Share via


ContentResolver.QueryArgSqlSelection Field

Definition

Key for an SQL style selection string that may be present in the query Bundle argument passed to ContentProvider#query(Uri, String[], Bundle, CancellationSignal) when called by a legacy client.

[Android.Runtime.Register("QUERY_ARG_SQL_SELECTION", ApiSince=26)]
public const string QueryArgSqlSelection;
[<Android.Runtime.Register("QUERY_ARG_SQL_SELECTION", ApiSince=26)>]
val mutable QueryArgSqlSelection : string

Field Value

Attributes

Remarks

Key for an SQL style selection string that may be present in the query Bundle argument passed to ContentProvider#query(Uri, String[], Bundle, CancellationSignal) when called by a legacy client.

Clients should never include user supplied values directly in the selection string, as this presents an avenue for SQL injection attacks. In lieu of this, a client should use standard placeholder notation to represent values in a selection string, then supply a corresponding value in #QUERY_ARG_SQL_SELECTION_ARGS.

<b>Apps targeting android.os.Build.VERSION_CODES#O or higher are strongly encourage to use structured query arguments in lieu of opaque SQL query clauses.</b>

Java documentation for android.content.ContentResolver.QUERY_ARG_SQL_SELECTION.

Portions of this page are modifications based on work created and shared by the Android Open Source Project and used according to terms described in the Creative Commons 2.5 Attribution License.

Applies to