problem with sql query, variable value not inserting itself

the old query works, the new on doesnt. the android logcat gives me error as: Failure 1: no such column abcname. abcname is the value of a editview that im trying to get from a popup in android.

i know that the first query will insert those values in the fields, as they are given in single inverted commas. the same query, i typed in the adb shell, works. so i copied the query, and just removed the data corresponding to the field names, and inserted the variable names. on trying to run, i get the above said error.

OLD QUERY:

MapsActivity.myDB.execSQL("INSERT INTO "
    +MapsActivity.TableName
    + " (name, user_comment, latitude, longitude) "
    + " VALUES ('tagName','tagComment','tagLatitude','tagLongitude');");

NEW QUERY:

MapsActivity.myDB.execSQL("INSERT INTO "
    +MapsActivity.TableName
    + " (name, user_comment, latitude, longitu开发者_Go百科de) "
    + " VALUES ("+tagName +",'tagComment','tagLatitude','tagLongitude');");

what is the problem?

If tagName has, e.g., the value "abc", your query will expand to ... VALUE (abc,'tagComment',.... It's missing the single quotes.

Building SQL like this give bad karma. Use SQLite's parameter-binding mechanism instead.

I recommend creating a simple active record db implementation. here is a great tutorial for a simple sqlite active record for android. This adds some extra time up front but saves you time while you develop.

wrap your double quotes with single quotes?

...('"+tagName +"',....