0

在我的数据库管理器类中,我有一个功能可以检查数据库中是否存在某个电话号码:

public boolean is_phone_number_exist_in_group(String phone_num, int group_id)
{
    SQLiteDatabase db = db_helper.getReadableDatabase();

    Cursor mContactsCursor = db.query(Constants.TABLE_NAME_GROUP_CONTACTS, null, 
            "group_id="+group_id+" AND contact_phone="+phone_num, null, null, null, null);

    if(mContactsCursor.moveToFirst())
    {
        mContactsCursor.close();
        db.close();
        return true;
    } else {
        mContactsCursor.close();
        db.close();
        return false;
    }

}

现在我只想将结果输出到 logcat:

Log.i(DEBUG_TAG, "Is Phone number exist: "+manager.is_phone_number_exist_in_group(contact_phone, group_id));

但是当我运行应用程序时 - 它在这部分崩溃。这是我在 logcat 中得到的输出:

09-27 07:55:02.284: E/AndroidRuntime(20602): FATAL EXCEPTION: main
09-27 07:55:02.284: E/AndroidRuntime(20602): java.lang.RuntimeException: 
    Failure delivering result ResultInfo{who=null, request=0, result=-1, 
    data=Intent { dat=content://com.android.contacts/contacts/lookup/0r5-49434B2F3D374D4D3D2F/5 flg=0x1 }} 
    to activity {com.myinfo.myapp/com.myinfo.myapp.activities.Activity_Group_Contacts}: 
    android.database.sqlite.SQLiteException: near "444": syntax error: , 
    while compiling: SELECT * FROM group_contacts WHERE group_id=1 
    AND contact_phone=(052) 444-5556
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.app.ActivityThread.deliverResults(ActivityThread.java:2980)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.app.ActivityThread.handleSendResult(ActivityThread.java:3023)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.app.ActivityThread.access$1100(ActivityThread.java:123)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1177)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.os.Handler.dispatchMessage(Handler.java:99)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.os.Looper.loop(Looper.java:137)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.app.ActivityThread.main(ActivityThread.java:4424)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at java.lang.reflect.Method.invokeNative(Native Method)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at java.lang.reflect.Method.invoke(Method.java:511)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:784)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:551)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at dalvik.system.NativeStart.main(Native Method)
09-27 07:55:02.284: E/AndroidRuntime(20602): Caused by: 
    android.database.sqlite.SQLiteException: near "444": syntax error: , while 
    compiling: SELECT * FROM group_contacts WHERE group_id=1 AND 
    contact_phone=(052) 444-5556
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.database.sqlite.SQLiteCompiledSql.native_compile(Native Method)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.database.sqlite.SQLiteCompiledSql.<init>(SQLiteCompiledSql.java:68)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.database.sqlite.SQLiteProgram.compileSql(SQLiteProgram.java:143)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.database.sqlite.SQLiteProgram.compileAndbindAllArgs(SQLiteProgram.java:361)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.database.sqlite.SQLiteProgram.<init>(SQLiteProgram.java:127)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.database.sqlite.SQLiteProgram.<init>(SQLiteProgram.java:94)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.database.sqlite.SQLiteQuery.<init>(SQLiteQuery.java:53)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.database.sqlite.SQLiteDirectCursorDriver.query(SQLiteDirectCursorDriver.java:47)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.database.sqlite.SQLiteDatabase.rawQueryWithFactory(SQLiteDatabase.java:1564)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.database.sqlite.SQLiteDatabase.queryWithFactory(SQLiteDatabase.java:1449)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.database.sqlite.SQLiteDatabase.query(SQLiteDatabase.java:1405)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.database.sqlite.SQLiteDatabase.query(SQLiteDatabase.java:1485)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at com.myinfo.myapp.tasks.Task_DB_Manager.is_phone_number_exist_in_group(Task_DB_Manager.java:170)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at com.myinfo.myapp.activities.Activity_Group_Contacts.add_new_contact(Activity_Group_Contacts.java:326)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at com.myinfo.myapp.activities.Activity_Group_Contacts.onActivityResult(Activity_Group_Contacts.java:171)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.app.Activity.dispatchActivityResult(Activity.java:4649)
09-27 07:55:02.284: E/AndroidRuntime(20602):    at android.app.ActivityThread.deliverResults(ActivityThread.java:2976)
09-27 07:55:02.284: E/AndroidRuntime(20602):    ... 11 more

我的猜测,虽然我不确定 - 它的发生要么是因为电话号码的 444 部分附近的空格或连字符。

我该如何修复它并使其工作?

4

2 回答 2

2

SQL 查询需要对某些字符进行转义。

为了避免担心转义(以及 sql 注入),请始终使用selectionArgs. 他们将被正确地逃脱SQLite。它还允许SQLite识别您的查询以优化它们。

像这样使用:

String query = "group_id = ? AND contact_phone = ?";
String[] args = new String[] { Integer.toString(group_id), phone_num };
Cursor mContactsCursor = db.query(Constants.TABLE_NAME_GROUP_CONTACTS, null, 
        query, args, null, null, null);
于 2013-09-27T08:25:38.580 回答
2

您只是缺少电话号码周围的引号:

Cursor mContactsCursor = db.query(Constants.TABLE_NAME_GROUP_CONTACTS, null, 
            "group_id="+group_id+" AND contact_phone='"+phone_num+"'", null, null, null, null);
于 2013-09-27T08:20:38.303 回答