过滤自定义 ContentProvider 函数中的输入
在自定义 ContentProvider 中,我需要过滤掉输入中指定的一些列。考虑到面向文本的 Android 界面,这让我很困难。
例如,MyContentProvider.query() 上的输入将有效地询问如下内容:
SELECT column_a, column_b FROM my_table WHERE column_a=1 AND column_b=red;
问题是,在这个特定的 MyContentProvider _column_b_ 可能没有任何意义,并且不会出现在桌子。过滤投影以便仅保留相关列可以轻松完成,因为它是 String[]。但是,过滤这些列的字符串“where”(选择)和“selectionArgs”输入并非易事。如果处理得当,它会变成:
SELECT column_a FROM my_table WHERE column_a=1;
否则会得到一个SQLiteException“没有这样的列”。
那么,是否有任何简单的方法来忽略或过滤此类 sql 语句中的列,或者我是否需要为选择部分编写一些智能但非常有限的正则表达式解析代码?
我没有获得正确输入的原因是因为我维护了一个自定义 ContentProvider 作为地址接口,但我在此处与多个自定义 ContentProvider 进行了交谈(在后台) )。无论如何,我需要在某处过滤选择。
请注意,我并不是简单地询问如何执行查询或使用 SELECT ... WHERE 语句。然而,它涉及我的 query() 函数的实现。
In a custom ContentProvider I need to filter out some columns specified in the inputs. Given the text-oriented Android interfaces this is giving me a hard time.
For example the input on MyContentProvider.query() would effectively ask something like:
SELECT column_a, column_b FROM my_table WHERE column_a=1 AND column_b=red;
The problem is that at this particular MyContentProvider _column_b_ might not make any sense and would not be present in the table. Filtering the projection so that only relevant columns remain can be easily done since it's a String[]. However, filtering the String "where" (selection) and "selectionArgs" inputs for these columns is not trivial. If done properly it would become:
SELECT column_a FROM my_table WHERE column_a=1;
Otherwise one would get a SQLiteException "no such column".
So, is there any easy way to ignore or filter columns from such an sql statement or do I need to go and write some smart albeit very limited regexp parsing code for the selection part?
The reason I'm not getting the right inputs is because I maintain a custom ContentProvider as an interface to address, but I talk to multiple custom ContentProviders herein (in the background). One way or another, I would need to filter the selection somewhere.
Please note that I am not asking simply how to do a query or use the SELECT ... WHERE statement. However it concerns my implementation of the query() function.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
既然您要使用
ContentProvider扩展您的MyContentProvider,为什么不直接重载query()方法呢?请参阅 ContentProvider - 使用 ContentProvider 共享内容,了解其他人关于如何创建内容的示例自定义 ContentProvider。您应该完全控制从
SQLiteDatabase获取哪些数据。更重要的是,查看 为
query() 提供的参数,因为它们包含您需要的信息,您可以根据传递到方法调用的内容动态构建查询。根据您是否能找到一个好的查询生成器,您有机会构建一个小型但功能强大的抽象层来构建您的查询,以便最大限度地减少您自己编写的实际 SQL 量。
另外,请始终记住清理您的输入!
Since you are extending your
MyContentProviderwithContentProviderwhy don't you just overload thequery()method?Look at ContentProvider - Sharing Content using the ContentProvider for someone elses example on how to create a custom ContentProvider. You should have full control over what data you fetch from your
SQLiteDatabase.More importantly, look at the arguments provided to
query(), as they contain the information you need to you in a way where you can dynamically build the query from what is passed into the method call.Depending on if you can find a good query builder, you have an opportunity to build a small but powerful abstraction layer to build your queries, so that you minimize the amount of actual SQL that you write yourself.
Also, always remember to sanitize your inputs!