rawQuery比。 database.queryrawQuery、database、query

由网友(仗剑走江湖)分享简介:均为其在使用rawQuery在查询生成器(反之亦然)?Are their any advantages in using rawQuery over the Query Builder (or vice versa)?请问查询生成器,例如,保护再次SQL注入攻击(虽然不是一个大问题,因为与网站,SQL注入+内容提供...


Are their any advantages in using rawQuery over the Query Builder (or vice versa)?


Does the Query Builder, for example, protect again SQL Injection attacks (While not a big a problem as with web sites, SQL Injection + a content provider could be an issue)? or is one faster than the other?

我相当满意的SQL(够我需要做的工作),所以我倾向于去rawQuery(我可以读取源$ C ​​$ C容易),但我只是想知道如果我'中号失去了一些东西,可能是有益的。

I'm fairly happy with SQL (enough for what I need to do anyway) and so I tend to go for rawQuery (I can read the source code easier), but I'm just wondering if I'm missing something that could be useful.



It's definitely preferred to build a query through the methods provided. Not only does it protect you from SQL injections, it also builds the query for you so you can avoid having a whole bunch of string concatenations that will make the query string less readable and more error prone. Performance-wise I don't think it makes much difference.


