List of usage examples for android.database DatabaseUtils appendEscapedSQLString
public static void appendEscapedSQLString(StringBuilder sb, String sqlString)
From source file:Main.java
/** Returns a WHERE clause assert equality of a field to a value. */ public static String getEqualityClause(String field, String value) { StringBuilder clause = new StringBuilder(); clause.append(field);/*w w w . java 2 s. c o m*/ clause.append(" = "); DatabaseUtils.appendEscapedSQLString(clause, value); return clause.toString(); }
From source file:io.requery.android.database.sqlite.SQLiteQueryBuilder.java
/** * Append a chunk to the WHERE clause of the query. All chunks appended are surrounded * by parenthesis and ANDed with the selection passed to {@link #query}. The final * WHERE clause looks like:/* w w w . java2 s .c o m*/ * * WHERE (<append chunk 1><append chunk2>) AND (<query() selection parameter>) * * @param inWhere the chunk of text to append to the WHERE clause. it will be escaped * to avoid SQL injection attacks */ public void appendWhereEscapeString(String inWhere) { if (mWhereClause == null) { mWhereClause = new StringBuilder(inWhere.length() + 16); } if (mWhereClause.length() == 0) { mWhereClause.append('('); } DatabaseUtils.appendEscapedSQLString(mWhereClause, inWhere); }
From source file:android.database.DatabaseUtils.java
/** * SQL-escape a string./*from w w w. j av a 2s . com*/ */ public static String sqlEscapeString(String value) { StringBuilder escaper = new StringBuilder(); DatabaseUtils.appendEscapedSQLString(escaper, value); return escaper.toString(); }
From source file:mobisocial.musubi.ui.fragments.FeedListFragment.java
@Override public Loader<Cursor> onCreateLoader(int id, Bundle args) { Set<MIdentity> ids = mPeople.getSelectedIdentities(); String filterText = mPeople.getText().toString(); StringBuilder constraints = new StringBuilder(100); constraints.append("1=1"); if (args != null) { if (args.containsKey("start")) { constraints.append(" AND ").append(MFeed.COL_LATEST_RENDERABLE_OBJ_TIME).append(">") .append(args.getLong("start")); }/* w ww .jav a 2s .c om*/ if (args.containsKey("end")) { constraints.append(" AND ").append(MFeed.COL_LATEST_RENDERABLE_OBJ_TIME).append("<=") .append(args.getLong("end")); } } if (filterText.length() > 0) { if (ids.size() > 0) { for (MIdentity p : ids) { constraints.append(" AND ").append(MFeed.TABLE).append(".").append(MFeed.COL_ID) .append(" in (SELECT ").append(MFeedMember.COL_FEED_ID).append(" FROM ") .append(MFeedMember.TABLE).append(" WHERE ").append(MFeedMember.COL_IDENTITY_ID) .append("=").append(p.id_).append(")"); } } else { constraints.append(" AND ").append(MFeed.TABLE).append(".").append(MFeed.COL_NAME).append(" LIKE "); DatabaseUtils.appendEscapedSQLString(constraints, "%" + filterText + "%"); } } FeedSummaryLoader cl = new FeedSummaryLoader(getActivity(), constraints.toString()); cl.setUpdateThrottle(1000); return cl; }
From source file:com.android.messaging.mmslib.pdu.PduPersister.java
/** * Update all parts of a PDU./*from w ww . ja v a2 s . co m*/ * * @param uri The PDU which need to be updated. * @param body New message body of the PDU. * @param preOpenedFiles if not null, a map of preopened InputStreams for the parts. * @throws MmsException Bad URI or updating failed. */ public void updateParts(final Uri uri, final PduBody body, final Map<Uri, InputStream> preOpenedFiles) throws MmsException { try { PduCacheEntry cacheEntry; synchronized (PDU_CACHE_INSTANCE) { if (PDU_CACHE_INSTANCE.isUpdating(uri)) { if (LOCAL_LOGV) { LogUtil.v(TAG, "updateParts: " + uri + " blocked by isUpdating()"); } try { PDU_CACHE_INSTANCE.wait(); } catch (final InterruptedException e) { Log.e(TAG, "updateParts: ", e); } cacheEntry = PDU_CACHE_INSTANCE.get(uri); if (cacheEntry != null) { ((MultimediaMessagePdu) cacheEntry.getPdu()).setBody(body); } } // Tell the cache to indicate to other callers that this item // is currently being updated. PDU_CACHE_INSTANCE.setUpdating(uri, true); } final ArrayList<PduPart> toBeCreated = new ArrayList<PduPart>(); final ArrayMap<Uri, PduPart> toBeUpdated = new ArrayMap<Uri, PduPart>(); final int partsNum = body.getPartsNum(); final StringBuilder filter = new StringBuilder().append('('); for (int i = 0; i < partsNum; i++) { final PduPart part = body.getPart(i); final Uri partUri = part.getDataUri(); if ((partUri == null) || !partUri.getAuthority().startsWith("mms")) { toBeCreated.add(part); } else { toBeUpdated.put(partUri, part); // Don't use 'i > 0' to determine whether we should append // 'AND' since 'i = 0' may be skipped in another branch. if (filter.length() > 1) { filter.append(" AND "); } filter.append(Part._ID); filter.append("!="); DatabaseUtils.appendEscapedSQLString(filter, partUri.getLastPathSegment()); } } filter.append(')'); final long msgId = ContentUris.parseId(uri); // Remove the parts which doesn't exist anymore. SqliteWrapper.delete(mContext, mContentResolver, Uri.parse(Mms.CONTENT_URI + "/" + msgId + "/part"), filter.length() > 2 ? filter.toString() : null, null); // Create new parts which didn't exist before. for (final PduPart part : toBeCreated) { persistPart(part, msgId, preOpenedFiles); } // Update the modified parts. for (final Map.Entry<Uri, PduPart> e : toBeUpdated.entrySet()) { updatePart(e.getKey(), e.getValue(), preOpenedFiles); } } finally { synchronized (PDU_CACHE_INSTANCE) { PDU_CACHE_INSTANCE.setUpdating(uri, false); PDU_CACHE_INSTANCE.notifyAll(); } } }