android - 靠近 "WHERE": syntax error - SQLite

标签 android sqlite where-clause android-sqlite

我有一个方法,如果检查两个文本字段是否存在,然后重新调整记录 ID。 我的方法是这样的:

int getQueryMatch(String word, String meter) {
    SQLiteDatabase db = this.getReadableDatabase();

    String selectQuery = "SELECT *  FROM " + TABLE_HISTORY + " WHERE " + QUERYWORD +  "= '" + word + "' AND WHERE " + DISTANCEQ + "= '"+ meter +"' "  ;
    Cursor cursor = db.rawQuery(selectQuery, null);
    int getidd = cursor.getColumnIndex(KEY_ID) ;


    Log.v("Match query ", "return? " + getidd );
    if (cursor != null)
        cursor.moveToFirst();

    // return History
    return getidd;
}

我的 table 看起来像这样:

    String CREATE_HISTORYS_TABLE = "CREATE TABLE IF NOT EXISTS " + TABLE_HISTORY + "(" + KEY_ID + " INTEGER PRIMARY KEY AUTOINCREMENT," +
            QUERYWORD + " TEXT," + DISTANCEQ + " TEXT" + ","  + KEY_TIMESTAMP + ")";
    db.execSQL(CREATE_HISTORYS_TABLE);

现在,当我像 getQueryMatch(Mystr1 , Mystr2) 一样运行该方法时;

我得到了这个错误:

10-18 22:04:04.294: E/AndroidRuntime(13736): FATAL EXCEPTION: AsyncTask #1
10-18 22:04:04.294: E/AndroidRuntime(13736): java.lang.RuntimeException: An error occured while executing doInBackground()
10-18 22:04:04.294: E/AndroidRuntime(13736):    at android.os.AsyncTask$3.done(AsyncTask.java:299)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at java.util.concurrent.FutureTask$Sync.innerSetException(FutureTask.java:273)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at java.util.concurrent.FutureTask.setException(FutureTask.java:124)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:307)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at java.util.concurrent.FutureTask.run(FutureTask.java:137)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:230)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1076)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:569)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at java.lang.Thread.run(Thread.java:856)
10-18 22:04:04.294: E/AndroidRuntime(13736): Caused by: ****android.database.sqlite.SQLiteException: near "WHERE": syntax error (code 1): , while compiling: SELECT *  FROM history WHERE query= 'Information Pillar' AND WHERE distance= '20'****
10-18 22:04:04.294: E/AndroidRuntime(13736):    at android.database.sqlite.SQLiteConnection.nativePrepareStatement(Native Method)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at android.database.sqlite.SQLiteConnection.acquirePreparedStatement(SQLiteConnection.java:882)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at android.database.sqlite.SQLiteConnection.prepare(SQLiteConnection.java:493)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at android.database.sqlite.SQLiteSession.prepare(SQLiteSession.java:588)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at android.database.sqlite.SQLiteProgram.<init>(SQLiteProgram.java:58)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at android.database.sqlite.SQLiteQuery.<init>(SQLiteQuery.java:37)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at android.database.sqlite.SQLiteDirectCursorDriver.query(SQLiteDirectCursorDriver.java:44)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at android.database.sqlite.SQLiteDatabase.rawQueryWithFactory(SQLiteDatabase.java:1314)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at android.database.sqlite.SQLiteDatabase.rawQuery(SQLiteDatabase.java:1253)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at com.example.phooogle.DatabaseHandler.getQueryMatch(DatabaseHandler.java:149)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at com.example.phooogle.GoogleMapsAppActivity$InitTask.doInBackground(GoogleMapsAppActivity.java:233)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at com.example.phooogle.GoogleMapsAppActivity$InitTask.doInBackground(GoogleMapsAppActivity.java:1)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at android.os.AsyncTask$2.call(AsyncTask.java:287)
10-18 22:04:04.294: E/AndroidRuntime(13736):    at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:305)

我的选择查询看起来没问题,但我不知道问题出在哪里?

最佳答案

去掉第二个WHERE,就可以了。

String selectQuery = "SELECT *  FROM " + TABLE_HISTORY + " WHERE " + QUERYWORD +  "= '" + word + "' AND WHERE " + DISTANCEQ + "= '"+ meter +"' "  ;
                                                                                                        ^^^^^
                                                                                                   here's the error

啊,顺便说一下:您的查询建筑似乎极易受到 SQL injection 的攻击!最好解决这个问题。

关于android - 靠近 "WHERE": syntax error - SQLite,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/12953206/

上一篇:android - 在android中动态设置微调器位置?

下一篇:安卓3G信号强度

相关文章:

SQL Server 类似 %% 的语句行为

android - 如何在 Horizo​​ntalScrollView 中更改从右向左滚动的方向

android - 使用继承或 fragment 之间的设计选择

MySQL WHERE 类似 NoSQL 风格

android - 数据库更改后 ListView 未更新

sqlite - 我在哪里可以找到 SQLite 数据库文件的示例或它的转储?

python - 根据另外三个相加的结果在数据框中创建一个新列

android - “Invalid platform app” 使用 Instagram 基本显示 API 时出错

java - Android应用程序中的倒计时器在不同时间开始

c# - SQLiteException-SQLite错误提供给命令的参数不足

©2024 IT工具网  联系我们