#sql("orderByDay")
SELECT
DATE_FORMAT(a.`order_time`, '%Y-%m-%d') order_day,
SUM(num) num,
SUM(a.`total`) total,
SUM(a.`discount_money`+a.`reduce_money`+a.`coupon_pay`) yhmoney,
SUM(a.account_pay) account_pay,
SUM(a.real_pay) real_pay
FROM orders a
WHERE a.`supplier_id` = #para(supplier_id)
AND order_stus IN ('1','2','3','4','5')
#if(sdate)
DATE_FORMAT (a.`order_time`, '%Y-%m-%d')>=#para(sdate)
#end
#if(edate)
DATE_FORMAT (a.`order_time`, '%Y-%m-%d')<=#para(sdate)
#end
GROUP BY DATE_FORMAT (a.`order_time`, '%Y-%m-%d')
ORDER BY DATE_FORMAT (a.`order_time`, '%Y-%m-%d') DESC
#end以上查询语句,在使用
Db.template(key, kv).paginate(pageNumber, pageSize);
查询进报错了
Sql: select count(*) FROM orders a
WHERE a.`supplier_id` = ?
AND order_stus IN ('1','2','3','4','5')
GROUP BY DATE_FORMAT (a.`order_time`, '%Y-%m-%d')
(a.`order_time`, '%Y-%m-%d') DESC
com.jfinal.plugin.activerecord.ActiveRecordException: java.sql.SQLException: sql injection violation, syntax error: not support token:IDENTIFIER : select count(*) FROM orders a
WHERE a.`supplier_id` = ?
AND order_stus IN ('1','2','3','4','5')
GROUP BY DATE_FORMAT (a.`order_time`, '%Y-%m-%d')
(a.`order_time`, '%Y-%m-%d') DESC
at com.jfinal.plugin.activerecord.DbPro.doPaginate(DbPro.java:537)
at com.jfinal.plugin.activerecord.DbPro.paginate(DbPro.java:1308)
at com.jfinal.plugin.activerecord.DbTemplate.paginate(DbTemplate.java:80)
at com.zshsoft.web.kit.RecordKit.forPage(RecordKit.java:331)
at com.zshsoft.controller.global.SqlParaController.forLayPage(SqlParaController.java:78)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.jfinal.aop.Invocation.invoke(Invocation.java:97)
at com.zshsoft.web.intercept.ThreadLocalIntercept.intercept(ThreadLocalIntercept.java:26)
at com.jfinal.aop.Invocation.invoke(Invocation.java:91)
at com.zshsoft.web.intercept.LoginInterceptor.intercept(LoginInterceptor.java:118)
at com.jfinal.aop.Invocation.invoke(Invocation.java:91)
at com.jfinal.ext.interceptor.SessionInViewInterceptor.intercept(SessionInViewInterceptor.java:44)
at com.jfinal.aop.Invocation.invoke(Invocation.java:91)
at com.jfinal.core.ActionHandler.handle(ActionHandler.java:97)
at com.zshsoft.web.handler.BasePathHandler.handle(BasePathHandler.java:37)
at com.zshsoft.web.handler.SessionHandler.handle(SessionHandler.java:18)
at com.jfinal.core.JFinalFilter.doFilter(JFinalFilter.java:90)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:132)
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.SessionRestoringHandler.handleRequest(SessionRestoringHandler.java:119)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:269)
at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:78)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:133)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:130)
at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:249)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:78)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:99)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:376)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.sql.SQLException: sql injection violation, syntax error: not support token:IDENTIFIER : select count(*) FROM orders a
WHERE a.`supplier_id` = ?
AND order_stus IN ('1','2','3','4','5')
GROUP BY DATE_FORMAT (a.`order_time`, '%Y-%m-%d')
(a.`order_time`, '%Y-%m-%d') DESC
at com.alibaba.druid.wall.WallFilter.check(WallFilter.java:706)
at com.alibaba.druid.wall.WallFilter.connection_prepareStatement(WallFilter.java:234)
at com.alibaba.druid.filter.FilterChainImpl.connection_prepareStatement(FilterChainImpl.java:448)
at com.alibaba.druid.proxy.jdbc.ConnectionProxyImpl.prepareStatement(ConnectionProxyImpl.java:342)
at com.alibaba.druid.pool.DruidPooledConnection.prepareStatement(DruidPooledConnection.java:311)
at sun.reflect.GeneratedMethodAccessor10.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.jfinal.plugin.activerecord.SqlReporter.invoke(SqlReporter.java:58)
at com.sun.proxy.$Proxy14.prepareStatement(Unknown Source)
at com.jfinal.plugin.activerecord.DbPro.query(DbPro.java:62)
at com.jfinal.plugin.activerecord.DbPro.doPaginateByFullSql(DbPro.java:551)
at com.jfinal.plugin.activerecord.DbPro.doPaginate(DbPro.java:535)
... 51 more
Caused by: com.alibaba.druid.sql.parser.ParserException: not support token:IDENTIFIER
at com.alibaba.druid.sql.parser.SQLExprParser.methodRest(SQLExprParser.java:640)
at com.alibaba.druid.sql.parser.SQLExprParser.primaryRest(SQLExprParser.java:600)
at com.alibaba.druid.sql.dialect.mysql.parser.MySqlExprParser.primaryRest(MySqlExprParser.java:490)
at com.alibaba.druid.sql.parser.SQLExprParser.methodRest(SQLExprParser.java:637)
at com.alibaba.druid.sql.parser.SQLExprParser.primaryRest(SQLExprParser.java:600)
at com.alibaba.druid.sql.dialect.mysql.parser.MySqlExprParser.primaryRest(MySqlExprParser.java:490)
at com.alibaba.druid.sql.parser.SQLExprParser.primary(SQLExprParser.java:561)
at com.alibaba.druid.sql.dialect.mysql.parser.MySqlExprParser.primary(MySqlExprParser.java:185)
at com.alibaba.druid.sql.parser.SQLExprParser.expr(SQLExprParser.java:109)
at com.alibaba.druid.sql.dialect.mysql.parser.MySqlSelectParser.parseGroupBy(MySqlSelectParser.java:238)
at com.alibaba.druid.sql.dialect.mysql.parser.MySqlSelectParser.query(MySqlSelectParser.java:191)
at com.alibaba.druid.sql.parser.SQLSelectParser.select(SQLSelectParser.java:59)
at com.alibaba.druid.sql.dialect.mysql.parser.MySqlStatementParser.parseSelect(MySqlStatementParser.java:193)
at com.alibaba.druid.sql.parser.SQLStatementParser.parseStatementList(SQLStatementParser.java:129)
at com.alibaba.druid.sql.parser.SQLStatementParser.parseStatementList(SQLStatementParser.java:108)
at com.alibaba.druid.wall.WallProvider.checkInternal(WallProvider.java:627)
at com.alibaba.druid.wall.WallProvider.check(WallProvider.java:586)
at com.alibaba.druid.wall.WallFilter.check(WallFilter.java:694)
... 63 more
2020-06-05 18:05:21,906 - [INFO] - from normal in com.taobao.diamond.client.Worker.longPullingdefault如果不分页就没有问题,如果分页就报错了,请问这如何处理是好?
我还是想用Db.template来做,因为我想做个通用的查询并事有分页的。
Db.template(...).paginate(1, 10, true);
如果还是报错,参考一下文档:
https://jfinal.com/doc/5-6