Category Archives: SQ L& MYsql

Storage Engines in mysql

Mysql support different type of storage engines that will support the table types,myIsam support transaction-safe table and nontransaction-safe tables. Following are different storage engines 1.MyIsam 2.InnoDb 3.MERGE 4.MEMORY(HEAP) 5.BDB-BerkelyDB 6.EXAMPLE 7.Federated 8.ARCHIVE 9.CSV 10.BLACKHOLE

SQL Constraints

Constraints are used to limit the type of data inserting into the table.this is doing while creating the table or altering the table. Following are the constraints #)NOT NULL #)UNIQUE #)PRIMARY KEY #)FOREIGN KEY #)CHECK #)DEFAULT

unique index on a table

unique index means that two rows cannot have the same index value. unique index creates using the keyword unique. For example: Simple index: create index myindex on tablefirst(cloumn1); Unique index: create unique index myindex2 on tablesecond(column2);

Mysql Export-databse,tables

Export data into the outfile using select statement. mysql>Select * from tutorials_tbl into OUTFILE ‘/tmp/tutorials.txt’; ‘mysqldump’ is used to copy or back up tables and databases $mysqldump -u root -p TUTORIALS tutorials_tbl>dump.txt password $mysqldump -u root -p TUTORIALS > database_dump.txt password **** $mysqldump -u root -p –all-databases>database_dump.txt password**

Like Operator in mysql with Escape Characters

To Address LIKE quandary, a custome escaping mechanism must convert user-supplied % and _ characters to literals.Use addcslashes(), a function the let’s you specify a character range tot escape For Examples $mydoubts=addcslashes(mysql_real_escape_string(“%something_”),”%_”); //$mydoubts=\%something\_ mysql_query(“SELECT * From messages where subject LIKE ‘{$mydoubts}%’”);

Preventing SQL injection in Webapplication

You can handle all escape characters smartly in scripting languages like PERL and PHP. The MySql extension for PHP provides the function mysql_real_escape_string() to escape input characters that are special to MySQL. Below are the one example for esacpe input characters. if(get_magic_quotes_gpc()) { $name=stripslashes($name); } $name=mysql_real_escape_string($name); $qry=”Select * from users where name='{$name}’”; mysql_query($qry); mysql_real_escape_string -Escapes… Read More »

MYSQL Injection

Injection usually occurs when you ask a user input,like their name and instead of a name given you a mysql statement that you will unknowingly run on your database. For Examples $name=”mydoubts.in’;Delete from users;”; mysql_query(“Select * from useres where name='{$name}’”); if you use mysql,the mysql_query() function does not permit query stacking,or executing multiple queries in… Read More »