Jay*_*ayu 1 sqlite android cordova
我正在尝试使用Phonegap将数据插入SQLite.
它的工作正常,硬编码如下
tx.executeSql('DROP TABLE IF EXISTS DEMO');
tx.executeSql('DROP TABLE IF EXISTS DEMO');
tx.executeSql('CREATE TABLE IF NOT EXISTS DEMO (id unique, data)');
tx.executeSql('INSERT INTO DEMO (id, data) VALUES (1, "First row")');
tx.executeSql('INSERT INTO DEMO (id, data) VALUES (2, "Second row")');
但是当我尝试从表单中插入动态值时,如下所示
var third = $('#data').val();
alert(third);
tx.executeSql('INSERT INTO DEMO (id, data) VALUES (3,'+ third +')');
我在logcat中得到一个异常,如下所示
04-18 12:20:51.011: I/SqliteDatabaseCpp(7352): sqlite returned: error code = 1, msg = no such column: test, db=/data/data/com.eyepax.phonegap/databases/webview.db
我迷路了,无法弄清楚这个问题.有人可以帮帮我吗.
完整的js文件如下
function onDeviceReadyStorage() {
var db = window.openDatabase("Database", "1.0", "Cordova Demo", 200000);
db.transaction(populateDB, errorCB, successCB);
}
function populateDB(tx) {
tx.executeSql('DROP TABLE IF EXISTS DEMO');
tx.executeSql('CREATE TABLE IF NOT EXISTS DEMO (id unique, data)');
tx.executeSql('INSERT INTO DEMO (id, data) VALUES (1, "First row")');
tx.executeSql('INSERT INTO DEMO (id, data) VALUES (2, "Second row")');
var third = $('#data').val();
alert(third);
tx.executeSql('INSERT INTO DEMO (id, data) VALUES (3,'+ third +')');
}
function errorCB(err) {
alert("Error processing SQL: "+err.code);
}
function successCB() {
alert("success!");
alert("now query...");
var db = window.openDatabase("Database", "1.0", "Cordova Demo", 200000);
db.transaction(queryDB, errorCB);
}
function queryDB(tx) {
tx.executeSql('SELECT * FROM DEMO', [], querySuccess, errorCB);
// alert("came to query");
}
function querySuccess(tx, results) {
//alert("Query sucess");
// this will be empty since no rows were inserted.
console.log("Insert ID = " + results.rows.item(0).data);
// this will be 0 since it is a select statement
console.log("Rows Affected = " + results.rowsAffected);
// the number of rows returned by the select statement
console.log("Insert ID = " + results.rows.length);
var htmlString = "<ul>";
for(var i = 0; i<results.rows.length; i++){
console.log("Result from DB = " + results.rows.item(i).data);
htmlString = htmlString + "<LI>"+ results.rows.item(i).data +"</LI>"
}
htmlString = htmlString + "</UL>";
$('#myDBData').html(htmlString);
}
尝试添加"变量之前和之后.像这样:
tx.executeSql('INSERT INTO DEMO (id, data) VALUES (3,"'+ third +'")');
编辑:
请参阅下面的评论.要避免SQL注入漏洞,请按照答案使用?占位符而不是直接附加值.
| 归档时间: |
|
| 查看次数: |
4265 次 |
| 最近记录: |