Java Code Examples for android.database.DatabaseUtils#appendEscapedSQLString()
The following examples show how to use
android.database.DatabaseUtils#appendEscapedSQLString() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: ExportBackupService.java From Pix-Art-Messenger with GNU General Public License v3.0 | 6 votes |
|
private static void appendValues(final Cursor cursor, final StringBuilder builder, final int skipColumn) {
builder.append("(");
for (int i = 0; i < cursor.getColumnCount(); ++i) {
if (i == skipColumn) {
continue;
}
if (i != 0) {
builder.append(',');
}
final String value = cursor.getString(i);
if (value == null) {
builder.append("NULL");
} else if (value.matches("[0-9]+")) {
builder.append(value);
} else {
DatabaseUtils.appendEscapedSQLString(builder, value);
}
}
builder.append(")");
}
Example 2
| Source File: ExportBackupService.java From Conversations with GNU General Public License v3.0 | 6 votes |
|
private static void appendValues(final Cursor cursor, final StringBuilder builder, final int skipColumn) {
builder.append("(");
for (int i = 0; i < cursor.getColumnCount(); ++i) {
if (i == skipColumn) {
continue;
}
if (i != 0) {
builder.append(',');
}
final String value = cursor.getString(i);
if (value == null) {
builder.append("NULL");
} else if (value.matches("[0-9]+")) {
builder.append(value);
} else {
DatabaseUtils.appendEscapedSQLString(builder, value);
}
}
builder.append(")");
}
Example 3
| Source File: Browser.java From android_9.0.0_r45 with Apache License 2.0 | 5 votes |
|
private static final Cursor getVisitedLike(ContentResolver cr, String url) {
boolean secure = false;
String compareString = url;
if (compareString.startsWith("http://")) {
compareString = compareString.substring(7);
} else if (compareString.startsWith("https://")) {
compareString = compareString.substring(8);
secure = true;
}
if (compareString.startsWith("www.")) {
compareString = compareString.substring(4);
}
StringBuilder whereClause = null;
if (secure) {
whereClause = new StringBuilder(Bookmarks.URL + " = ");
DatabaseUtils.appendEscapedSQLString(whereClause,
"https://" + compareString);
addOrUrlEquals(whereClause);
DatabaseUtils.appendEscapedSQLString(whereClause,
"https://www." + compareString);
} else {
whereClause = new StringBuilder(Bookmarks.URL + " = ");
DatabaseUtils.appendEscapedSQLString(whereClause,
compareString);
addOrUrlEquals(whereClause);
String wwwString = "www." + compareString;
DatabaseUtils.appendEscapedSQLString(whereClause,
wwwString);
addOrUrlEquals(whereClause);
DatabaseUtils.appendEscapedSQLString(whereClause,
"http://" + compareString);
addOrUrlEquals(whereClause);
DatabaseUtils.appendEscapedSQLString(whereClause,
"http://" + wwwString);
}
return cr.query(History.CONTENT_URI, new String[] { History._ID, History.VISITS },
whereClause.toString(), null, null);
}
Example 4
| Source File: ExportBackupService.java From Pix-Art-Messenger with GNU General Public License v3.0 | 5 votes |
|
private static void accountExport(final SQLiteDatabase db, final String uuid, final PrintWriter writer) {
final StringBuilder builder = new StringBuilder();
final Cursor accountCursor = db.query(Account.TABLENAME, null, Account.UUID + "=?", new String[]{uuid}, null, null, null);
while (accountCursor != null && accountCursor.moveToNext()) {
builder.append("INSERT INTO ").append(Account.TABLENAME).append("(");
for (int i = 0; i < accountCursor.getColumnCount(); ++i) {
if (i != 0) {
builder.append(',');
}
builder.append(accountCursor.getColumnName(i));
}
builder.append(") VALUES(");
for (int i = 0; i < accountCursor.getColumnCount(); ++i) {
if (i != 0) {
builder.append(',');
}
final String value = accountCursor.getString(i);
if (value == null || Account.ROSTERVERSION.equals(accountCursor.getColumnName(i))) {
builder.append("NULL");
} else if (value.matches("\\d+")) {
int intValue = Integer.parseInt(value);
if (Account.OPTIONS.equals(accountCursor.getColumnName(i))) {
intValue |= 1 << Account.OPTION_DISABLED;
}
builder.append(intValue);
} else {
DatabaseUtils.appendEscapedSQLString(builder, value);
}
}
builder.append(")");
builder.append(';');
builder.append('\n');
}
if (accountCursor != null) {
accountCursor.close();
}
writer.append(builder.toString());
}
Example 5
| Source File: PreferenceIndexSqliteOpenHelper.java From android-testdpc with Apache License 2.0 | 5 votes |
|
private String buildLookupSQL(List<String> targetFragments) {
StringBuilder stringBuilder = new StringBuilder(LOOKUP_SQL);
for (String fragment : targetFragments) {
DatabaseUtils.appendEscapedSQLString(stringBuilder, fragment);
stringBuilder.append(",");
}
stringBuilder.setLength(stringBuilder.length() - 1); // Strip the last comma
stringBuilder.append(")");
return stringBuilder.toString();
}
Example 6
| Source File: PodDBAdapter.java From AntennaPodSP with MIT License | 5 votes |
|
/**
* Uses DatabaseUtils to escape a search query and removes ' at the
* beginning and the end of the string returned by the escape method.
*/
private String prepareSearchQuery(String query) {
StringBuilder builder = new StringBuilder();
DatabaseUtils.appendEscapedSQLString(builder, query);
builder.deleteCharAt(0);
builder.deleteCharAt(builder.length() - 1);
return builder.toString();
}
Example 7
| Source File: ExportBackupService.java From Conversations with GNU General Public License v3.0 | 5 votes |
|
private static void accountExport(final SQLiteDatabase db, final String uuid, final PrintWriter writer) {
final StringBuilder builder = new StringBuilder();
final Cursor accountCursor = db.query(Account.TABLENAME, null, Account.UUID + "=?", new String[]{uuid}, null, null, null);
while (accountCursor != null && accountCursor.moveToNext()) {
builder.append("INSERT INTO ").append(Account.TABLENAME).append("(");
for (int i = 0; i < accountCursor.getColumnCount(); ++i) {
if (i != 0) {
builder.append(',');
}
builder.append(accountCursor.getColumnName(i));
}
builder.append(") VALUES(");
for (int i = 0; i < accountCursor.getColumnCount(); ++i) {
if (i != 0) {
builder.append(',');
}
final String value = accountCursor.getString(i);
if (value == null || Account.ROSTERVERSION.equals(accountCursor.getColumnName(i))) {
builder.append("NULL");
} else if (value.matches("\\d+")) {
int intValue = Integer.parseInt(value);
if (Account.OPTIONS.equals(accountCursor.getColumnName(i))) {
intValue |= 1 << Account.OPTION_DISABLED;
}
builder.append(intValue);
} else {
DatabaseUtils.appendEscapedSQLString(builder, value);
}
}
builder.append(")");
builder.append(';');
builder.append('\n');
}
if (accountCursor != null) {
accountCursor.close();
}
writer.append(builder.toString());
}
Example 8
| Source File: TaskProvider.java From opentasks with Apache License 2.0 | 5 votes |
|
/**
* Append the selection of the account specified in <code>uri</code> to the {@link StringBuilder} <code>sb</code>.
*
* @param sb
* A {@link StringBuilder} that the selection is appended to.
* @param uri
* A {@link Uri} that specifies an account.
*
* @return <code>sb</code>.
*/
protected StringBuilder selectAccount(StringBuilder sb, Uri uri)
{
String accountName = getAccountName(uri);
String accountType = getAccountType(uri);
if (accountName != null || accountType != null)
{
if (accountName != null)
{
if (sb.length() > 0)
{
sb.append(" AND ");
}
sb.append(TaskListSyncColumns.ACCOUNT_NAME);
sb.append("=");
DatabaseUtils.appendEscapedSQLString(sb, accountName);
}
if (accountType != null)
{
if (sb.length() > 0)
{
sb.append(" AND ");
}
sb.append(TaskListSyncColumns.ACCOUNT_TYPE);
sb.append("=");
DatabaseUtils.appendEscapedSQLString(sb, accountType);
}
}
return sb;
}
Example 9
| Source File: TaskProvider.java From opentasks-provider with Apache License 2.0 | 5 votes |
|
/**
* Append the selection of the account specified in <code>uri</code> to the {@link StringBuilder} <code>sb</code>.
*
* @param sb
* A {@link StringBuilder} that the selection is appended to.
* @param uri
* A {@link Uri} that specifies an account.
* @return <code>sb</code>.
*/
protected StringBuilder selectAccount(StringBuilder sb, Uri uri)
{
String accountName = getAccountName(uri);
String accountType = getAccountType(uri);
if (accountName != null || accountType != null)
{
if (accountName != null)
{
if (sb.length() > 0)
{
sb.append(" AND ");
}
sb.append(TaskListSyncColumns.ACCOUNT_NAME);
sb.append("=");
DatabaseUtils.appendEscapedSQLString(sb, accountName);
}
if (accountType != null)
{
if (sb.length() > 0)
{
sb.append(" AND ");
}
sb.append(TaskListSyncColumns.ACCOUNT_TYPE);
sb.append("=");
DatabaseUtils.appendEscapedSQLString(sb, accountType);
}
}
return sb;
}
Example 10
| Source File: SQLiteQueryBuilder.java From android_9.0.0_r45 with Apache License 2.0 | 3 votes |
|
/**
* Append a chunk to the WHERE clause of the query. All chunks appended are surrounded
* by parenthesis and ANDed with the selection passed to {@link #query}. The final
* WHERE clause looks like:
*
* WHERE (<append chunk 1><append chunk2>) AND (<query() selection parameter>)
*
* @param inWhere the chunk of text to append to the WHERE clause. it will be escaped
* to avoid SQL injection attacks
*/
public void appendWhereEscapeString(String inWhere) {
if (mWhereClause == null) {
mWhereClause = new StringBuilder(inWhere.length() + 16);
}
DatabaseUtils.appendEscapedSQLString(mWhereClause, inWhere);
}
Example 11
| Source File: SQLiteQueryBuilder.java From sqlite-android with Apache License 2.0 | 3 votes |
|
/**
* Append a chunk to the WHERE clause of the query. All chunks appended are surrounded
* by parenthesis and ANDed with the selection passed to {@link #query}. The final
* WHERE clause looks like:
*
* WHERE (<append chunk 1><append chunk2>) AND (<query() selection parameter>)
*
* @param inWhere the chunk of text to append to the WHERE clause. it will be escaped
* to avoid SQL injection attacks
*/
public void appendWhereEscapeString(String inWhere) {
if (mWhereClause == null) {
mWhereClause = new StringBuilder(inWhere.length() + 16);
}
if (mWhereClause.length() == 0) {
mWhereClause.append('(');
}
DatabaseUtils.appendEscapedSQLString(mWhereClause, inWhere);
}
Example 12
| Source File: SQLiteQueryBuilder.java From squidb with Apache License 2.0 | 3 votes |
|
/**
* Append a chunk to the WHERE clause of the query. All chunks appended are surrounded
* by parenthesis and ANDed with the selection passed to {@link #query}. The final
* WHERE clause looks like:
*
* WHERE (<append chunk 1><append chunk2>) AND (<query() selection parameter>)
*
* @param inWhere the chunk of text to append to the WHERE clause. it will be escaped
* to avoid SQL injection attacks
*/
public void appendWhereEscapeString(String inWhere) {
if (mWhereClause == null) {
mWhereClause = new StringBuilder(inWhere.length() + 16);
}
if (mWhereClause.length() == 0) {
mWhereClause.append('(');
}
DatabaseUtils.appendEscapedSQLString(mWhereClause, inWhere);
}
