java自定义sql占位符替换工具
PlaceholderParse
/**
* 自定义sql占位符替换工具
*
* @author ming
* @version 1.0.0
* @date 2022/5/25 16:40
**/
public class PlaceholderParse {
private static final String SQL_INJECT_CHARS;
private PlaceholderParse() {
}
static {
SQL_INJECT_CHARS = "([';]+|(--)+|(\\\\s+([aA][nN][dD])\\\\s+)+|(\\\\s+([oO][rR])\\\\s+)+)";
}
public static String parse(String openToken, String closeToken, String text, Object... args) {
if (args == null || args.length <= 0) {
return text;
}
int argsIndex = 0;
if (text == null || text.isEmpty()) {
return "";
}
char[] src = text.toCharArray();
int offset = 0;
// search open token
int start = text.indexOf(openToken, offset);
if (start == -1) {
return text;
}
final StringBuilder builder = new StringBuilder();
StringBuilder expression = null;
while (start > -1) {
if (start > 0 && src[start - 1] == '\\') {
// this open token is escaped. remove the backslash and continue.
builder.append(src, offset, start - offset - 1).append(openToken);
offset = start + openToken.length();
} else {
// found open token. let's search close token.
if (expression == null) {
expression = new StringBuilder();
} else {
expression.setLength(0);
}
builder.append(src, offset, start - offset);
offset = start + openToken.length();
int end = text.indexOf(closeToken, offset);
while (end > -1) {
if (end > offset && src[end - 1] == '\\') {
// this close token is escaped. remove the backslash and continue.
expression.append(src, offset, end - offset - 1).append(closeToken);
offset = end + closeToken.length();
end = text.indexOf(closeToken, offset);
} else {
expression.append(src, offset, end - offset);
break;
}
}
if (end == -1) {
// close token was not found.
builder.append(src, start, src.length - start);
offset = src.length;
} else {
///仅仅修改了该else分支下的个别行代码
String tmp = args[argsIndex] == null ? "" : args[argsIndex].toString();
String value = (argsIndex <= args.length - 1) ? tmp : expression.toString();
builder.append(value);
offset = end + closeToken.length();
argsIndex++;
}
}
start = text.indexOf(openToken, offset);
}
if (offset < src.length) {
builder.append(src, offset, src.length - offset);
}
return builder.toString();
}
public static String parse0(String text, Object... args) {
return PlaceholderParse.parse("${", "}", text, args);
}
public static String parse1(String text, Object... args) {
return PlaceholderParse.parse("{", "}", text, args);
}
public static String parse2(String text, Object... args) {
return PlaceholderParse.parse("#{", "}", text, args);
}
public static String filterInject(Object param) {
String res = param.toString().replaceAll(SQL_INJECT_CHARS, "");
return (param instanceof Number) ? param + "" : res;
}
}