@Test public void testQuote() { assertThat(DatabaseUtils.sqlEscapeString("foobar")).isEqualTo("'foobar'"); assertThat(DatabaseUtils.sqlEscapeString("Rich's")).isEqualTo("'Rich''s'"); }
builder.appendWhere( TrayContract.Preferences.Columns.KEY + " = " + DatabaseUtils.sqlEscapeString(uri.getPathSegments().get(2))); DatabaseUtils.sqlEscapeString(uri.getPathSegments().get(1)));
public static String getSQLValue(Object value) { return (value instanceof Number) ? String.valueOf(value) : DatabaseUtils.sqlEscapeString(String.valueOf(value)); }
/** * Helper function to sanitize a string for SQL queries, remove accent marks, and trim * whitespace. * * @param input A string to sanitize * @return The sanitized String */ private static String sanitizeString(String input, boolean removeAccentMarks) { if (removeAccentMarks) { return DatabaseUtils.sqlEscapeString(removeAccentMarks(input).trim()); } return DatabaseUtils.sqlEscapeString(input.trim()); }
/** * Escapes string and wraps it for LIKE argument. * Given the input "John's", we get '%John''s%' * * @param string the string to escape and wrap * @return string as LIKE argument */ @NonNull public static String escapeAndWrapForLikeArgument(@Nullable final String string) { return wrapForLikeArgument(DatabaseUtils.sqlEscapeString(string)); }
public void deleteContact(Contact c) { database.delete(tableName, columnID + "=" + DatabaseUtils.sqlEscapeString(String.valueOf(c.getId())) , null); }
private Cursor querySimple(SQLiteDatabase db, String stmt, Object... bindArgs) { String[] args = null; if (bindArgs != null) { args = new String[bindArgs.length]; for (int i = 0; i < bindArgs.length; i++) { Object arg = bindArgs[i]; if (arg instanceof String) { args[i] = DatabaseUtils.sqlEscapeString((String) arg); } else { args[i] = arg.toString(); } } } Cursor result = db.rawQuery(stmt, args); Logger.i(stmt+";", args); return result; }
/** * Check if the given server title is currently used * * @param title The server title * @return true if there's a server with this title, false otherwise */ public boolean isTitleUsed(String title) { boolean isTitleUsed = false; Cursor cursor = this.getReadableDatabase().query( ServerConstants.TABLE_NAME, ServerConstants.ALL, ServerConstants.TITLE + " = " + DatabaseUtils.sqlEscapeString(title), null, null, null, null ); if (cursor.moveToNext()) { isTitleUsed = true; } cursor.close(); return isTitleUsed; }
public void updateContact(Contact c) { ContentValues values = new ContentValues(5); values.put(columnIP, c.getAddress()); values.put(columnPhoto, c.getPhoto()); values.put(columnName, c.getName()); values.put(columnIdentifier, c.getIdentifier()); values.put(columnInfo, c.getInfo()); database.update(tableName, values, columnID + "=" + DatabaseUtils.sqlEscapeString(String.valueOf(c.getId())), null); }
selection += whereKeyData + " is null"; } else { selection += whereKeyData + " = " + DatabaseUtils.sqlEscapeString(whereValue);
sb.append(Mms.MESSAGE_ID); sb.append('='); sb.append(DatabaseUtils.sqlEscapeString(messageId)); sb.append(" AND "); sb.append(Mms.MESSAGE_TYPE);
public void insertContact(Contact c) throws ContactAlreadyAddedException { ContentValues values = new ContentValues(5); //values.put(columnID, c.getId()); values.put(columnIdentifier, c.getIdentifier()); values.put(columnIP, c.getAddress()); values.put(columnName, c.getName()); values.put(columnPhoto, c.getPhoto()); values.put(columnInfo, c.getInfo()); Cursor cur = database.query(tableName, new String[]{columnID}, columnIdentifier + "=" + DatabaseUtils.sqlEscapeString(c.getIdentifier()), null, "", "", ""); int length = cur.getCount(); cur.close(); if (length > 0) { throw new ContactAlreadyAddedException(); } c.setId(database.insert(tableName, null, values)); }
stringVal = String.valueOf(value); } else if (value instanceof Enum) { stringVal = DatabaseUtils.sqlEscapeString(((Enum) value).name()); } else { if (appendInnerQueryParenthesis && value instanceof BaseModelQueriable) { bytes = ((byte[]) value); stringVal = "X" + DatabaseUtils.sqlEscapeString(SqlUtils.byteArrayToHexString(bytes)); } else { stringVal = String.valueOf(value); if (!stringVal.equals(Operator.Operation.EMPTY_PARAM)) { stringVal = DatabaseUtils.sqlEscapeString(stringVal);
DatabaseUtils.sqlEscapeString(searchTerm);
DatabaseUtils.sqlEscapeString(searchTerm);
boolean limit = false; if ( ssid != null && ! "".equals(ssid) ) { sql += " AND ssid like " + DatabaseUtils.sqlEscapeString(ssid); limit = true; sql += " AND bssid like " + DatabaseUtils.sqlEscapeString(bssid); limit = true;
builder.appendWhere( TrayContract.Preferences.Columns.KEY + " = " + DatabaseUtils.sqlEscapeString(uri.getPathSegments().get(2))); DatabaseUtils.sqlEscapeString(uri.getPathSegments().get(1)));