CODEWITHSUNDEEP
androidstack-trace
CuriousCoder
CuriousCoder

Reputation: 1600

Android SQLite Problem

I am just trying to add data to the database and retrieve it.

This is how i create the database table:

    private static final String DATABASE_CREATE =
    "create table titles (_id integer primary key autoincrement, "
    + "isbn text not null, title text not null, " 
    + "publisher text not null);";

    db.execSQL(DATABASE_CREATE);

I am adding data using the following function:

public long insertTitle(String isbn, String title, String publisher) 
{
    ContentValues initialValues = new ContentValues();
    initialValues.put(KEY_ISBN, isbn);
    initialValues.put(KEY_TITLE, title);
    initialValues.put(KEY_PUBLISHER, publisher);
    return db.insert(DATABASE_TABLE, null, initialValues);
}

To retrieve all data, i use the following function:

public Cursor getAllTitles() 
{
    return db.query(DATABASE_TABLE, new String[] {
            KEY_ROWID, 
            KEY_ISBN,
            KEY_TITLE,
            KEY_PUBLISHER}, 
            null, 
            null, 
            null, 
            null, 
            null);
}

And this works perfectly. However, if i try to retrieve a row given the value for "title" column, i get the error. The code that i use for this is :

public Cursor getTitle(String rowId) throws SQLException 
{
    Cursor mCursor =
            db.query(true, DATABASE_TABLE, new String[] {
                    KEY_PUBLISHER
                    }, 
                    KEY_TITLE + "=" + rowId, 
                    null,
                    null, 
                    null, 
                    null, 
                    null);
    if (mCursor != null) {
        mCursor.moveToFirst();
    }
    return mCursor;
}

The error that i am getting in the logcat is:

SQLiteException:no such column verizon: while compiling: select DISTINCT publisher from titles where title=verizon;

Upvotes: 0

Views: 163

Answers (2)

Mikecito
Mikecito

Reputation: 2063

Change this :

KEY_TITLE + "=" + rowId,

to this:

KEY_TITLE + "='" + rowId + "'",

However, unless you're escaping the rowId, you could be subject to sql injection (depending on where you're getting the rowId from.)

Upvotes: 1

JerryKur
JerryKur

Reputation: 7519

Just looking at the error message makes me wonder if there were supposed to be quotes around verizon.

Upvotes: 1

Related Questions