java.lang.Object | |
↳ | android.database.sqlite.SQLiteQueryBuilder |
This is a convience class that helps build SQL queries to be sent to
SQLiteDatabase
objects.
Public Constructors | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Add the names that are non-null in columns to s, separating
them with commas.
| |||||||||||
Append a chunk to the WHERE clause of the query.
| |||||||||||
Append a chunk to the WHERE clause of the query.
| |||||||||||
Construct a SELECT statement suitable for use in a group of
SELECT statements that will be joined through UNION operators
in buildUnionQuery.
| |||||||||||
This method is deprecated.
This method's signature is misleading since no SQL parameter
substitution is carried out. The selection arguments parameter does not get
used at all. To avoid confusion, call
buildQuery(String[], String, String, String, String, String) instead.
| |||||||||||
Build an SQL query string from the given clauses.
| |||||||||||
Given a set of subqueries, all of which are SELECT statements,
construct a query that returns the union of what those
subqueries return.
| |||||||||||
This method is deprecated.
This method's signature is misleading since no SQL parameter
substitution is carried out. The selection arguments parameter does not get
used at all. To avoid confusion, call
buildUnionSubQuery(String, String[], Set
instead.
| |||||||||||
Construct a SELECT statement suitable for use in a group of
SELECT statements that will be joined through UNION operators
in buildUnionQuery.
| |||||||||||
Returns the list of tables being queried
| |||||||||||
Perform a query by combining all current settings and the
information passed into this method.
| |||||||||||
Perform a query by combining all current settings and the
information passed into this method.
| |||||||||||
Perform a query by combining all current settings and the
information passed into this method.
| |||||||||||
Sets the cursor factory to be used for the query.
| |||||||||||
Mark the query as DISTINCT.
| |||||||||||
Sets the projection map for the query.
| |||||||||||
When set, the selection is verified against malicious arguments.
| |||||||||||
Sets the list of tables to query.
|
[Expand]
Inherited Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
|
Add the names that are non-null in columns to s, separating them with commas.
Append a chunk to the WHERE clause of the query. All chunks appended are surrounded
by parenthesis and ANDed with the selection passed to query(SQLiteDatabase, String[], String, String[], String, String, String)
. The final
WHERE clause looks like:
WHERE (<append chunk 1><append chunk2>) AND (<query() selection parameter>)
inWhere | the chunk of text to append to the WHERE clause. |
---|
Append a chunk to the WHERE clause of the query. All chunks appended are surrounded
by parenthesis and ANDed with the selection passed to query(SQLiteDatabase, String[], String, String[], String, String, String)
. The final
WHERE clause looks like:
WHERE (<append chunk 1><append chunk2>) AND (<query() selection parameter>)
inWhere | the chunk of text to append to the WHERE clause. it will be escaped to avoid SQL injection attacks |
---|
Construct a SELECT statement suitable for use in a group of SELECT statements that will be joined through UNION operators in buildUnionQuery.
projectionIn | A list of which columns to return. Passing null will return all columns, which is discouraged to prevent reading data from storage that isn't going to be used. |
---|---|
selection | A filter declaring which rows to return, formatted as an SQL WHERE clause (excluding the WHERE itself). Passing null will return all rows for the given URL. |
groupBy | A filter declaring how to group rows, formatted as an SQL GROUP BY clause (excluding the GROUP BY itself). Passing null will cause the rows to not be grouped. |
having | A filter declare which row groups to include in the cursor, if row grouping is being used, formatted as an SQL HAVING clause (excluding the HAVING itself). Passing null will cause all row groups to be included, and is required when row grouping is not being used. |
sortOrder | How to order the rows, formatted as an SQL ORDER BY clause (excluding the ORDER BY itself). Passing null will use the default sort order, which may be unordered. |
limit | Limits the number of rows returned by the query, formatted as LIMIT clause. Passing null denotes no LIMIT clause. |
This method is deprecated.
This method's signature is misleading since no SQL parameter
substitution is carried out. The selection arguments parameter does not get
used at all. To avoid confusion, call
buildQuery(String[], String, String, String, String, String)
instead.
Build an SQL query string from the given clauses.
distinct | true if you want each row to be unique, false otherwise. |
---|---|
tables | The table names to compile the query against. |
columns | A list of which columns to return. Passing null will return all columns, which is discouraged to prevent reading data from storage that isn't going to be used. |
where | A filter declaring which rows to return, formatted as an SQL WHERE clause (excluding the WHERE itself). Passing null will return all rows for the given URL. |
groupBy | A filter declaring how to group rows, formatted as an SQL GROUP BY clause (excluding the GROUP BY itself). Passing null will cause the rows to not be grouped. |
having | A filter declare which row groups to include in the cursor, if row grouping is being used, formatted as an SQL HAVING clause (excluding the HAVING itself). Passing null will cause all row groups to be included, and is required when row grouping is not being used. |
orderBy | How to order the rows, formatted as an SQL ORDER BY clause (excluding the ORDER BY itself). Passing null will use the default sort order, which may be unordered. |
limit | Limits the number of rows returned by the query, formatted as LIMIT clause. Passing null denotes no LIMIT clause. |
Given a set of subqueries, all of which are SELECT statements, construct a query that returns the union of what those subqueries return.
subQueries | an array of SQL SELECT statements, all of which must have the same columns as the same positions in their results |
---|---|
sortOrder | How to order the rows, formatted as an SQL ORDER BY clause (excluding the ORDER BY itself). Passing null will use the default sort order, which may be unordered. |
limit | The limit clause, which applies to the entire union result set |
This method is deprecated.
This method's signature is misleading since no SQL parameter
substitution is carried out. The selection arguments parameter does not get
used at all. To avoid confusion, call
buildUnionSubQuery(String, String[], Set
instead.
Construct a SELECT statement suitable for use in a group of SELECT statements that will be joined through UNION operators in buildUnionQuery.
typeDiscriminatorColumn | the name of the result column whose cells will contain the name of the table from which each row was drawn. |
---|---|
unionColumns | the names of the columns to appear in the result. This may include columns that do not appear in the table this SELECT is querying (i.e. mTables), but that do appear in one of the other tables in the UNION query that we are constructing. |
columnsPresentInTable | a Set of the names of the columns that appear in this table (i.e. in the table whose name is mTables). Since columns in unionColumns include columns that appear only in other tables, we use this array to distinguish which ones actually are present. Other columns will have NULL values for results from this subquery. |
computedColumnsOffset | all columns in unionColumns before this index are included under the assumption that they're computed and therefore won't appear in columnsPresentInTable, e.g. "date * 1000 as normalized_date" |
typeDiscriminatorValue | the value used for the type-discriminator column in this subquery |
selection | A filter declaring which rows to return, formatted as an SQL WHERE clause (excluding the WHERE itself). Passing null will return all rows for the given URL. |
groupBy | A filter declaring how to group rows, formatted as an SQL GROUP BY clause (excluding the GROUP BY itself). Passing null will cause the rows to not be grouped. |
having | A filter declare which row groups to include in the cursor, if row grouping is being used, formatted as an SQL HAVING clause (excluding the HAVING itself). Passing null will cause all row groups to be included, and is required when row grouping is not being used. |
Returns the list of tables being queried
Perform a query by combining all current settings and the information passed into this method.
db | the database to query on |
---|---|
projectionIn | A list of which columns to return. Passing null will return all columns, which is discouraged to prevent reading data from storage that isn't going to be used. |
selection | A filter declaring which rows to return, formatted as an SQL WHERE clause (excluding the WHERE itself). Passing null will return all rows for the given URL. |
selectionArgs | You may include ?s in selection, which will be replaced by the values from selectionArgs, in order that they appear in the selection. The values will be bound as Strings. |
groupBy | A filter declaring how to group rows, formatted as an SQL GROUP BY clause (excluding the GROUP BY itself). Passing null will cause the rows to not be grouped. |
having | A filter declare which row groups to include in the cursor, if row grouping is being used, formatted as an SQL HAVING clause (excluding the HAVING itself). Passing null will cause all row groups to be included, and is required when row grouping is not being used. |
sortOrder | How to order the rows, formatted as an SQL ORDER BY clause (excluding the ORDER BY itself). Passing null will use the default sort order, which may be unordered. |
limit | Limits the number of rows returned by the query, formatted as LIMIT clause. Passing null denotes no LIMIT clause. |
Perform a query by combining all current settings and the information passed into this method.
db | the database to query on |
---|---|
projectionIn | A list of which columns to return. Passing null will return all columns, which is discouraged to prevent reading data from storage that isn't going to be used. |
selection | A filter declaring which rows to return, formatted as an SQL WHERE clause (excluding the WHERE itself). Passing null will return all rows for the given URL. |
selectionArgs | You may include ?s in selection, which will be replaced by the values from selectionArgs, in order that they appear in the selection. The values will be bound as Strings. |
groupBy | A filter declaring how to group rows, formatted as an SQL GROUP BY clause (excluding the GROUP BY itself). Passing null will cause the rows to not be grouped. |
having | A filter declare which row groups to include in the cursor, if row grouping is being used, formatted as an SQL HAVING clause (excluding the HAVING itself). Passing null will cause all row groups to be included, and is required when row grouping is not being used. |
sortOrder | How to order the rows, formatted as an SQL ORDER BY clause (excluding the ORDER BY itself). Passing null will use the default sort order, which may be unordered. |
Perform a query by combining all current settings and the information passed into this method.
db | the database to query on |
---|---|
projectionIn | A list of which columns to return. Passing null will return all columns, which is discouraged to prevent reading data from storage that isn't going to be used. |
selection | A filter declaring which rows to return, formatted as an SQL WHERE clause (excluding the WHERE itself). Passing null will return all rows for the given URL. |
selectionArgs | You may include ?s in selection, which will be replaced by the values from selectionArgs, in order that they appear in the selection. The values will be bound as Strings. |
groupBy | A filter declaring how to group rows, formatted as an SQL GROUP BY clause (excluding the GROUP BY itself). Passing null will cause the rows to not be grouped. |
having | A filter declare which row groups to include in the cursor, if row grouping is being used, formatted as an SQL HAVING clause (excluding the HAVING itself). Passing null will cause all row groups to be included, and is required when row grouping is not being used. |
sortOrder | How to order the rows, formatted as an SQL ORDER BY clause (excluding the ORDER BY itself). Passing null will use the default sort order, which may be unordered. |
limit | Limits the number of rows returned by the query, formatted as LIMIT clause. Passing null denotes no LIMIT clause. |
cancellationSignal | A signal to cancel the operation in progress, or null if none.
If the operation is canceled, then OperationCanceledException will be thrown
when the query is executed. |
Sets the cursor factory to be used for the query. You can use one factory for all queries on a database but it is normally easier to specify the factory when doing this query.
factory | the factory to use. |
---|
Mark the query as DISTINCT.
distinct | if true the query is DISTINCT, otherwise it isn't |
---|
Sets the projection map for the query. The projection map maps from column names that the caller passes into query to database column names. This is useful for renaming columns as well as disambiguating column names when doing joins. For example you could map "name" to "people.name". If a projection map is set it must contain all column names the user may request, even if the key and value are the same.
columnMap | maps from the user column names to the database column names |
---|
When set, the selection is verified against malicious arguments.
When using this class to create a statement using
buildQueryString(boolean, String, String[], String, String, String, String, String)
,
non-numeric limits will raise an exception. If a projection map is specified, fields
not in that map will be ignored.
If this class is used to execute the statement directly using
query(SQLiteDatabase, String[], String, String[], String, String, String)
or
query(SQLiteDatabase, String[], String, String[], String, String, String, String)
,
additionally also parenthesis escaping selection are caught.
To summarize: To get maximum protection against malicious third party apps (for example
content provider consumers), make sure to do the following:
Sets the list of tables to query. Multiple tables can be specified to perform a join. For example: setTables("foo, bar") setTables("foo LEFT OUTER JOIN bar ON (foo.id = bar.foo_id)")
inTables | the list of tables to query on |
---|