{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 We Are One 的问题《Sqlite verify if value of column exists》','https://www.manongdao.com/q-1048897.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
i'm wondering if this method is right to verify if the value of _username already exists in the column "username"
public boolean verification(String _username) throws SQLException{
Cursor c = dataBase.rawQuery("SELECT * FROM "+TABLE_NAME+" WHERE "+KEY_USERNAME+"="+_username, null);
if (c!=null)
return true; // return true if the value of _username already exists
return false; // Return false if _username doesn't match with any value of the columns "Username"
}
Is there a better way to do the same thing, i'm really not sure about this, it seemed right for me. Thanks.
In the terms of security and purity yes, for sure.
I recommend you to an usage of
?that is called placeholder. Each placeholder will be replaced with value from string array in the same order. This is called also parametrized statement as a defence agains SQL injection. When your work with Cursor is finished, release it.Beware of SQL injection attacks! You should always use a parameterized query:
(Honestly I'm not sure how your first query didn't throw an exception since you forgot to wrap the string in quotes...)
Also
rawQuery()will always return a Cursor, you must check if the Cursor is empty, notnull.As for "the best" approach, this works fine, but I recommend closing the Cursor to free up resources. All together: