How to splice SQL statement into xml of mybatis in Java code

Key statements:

StringBuilder whereSql = new StringBuilder();
whereSql.append("SQL");

Implementation class:

	public List getList(Map<String, Object> map) {
		List<Map<String, Object>> rs = new ArrayList<Map<String, Object>>();
		try {
			StringBuilder whereSql = new StringBuilder();
 
			if (map.get("userName").toString().length()>0) {
				whereSql.append(" AND a.userName in ('" + map.get("userName").toString().replaceAll(",", "\',\'") + "')");// Add query criteria when it is not empty 
			}
			if (map.get("CURRENTPAGE").toString().length()>0 && map.get("PAGESIZE").toString().length()>0) {// Add paging query criteria when there are paging parameters in the front end 
				int currenpage = Integer.parseInt(map.get("CURRENTPAGE").toString());
				int pagesize = Integer.parseInt(map.get("PAGESIZE").toString());
				currenpage = ((currenpage - 1) * pagesize);
				whereSql.append(" limit " + currenpage + "," + pagesize);
			}
 
			rs = wmTblWorkorderMapper.getList(whereSql.toString());
			return rs;
		} catch (Exception e) {
			e.printStackTrace();
		}
		return null;
	}

mapper:

List<Map<String,Object>> getList(@Param("whereSql") String whereSql);

xml corresponding to mapper:

<select id="getList" resultType="HashMap">
 SELECT * FROM user a WHERE 1=1 ${whereSql}
</select>

Special Symbolic Representation of Spliced sql Sentences in mybatis

In mybatis, you need to use greater than sign, less than sign, etc. to splice sql statements. 1 generally has the following XML escape characters:

XML escape character

& lt; < Less than sign
& gt; > Greater than sign
& amp; & And
& apos; 'Single quotation marks
& quot; "Double quotation marks