在sqlite数据库上的游标查询错误
[英]Error on cursor query on sqlite database
问题描述
I am trying to get column info from a cursor, and getting a frustrating error. 
我试图从游标中获取列信息,并得到一个令人沮丧的错误。 I want to select all columns containing $SEARCH. 我想选择所有包含$ SEARCH的列。 Here is the code: 这是代码:
Bundle b = getIntent().getExtras();
SEARCH = b.getString("searchtext");
Cursor c = mDBHelper.getReadableDatabase().query("table", null, "name="+ SEARCH, null, null, null, null);
For some reason, the cursor is throwing a runtime exception. 由于某种原因,游标抛出了运行时异常。 here is the error: 这是错误:
12-30 03:55:00.357: E/AndroidRuntime(1302): Caused by: android.database.sqlite.SQLiteException: near "CAP": syntax error: , while compiling: SELECT * FROM kroger WHERE name=john
Not sure why this is happening, there's probably a very simple error in my code, but I'm not sure what it is. 不知道为什么会这样,我的代码中可能有一个非常简单的错误,但是我不确定它是什么。 THanks for your help! 谢谢你的帮助!
1 个解决方案
解决方案1
3 已采纳 2011-12-30 04:13:57
"name="+SEARCH will become name=CAP , which isn't a valid SQL expression. "name="+SEARCH将变为name=CAP ,这不是有效的SQL表达式。 The naïve solution is to wrap the term in single-quotes: 幼稚的解决方案是将该术语用单引号引起来:
"name='" + SEARCH + "'"
But this is subject to SQL injection attacks. 但这会受到SQL注入攻击。 Use the argument-passing facilities to pass the search term in an injection-free manner: 使用传递参数的工具以无注入方式传递搜索词:
query("table", null, "name=?", new String[] {SEARCH}, null, null, null);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.