Inappropiate search through sqlite database from android - android

This query seems to work fine:
public Cursor getOneWine(long id) {
return database.query("vino", null, "_id=" + id, null,
null, null, null);
}
But when I try to change "_id"+id to "name="+name it does not work! also tried this:
public Cursor getSearchWine(String name) {
return database.query("vino", new String[] {"_id", "name"}, "name="+name, null,
null, null, "name");
}
which is working well when I want a cursor from all wines.
public Cursor getAllWines() {
return database.query("vino", new String[] {"_id", "name"}, null, null,
null, null, "name");
}
Also checked the Android documentation but didn't find a solution.

In SQL, strings must be quoted:
db.query("vino", new String[] {"_id", "nombre"}, "name='" + name + "'", ...);
However, this will cause problems if the name contains '; it is recommended to use parameters for strings instead:
db.query("vino", new String[] {"_id", "nombre"}, "name=?", new String[] {name}, ...);

Related

How to get all the items in sql using query based on a WHERE clause

I am new to database and I am trying to get all the data from table whose category column is equal to 1. This is my first attempt. Can someone please guide me where I am doing wrong?
public Cursor getAllFamilyMovies()
{
return database.query("movies", new String[] {"_id", "name"},
"category=1", null, null, null, "name");
}
The "whereclause" and "whereargs" need to be separated as shown below:
public Cursor getAllFamilyMovies() {
return database.query("movies", new String[] {"_id", "name"}, "category = ?", new String[] {"1"}, null, null, "name");
}

why rawQuery is working and query isn't working?

I am using query for search but i don't understand why one code is work and another one not work ?!
this is working:
String selectQuery = "SELECT * FROM " + TABLE_Soras
+" WHERE "+KEY_SoraName+" LIKE '%"+soraName+"%'";
Cursor cursor = db.rawQuery(selectQuery,null);
but this isn't get any result:
Cursor cursor = db.query(TABLE_Soras, new String[]{
KEY_SORA_NO, KEY_SoraName}, KEY_SoraName + "=?",
new String[]{soraName}, null, null, null, null);*/
Because in second case % is not appended into value and you didn't add LIKE clause into query. You need to use this:
KEY_SoraName + " like ?", new String[] {"%" +soraName + "%"} ...
Try this
Cursor cursor = db.query(TABLE_QuranSoras, new String[]{
KEY_SORA_NO, KEY_SoraName}, KEY_SoraName+" LIKE '%"+soraName+"%'", null, null, null, null);
Cursor cursor = your_database.query(MY_TABLE, new String[] {"first_column","second_column"},your_column + " LIKE '%"+your_criteria+"%'", null, null, null, null);
Try something like this and it will probably work!

Android SQLite Query Not Working

I'm trying to search data on database based on 2 conditions (entryId=rowId & category=cat_id) like below
Cursor mCursor = db.query(true, "favorite", new String[] {"_id", "entry"}, "entryId="+ rowId + "& category="+cat_id, null, null, null, null, null);
Its not working. But when I try to do it using only one condition like below then it works well.
Cursor mCursor = db.query(true, "favorite", new String[] {"_id", "entry"}, "entryId="+ rowId, null, null, null, null, null);
Can you help me telling how can I run this query with multiple conditions?
In SQLite & is different from AND, simply use:
Cursor mCursor = db.query(true, "favorite", new String[] {"_id", "entry"},
"entryId="+ rowId + " AND category="+cat_id, null, null, null, null, null);
// Change & to AND... here: ^^^

how to add WHERE clause to Query on android

I would like to limit the results to those whose KEY_HOMEID is equal to journalId.
I've been on this for a couple days any help would be appreciated.
public Cursor fetchAllNotes(String journalId)
{
return mDb.query(DATABASE_TABLE, new String[] {KEY_ROWID, KEY_HEIGHT,
KEY_BODY, KEY_HOMEID},"FROM DATABASE_TABLE WHERE KEY_HOMEID = journalId",null, null, null, null,null);
}
Have a look at http://developer.android.com/reference/android/database/sqlite/SQLiteDatabase.html#query
Your query should look a little like this:
mDb.query(DATABASE_TABLE, // Table name
columnNames, // String[] containing your column names
KEY_HOMEID+" = "+jounalId, // your where statement, you do not include the WHERE or the FROM DATABASE_TABLE parts of the query,
null,
null,
null,
null
);
If you feel more comfortable writing sql queries you can also use:
mDb.rawQuery("SQL STATEMENT", null);
It makes your code more clear if you'll use it where arguments (in query parameters)
Example:
String [] settingsProjection = {
DBContract.Settings._ID,
DBContract.Settings.COLUMN_NAME_USER_ID,
DBContract.Settings.COLUMN_NAME_AUTO_LOGIN
};
String whereClause = DBContract.Settings.COLUMN_NAME_USER_ID+"=?";
String [] whereArgs = {userId.toString()};
Cursor c = db.query(
DBContract.Settings.TABLE_NAME,
settingsProjection,
whereClause,
whereArgs,
null,
null,
null
);
I was looking for an answer to my problem here as well.
It turned out that I tried to have a String instead of an Integer. My solution was to do it like that: 'String' instead of Integer.
Here is the code that worked for me in the end:
return db.query(TABLE_NAME_REMINDER, PROJECTION, REMINDER_REMINDER_TYPE+" = '"+rem_type+"'", null, null, null, null);

data type mismatch error when using ORDER BY

I've got an android app using a local sqlite database.
private SQLiteDatabase mDb;
when I run this query I get my Cursor over rows with pid equal to id, as desired:
mDb.query(true, PT_TABLE, new String[] {KEY_PID, KEY_TID},
KEY_PID+" = "+id, null, null, null, null, null);
when I run the following query, aiming to get that same result set, ordered by pid I get "android.database.sqlite.SQLiteException: datatype mismatch"
mDb.query(true, PT_TABLE, new String[] {KEY_PID, KEY_TID},
KEY_PID+" = "+id, null, null, null, null, KEY_PID+" DESC");
Any ideas?
It looks like you got just a little mixed up. According to the SQLiteDatabase.query documentation, the last argument is the LIMIT clause. The second to last is the ORDER BY clause.
Cursor query (boolean distinct,
String table,
String[] columns,
String selection,
String[] selectionArgs,
String groupBy,
String having,
String orderBy, // <-- ORDER BY
String limit)
EDIT
But, there is also another SQLiteDatabase.query where ORDER BY would be last
Cursor query (String table,
String[] columns,
String selection,
String[] selectionArgs,
String groupBy,
String having,
String orderBy)
This worked for me
String filter = MySQLiteHelper.JOB_ID + "=" + Integer.toString(jobID);
String orderBy = MySQLiteHelper.LOG_TIME + " DESC";
Cursor cursor = database.query(MySQLiteHelper.LOG_TABLE_NAME, logTableColumns,
filter, null, null, null, orderBy);
KEY_PID + " = " + "'" + id + "'"
Since Orderby is the second last parameter in the query;
your query would be like this
mDb.query(true, PT_TABLE, new String[] {KEY_PID, KEY_TID},
KEY_PID+" = "+id, null, null, null, KEY_PID+" DESC", null);
If I correctly understood your problem, try this.
String[] columns = new String[] {KEY_PID, KEY_TID};
String where = KEY_PID + " = " + Integer.toString(id);
String orderBy = KEY_PID + " DESC";
Cursor cursor = mDb.query(PT_TABLE, columns, where, null, null, null, orderBy);

Categories

Resources