where

<select id="searchProducts" parameterType="products" resultType="products">
    select *from products
    <where>
        <if test="pname != null">
            and pname like '%${pname}%'
        </if>
        <if test="cid != null">
            and cid = #{cid}
        </if>
    </where>
</select>