修正一部分注释, 其中一个 in 方法改名为 inSql 输入 sql 注入方法

mybatis-plus-core/src/main/java/com/baomidou/mybatisplus/core/conditions/AbstractWrapper.java

@@ -267,6 +267,16 @@ public abstract class AbstractWrapper<T, R, This extends AbstractWrapper<T, R, T
         return not(condition).in(condition, column, value);
     }
 
+    @Override
+    public This inSql(boolean condition, R column, String inValue) {
+        return doIt(condition, () -> columnToString(column), IN, () -> "(" + inValue + ")");
+    }
+
+    @Override
+    public This notInSql(boolean condition, R column, String inValue) {
+        return not(condition).inSql(condition, column, inValue);
+    }
+
     @Override
     public This groupBy(boolean condition, R... columns) {
         if (ArrayUtils.isEmpty(columns)) {

mybatis-plus-core/src/main/java/com/baomidou/mybatisplus/core/conditions/interfaces/Compare.java

@@ -31,7 +31,7 @@ import java.util.function.BiPredicate;
 public interface Compare<This, R> extends Serializable {
 
     /**
-     * map 所有非空属性等于 =
+     * ignore
      */
     default This allEq(Map<R, Object> params) {
         return allEq(true, params);
@@ -43,20 +43,13 @@ public interface Compare<This, R> extends Serializable {
     This allEq(boolean condition, Map<R, Object> params);
 
     /**
-     * TODO 待确定的多参数字段过滤
-     * 字段过滤接口，传入多参数时允许对参数进行过滤
-     *
-     * @param filter 返回 true 来允许字段传入 条件中
-     * @param params 参数
-     * @param <V>    参数的value类型
-     * @return 返回自身
+     * ignore
      */
     default <V> This allEq(BiPredicate<R, V> filter, Map<R, V> params) {
         return allEq(true, filter, params);
     }
 
     /**
-     * TODO 待确定的多参数字段过滤
      * 字段过滤接口，传入多参数时允许对参数进行过滤
      *
      * @param filter 返回 true 来允许字段传入 条件中
@@ -67,7 +60,7 @@ public interface Compare<This, R> extends Serializable {
     <V> This allEq(boolean condition, BiPredicate<R, V> filter, Map<R, V> params);
 
     /**
-     * 等于 =
+     * ignore
      */
     default This eq(R column, Object val) {
         return eq(true, column, val);
@@ -79,7 +72,7 @@ public interface Compare<This, R> extends Serializable {
     This eq(boolean condition, R column, Object val);
 
     /**
-     * 不等于 <>
+     * ignore
      */
     default This ne(R column, Object val) {
         return ne(true, column, val);
@@ -91,7 +84,7 @@ public interface Compare<This, R> extends Serializable {
     This ne(boolean condition, R column, Object val);
 
     /**
-     * 大于 >
+     * ignore
      */
     default This gt(R column, Object val) {
         return gt(true, column, val);
@@ -103,7 +96,7 @@ public interface Compare<This, R> extends Serializable {
     This gt(boolean condition, R column, Object val);
 
     /**
-     * 大于等于 >=
+     * ignore
      */
     default This ge(R column, Object val) {
         return ge(true, column, val);
@@ -115,7 +108,7 @@ public interface Compare<This, R> extends Serializable {
     This ge(boolean condition, R column, Object val);
 
     /**
-     * 小于 <
+     * ignore
      */
     default This lt(R column, Object val) {
         return lt(true, column, val);
@@ -127,7 +120,7 @@ public interface Compare<This, R> extends Serializable {
     This lt(boolean condition, R column, Object val);
 
     /**
-     * 小于等于 <=
+     * ignore
      */
     default This le(R column, Object val) {
         return le(true, column, val);
@@ -139,7 +132,7 @@ public interface Compare<This, R> extends Serializable {
     This le(boolean condition, R column, Object val);
 
     /**
-     * BETWEEN 值1 AND 值2
+     * ignore
      */
     default This between(R column, Object val1, Object val2) {
         return between(true, column, val1, val2);
@@ -151,7 +144,7 @@ public interface Compare<This, R> extends Serializable {
     This between(boolean condition, R column, Object val1, Object val2);
 
     /**
-     * NOT BETWEEN 值1 AND 值2
+     * ignore
      */
     default This notBetween(R column, Object val1, Object val2) {
         return notBetween(true, column, val1, val2);
@@ -163,7 +156,7 @@ public interface Compare<This, R> extends Serializable {
     This notBetween(boolean condition, R column, Object val1, Object val2);
 
     /**
-     * LIKE '%值%'
+     * ignore
      */
     default This like(R column, Object val) {
         return like(true, column, val);
@@ -175,7 +168,7 @@ public interface Compare<This, R> extends Serializable {
     This like(boolean condition, R column, Object val);
 
     /**
-     * NOT LIKE '%值%'
+     * ignore
      */
     default This notLike(R column, Object val) {
         return notLike(true, column, val);
@@ -187,7 +180,7 @@ public interface Compare<This, R> extends Serializable {
     This notLike(boolean condition, R column, Object val);
 
     /**
-     * LIKE '%值'
+     * ignore
      */
     default This likeLeft(R column, Object val) {
         return likeLeft(true, column, val);
@@ -199,7 +192,7 @@ public interface Compare<This, R> extends Serializable {
     This likeLeft(boolean condition, R column, Object val);
 
     /**
-     * LIKE '值%'
+     * ignore
      */
     default This likeRight(R column, Object val) {
         return likeRight(true, column, val);

mybatis-plus-core/src/main/java/com/baomidou/mybatisplus/core/conditions/interfaces/Func.java

@@ -20,7 +20,6 @@ import static java.util.stream.Collectors.toList;
 import java.io.Serializable;
 import java.util.Arrays;
 import java.util.Collection;
-import java.util.Collections;
 import java.util.Optional;
 
 /**
@@ -36,7 +35,7 @@ import java.util.Optional;
 public interface Func<This, R> extends Serializable {
 
     /**
-     * 字段 IS NULL
+     * ignore
      */
     default This isNull(R column) {
         return isNull(true, column);
@@ -48,7 +47,7 @@ public interface Func<This, R> extends Serializable {
     This isNull(boolean condition, R column);
 
     /**
-     * 字段 IS NOT NULL
+     * ignore
      */
     default This isNotNull(R column) {
         return isNotNull(true, column);
@@ -60,7 +59,7 @@ public interface Func<This, R> extends Serializable {
     This isNotNull(boolean condition, R column);
 
     /**
-     * 字段 IN (value.get(0), value.get(1), ...)
+     * ignore
      */
     default This in(R column, Collection<?> value) {
         return in(true, column, value);
@@ -72,7 +71,7 @@ public interface Func<This, R> extends Serializable {
     This in(boolean condition, R column, Collection<?> value);
 
     /**
-     * 字段 IN (v0, v1, ...)
+     * ignore
      */
     default This in(R column, Object... values) {
         return in(true, column, values);
@@ -87,7 +86,7 @@ public interface Func<This, R> extends Serializable {
     }
 
     /**
-     * 字段 NOT IN (value.get(0), value.get(1), ...)
+     * ignore
      */
     default This notIn(R column, Collection<?> values) {
         return notIn(true, column, values);
@@ -99,7 +98,7 @@ public interface Func<This, R> extends Serializable {
     This notIn(boolean condition, R column, Collection<?> value);
 
     /**
-     * 字段 NOT IN (v0, v1, ...)
+     * ignore
      */
     default This notIn(R column, Object... value) {
         return notIn(true, column, value);
@@ -114,43 +113,37 @@ public interface Func<This, R> extends Serializable {
     }
 
     /**
-     * 拼接 IN ( sql 语句 )
-     * 例: in("id", "1,2,3,4,5,6")
+     * ignore
      */
-    default This in(R column, String inValue) {
-        return in(true, column, inValue);
+    default This inSql(R column, String inValue) {
+        return inSql(true, column, inValue);
     }
 
     /**
+     * <p>
+     * !! sql 注入方式的 in 方法 !!
+     * </p>
      * 拼接 IN ( sql 语句 )
-     * 例: in("id", "1,2,3,4,5,6")
+     * 例1: in("id", "1,2,3,4,5,6")
+     * 例2: in("id", "select id from table where id < 3")
      */
-    default This in(boolean condition, R column, String inValue) {
-        return in(condition, column, Collections.singleton(inValue));
-    }
+    This inSql(boolean condition, R column, String inValue);
 
     /**
-     * 拼接 NOT IN ( sql 语句 )
-     * 例: notIn("id", "1,2,3,4,5,6")
+     * ignore
      */
-    default This notIn(R column, String inValue) {
-        return notIn(true, column, inValue);
+    default This notInSql(R column, String inValue) {
+        return notInSql(true, column, inValue);
     }
 
     /**
      * 拼接 NOT IN ( sql 语句 )
      * 例: notIn("id", "1,2,3,4,5,6")
      */
-    default This notIn(boolean condition, R column, String inValue) {
-        return notIn(condition, column, Collections.singleton(inValue));
-    }
+    This notInSql(boolean condition, R column, String inValue);
 
     /**
-     * <p>
-     * 分组：GROUP BY 字段, ...
-     * </p>
-     *
-     * @param columns 分组字段【可多个】
+     * ignore
      */
     default This groupBy(R... columns) {
         return groupBy(true, columns);
@@ -167,7 +160,7 @@ public interface Func<This, R> extends Serializable {
     This groupBy(boolean condition, R... columns);
 
     /**
-     * 排序：ORDER BY 字段, ...
+     * ignore
      */
     default This orderByAsc(R... columns) {
         return orderByAsc(true, columns);
@@ -186,7 +179,7 @@ public interface Func<This, R> extends Serializable {
     }
 
     /**
-     * 排序：ORDER BY 字段, ...
+     * ignore
      */
     default This orderByDesc(R... columns) {
         return orderByDesc(true, columns);
@@ -210,8 +203,7 @@ public interface Func<This, R> extends Serializable {
     This orderBy(boolean condition, boolean isAsc, R... columns);
 
     /**
-     * HAVING ( sql 语句 )
-     * 例: having("sum(age) > {0}", 1)
+     * ignore
      */
     default This having(String sqlHaving, Object... params) {
         return having(true, sqlHaving, params);

mybatis-plus-core/src/main/java/com/baomidou/mybatisplus/core/conditions/interfaces/Join.java

@@ -29,7 +29,7 @@ import java.io.Serializable;
 public interface Join<This> extends Serializable {
 
     /**
-     * 拼接 OR
+     * ignore
      */
     default This or() {
         return or(true);
@@ -41,8 +41,7 @@ public interface Join<This> extends Serializable {
     This or(boolean condition);
 
     /**
-     * 拼接 sql
-     * 例: apply("date_format(column,'%Y-%m-%d') = '2008-08-08'")
+     * ignore
      */
     default This apply(String applySql) {
         return apply(true, applySql);
@@ -55,8 +54,7 @@ public interface Join<This> extends Serializable {
     This apply(boolean condition, String applySql);
 
     /**
-     * 拼接 sql
-     * 例: apply("date_format(column,'%Y-%m-%d') = {0}", LocalDate.now())
+     * ignore
      */
     default This apply(String applySql, Object... value) {
         return apply(true, applySql, value);
@@ -69,8 +67,7 @@ public interface Join<This> extends Serializable {
     This apply(boolean condition, String applySql, Object... value);
 
     /**
-     * 无视优化规则直接拼接到 sql 的最后(有sql注入的风险,请谨慎使用)
-     * 例: last("limit 1")
+     * ignore
      */
     default This last(String lastSql) {
         return last(true, lastSql);
@@ -83,8 +80,7 @@ public interface Join<This> extends Serializable {
     This last(boolean condition, String lastSql);
 
     /**
-     * EXISTS ( sql 语句 )
-     * 例: exists("select id from table where age = 1")
+     * ignore
      */
     default This exists(String existsSql) {
         return exists(true, existsSql);
@@ -92,12 +88,12 @@ public interface Join<This> extends Serializable {
 
     /**
      * EXISTS ( sql 语句 )
+     * 例: exists("select id from table where age = 1")
      */
     This exists(boolean condition, String existsSql);
 
     /**
-     * NOT EXISTS ( sql 语句 )
-     * 例: notExists("select id from table where age = 1")
+     * ignore
      */
     default This notExists(String notExistsSql) {
         return notExists(true, notExistsSql);
@@ -105,6 +101,7 @@ public interface Join<This> extends Serializable {
 
     /**
      * NOT EXISTS ( sql 语句 )
+     * 例: notExists("select id from table where age = 1")
      */
     This notExists(boolean condition, String notExistsSql);
 }

mybatis-plus-core/src/main/java/com/baomidou/mybatisplus/core/conditions/interfaces/Nested.java

@@ -30,7 +30,7 @@ import java.util.function.Function;
 public interface Nested<This> extends Serializable {
 
     /**
-     * AND 嵌套
+     * ignore
      */
     default This and(Function<This, This> func) {
         return and(true, func);
@@ -42,7 +42,7 @@ public interface Nested<This> extends Serializable {
     This and(boolean condition, Function<This, This> func);
 
     /**
-     * OR 嵌套
+     * ignore
      */
     default This or(Function<This, This> func) {
         return or(true, func);
@@ -54,7 +54,7 @@ public interface Nested<This> extends Serializable {
     This or(boolean condition, Function<This, This> func);
 
     /**
-     * 正常嵌套 不带 AND 或者 OR
+     * ignore
      */
     default This nested(Function<This, This> func) {
         return nested(true, func);

mybatis-plus/src/test/java/com/baomidou/mybatisplus/test/mysql/MysqlTestDataMapperTest.java

@@ -1,6 +1,9 @@
 package com.baomidou.mybatisplus.test.mysql;
 
+import java.math.BigDecimal;
 import java.time.LocalDate;
+import java.time.LocalDateTime;
+import java.time.LocalTime;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -34,6 +37,19 @@ public class MysqlTestDataMapperTest {
     @Resource
     protected TestDataMapper testDataMapper;
 
+    @Test
+    public void insertForeach() {
+        LocalDateTime nowDateTime = LocalDateTime.now();
+        LocalDate nowDate = nowDateTime.toLocalDate();
+        LocalTime nowTime = nowDateTime.toLocalTime();
+        for (int i = 0; i < 20; i++) {
+            testDataMapper.insert(new TestData().setTestInt(i).setTestStr(String.format("第%s条数据", i))
+                .setTestDouble(BigDecimal.valueOf(3.3).multiply(BigDecimal.valueOf(i)).doubleValue())
+                .setTestBoolean((i + 3) % 2 == 0).setTestDate(nowDate)
+                .setTestTime(nowTime).setTestDateTime(nowDateTime));
+        }
+    }
+
     @Test
     public void selectById() {
         System.out.println(testDataMapper.selectById(1L));
@@ -86,6 +102,15 @@ public class MysqlTestDataMapperTest {
         println(page.getRecords());
     }
 
+    @Test
+    public void testIn() {
+        println(testDataMapper.selectList(new QueryWrapper<TestData>()
+//            .in("test_int", Arrays.asList(1, 2, 3))  ok
+//                .in("test_int", 1, 2, 3)  ok
+                .inSql("test_int", "1,2,3")
+        ));
+    }
+
     private void println(List<TestData> list) {
         list.forEach(System.out::println);
     }

mybatis-plus/src/test/java/com/baomidou/mybatisplus/test/mysql/config/DBConfig.java

@@ -23,10 +23,10 @@ public class DBConfig {
     public DataSource dataSource() throws SQLException {
         SimpleDriverDataSource dataSource = new SimpleDriverDataSource();
         dataSource.setDriver(new Driver());
-        dataSource.setUrl("jdbc:mysql://localhost:3306/mybatis_plus");
+        dataSource.setUrl("jdbc:mysql://localhost:3306/mybatis_plus?useUnicode=true&characterEncoding=UTF-8");
         dataSource.setDriverClass(com.mysql.jdbc.Driver.class);
         dataSource.setUsername("root");
-        dataSource.setPassword("123123");
+        dataSource.setPassword("123456");
         return dataSource;
     }
 

mybatis-plus/src/test/resources/mysql/initData.sql

@@ -1,5 +1,5 @@
 CREATE TABLE IF NOT EXISTS test_data (
-    id             BIGINT (20) primary key,
+    id             BIGINT primary key,
     test_int       integer,
     test_str       varchar(50),
     test_double    double,
@@ -8,7 +8,7 @@ CREATE TABLE IF NOT EXISTS test_data (
     test_time      time,
     test_date_time datetime,
     test_timestamp timestamp
-);
+)ENGINE = innodb DEFAULT CHARSET = utf8;
 
 insert into test_data
 values (1, 1, '1', 1.1, 1, '2008-08-08', '12:12:12', '2008-08-08 12:12:12', '2008-08-08 12:12:12');