带撇号的 iPhone SQLite 命令
我正在为 iPhone 编写一个与 SQLite 数据库通信的应用程序,但遇到了一个小问题。每当我尝试根据包含撇号的条件查询信息时,不会返回任何结果......即使存在与请求条件匹配的结果。让我给出一些具体细节...
SQLite Table
Row--Column1--Column2---------
- 测试数据 - 001
- 用户数据 - 002
Objective-C 代码
//Create the sql statement
sqlite3_stmt *sqlStatement;
//Create the name of the category that will be passed in
NSString *categoryName = @"User's Data";
//Create the rest of the SQL query
NSString *sqlQuery = "SELECT * FROM theTableName WHERE Column1 = ?";
//If there are no errors in the SQL query
if (sqlite3_prepare_v2(theDatabase, sqlQuery, -1, &sqlStatement, nil) == SQLITE_OK)
{
//Bind the category name to the sql statement
sqlite3_bind_text(sqlStatement, 1, [categoryName UTF8String], -1, SQLITE_TRANSIENT);
//While there are rows being returned
while (sqlite3_step(sqlStatement) == SQLITE_ROW)
{
//Retrieve row data
}
}
else
{
//Save error message to the application log and terminate the app
NSAssert1(0,@"Error: Failed to prepare the SQL statement with message '%s'.", sqlite3_errmsg(database));
}
//Reset the sql statement
sqlite3_reset(sqlStatement);
我对 Objective C 是半新手,所以我的编写这段代码时首先想到的是清理用户输入。但经过一些研究后,我了解到 sqlite3_bind 调用为您做了必要的清理工作。但每当代码运行时,就会跳过 while 循环,因为没有返回任何行。它应该返回数据库表中的第二行。如果我将完全相同的 SQL 查询复制/粘贴到 SQL 管理程序中(我使用 SQLite Manager)(当然还有必要的查询卫生),它返回正确的数据。
我花了很长时间尝试自己调试这个问题,甚至花了更多时间尝试在线搜索正在解释和解决的类似问题,但无济于事。到目前为止,我刚刚禁用了用户在 iPhone 虚拟键盘上输入撇号的功能。但这是我希望包含在我的成品中的一个功能。这里有人可以给我任何有用的建议吗?任何形式的帮助将不胜感激。
I'm writing an application for the iPhone that communicates with a SQLite database but I'm running into a small problem. Whenever I try to query information based on a condition that contains an apostrophe, no results are returned.... even if a result that matches the requested condition exists. Let me give some specifics...
SQLite Table
Row--Column1--Column2---------
- Test Data - 001
- User's Data - 002
Objective-C Code
//Create the sql statement
sqlite3_stmt *sqlStatement;
//Create the name of the category that will be passed in
NSString *categoryName = @"User's Data";
//Create the rest of the SQL query
NSString *sqlQuery = "SELECT * FROM theTableName WHERE Column1 = ?";
//If there are no errors in the SQL query
if (sqlite3_prepare_v2(theDatabase, sqlQuery, -1, &sqlStatement, nil) == SQLITE_OK)
{
//Bind the category name to the sql statement
sqlite3_bind_text(sqlStatement, 1, [categoryName UTF8String], -1, SQLITE_TRANSIENT);
//While there are rows being returned
while (sqlite3_step(sqlStatement) == SQLITE_ROW)
{
//Retrieve row data
}
}
else
{
//Save error message to the application log and terminate the app
NSAssert1(0,@"Error: Failed to prepare the SQL statement with message '%s'.", sqlite3_errmsg(database));
}
//Reset the sql statement
sqlite3_reset(sqlStatement);
I'm semi-new to objective C, so my first thought when writing this code was to sanitize the user inputs. But after doing some research, I read that the sqlite3_bind calls do the necessary sanitation for you. But whenever the code runs, the while loop is skipped right over because there are no rows being returned. It should return the second row from the database table. If I copy/paste the exact same SQL query into a SQL managing program (I use SQLite Manager) (and with the necessary query sanitation of course), it returns the correct data.
I've spent a long time trying to debug this myself and even a greater amount of time trying to search online for a similar problem being explained and resolved, but to no avail. As of now, I just disabled the user's ability to key in an apostrophe on the iPhone's virtual keyboard. But this is a feature I'd love to include in my finished product. Can anyone here offer me any helpful tips? Any kind of help would be greatly appreciated.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
对于 sqlite,您的请求将是(正如您所看到的,它甚至错误地突出显示):
并且它将等待结束 ' 符号
您应该 echo ' 符号,例如按以下方式:
在这种情况下,查询将是
完全合法的查询。
在这种情况下,您不需要再绑定,最终代码将如下所示:
For sqlite your request will be (as you can see it is even wrong highlighted):
And it will wait for the closing ' symbol
You should echo ' symbol, for example in following way:
In this case query will be
that is completely legal query.
In this case you don't need binding any more and final code will look like:
官方字符是“
sanitize with”:
然后您可以在查询中使用它
The official character is ''
sanitize with:
Then you can use it on your querys