Like operator in iBatis

Its lots of confusion how to use the wildcard search in ibatis. Two ways are there.

1. Select * from risk_mst where name like #value#

here we can pass the parameter with % appended to it at java side itself. Or the alternate approach is

2. Select * from risk_mst where name like ‘%$value$%’

where value is the passed parameter

Advertisements

4 Responses to “Like operator in iBatis”

  1. Kelly S Says:

    Thank you, this works perfectly. I have seen other examples that I tried and didn’t work but yours is great.

    Thanks Kelly

  2. Sarath Says:

    The first solution doesnot seem to work (working with ibatis-2.3.0.677.jar). Second one not safe.

    Here is a
    better example .

  3. Jon C Says:

    While your solutions work, the second one introduces a huge security hole in your application. Look up SQL injection attack and see for yourself (hint: the $ syntax tells ibatis to not check the parameter for SQL safety). The first option looks promising, however I have seen other people run into problems with ibatis trying to escape the % character.

  4. Chetan Says:

    With the latest mybatis version 3.0+
    Select * from risk_mst where name like ‘%${value}%’ should work.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: