android.database.sqlite。SQLiteException:没有这样的列

when i execute this query i get 'android.database.sqlite.SQLiteException: no such column' what is the error?

当我执行这个查询时，我得到“android.database.sqlite”。SQLiteException:不存在“什么错误?”

    public Cursor Getupdate(String rid) throws SQLException 
        {

Cursor m1Cursor = db.rawQuery("SELECT _id FROM  Meeting   where meet="+rid , null);
    if (m1Cursor != null) {           
        if(m1Cursor.getCount() > 0)
        {

             m1Cursor.moveToFirst();
        }
    }
 return m1Cursor;
}

logcat

logcat

05-28 01:22:27.999: E/AndroidRuntime(1411): FATAL EXCEPTION: main
05-28 01:22:27.999: E/AndroidRuntime(1411): android.database.sqlite.SQLiteException: no such column: ttyuhomk: , while compiling: SELECT _id FROM  Meeting where meet=rage

4 个解决方案

#1

For string data type always use quotes like this '"+rid+"'" since rid is String you get error.

对于字符串数据类型，总是使用这样的引号“”+rid+“”，因为rid是字符串，所以会出现错误。

You should use +rid only if rid is int.

只有当rid是int类型时，才应该使用+rid。

#2

you need to use apostrophe(') in Where clause checking.. like

你需要在Where子句检查中使用撇号。就像

db.rawQuery("SELECT _id FROM  Meeting   where meet='"+rid+"'" , null);

#3

You can also use like this.

你也可以这样使用。

db.rawQuery("SELECT _id FROM  Meeting   where meet=?" ,
            new String [] {rid});

This will also solve for SQL injection problem.

这也将解决SQL注入问题。

#4

Or, better yet, use a PreparedStatement and bind your variables. It'll escape strings and dates properly for you. It'll also help with SQL injection problems.

或者，更好的是，使用PreparedStatement并绑定变量。它会为你正确地逃脱字符串和日期。它还有助于解决SQL注入问题。

Are there still people who don't know about this?

还有人不知道吗?

#1