Fatal编程技术网
  • android/
  • Android 转义引号时发生SQL语法错误

Android 转义引号时发生SQL语法错误

android sqlite

Android 转义引号时发生SQL语法错误,android,sqlite,escaping,Android,Sqlite,Escaping,好的,我正在为我的同学们构建一个应用程序,该应用程序从我的在线mysql数据库获取程序,并将其存储在本地sqlite数据库中 但它给了我一个错误,我尝试转义双引号和单引号以及验证我的查询,但我的应用程序仍然崩溃,并给我一个错误 现在代码是用“c”语言编写的,因此包含switch case语句,当switch case语句中出现单引号时,问题就出现了 用于转义引号的代码: public static void fromJSON(JSONArray jsonArray){ try {

好的,我正在为我的同学们构建一个应用程序,该应用程序从我的在线mysql数据库获取程序,并将其存储在本地sqlite数据库中

但它给了我一个错误,我尝试转义双引号和单引号以及验证我的查询,但我的应用程序仍然崩溃,并给我一个错误

现在代码是用“c”语言编写的,因此包含switch case语句,当switch case语句中出现单引号时,问题就出现了

用于转义引号的代码:

public static void fromJSON(JSONArray jsonArray){

    try {
        String code;
        SplashScreen.titles.clear();
        SplashScreen.codes.clear();
        int length = jsonArray.length();
        for (int i = 0; i < length; i++) {

            SplashScreen.titles.add(jsonArray.getJSONObject(i).getString("title"));
            code = jsonArray.getJSONObject(i).getString("code");
            code = code.replaceAll("\'","\\\\\'");
            code = code.replaceAll("\"","\\\\\"");
            SplashScreen.codes.add(code);

        }
    }catch (Exception e)
    {
        Log.d("Practice", e.toString());
    }

}

publicstaticvoidfromJSON(JSONArray-JSONArray){
试一试{
字符串代码;
SplashScreen.titles.clear();
SplashScreen.code.clear();
int length=jsonArray.length();
for(int i=0;i
SQLite语句是:

public void updateDatabaseWithUpdate(String tableName)
{
    SQLiteDatabase SPADatabase = this.openOrCreateDatabase("myDatabase", MODE_PRIVATE, null);

    Log.d("getUpdateData", "Updating database : "+tableName);

    //SPADatabase.execSQL("DELETE FROM "+tableName);

    for(int i = 0; i<titles.size(); i++) {
        Log.d("trialanderror", codes.get(i));
        SPADatabase.execSQL("INSERT INTO " + tableName + " (title,code) VALUES ('" + titles.get(i) + "','" + codes.get(i) + "')");
    }

    //Toast.makeText(this, tableName+" Database updated!", Toast.LENGTH_SHORT).show();

    setLocalCounts();

    //Log.d("dbCount", tableName+" dbCount = "+dbCount);


}

public void updateDatabaseWithUpdate(字符串tableName)
{
SQLiteDatabase spadabase=this.openOrCreateDatabase(“myDatabase”,MODE_PRIVATE,null);
Log.d(“getUpdateData”,“更新数据库:“+tableName”);
//execSQL(“从”+tableName中删除”);

for(inti=0;iSQL不是C,并且不使用C转义规则

在SQL字符串中,双引号不能转义,单引号必须加倍

但是,为了避免此类格式问题,最好使用参数(这些值根本不需要转义):


或者通过使用来避免编写SQL命令。
SQL不是C,并且不使用C转义规则

在SQL字符串中,双引号不能转义,单引号必须加倍

但是,为了避免此类格式问题,最好使用参数(这些值根本不需要转义):

或者通过使用

07-26 21:58:08.448 8919-8919/com.femindharamshi.spa E/SQLiteLog: (1) near "c": syntax error
07-26 21:58:08.449 8919-8919/com.femindharamshi.spa D/AndroidRuntime: Shutting down VM
07-26 21:58:08.450 8919-8919/com.femindharamshi.spa E/AndroidRuntime: FATAL EXCEPTION: main
    Process: com.femindharamshi.spa, PID: 8919
    android.database.sqlite.SQLiteException: near "c": syntax error (code 1): , while compiling: INSERT INTO controlstructures (title,code) VALUES ('WAP to perform Math Operators on a menu based program','#include<conio.h>
    #include<stdio.h>
    #include<math.h>
    void main()
    {
        double x;
        char M;
        clrscr();
        printf(\"Enter Value of X :\");
        scanf(\"%lf\", &x);
        printf(\"Enter your choice : \n\");
        printf(\"c or C for ceil\nf or F for floor\ne or E for exp\ns or S for sqrt \nl or L fir log\na or A for fabs : \n\");
        scanf(\"%s\", &M);

        switch(M)
        {
          case \'c\':
          case \'C\':printf(\"Ceil = %lf\", ceil(x));
                      break;

          case \'f\':
          case \'F\':printf(\"Floor = %f\", floor(x));
                      break;

          case \'e\':
          case \'E\':printf(\"Exp = %lf\", exp(x));
                      break;

          case \'s\':
          case \'S\':printf(\"Sqrt = %lf\", sqrt(x));
                      break;

          case \'l\':
          case \'L\':printf(\"Log = %lf\", log(x));
                      break;

          case \'a\':
          case \'A\':printf(\"fabs(x) = \", fabs(x));
                      break;
          default: printf(\"INVALID INPUT\");

        }



        getch();
    }')
        at android.database.sqlite.SQLiteConnection.nativePrepareStatement(Native Method)
        at android.database.sqlite.SQLiteConnection.acquirePreparedStatement(SQLiteConnection.java:889)
        at android.database.sqlite.SQLiteConnection.prepare(SQLiteConnection.java:500)
        at android.database.sqlite.SQLiteSession.prepare(SQLiteSession.java:588)
        at android.database.sqlite.SQLiteProgram.(SQLiteProgram.java:58)
        at android.database.sqlite.SQLiteStatement.(SQLiteStatement.java:31)
        at android.database.sqlite.SQLiteDatabase.executeSql(SQLiteDatabase.java:1677)
        at android.database.sqlite.SQLiteDatabase.execSQL(SQLiteDatabase.java:1608)
        at com.femindharamshi.spa.SplashScreen.updateDatabaseWithUpdate(SplashScreen.java:495)
        at com.femindharamshi.spa.SplashScreen$5.onSuccess(SplashScreen.java:473)
        at com.loopj.android.http.JsonHttpResponseHandler$1$1.run(JsonHttpResponseHandler.java:154)
        at android.os.Handler.handleCallback(Handler.java:789)
        at android.os.Handler.dispatchMessage(Handler.java:98)
        at android.os.Looper.loop(Looper.java:164)
        at android.app.ActivityThread.main(ActivityThread.java:6541)
        at java.lang.reflect.Method.invoke(Native Method)
        at com.android.internal.os.Zygote$MethodAndArgsCaller.run(Zygote.java:240)
        at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:767)

SPADatabase.execSQL("INSERT INTO " + tableName + " (title,code) VALUES (?,?)",
                    new Object[]{ titles.get(i), codes.get(i) });