Why is "new String[] { }" used while updating or deleting an item in SQLite database in Android Studio?

huangapple go评论104阅读模式
英文:

Why is "new String[] { }" used while updating or deleting an item in SQLite database in Android Studio?

问题

new String[] { } 用于在更新和删除 SQLite 数据库中的项目时进行使用,例如:

首先,在创建表时:

db.execSQL("create table " + TABLE_NAME + " (ID INTEGER PRIMARY KEY AUTOINCREMENT,NAME TEXT)");

更新项目:

db.update(TABLE_NAME, contentValues, "ID = ?", new String[] {id});

删除项目:

db.delete(TABLE_NAME, "ID = ?", new String[] {id});

在这里,在数据库中创建表时,ID 是一个 INTEGER。但是,在更新/删除任何项目时,id 已经是一个 String,那么为什么我们要使用 new String[] {id} 呢?

英文:

new String[] { } is used while updating and deleting an item from SQLite database, such as:

At first, creating the table:

db.execSQL("create table " + TABLE_NAME +" (ID INTEGER PRIMARY KEY AUTOINCREMENT,NAME TEXT)");

Updating an item:

db.update(TABLE_NAME, contentValues, "ID = ?",new String[] {id});

Deleting an item:

db.delete(TABLE_NAME, "ID = ?",new String[] {id});

Here, ID was an INTEGER while creating the table in database. But, while updating/deleting any item, id was already a String, then why should we use new String[] {id}?

答案1

得分: 2

这是一个很好的问题。

为什么使用 new String[] {id} ?

在这里,new String[] {id} 是一个字符串数组的初始化,需要使用数组,因为参数的数量可以是一个或多个。

为什么要使用 String 类型的数组?

我们传递给查询的参数可以是 整数/浮点数/字符串 中的任何一种。将 整数/浮点数 转换为 字符串 是微不足道的/简单的/易读的,但反之则不然。在Java中,代码必须被固定(不像Python),因此创建者必须坚持使用 字符串,我想是这个原因。

附加信息:

这种生成SQL查询的方法(而不是直接编写查询)被称为预处理语句/参数化查询,这是防止SQL注入的一种好方法。

英文:

This is a good question.

Why new String[] {id} ?

Here new String[] {id} is the initalization of a String array, an array is needed because the number of parameters can be one or many.

Why is this array of String type ?

The parameters we pass to query can be anything among integer/float/string, It is trivial/easy/human-readable to convert integer/float to String but not vice-versa. In Java, code has to be fixed (Unlike Python), thus the creators have to stick with String, I guess.

Bonus:

This way of SQL query generation (Instead of writing query directly) which is called prepared-statements/Parameterized-Queries and it is a good way to combat SQL-Injection.

答案2

得分: 2

根据4.2. 在比较之前的类型转换部分的解释,在进行比较 ID = ? 之前,对于您传递的参数,尽管它是一个字符串,会应用 NUMERIC 亲和性,因为列 ID 具有 INTEGER 亲和性。<br/>

因此,通常做法是:您始终传递一个字符串参数,但在执行 SQL 语句时,此字符串参数将隐式转换/处理为字符串(与具有 TEXT 亲和性的列进行比较)或数字(与具有 INTEGERNUMERIC 亲和性的列进行比较)。

英文:

As it is explained in 4.2. Type Conversions Prior To Comparison, prior to this comparison ID = ?, for the parameter that you pass, although it is a string, NUMERIC affinity is applied because the column ID has INTEGER affinity.<br/>

So the norm is: you always pass a string parameter but when the sql statement is executed, this string parameter will be implicitly converted/treated as either a string if it is compared to a string (a column with TEXT affinity), or a number if it is compared to a number (a column with INTEGER or NUMERIC affinity).

答案3

得分: 1

你提到的参数 new String[] {id} 用于 WHERE 子句的参数。当你使用 WHERE 子句时,它会很有帮助。那个东西有助于提供参数。
要进一步了解,你可以访问下面的链接:

在使用删除查询时的 WHERE 子句参数

英文:

The argument you have mentioned new String[] {id} is used for WHERE clause arguments.It is helpful when you use WHERE clause. And that stuff is helpful to provide arguments.
For further clarification you may visit below link:

Where clause argument while using delete query

huangapple
  • 本文由 发表于 2020年10月27日 15:53:44
  • 转载请务必保留本文链接:https://go.coder-hub.com/64550163.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定