3. INSERT INTO
The INSERT INTO statement is used to insert new
records in a table.
Format:
INSERT INTO table_name (column1,column2,...)
VALUES (value1,value2,...);
4. Example:
INSERT INTO
STD_ID STD_NAME STD_SEC STD_BG
13103020 Tarek K AB+
13103029 Sabbir K B+
13103053 Majedul K A+
INSERT INTO Students (‘STD_NAME’, ‘STD_SEC’, ‘STD_BG’);
VALUES (‘Choyan’, ‘K’, ‘A+');
STD_ID STD_NAME STD_SEC STD_BG
13103020 Tarek K AB+
13103029 Sabbir K B+
13103053 Majedul K A+
13103061 Choyan K A+
Code:
5. UPDATE
The UPDATE statement is used to update existing
records in a table.
Format:
UPDATE table_name
SET column1=value1,column2=value2,...
WHERE some_column=some_value;
6. Example:
UPDATE
STD_ID STD_NAME STD_SEC STD_BG
13103020 Tarek K AB+
13103029 Sabbir K B+
13103053 Majedul K A+
UPDATE Students
SET STD_SEC=‘E'
WHERE STD_ID =‘13103029';
STD_ID STD_NAME STD_SEC STD_BG
13103020 Tarek K AB+
13103029 Sabbir E B+
13103053 Majedul K A+
Code:
7. DELETE
The DELETE statement is used to delete records in
a table.
Format:
DELETE FROM table_name
WHERE some_column=some_value;
8. Example:
DELETE
STD_ID STD_NAME STD_SEC STD_BG
13103020 Tarek K AB+
13103029 Sabbir K B+
13103053 Majedul K A+
13103061 Choyan K A+
DELETE FROM Students
WHERE STD_ID=‘13103061’;
STD_ID STD_NAME STD_SEC STD_BG
13103020 Tarek K AB+
13103029 Sabbir K B+
13103053 Majedul K A+
Code:
9. INJECTION
SQL injection is a technique where malicious users
can inject SQL commands into an SQL statement,
via web page input.
Types of Attack:
Authentication Bypass
Information Disclosure:
Compromised Availability of Data
Remote Command Execution
10. SELECT TOP
The SELECT TOP clause is used to specify the
number of records to return.
Format:
SELECT TOP number|percent column_name(s)
FROM table_name;
11. Example:
SELECT TOP
STD_ID STD_NAME STD_SEC STD_BG
13103020 Tarek K AB+
13103029 Sabbir K B+
13103053 Majedul K A+
Code: SELECT TOP 2 * FROM Students;
STD_ID STD_NAME STD_SEC STD_BG
13103020 Tarek K AB+
13103029 Sabbir K B+
12. LIKE
The LIKE operator is used in a WHERE clause to
search for a specified pattern in a column.
Format:
SELECT column_name(s)
FROM table_name
WHERE column_name LIKE pattern;
13. Example:
LIKE
STD_ID STD_NAME STD_SEC STD_BG
13103020 Tarek K AB+
13103029 Sabbir K B+
13103053 Majedul K A+
13103061 Choyan K A+
SELECT * FROM Students
WHERE STD_BG LIKE ‘A%';;
Code:
STD_ID STD_NAME STD_SEC STD_BG
13103020 Tarek K AB+
13103053 Majedul K A+
13103061 Choyan K A+
14. WILDCARDS
A wildcard character can be used to substitute for
any other character(s) in a string.
SQL Wildcard Characters
In SQL, wildcard characters are used with the SQL LIKE operator.
SQL wildcards are used to search for data within a table.
15. WILDCARDS
Wildcard Description
%
A substitute for zero or more
characters
_ A substitute for a single character
[charlist]
Sets and ranges of characters to
match
[^charlist]
or
[!charlist]
Ma
With SQL, the wildcards are: