I am building a cursor for a select query. The WHERE section lookup value refers to a variable which is a path so it has several full stops in it.
The query doesnt like this and errors , the error says a col doesn't exist named with a name which is the lookup value i.e the path with stops in it. If I use the sqlEscape util on the variable it doesnt cause an 开发者_如何学JAVAerror but the lookup fails.
Any suggestions please?
Without a bit of your code it is hard to say but I'm guessing you are putting your where clause together like this:
String value = "some.thing.or.other";
String where = "FIELD = " + value;
Try building a parameterized where clause instead
String value = "some.thing.or.other";
String where = "FIELD = ?";
SQLiteDatabase db = fDbOpener.getReadableDatabase();
Cursor results = db.query(TABLE_NAME, COLUMNS_LIST, where, new String[] { value }, null, null, null);
When you run the query method now, SQLite will substitute your value into the where clause specifically as a value - it won't try to interpret the value in any way so it can't mistake the full stops for syntax.
精彩评论