我在SQLite数据库上使用execSQL.sql INSERT strnig是
INSERT INTO Tasks
(_id, Aircraft, Station, Discrepancy,DateCreated, CreatedBy, Status, DateClosed, ClosedBy, ArrivalFlightID, RecordChangedByUI)
VALUES
('271104',' ','ORD','Critical Flight (0496/28)','9/4/2011 6:57:00 PM','SYSTEM','NEW','','null','0','N')
表是
"create table Tasks
(_id integer primary key, "
+ "Aircraft text null, Station text null, Discrepancy text null, DateCreated text null, CreatedBy text null, Status text null, DateClosed text, ClosedBy text null, ArrivalFlightID text null, RecordChangedByUI text null);";
它抛出异常"Empty bindArgs"
谁能告诉我哪里出错了?
Seb*_*wak 11
您不能将null作为第二个参数传递.如果你没有使用它,只需忽略它就可以了:
String sql = "INSERT INTO Tasks (_id, Aircraft, Station, Discrepancy,DateCreated, CreatedBy, Status, DateClosed, ClosedBy, ArrivalFlightID, RecordChangedByUI) " VALUES ('" + tasks[i]._id + "','" + tasks[i].Aircraft + "','" + tasks[i].Station + "','" + tasks[i].Discrepancy + "','" + tasks[i].DateCreated + "','" + tasks[i].CreatedBy + "','" + tasks[i].Status + "','" + tasks[i].DateClosed + "','" + tasks[i].ClosedBy + "','" + tasks[i].ArrivalFlightID + "','N')";
this.database.execSQL(sql);
但是,上面的示例很容易受到攻击 - 可以轻松注入SQL查询.传递给查询的所有字符串都应该通过转义进行转义DatabaseUtils.sqlEscapeString(task[i].something).
尝试执行database.insert或insertOrThrow.它需要将每个字段显式添加到ContentValues对象,但它更加整洁.
ContentValues insertValues = new ContentValues();
insertValues.put("_id", tasks[i]._id);
... // other fields
long rowId = this.database.insert(DATABASE_TABLE, null, insertValues);