前三种模糊查询
#{参数名称}可以防注入,推荐使用
${参数名称},容易被注入,不推荐使用,
<select id="getUserList" resultMap="user">SELECT id,username,nickname,phone,email FROM sys_userWHERE del_flag = 0<if test="username!=null and username !=''">and username = "%"#{username}"%" </if><if test="nickname!=null and nickname !=''">and nickname like concat(concat(#{nickname},'%'),'%')</if><if test="phone!=null and phone !=''">and phone like '%${phone}%'</if>
</select>