Mybatis报错sql injection violation, syntax error: TODO :IDENTIFIER

发布于:2024-05-11 ⋅ 阅读:(112) ⋅ 点赞:(0)

今天被这个报错搞了一下午

<select id="getMmZxZffs" resultType="cn.vetech.asms.pay.service.freepwdpay.vo.ZxZffsQueryVO" parameterType="cn.vetech.asms.pay.service.freepwdpay.dto.ZxZffsQueryDTO">
        select t.A   skFs,
        t.B,
        t.C skFsmc,
        t.D   skKm,
        t.E skKmmc,
        t2.F,
        t2.id,
        t2.G,
        t3.H,
        t2.I,
        t3.J,
        t2.K,
        t.zt,
        t2.L,
        t2.M,
        t3.N
        from
        <choose>
            <when test='skdx == "3"'>
                ((sm_smaa t INNER JOIN ZF_SH t2 ON
                t.sbb2 = t2.id )
                inner join kq_ddd t3
                on t2.BM= t3.zfdjm)
                INNER join
                ud_dfd t4 on t2.id = t4.zfshid
            </when>
            <otherwise>
                (sm_smaa t INNER JOIN ZF_SH t2 ON
                t.zfshid = t2.id)
                inner join zf_jk_list t3
                on t2.ert = t3.zfdjm
            </otherwise>
        </ch

mybatis版本:3.2.7

数据库:Oracle

解决办法:

去除join相关的所有括号

<select id="getMmZxZffs" resultType="cn.vetech.asms.pay.service.freepwdpay.vo.ZxZffsQueryVO" parameterType="cn.vetech.asms.pay.service.freepwdpay.dto.ZxZffsQueryDTO">
        select t.A   skFs,
        t.B,
        t.C skFsmc,
        t.D   skKm,
        t.E skKmmc,
        t2.F,
        t2.id,
        t2.G,
        t3.H,
        t2.I,
        t3.J,
        t2.K,
        t.zt,
        t2.L,
        t2.M,
        t3.N
        from
        <choose>
            <when test='skdx == "3"'>
                sm_smaa t INNER JOIN ZF_SH t2 ON
                t.sbb2 = t2.id 
                inner join kq_ddd t3
                on t2.BM= t3.zfdjm
                INNER join
                ud_dfd t4 on t2.id = t4.zfshid
            </when>
            <otherwise>
                sm_smaa t INNER JOIN ZF_SH t2 ON
                t.zfshid = t2.id
                inner join zf_jk_list t3
                on t2.ert = t3.zfdjm
            </otherwise>
        </ch

希望对大家有所帮助吧