestParam Map<String, Object> params) {
int page = Integer.parseInt(params.get("page").toString());
int limit = Integer.parseInt(params.get("limit").toString());
int start = (page - 1) * limit;
String dname = params.get("dname").toString();
return departmentService.getDepartmentsListByName(dname, start, limit);
}

刷新页面:

AuserController.java :

复制代码 
@GetMapping("/reload")
@ResponseBody
public boolean reload(HttpSession session) {
String name = session.getAttribute("name").toString();
return name != null;
}

为保证部门名称不重复,对 dname 字段设置唯一性约束:


DepartmentController.java :

复制代码 
@GetMapping("/department/add")
public String gotoDepartmentAdd() {
return "admin/department-add";
}

修改 DepartmentMapper.java 中已自动生成方法的返回类型:

复制代码 
boolean insertSelective(Department record);

DepartmentService.java :

复制代码 
Result addDepartment(Department department);

DepartmentServiceImpl.java :

复制代码 
@Override
public Result addDepartment(Department department) {
Result result = new Result();
if(departmentMapper.insertSelective(department)){
result.setCode(0);
result.setMsg("新建成功!");
}else{
result.setCode(1);
result.setMsg("新建失败!");
}
return result;
}

DepartmentController.java :

复制代码 
@PostMapping("/department/add")
@ResponseBody
public Result addDepartment(@RequestParam("dname") String dname,
@RequestParam("dtel") String dtel, @RequestParam("description") String
description) {
Department department = new Department();
department.setDname(dname);
department.setDtel(dtel);
department.setDescription(description);
department.setEstablishmentdate(new Date());
return departmentService.addDepartment(department);
}

或通过 @RequestParam 获取 Map 键值对传参:

复制代码 
@PostMapping("/department/add")
@ResponseBody
public Result addDepartment(@RequestParam Map<String, Object> map) {
Department department = new Department();
department.setDname(map.get("dname").toString());
department.setDtel(map.get("dtel").toString());
department.setDescription(map.get("description").toString());
department.setEstablishmentdate(new Date());
return departmentService.addDepartment(department);
}

或通过 @RequestBody 获取 Map 键值对传参,但需要修改 department-add.html 的数据提交格式为 json 格式:

复制代码 
@PostMapping("/department/add")
@ResponseBody
public Result addDepartment(@RequestBody Map<String, Object> map) {
Department department = new Department();
department.setDname(map.get("dname").toString());
department.setDtel(map.get("dtel").toString());
department.setDescription(map.get("description").toString());
department.setEstablishmentdate(new Date());
return departmentService.addDepartment(department);
}

department-add.html 中的

复制代码 
data: data.field,

替换为

复制代码 
data: JSON.stringify(data.field),
contentType : "application/json",
相关推荐
float_六七几秒前
Java Stream流:从入门到精通
java·windows·python
Ultipa1 小时前
查询语言的进化:SQL之后,为什么是GQL?数据世界正在改变
数据库·sql·图数据库·gql
LB21121 小时前
SQL隐式链接显式连接
大数据·数据库·sql
隔壁阿布都2 小时前
spring boot + mybatis 使用线程池异步修改数据库数据
数据库·spring boot·mybatis
GM_8284 小时前
【Go项目基建】GORM框架实现SQL校验拦截器(完整源码+详解)
sql·golang·拦截器·gorm·慢查询·持久层基建
半夏陌离12 小时前
SQL 拓展指南:不同数据库差异对比(MySQL/Oracle/SQL Server 基础区别)
大数据·数据库·sql·mysql·oracle·数据库架构
旋转的油纸伞13 小时前
SQL表一共有几种写入方式
数据库·sql
isyoungboy13 小时前
SQL高效处理海量GPS轨迹数据:人员gps轨迹数据抽稀实战指南
数据库·sql
练小杰14 小时前
【Mysql-installer-community-8.0.26.0】Mysql 社区版(8.0.26.0) 在Window 系统的默认安装配置
数据库·sql·mysql·adb·配置文件·mysql安装·关系型数据库
你是人间五月天14 小时前
sentinel实现控制台与nacos数据双向绑定
windows·sentinel
热门推荐
012025 年高教社杯全国大学生数学建模竞赛C 题 NIPT 的时点选择与胎儿的异常判定 完整成品思路模型代码分享,全网首发高质量!!!022025年数学建模国赛C题超详细解题思路03UV安装并设置国内源04不再让Windows更新!&Edge游戏助手卸载及关闭自动更新052025全国大学生数学建模C题保姆级思路模型(持续更新):NIPT 的时点选择与胎儿的异常判定062025高教社杯国赛数学建模选题建议+初步分析07A股预测还能更准?开源大模型Kronos带你跑通预测+回测全流程08KGG转MP3工具|非KGM文件|解密音频092025国赛B题保姆级教程思路分析 碳化硅外延层厚度的确定10jdk21下载、安装(Windows、Linux、macOS)