Android 使用buildString方法而不是params字符串数组进行SQLite查询
我以前试过这种说法:Android 使用buildString方法而不是params字符串数组进行SQLite查询,android,sqlite,android-sqlite,Android,Sqlite,Android Sqlite,我以前试过这种说法: public Cursor searchForSchools(String[] args) throws SQLException { String myQuery = "SELECT skola._id, skola.naziv, skola.privatna, skola.adresa, opstina.naziv, skola.broj_ucenika, skola.telefon, skola.web, oblast.naziv " +
public Cursor searchForSchools(String[] args) throws SQLException {
String myQuery = "SELECT skola._id, skola.naziv, skola.privatna, skola.adresa, opstina.naziv, skola.broj_ucenika, skola.telefon, skola.web, oblast.naziv " +
"FROM skola JOIN opstina ON skola.id_opstina = opstina._id " +
"JOIN profil ON skola.id_tip = profil._id " +
"JOIN oblast_m ON profil._id = oblast_m.id_profil " +
"JOIN oblast ON oblast_m.id_oblast = oblast._id ";
return database.rawQuery(myQuery + "WHERE skola.naziv LIKE \"%?%\" AND opstina.naziv = ? AND skola.broj_ucenika ? AND skola.oblasti LIKE \"%?%\" AND skola.privatna ?", args);
但由于SQL语法错误,这不起作用
现在,我尝试用以下方法构建该子句的第二部分:
public Cursor searchForSchools(String[] args) throws SQLException {
String myQuery = "SELECT skola._id, skola.naziv, skola.privatna, skola.adresa, opstina.naziv, skola.broj_ucenika, skola.telefon, skola.web, oblast.naziv " +
"FROM skola JOIN opstina ON skola.id_opstina = opstina._id " +
"JOIN profil ON skola.id_tip = profil._id " +
"JOIN oblast_m ON profil._id = oblast_m.id_profil " +
"JOIN oblast ON oblast_m.id_oblast = oblast._id ";
return database.rawQuery(myQuery + buildQueryString(args), null);
}
private String buildQueryString(String[] args) {
String buildString="WHERE";
if(args[0]!="*")
buildString += " skola.naziv LIKE %\"" + args[0] + "\" AND";
if(args[1]!="*")
buildString += " opstina.naziv = \"" + args[1] + "\" AND";
if(args[2]!="*")
buildString += " skola.broj_ucenika " + args[2] + "\" AND";
if(args[3]!="*")
buildString += " oblast.naziv LIKE %\"" + args[3] + "\" AND";
buildString += " skola.privatna " + args[4];
return buildString;
}
问题是,有时args数组包含“”(星号),表示查询与该列不相关(即,任何值都是可接受的),但是在第一个调用方法中,该方法会导致类似“WHERE opstina.naziv=””的子句,该子句返回错误
因此,让我解释一下我的目标-我想创建一个动态SQL语句,它可以处理从返回所有数据(当args[]={'','','','','','','',})到最复杂的情况(当每个args字符串的值不同于“”)的所有情况。提前感谢…使用
args[]={filter1,hasfilter1,filter2,hasfilter2,…}
和查询字符串,如“(filter1-like?或0=?)和(filter2=?或0=?)和…
。。。(hasfilterN有0或1个值)如果您将0放入hasfilterN,则此筛选器是安全网,谢谢您的建议:D