SQL-接受带引号的字符串

时间:2019-01-09 10:52:10

标签: sql database dart

我目前正在开发一个应用程序,用户可以在其中将新闻文章保存到本地存储中的database中。这就是我执行该交易的方式。

INSERT INTO Article(title, description, url, urltoimage, publishedat) VALUES("$title", "$description", "$url", "$urlToImage", "$publishedAt")

我唯一遇到的麻烦是,交易的任何部分都在quotation marks内包含string,并且在...

  

“ ShapeShift宣布将加密货币称为“严厉情妇”,大规模裁员”,“ ShapeShift交易所已成为一连串加密货币和区块链公司中最新的一家,由于持续的加密货币熊市而宣布重大裁员。” “克服ShapeShift的Crypto Winter和它” 

DB Error: 1 "near "Overcoming": syntax error"

考虑整篇文章,多余的quotation marks的出现使查询相信description以标题为 的单词结尾,从而中断了标题为的单词。 >克服,理想情况下,查询仍应将其视为description字符串的一部分。

我正在寻找一种防止这种情况发生的方法,以便尽管存在额外的database,也可以将整篇文章保存到本地quotation marks

这是dart engine产生的整个错误:

DatabaseException(Error Domain=FMDatabase Code=1 "near "Overcoming": syntax error" UserInfo={NSLocalizedDescription=near "Overcoming": syntax error}) sql 'INSERT INTO Article(title, description, url, urltoimage, publishedat) VALUES("Calling Crypto a ‘Harsh Mistress,’ ShapeShift Announces Major Layoffs", "ShapeShift exchange has become the latest in a string of cryptocurrency and blockchain companies to announce major layoffs due to the ongoing cryptocurrency bear market.    In a Medium post entitled "Overcoming ShapeShift's Crypto Winter and the", "https://www.ccn.com/calling-crypto-a-harsh-mistress-shapeshift-announces-major-layoffs/", "https://www.ccn.com/wp-content/uploads/2019/01/shapeshift-crypto-exchange-layoffs.jpg", "2019-01-08T18:24:58Z")' args []}

编辑;

这是我在dart中用来解决此问题的完整代码

  

创建表格

var databasesPath = await getDatabasesPath();
String path = join(databasesPath, 'saved_articles.db');

Database database = await openDatabase(path, version: 1,
    onCreate: (Database db, int version) async {
  // When creating the db, create the table
  await db.execute('CREATE TABLE Article (id INTEGER PRIMARY KEY, title TEXT, description TEXT, url TEXT, urltoimage TEXT, publishedat TEXT, CONSTRAINT article_constraint UNIQUE (title));');
});
  

插入文章

await database.transaction((txn) async {
  int id1 = await txn.rawInsert(
    'INSERT INTO Article(title, description, url, urltoimage, publishedat) VALUES("$title", "$description", "$url", "$urlToImage", "$publishedAt")'
  );                                     

  debugPrint('inserted1: $id1');

});

谢谢

1 个答案:

答案 0 :(得分:3)

在执行rawQuery时,使用sqflite提供的转义机制。

代替:

int id1 = await txn.rawInsert(
'INSERT INTO Article(title, description, url, urltoimage, publishedat) 
 VALUES("$title", "$description", "$url", "$urlToImage", "$publishedAt")'
);

使用此方法:

int id1 = await txn.rawInsert(
'INSERT INTO Article(title, description, url, urltoimage, publishedat) 
 VALUES(?, ?, ?, ?, ?)',
 [title, description, url, urlToImage, publishedAt]
);

那也应该转义所有保留的SQL字符。

相关问题
最新问题