I have been trying to execute a query:-
String selectQuery="SELECT "+ROLE+" FROM "+TABLE_EMPLOYEE+ " WHERE "+USER_ID+ "='"+userId+"' AND "+PASSWORD+"='"+password+"';";
cursorObj = dbObj.rawQuery(selectQuery, null);
This will result to:-
SELECT Role FROM employee WHERE User_Id='HondaSE' AND Password='456';
The logcat says:-
01-08 12:05:10.070: W/System.err(9318): android.database.sqlite.SQLiteException: no such column:
HondaQE: , while compiling: SELECT Role FROM employee WHERE User_Id=HondaQE AND Password=123;
I have tried to run the query with double quotes as well, for userId and password. resulting in:-
SELECT Role FROM employee WHERE User_Id="HondaSE" AND Password="456";
However both the queryies work perfectly fine when executed in SQLITE Data browser.
Both respond with same error.
Your logcat shows as below.
while compiling: SELECT Role FROM employee WHERE User_Id=HondaQE AND Password=123;
there is no single quotes around strings in User_Id=HondaQE AND Password=123.
You weren't compiling your raw query correctly. I would advise you to use "query" instead and use selection args to avoid these mistakes and possible sql injections.
Rewrite like this
String selectQuery="SELECT "+ROLE+" FROM TABLE_EMPLOYEE " WHERE USER_ID ='" + userId + "' AND PASSWORD = '" +password+ "'";
I had the closed the db before accessing the cursor. This was the error.
After accessing the cursor, the db is to be closed. Error solved.
Related
I am creating a sql database in my app and I am following the documentation on the official developer guide of android, at the webpage
http://developer.android.com/training/basics/data-storage/databases.html#ReadDbRow.
I don't understand what is the meaning of the FeedEntry.COLUMN_NAME_UPDATED value.
What should is value be? What does it mean actually?
It's the name of the update column in the feed table ;)
// How you want the results sorted in the resulting Cursor
String sortOrder = FeedEntry.COLUMN_NAME_UPDATED + " DESC";
I'm trying to get data from sqlite database.Tried using thiscontext.getContentResolver().query() method and I got following SqlException
near ":23": syntax error (code 1): , while compiling: SELECT wol_wait, mac_addr, _id, address, name, wol_port, user, timeout, pass FROM hosts WHERE (mac_addr=00:23:15:97:ce:a0) ORDER BY name ASC
this is the code that I’m using
Cursor c=context.getContentResolver().query(HostProvider.Hosts.CONTENT_URI,null, Hosts.MAC_ADDR +"=" +String.valueOf(mhost.mac_addr),null,HostProvider.Hosts.NAME + " ASC");
how can I fix this issue?
String literals such as MAC addresses need to be in 'single quotes', or better yet, use ? placeholders and variable binding. Replace
Hosts.MAC_ADDR +"=" +String.valueOf(mhost.mac_addr),null
with
Hosts.MAC_ADDR +"=?", new String[] { String.valueOf(mhost.mac_addr) }
The String.valueOf is possibly not needed.
I really need your help.
I have problem getting values from database. I have two editTexts and one Button. When I insert dates and press Button my table opens without data. How can I get for my database to read those editText values?
My code:
String val1=minDate.getText().toString();
String val2=maxDate.getText().toString();
Cursor c=database.rawQuery("SELECT * from TABLE WHERE DATE BETWEEN '"+ val1+"' AND '"+ val2+"' ", null);
Please refer to documentation:
http://developer.android.com/guide/topics/data/data-storage.html#db
To avoid SQL injection, never add parameter to query by concatenating values, To create a query please refer to: http://developer.android.com/reference/android/database/sqlite/SQLiteDatabase.html#query%28java.lang.String,%20java.lang.String[],%20java.lang.String,%20java.lang.String[],%20java.lang.String,%20java.lang.String,%20java.lang.String%29
Security tip:
http://developer.android.com/training/articles/security-tips.html#ContentProviders
How date are stored in your table ? Which format ?
When you add parameter to your query format must be the same.
If you want to use BETWEEN key word, date must be stored in this format: year-month-date to be sorted by SQLite.
Update 1
You're right change date format to yyyy-mm-dd
You parameters in your query must have same format, of course.
Put query in variable and log it before, as this:
String query = "SELECT * from TABLE WHERE DATE BETWEEN '"+ val1+"' AND '"+ val2+"' ";
Log.d("MyQuery", query);
Cursor c=database.rawQuery(query, null);
Search in logcat TAG "MyQuery" and post value of query
Now replace your code with below and let me know what you got in Logs
Cursor cursor=database.rawQuery("SELECT * from TABLE WHERE DATE >='"+val1+ "' AND <= '"+val2+ "'", null);
if (cursor.moveToFirst()) {
do {
Log.i("cursor_Data",cursor.getString(cursor.getColumnIndex("Date")));
} while (cursor.moveToNext());
}
If above not work for you then please post your TABLE Structure?
I am using this query to fetch data from sqlite but only one condition is working but not two at same time.
I am also getting some notification that no such column but it exist.
String lquery = "SELECT SUM(totalcalorie) AS LTotal FROM fooditem
WHERE name = ('" + fname + "') AND foodtype = 'Lunch'";
you might be having null values on those places which you are checking while calling..
go through your code again queries seems write.
change totalcalorie to INTEGER type in the database schema
comment says that you are using TEXT
I am trying to get all Inbox Messages using ContentResolver based on message ids stored in another table..
I want to exclude all Inbox SMSs whose message id is not in my custom table(spam_msgids).
What i am doing is (I dont know whether this is correct or not):
Uri uriSms=Uri.parse("content://sms/inbox");
Cursor cursor = context.getContentResolver().query(uriSms, null,"_id NOT IN (SELECT msg_id FROM spam_msgids)",null,null);
But its giving me an error though table is already created ...
Error : 07-19 17:04:16.412: ERROR/DatabaseUtils(141):
android.database.sqlite.SQLiteException: no such table: spam_msgids: , while compiling: SELECT * FROM sms WHERE (type=1) AND (_id NOT IN (SELECT msg_id FROM spam_msgids)) ORDER BY date DESC
Can anyone please tell me where i am going wrong ?
You can fetch all IDs from you database, build a comma separated string and pass it to NOT IN so that it would look like:
Cursor cursor = context.getContentResolver().query(uriSms, null,"_id NOT IN (" + stringOfCommaSeparatedStringOfIDs + ")",null,null);
You are querying from android internal database and surely that database doesn't include spam_msgids