Matching Cursor Results to EditText Input

Question

messing around with Android Studio, not used it much, so a lot of the basic features I'm still trying to get my head around.

I've made a local database to store users' registering information, got it working no problem. Got an ID/Name/Email/Password fields.

Now I'm trying to sort out the login function, which is where I'm struggling, since it's my first time using cursors. Simply it needs to cycle through the Email and Password fields, find a match and log the user in. Here's what I currently have in my DatabaseHelperClass for it;

public boolean passwordOk(String Editemail, String Editpassword) {
        SQLiteDatabase db = this.getReadableDatabase();
        Cursor res =  db.rawQuery( "select * from " +  TABLE_NAME + " where " + COL_3 + "="+ Editemail + " and " + COL_4 + "=" + Editpassword + "'", null );

        return (res.getCount() == 1);

    }

And here's what I have in my MainActivity to use it;

 public void passwordOK(){

        loginB.setOnClickListener(
                new View.OnClickListener() {
                    public void onClick(View v) {
                   boolean isInsert = myD.passwordOk(editEmail.getText().toString(), editPassword.getText().toString());
                        if (isInsert == true)
                            Toast.makeText(MainActivity.this, "You Have Successfully Logged in", Toast.LENGTH_LONG).show();
                 else  Toast.makeText(MainActivity.this, "Oops! Try Again", Toast.LENGTH_LONG).show();



                    }
                }
        );
    }

Here's the errors it's throwing at me, it closes the application.

03-31 16:11:37.351 26018-26018/com.example.onein.jobgosite E/AndroidRuntime: FATAL EXCEPTION: main Process: com.example.onein.jobgosite, PID: 26018 android.database.sqlite.SQLiteException: unrecognized token: "'" (code 1): , while compiling: select * from user_Info where EMAIL=do and PASSWORD=doh' at android.database.sqlite.SQLiteConnection.nativePrepareStatement(Native Method) at android.database.sqlite.SQLiteConnection.acquirePreparedStatement(SQLiteConnection.java:887) at android.database.sqlite.SQLiteConnection.prepare(SQLiteConnection.java:498) at android.database.sqlite.SQLiteSession.prepare(SQLiteSession.java:588) at android.database.sqlite.SQLiteProgram.(SQLiteProgram.java:58) at android.database.sqlite.SQLiteQuery.(SQLiteQuery.java:37) at android.database.sqlite.SQLiteDirectCursorDriver.query(SQLiteDirectCursorDriver.java:44) at android.database.sqlite.SQLiteDatabase.rawQueryWithFactory(SQLiteDatabase.java:1316) at android.database.sqlite.SQLiteDatabase.rawQuery(SQLiteDatabase.java:1255) at com.example.onein.jobgosite.DatabaseHelperClass.passwordOk(DatabaseHelperClass.java:62) at com.example.onein.jobgosite.MainActivity$2.onClick(MainActivity.java:67) at android.view.View.performClick(View.java:5198) at android.view.View$PerformClick.run(View.java:21147) at android.os.Handler.handleCallback(Handler.java:739) at android.os.Handler.dispatchMessage(Handler.java:95) at android.os.Looper.loop(Looper.java:148) at android.app.ActivityThread.main(ActivityThread.java:5417) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)

All help appreciated, it's probably something stupid and something simple to make it work, but for some reason I'm struggling visualising how cursors work and how to get it working. Thanks!

Answer 1

Use this character ' in your parameters, something like this:

Cursor res = db.rawQuery( "SELECT * from " + "\'"+TABLE_NAME+"\'"+ " where " + "\'"+COL_3+"\'" + "="+"\'"+ Editemail +"\'"+ " and " +"\'"+ COL_4 +"\'"+ "=" + "\'"+Editpassword +"\'"+ "", null );

But a better practice is to use the ? operand.

I realized you check for this:

res.getCount() == 1

change this to:

res != null

also, there is an extra character here "'", should be like this:

Editpassword + ""