问题描述

I am working with sqlite in Android. In the query from below I want to use two columns, 'col_4' and 'col_3'. I tried to use the 'AND' operator but it got an error code[1].
For the following query, can someone tell me how to add 'AND'operator:
 public boolean checkIfRecordExist(String TABLE_NAME,String
                              COL_4,String COL_3,String pss,String chek)
                        {
                try
             {
             SQLiteDatabase db=this.getReadableDatabase();
             Cursor cursor=db.rawQuery("SELECT "+COL_4+" FROM "+TABLE_NAME+"
                     WHERE "+COL_4+"='"+chek+"'",null);

What I have tried:

I tried most and search google but did'nt get any thing else

推荐答案

"SELECT " + COL_3 + ", " + COL_4 + " FROM " + TABLE_NAME WHERE " + COL_4 + " = '" + chek + "'"

或

Or

"SELECT " + COL_4 + " FROM " + TABLE_NAME WHERE " + COL_4 + " = '" + chek + "' AND " + COL_3 + " = '" + chek + "'"

但是你应该永远不会连接字符串以形成SQL命令：它会让您进行广泛的操作SQL注入攻击，这可能会破坏或破坏您的数据库。请改用Parameterised查询。

But you should never concatenate strings to form SQL commands: it leaves you wide op[en to SQL Injection attacks which can damage or destroy your database. Use a Parameterised query instead.

这篇关于如何在android数据库中使用'和'运算符的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！