Android sqlite 登录错误 activity
Android sqlite error for login activity
当用户登录时,应用程序似乎崩溃了,然后又工作了。 LogCat 上出现错误:
Caused by: android.database.sqlite.SQLiteException: no such column: cliff (code 1): , while compiling: SELECT DISTINCT _id, name, password FROM Users WHERE name=cliff
为什么它会抛出一个错误但又能正常工作?谁能看到我的问题。下面是我的代码...
public class DBAdapter {
static final String KEY_ROWID = "_id";
static final String KEY_USERNAME = "name";
static final String KEY_PASSWORD = "password";
static final String KEY_CARDNUM = "cardnum";
static final String KEY_CARDNAME = "cardname";
static final String TAG = "DBAdapter";
static final String DATABASE_NAME = "CPDB";
static final String DATABASE_TABLE = "Users";
static final String DATABASE_TABLEC = "Cards";
static final int DATABASE_VERSION = 1;
static final String DATABASE_CREATE =
"create table Users (_id integer primary key autoincrement, " + "name text not null, password text not null, cardnum integer not null, cardname text not null);";
final Context context;
DatabaseHelper DBHelper;
SQLiteDatabase db;
public DBAdapter (Context ctx){
this.context = ctx;
DBHelper = new DatabaseHelper(context);
}
private static class DatabaseHelper extends SQLiteOpenHelper
{
DatabaseHelper(Context context){
super (context, DATABASE_NAME, null, DATABASE_VERSION);
}
@Override
public void onCreate(SQLiteDatabase db){
try{
db.execSQL(DATABASE_CREATE);
} catch (SQLException e) {
e.printStackTrace();
}
}
@Override
public void onUpgrade(SQLiteDatabase db, int oldVersion, int newVersion) {
Log.w(TAG, "Upgrading database from version" + oldVersion + "to" + newVersion + "which will destroy all old data");
db.execSQL("DROP TABLE IF EXISTS Users");
onCreate (db);
}
}
//--opens the DB--
public DBAdapter open() throws SQLException
{
db= DBHelper.getWritableDatabase();
return this;
}
//--close the DB--
public void close()
{
DBHelper.close();
}
//--retrieves chosen user--
public Cursor checkUser(String username) throws SQLException{
Cursor mCursor =
db.query(true, DATABASE_TABLE, new String[] {KEY_ROWID, KEY_USERNAME, KEY_PASSWORD}, KEY_USERNAME + "=" + username, null, null, null, null,null);
if (mCursor != null) {
mCursor.moveToFirst();
}
return mCursor;
}
}
然后进行登录javaclass......
public class login extends Activity {
Button btn1,btn2;
@Override
public void onCreate (Bundle savedInstanceState) {
/* Called when the activity is first created*/
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_login);
btn1 = (Button)findViewById(R.id.bttn_signup);
btn2 = (Button)findViewById(R.id.bttn_signin);
}
public void onClick(View view){
if(view.getId() == R.id.bttn_signup) {
startActivity(new Intent("com.cardpocket.cardpocket.signup"));
}
if(view.getId() == R.id.bttn_signin) {
EditText email = (EditText) findViewById(R.id.tf_email);
EditText pass = (EditText) findViewById(R.id.tf_password);
String username = email.getText().toString();
String password = pass.getText().toString();
DBAdapter db = new DBAdapter(this);
db.open();
Cursor c = db.checkUser(username);
//set someUsers as a list
ArrayList<String> theUser = new ArrayList<>();
if (c.moveToFirst()) {
do {
String aUser = c.getString(c.getColumnIndex("password"));
theUser.add(aUser);
} while (c.moveToNext());
}
if (theUser.contains(password)) {
startActivity(new Intent("com.cardpocket.cardpocket.mainactivity"));
/*
//set the value and pass to the mainactivity
Intent i = new Intent(this, mainactivity.class);
i.putExtra("username", username);
startActivity(i);}*/
} else {
//do something else
Toast.makeText(this, "No contact found", Toast.LENGTH_LONG).show();
}
}
}
提前谢谢你。 :)
您容易受到 SQL injection attacks 的影响,忘记引用您的价值观:
SELECT DISTINCT _id, name, password FROM Users WHERE name='cliff'
^-----^---
没有引号,cliff 被视为不存在的 field/table 名称。带引号的 'cliff' 是字符串文字。
错误很明显:"cliff" 列不存在...
您必须在 SQL 请求
中的 cliff 周围加上引号
db.query(true, DATABASE_TABLE, new String[] {KEY_ROWID, KEY_USERNAME, KEY_PASSWORD}, KEY_USERNAME + "= '" + username + "'", null, null, null, null,null);
此外,我建议您使用准备好的 SQL 查询,这样:
String selection = "KEY_USERNAME = ?";
String[] selectionArgs = { username };
String[] columns = {KEY_ROWID, KEY_USERNAME, KEY_PASSWORD};
Cursor cursor = db.query(true, DATABASE_TABLE, columns, selection, selectionArgs , null, null, null,null);
它会为您添加引号,确保您的请求更安全。
您必须使用(引号)'cliff' 而不是悬崖。如果没有引号,它将被 sqlite 识别为列,并且可能会给出错误 no such column (cliff)。
当用户登录时,应用程序似乎崩溃了,然后又工作了。 LogCat 上出现错误:
Caused by: android.database.sqlite.SQLiteException: no such column: cliff (code 1): , while compiling: SELECT DISTINCT _id, name, password FROM Users WHERE name=cliff
为什么它会抛出一个错误但又能正常工作?谁能看到我的问题。下面是我的代码...
public class DBAdapter {
static final String KEY_ROWID = "_id";
static final String KEY_USERNAME = "name";
static final String KEY_PASSWORD = "password";
static final String KEY_CARDNUM = "cardnum";
static final String KEY_CARDNAME = "cardname";
static final String TAG = "DBAdapter";
static final String DATABASE_NAME = "CPDB";
static final String DATABASE_TABLE = "Users";
static final String DATABASE_TABLEC = "Cards";
static final int DATABASE_VERSION = 1;
static final String DATABASE_CREATE =
"create table Users (_id integer primary key autoincrement, " + "name text not null, password text not null, cardnum integer not null, cardname text not null);";
final Context context;
DatabaseHelper DBHelper;
SQLiteDatabase db;
public DBAdapter (Context ctx){
this.context = ctx;
DBHelper = new DatabaseHelper(context);
}
private static class DatabaseHelper extends SQLiteOpenHelper
{
DatabaseHelper(Context context){
super (context, DATABASE_NAME, null, DATABASE_VERSION);
}
@Override
public void onCreate(SQLiteDatabase db){
try{
db.execSQL(DATABASE_CREATE);
} catch (SQLException e) {
e.printStackTrace();
}
}
@Override
public void onUpgrade(SQLiteDatabase db, int oldVersion, int newVersion) {
Log.w(TAG, "Upgrading database from version" + oldVersion + "to" + newVersion + "which will destroy all old data");
db.execSQL("DROP TABLE IF EXISTS Users");
onCreate (db);
}
}
//--opens the DB--
public DBAdapter open() throws SQLException
{
db= DBHelper.getWritableDatabase();
return this;
}
//--close the DB--
public void close()
{
DBHelper.close();
}
//--retrieves chosen user--
public Cursor checkUser(String username) throws SQLException{
Cursor mCursor =
db.query(true, DATABASE_TABLE, new String[] {KEY_ROWID, KEY_USERNAME, KEY_PASSWORD}, KEY_USERNAME + "=" + username, null, null, null, null,null);
if (mCursor != null) {
mCursor.moveToFirst();
}
return mCursor;
}
}
然后进行登录javaclass......
public class login extends Activity {
Button btn1,btn2;
@Override
public void onCreate (Bundle savedInstanceState) {
/* Called when the activity is first created*/
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_login);
btn1 = (Button)findViewById(R.id.bttn_signup);
btn2 = (Button)findViewById(R.id.bttn_signin);
}
public void onClick(View view){
if(view.getId() == R.id.bttn_signup) {
startActivity(new Intent("com.cardpocket.cardpocket.signup"));
}
if(view.getId() == R.id.bttn_signin) {
EditText email = (EditText) findViewById(R.id.tf_email);
EditText pass = (EditText) findViewById(R.id.tf_password);
String username = email.getText().toString();
String password = pass.getText().toString();
DBAdapter db = new DBAdapter(this);
db.open();
Cursor c = db.checkUser(username);
//set someUsers as a list
ArrayList<String> theUser = new ArrayList<>();
if (c.moveToFirst()) {
do {
String aUser = c.getString(c.getColumnIndex("password"));
theUser.add(aUser);
} while (c.moveToNext());
}
if (theUser.contains(password)) {
startActivity(new Intent("com.cardpocket.cardpocket.mainactivity"));
/*
//set the value and pass to the mainactivity
Intent i = new Intent(this, mainactivity.class);
i.putExtra("username", username);
startActivity(i);}*/
} else {
//do something else
Toast.makeText(this, "No contact found", Toast.LENGTH_LONG).show();
}
}
}
提前谢谢你。 :)
您容易受到 SQL injection attacks 的影响,忘记引用您的价值观:
SELECT DISTINCT _id, name, password FROM Users WHERE name='cliff'
^-----^---
没有引号,cliff 被视为不存在的 field/table 名称。带引号的 'cliff' 是字符串文字。
错误很明显:"cliff" 列不存在...
您必须在 SQL 请求
中的 cliff 周围加上引号db.query(true, DATABASE_TABLE, new String[] {KEY_ROWID, KEY_USERNAME, KEY_PASSWORD}, KEY_USERNAME + "= '" + username + "'", null, null, null, null,null);
此外,我建议您使用准备好的 SQL 查询,这样:
String selection = "KEY_USERNAME = ?";
String[] selectionArgs = { username };
String[] columns = {KEY_ROWID, KEY_USERNAME, KEY_PASSWORD};
Cursor cursor = db.query(true, DATABASE_TABLE, columns, selection, selectionArgs , null, null, null,null);
它会为您添加引号,确保您的请求更安全。
您必须使用(引号)'cliff' 而不是悬崖。如果没有引号,它将被 sqlite 识别为列,并且可能会给出错误 no such column (cliff)。