我在 android sqlite 中创建表。 我的表格是类别:
db.execSQL("CREATE TABLE IF NOT EXISTS category (id_category INTEGER PRIMARY KEY AUTOINCREMENT,sub INT(5),name VARCHAR ,father INT(5), income_bool INT(1));");
现在我创建一个变量:
String a="بنزین"
我成功插入一行(带有波斯语名称)并将其显示在 ListView 中;
> But when i select i have errors: String ROW3 = "SELECT * FROM category
> WHERE name=" + a;
>Cursor cursor = db.rawQuery(ROW3, null);
>cursor.moveToFirst();
>Log.d("ghable vorod be for", "sa");
>for (cursor.moveToFirst(); !cursor.isAfterLast(); cursor.moveToNext())
{
Log.d("ghable vorod be for1", "sa");
cat_id=(cursor.getColumnIndex("id_category"));
Log.d("ghable vorod be for2", "sa");
}
但是我在 logcat 中有这个错误:
sqlite returned: error code = 1, msg = no such column: بنزین
Shutting down VM
thread exiting with uncaught exception (group=0x40015560) E/AndroidRuntime(28713): FATAL EXCEPTION: main
android.database.sqlite.SQLiteException: no such column: بنزین: , while compiling: SELECT * FROM category WHERE name=بنزین
09-30 15:28:17.358: E/AndroidRuntime(28713): at android.database.sqlite.SQLiteCompiledSql.native_compile(Native Method) 09-30 15:28:17.358: E/AndroidRuntime(28713): at android.database.sqlite.SQLiteCompiledSql.compile(SQLiteCompiledSql.java:92) 09-30 15:28:17.358: E/AndroidRuntime(28713): at android.database.sqlite.SQLiteCompiledSql.(SQLiteCompiledSql.java:65) 09-30 15:28:17.358: E/AndroidRuntime(28713): at android.database.sqlite.SQLiteProgram.(SQLiteProgram.java:83) 09-30 15:28:17.358: E/AndroidRuntime(28713): at android.database.sqlite.SQLiteQuery.(SQLiteQuery.java:49) 09-30 15:28:17.358: E/AndroidRuntime(28713): at android.database.sqlite.SQLiteDirectCursorDriver.query(SQLiteDirectCursorDriver.java:42) 09-30 15:28:17.358: E/AndroidRuntime(28713): at android.database.sqlite.SQLiteDatabase.rawQueryWithFactory(SQLiteDatabase.java:1356) 09-30 15:28:17.358: E/AndroidRuntime(28713): at android.database.sqlite.SQLiteDatabase.rawQuery(SQLiteDatabase.java:1324) 09-30 15:28:17.358: E/AndroidRuntime(28713): at com.example.hesabdar.New_income.onClick(New_income.java:174) 09-30 15:28:17.358: E/AndroidRuntime(28713): at android.view.View.performClick(View.java:2485) 09-30 15:28:17.358: E/AndroidRuntime(28713): at android.view.View$PerformClick.run(View.java:9080) 09-30 15:28:17.358: E/AndroidRuntime(28713): at android.os.Handler.handleCallback(Handler.java:587) 09-30 15:28:17.358: E/AndroidRuntime(28713): at android.os.Handler.dispatchMessage(Handler.java:92) 09-30 15:28:17.358: E/AndroidRuntime(28713): at android.os.Looper.loop(Looper.java:123) 09-30 15:28:17.358: E/AndroidRuntime(28713): at android.app.ActivityThread.main(ActivityThread.java:3683) 09-30 15:28:17.358: E/AndroidRuntime(28713): at java.lang.reflect.Method.invokeNative(Native Method) 09-30 15:28:17.358: E/AndroidRuntime(28713): at java.lang.reflect.Method.invoke(Method.java:507) 09-30 15:28:17.358: E/AndroidRuntime(28713): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:839) 09-30 15:28:17.358: E/AndroidRuntime(28713): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:597) 09-30 15:28:17.358: E/AndroidRuntime(28713): at dalvik.system.NativeStart.main(Native Method) 09-30 15:33:17.468: I/Process(28713): Sending signal. PID: 28713 SIG: 9
最佳答案
您根本不应该将该值直接包含在 SQL 中。相反,请使用参数化 SQL,例如:
Cursor cursor = db.rawQuery("SELECT * FROM category WHERE name=?",
new String[] { a });
这样:
- 您无需担心如何表示非 ASCII
- 您无需担心转义数据以避免 SQL injection attacks
- 您的 SQL 更易于阅读,无需所有字符串连接
(在普通 JDBC 中,您可以为字符串以外的其他数据类型设置参数,也可以避免转换问题 - 看起来这在这里不太可用,但这是参数化 SQL 的一个常见好处。)
关于java - 如何在android中的sqlite中使用波斯变量?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/19594133/