0

如何使这条线工作?

return ourDatabase.rawQuery("SELECT * FROM GL_" + tablename + " WHERE " + KEY_GROUP_T + " = " + grp + " ORDER BY " + KEY_NAME_T + " COLLATE NOCASE", null);

04-23 17:58:26.701:E/AndroidRuntime(9212):原因:android.database.sqlite.SQLiteException:没有这样的列:Baked_Goods:,编译时:SELECT * FROM GL_table4 WHERE grlist_group = Baked_Goods ORDER BY grlist_name COLLATE NOCASE

这条线正在工作,但我想用 rawQuery 来做:

return ourDatabase.query("GL_" + tablename, columns, KEY_GROUP_T + "= ?" , new String[]{grp}, null, null, null);
4

3 回答 3

3

要完成这项工作,您必须在字符串周围加上单引号。例子:

return ourDatabase.rawQuery("SELECT * FROM GL_" + tablename + " WHERE " + KEY_GROUP_T + " = '" + grp + "' ORDER BY " + KEY_NAME_T + " COLLATE NOCASE", null);

添加

Waqas 有一个好处,如果grp取自用户的输入,他正在防止SQL 插入攻击。如果您总是定义grp,那么这不是关键,而是良好的做法。

于 2012-04-23T18:06:09.563 回答
3

改变这个:

return ourDatabase.rawQuery("SELECT * FROM GL_" + tablename + " WHERE " +
KEY_GROUP_T + " = " + grp + " ORDER BY " + KEY_NAME_T + " COLLATE NOCASE", null);

对此:

return ourDatabase.rawQuery("SELECT * FROM GL_" + tablename + " WHERE " +
KEY_GROUP_T + " = ? ORDER BY " + KEY_NAME_T + " COLLATE NOCASE", new String[]{grp});
于 2012-04-23T18:14:56.370 回答
0

尽管单引号方法是正确的,但您可以提高查询速度,并提高可读性,并且如果您这样做,您不会忘记单引号:

String [] selectionArgs = {String.valueOf(grp)};
ourDatabase.rawQuery("SELECT * FROM GL_" + tablename + " WHERE " + KEY_GROUP_T + " = ?" + " ORDER BY " + KEY_NAME_T + " COLLATE NOCASE", selectionArgs);
于 2012-04-23T18:19:38.180 回答