Android SQLiteException: bind or column index out of range problem

前端 未结 3 937
自闭症患者
自闭症患者 2021-02-12 23:44

In android I am using the following statement.

model = dataHelper.rawQuery(\"SELECT _id, engword, lower(engword) as letter FROM word WHERE letter >= \'a\' AND         


        
相关标签:
3条回答
  • 2021-02-13 00:32

    The right statement is :

    model = dataHelper.rawQuery("
        SELECT _id, engword, lower(engword) as letter
        FROM word W
        HERE letter >= 'a'
        AND letter < '{'
        AND engword LIKE ? ORDER BY engword ASC
        ",
        new String[] {"%" + filterText + "%"}
    );
    
    0 讨论(0)
  • 2021-02-13 00:34

    If anyone is like me trying (and failing) to get this working with getContentResolver().query here how I managed it:

    *Updated thanks to comments from @CL and @Wolfram Rittmeyer, as they said this is the same as for rawQuery *

    Correct way:

      public static String SELECTION_LIKE_EMP_NAME = Columns.EMPLOYEE_NAME
                + " like ?";            
    
      Cursor c = context.getContentResolver().query(contentUri,
                    PROJECTION, SELECTION_LIKE_EMP_NAME, new String[] { "%" + query + "%" }, null);
    

    Previous answer that was open to SQL injection attack:

    public static String SELECTION_LIKE_EMP_NAME = Columns.EMPLOYEE_NAME
                + " like '%?%'";
    
    String selection = SELECTION_LIKE_EMP_NAME.replace("?", query);
    
    Cursor c = context.getContentResolver().query(contentUri,
                PROJECTION, selection, null, null);
    
    0 讨论(0)
  • 2021-02-13 00:41

    You provided 3 parameters but you have no ? in your query. Pass null instead of string array as the 2nd argument to the rawQuery or replace _id, engword and lower(engword) as letter in your select string by ?

    1)

    model = dataHelper.rawQuery("SELECT ?, ?, ? FROM word WHERE letter >= 'a' AND letter < '{' AND engword LIKE '%" + filterText + "%'",new String[] {"_id","engword", "lower(engword) as letter"});
    

    2)

    model = dataHelper.rawQuery("SELECT _id, engword, lower(engword) as letter FROM word WHERE letter >= 'a' AND letter < '{' AND engword LIKE '%" + filterText + "%'", null);
    

    Edit: As @Ewoks pointed out, the option (1) is incorrect, since prepared statements can get parameters (?s) only in WHERE clause.

    0 讨论(0)
提交回复
热议问题