Sqlite: How to insert variable into string in prepared statement
I'm using a Java wrapper for accessing Sqlite but I assume this is a general Sqlite question.
String stmt = "SELECT foo FROM bah WHERE foo='%/?/%';
PreparedStatement a = myConn.prepareStatement(stmt);
a.setString(1, "hello");
a.executeQuery();
... throws an exception - it doesn't like the ? being inside quotes. Everything is fine if I do
...WHERE foo=?
but this isn't the statement I want.
How 开发者_JS百科can I insert a variable into such a prepared statement? If you forget about the fact I'm using Sqlite, how is this is done using other database technologies?
No database I've encountered will let you put a parameter inside a string literal. If this was supported, then you'd have to escape every ?
character in a string that wasn't a parameter.
You can, however, use string concatenation to support what you are after:
SELECT foo FROM bah WHERE foo = '%/' || ? || '/%'
You can add the wildcard when setting the value:
String stmt = "SELECT foo FROM bah WHERE foo= ?"
PreparedStatement a = myConn.prepareStatement(stmt);
a.setString(1, "%hello%");
精彩评论