Sql komande

8/19/2019 Sql komande

1/17

1. Some of The Most Important SQL Commands:

• SELECT - extracts data from a database

• UPDATE - updates data in a database

• DELETE - deletes data from a database

• INSERT INTO - inserts new data into a database

• CREATE DATAASE - creates a new database

• ALTER DATAASE - modies a database

• CREATE TALE - creates a new table

• ALTER TALE - modies a table

•

DROP TALE - deletes a table

• CREATE INDE! - creates an index (search key)

• DROP INDE! - deletes an index

". SQL CREATE TALE S#nta$:

CREATE TA!E table_name(

column_name1 data_type(size)"column_name2 data_type(size)"column_name3 data_type(size)"####)$

Pr%mer:

CREATE TA!E %ersons(%erson&' int"!astame archar(*++)",irstame archar(*++)"Addres archar(*++)"City archar(*++))$

&. The SQL SELECT Statement:

The E!ECT statement is used to select data from a database#

The result is stored in a result table" called the result-set#

SQL SELECT S#nta$:


2/17

E!ECT column_name"column_name

,R./ table_name$

and

E!ECT 0 ,R./ table_name$

1# The SQL SELECT DISTINCT

The E!ECT '&T&CT statement is used to return only distinct (di2erent) alues#

The SQL SELECT DISTINCT Statement

&n a table" a column may contain many duplicate alues$ and sometimes you only want to list thedi2erent (distinct) alues#

The '&T&CT keyword can be used to return only distinct (di2erent) alues#

SQL SELECT DISTINCT S#nta$

E!ECT '&T&CT column_name"column_name

,R./ table_name$%rimer3

E!ECT '&T&CT City ,R./ Customers$

'. SQL ()ERE C*a+se

The WHERE clause is used to filter records.

The SQL WHERE Clause

The WHERE clause is used to extract only those records that fulfill a specified criterion.

SQL WHERE Syntax

SELECT column_name,column_name

FROM table_nameWHERE column_name operator value

%rimer3

E!ECT 0 ,R./ Customers

45ERE Country67/exico7$

&li

E!ECT 0 ,R./ Customers45ERE Customer&'68$


3/17

,. SQL AND - OR Operators

The A' 9 .R operators are used to lter records based on more than one condition#

The :! A' 9 .R .perators

The A' operator displays a record if both the rst condition A' the second condition are true#

The .R operator displays a record if either the rst condition .R the second condition is true#

AND Operator E$amp*e

The followin; :! statement selects all customers from the country


4/17

ORDER / DESC E$amp*e

The followin; :! statement selects all customers from the


5/17

E$amp*e

&ERT &T. Customers (Customerame" City" Country)A!DE (7Cardinal7" 7taan;er7" 7orway7)$

6. SQL UPDATE Statement

The D%'ATE statement is used to update records in a table#

The SQL UPDATE Statement

The D%'ATE statement is used to update existin; records in a table#

SQL UPDATE S#nta$

D%'ATE table_nameET column16value1"column26value2"###45ERE some_column6some_value$

Notice the WHERE clause in the SQL

UPDATE statement!The WHERE clause specifies !hich record or

records that should "e updated. #f you o$it

the WHERE clause, all records !ill "eupdated%

SQL UPDATE E$amp*e

Assume we wish to update the customer


6/17

SQL DELETE S#nta$

'E!ETE ,R./ tablename

45ERE somecolumn6somealue$

Not%4e the ()ERE 4*a+se %n the

SQL DELETE statement8

The 45ERE clause species whichrecord or records that should bedeleted# &f you omit the 45ERE clause"all records will be deletedH

SQL DELETE E$amp*e

Assume we wish to delete the customer


7/17

The example aboe" creates a select statement by addin; a ariable (txtDser&d) to a selectstrin;# The ariable is fetched from the user input (ReJuest) to the pa;e#

The rest of this chapter describes the potential dan;ers of usin; user input in :! statements#

SQL Ine4t%on

:! inIection is a techniJue where malicious users can inIect :! commands into an :!statement" ia web pa;e input#

&nIected :! commands can alter :! statement and compromise the security of a webapplication#

SQL Ine4t%on ased on 1


8/17

sJl 6


9/17

ome web deelopers use a


10/17

The followin; examples shows how to build parameteriMed Jueries in some common weblan;ua;es#

A%#ET E!ECT

txtDser&d 6 ;etReJuesttrin;(


11/17

SQL Ser2er > MS A44ess S#nta$

E!ECT T.% number B percent column_name(s),R./ table_name$

SQL SELECT TOP E?+%2a*ent %n M#SQL and Ora4*e

M#SQL S#nta$

E!ECT column_name(s)

,R./ table_name!&/&T number $

E$amp*e

E!ECT 0,R./ %ersons!&/&T +$

Ora4*e S#nta$

E!ECT column_name(s),R./ table_name

45ERE R.4D/ Q6 number $

E$amp*e

E!ECT 0,R./ %ersons45ERE R.4D/ Q6+$

SQL SELECT TOP E$amp*e

The followin; :! statement selects the two rst records from the


12/17

The followin; :! statement selects all customers with a City startin; with the letter


13/17

SHcharlist

Us%n7 the SQL (%*d4ard

The followin; :! statement selects all customers with a City startin; with


14/17

E$amp*e

E!ECT 0 ,R./ Customers45ERE City !&@E 7SHbsp7$

or

E!ECT 0 ,R./ Customers

45ERE City .T !&@E 7Sbsp7$

1'. SQL IN Operator

IN Operator E$amp*e

The followin; :! statement selects all customers with a City of E$amp*e

E!ECT 0 ,R./ Customers45ERE City & (7%aris7"7!ondon7)$

1,. SQL ET(EEN Operator

The ET4EE operator is used to select alues within a ran;e#

The SQL ET(EEN Operator

The ET4EE operator selects alues within a ran;e# The alues can be numbers" text" or dates#

SQL ET(EEN S#nta$

E!ECT column_name(s),R./ table_name

45ERE column_name ET4EE value1 A' value2;

ET(EEN Operator E$amp*e

The followin; :! statement selects all products with a price ET4EE 8F and *F3

E$amp*e

E!ECT 0 ,R./ %roducts45ERE %rice ET4EE 8F A' *F$

NOT ET(EEN Operator E$amp*e

To display the products outside the ran;e of the preious example" use .T ET4EE3

E$amp*e

E!ECT 0 ,R./ %roducts45ERE %rice .T ET4EE 8F A' *F$


15/17

ET(EEN Operator %th IN E$amp*e

The followin; :! statement selects all products with a price ET4EE 8F and *F" but productswith a Cate;ory&' of 8"*" or should not be displayed3

E$amp*e

E!ECT 0 ,R./ %roducts45ERE (%rice ET4EE 8F A' *F)

A' .T Cate;ory&' & (8"*")$

ET(EEN Operator %th Te$t a*+e E$amp*e

The followin; :! statement selects all products with a %roductame be;innin; with any of theletter ET4EE 7C7 and 7/73

E$amp*e

E!ECT 0 ,R./ %roducts

45ERE %roductame ET4EE 7C7 A' 7/7$

NOT ET(EEN Operator %th Te$t a*+e E$amp*e

The followin; :! statement selects all products with a %roductame be;innin; with any of theletter .T ET4EE 7C7 and 7/73

E$amp*e

E!ECT 0 ,R./ %roducts45ERE %roductame .T ET4EE 7C7 A' 7/7$

ET(EEN Operator %th Date a*+e E$amp*e

The followin; :! statement selects all orders with an .rder'ate ET4EE 7F1-Vuly-8WWG7 and7FW-Vuly-8WWG73

E$amp*e

E!ECT 0 ,R./ .rders45ERE .rder'ate ET4EE XFYZF1Z8WWGX A' XFYZFWZ8WWGX$

Not%4e that the ET(EEN operator

4an prod+4e d%Ferent res+*t %nd%Ferent data;ases8

&n some databases" ET4EE selectselds that are between and excludin;the test alues#&n other databases" ET4EE selectselds that are between and includin;the test alues#


16/17

And in other databases" ET4EEselects elds between the test alues"includin; the rst test alue andexcludin; the last test alue#

Therefore: Che4G ho #o+r

data;ase treats the ET(EENoperator8

1. SQL A*%ases

:! aliases are used to temporarily rename a table or a column headin;#

SQL A*%ases

:! aliases are used to ;ie a database table" or a column in a table" a temporary name#asically aliases are created to make column names more readable#

SQL A*%as S#nta$ for Co*+mns

E!ECT column_name A alias_name,R./ table_name;

SQL A*%as S#nta$ for Ta;*es

E!ECT column_name(s),R./ table_name A alias_name;

A*%as E$amp*e for Ta;*e Co*+mns

The followin; :! statement species two aliases" one for the Customerame column and

one for the Contactame column# T%p: &t reJuires double Juotation marks or sJuarebrackets if the column name contains spaces3E$amp*eE!ECT Customerame A Customer" Contactame A SContact %erson,R./ Customers$

&n the followin; :! statement we combine four columns (Address" City" %ostalCode" andCountry) and create an alias named


17/17

E$amp*eE!ECT o#.rder&'" o#.rder'ate" c#Customerame,R./ Customers A c" .rders A o45ERE c#Customerame6

Documents

Sql komande