报错日志大概如下:
## Error updating database. Cause: java.sql.SQLException: sql injection violation, syntax error: syntax error, error in :' UNION ALL
( select', expect UNION, actual UNION pos 1017, line 54, column 13, token UNION : insert into order_info
(
customer_id,
order_id,
is_reissue
)
( select
?,
?,
?,
?
from dual where not exists
( select order_no from order_info where order_no = ? and customer_id = ?)
)
UNION ALL
( select
?,
?,
?,
?
from dual where not exists
( select order_no from order_info where order_no = ? and customer_id = ?)
)
<insert id="batchInsert" parameterType="java.util.List">
insert into order_info (customer_id,order_id,order_no,order_item_id, sku,shop_sku,goods_name,goods_num,logistics_company,waybill_no,order_child_no)
<foreach collection="list" item="item" index="index" separator=" UNION ALL ">
(select
#{item.customerId},#{item.orderId}, #{item.orderNo},#{item.orderItemId}, #{item.sku},#{item.shopSku},
#{item.goodsName},#{item.goodsNum},#{item.logisticsCompany},#{item.waybillNo},#{item.orderChildNo}
from dual where not exists
(select order_no from order_info where order_no = #{item.orderNo} and customer_id = #{item.customerId}))
</foreach>
</insert>
在代码中,写法如上,解决方式,只要将foreach里面的外层括号去掉即可
<insert id="batchInsert" parameterType="java.util.List">
insert into order_info (customer_id,order_id,order_no,order_item_id, sku,shop_sku,goods_name,goods_num,logistics_company,waybill_no,order_child_no)
<foreach collection="list" item="item" index="index" separator=" UNION ALL ">
select
#{item.customerId},#{item.orderId}, #{item.orderNo},#{item.orderItemId}, #{item.sku},#{item.shopSku},
#{item.goodsName},#{item.goodsNum},#{item.logisticsCompany},#{item.waybillNo},#{item.orderChildNo}
from dual where not exists
(select order_no from order_info where order_no = #{item.orderNo} and customer_id = #{item.customerId})
</foreach>
</insert>
有括号时在druid里会报错,但你在navicat里运行sql就不会报错
标签:no,union,druid,id,item,select,where,order,连接池 From: https://www.cnblogs.com/yangxiaohui227/p/17164513.html