微信公众号搜"智元新知"关注
微信扫一扫可直接关注哦!

Android SQLiteException:绑定或列索引超出范围问题

如何解决Android SQLiteException:绑定或列索引超出范围问题

| 在android中,我正在使用以下语句。
model = dataHelper.rawQuery(\"SELECT _id,engword,lower(engword) as letter FROM word WHERE letter >= \'a\' AND letter < \'{\' AND engword LIKE \'%\" + filterText + \"%\'\",new String[ {\"_id\",\"engword\",\"lower(engword) as letter\"});
android.database.sqlite.sqliteException: bind or column index out of range: handle 0x132330
我的代码有什么问题?

解决方法

正确的声明是:
model = dataHelper.rawQuery(\"
    SELECT _id,engword,lower(engword) as letter
    FROM word W
    HERE letter >= \'a\'
    AND letter < \'{\'
    AND engword LIKE ? ORDER BY engword ASC
    \",new String[] {\"%\" + filterText + \"%\"}
);
,您提供了3个参数,但查询中没有“ 3”。将null而不是字符串数组作为第二个参数传递给
rawQuery
,或将所选字符串中的select5ѭ,
engword
lower(engword) as letter
替换为
?
1)
model = dataHelper.rawQuery(\"SELECT ?,?,? FROM word WHERE letter >= \'a\' AND letter < \'{\' AND engword LIKE \'%\" + filterText + \"%\'\",new String[] {\"_id\",\"engword\",\"lower(engword) as letter\"});
2)
model = dataHelper.rawQuery(\"SELECT _id,lower(engword) as letter FROM word WHERE letter >= \'a\' AND letter < \'{\' AND engword LIKE \'%\" + filterText + \"%\'\",null);
编辑: 正如@Ewoks指出的那样,选项(1)是不正确的,因为准备好的语句只能在WHERE子句中获取参数(?s)。,如果有人像我一样尝试(并失败)使它与
getContentResolver().query
一起工作,那么我将如何管理它: *由于@CL和@Wolfram Rittmeyer的评论而更新,因为他们说这与rawQuery相同* 正确方法:
  public static String SELECTION_LIKE_EMP_NAME = Columns.EMPLOYEE_NAME
            + \" like ?\";            

  Cursor c = context.getContentResolver().query(contentUri,PROJECTION,SELECTION_LIKE_EMP_NAME,new String[] { \"%\" + query + \"%\" },null);
先前对SQL注入攻击开放的答案:
public static String SELECTION_LIKE_EMP_NAME = Columns.EMPLOYEE_NAME
            + \" like \'%?%\'\";

String selection = SELECTION_LIKE_EMP_NAME.replace(\"?\",query);

Cursor c = context.getContentResolver().query(contentUri,selection,null,null);

版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。