开发者

Unable to use SELECT in a RAWQUERY

I am new to android programming, I am doing a simple SELECT with a rawquery and it is giving me an error...

Here's my code

public Cursor getSubCategory(int categoryID){

    String select = "SELECT subcategory_name FROM subcategory WHERE id_category = " + categoryID;
    return mDb.rawQuery(select, null);      
    }

As you can see the id_category is an Integer

开发者_如何学运维

If anyone has ideas it would be great


Your not using the API to its full advantage there you should use

String select = "SELECT subcategory_name FROM subcategory WHERE id_category = ?"

and then pass in the categoryID to the second argument like

...
String[] arguments = { categoryID.toString() }
return mDb.rawQuery(select, arguments);
...

This should remove SQL injection risks as you are using parameters (the "?").

Apart from that we will need more details about the error to help you further

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜