是否ContentResolver.query逃避选择参数?
例如,我是否应该selArgs在执行类似操作之前手动转义参数
Cursor c = contentResolver.query(uri, null, "mimetype=?", selArgs, null);
还是通过query方法完成的?
问问题
797 次
1 回答
0
不,您应该在您的内容提供商中手动执行此操作。
查询函数源码:
public final Cursor query(Uri uri, String[] projection,
String selection, String[] selectionArgs, String sortOrder) {
IContentProvider provider = acquireProvider(uri);
if (provider == null) {
return null;
}
try {
long startTime = SystemClock.uptimeMillis();
Cursor qCursor = provider.query(uri, projection, selection, selectionArgs, sortOrder);
if (qCursor == null) {
releaseProvider(provider);
return null;
}
// force query execution
qCursor.getCount();
long durationMillis = SystemClock.uptimeMillis() - startTime;
maybeLogQueryToEventLog(durationMillis, uri, projection, selection, sortOrder);
// Wrap the cursor object into CursorWrapperInner object
return new CursorWrapperInner(qCursor, provider);
} catch (RemoteException e) {
releaseProvider(provider);
// Arbitrary and not worth documenting, as Activity
// Manager will kill this process shortly anyway.
return null;
} catch (RuntimeException e) {
releaseProvider(provider);
throw e;
}
}
于 2012-04-25T13:04:32.323 回答