Scribd
Upload
18 views12 pages

SQL Basics

The document provides an overview of SQL basics for database access, emphasizing the role of Database Management Systems (DBMS) in managing enterprise data and facilitating CRUD operations. It covers fundamental SQL commands for creating, inserting, updating, and deleting data in relational databases, along with the importance of using prepared statements to prevent SQL injection attacks. Additionally, it highlights the significance of data models and the relationship between data entities.

Uploaded by

kazam
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
18 views12 pages

SQL Basics

The document provides an overview of SQL basics for database access, emphasizing the role of Database Management Systems (DBMS) in managing enterprise data and facilitating CRUD operations. It covers fundamental SQL commands for creating, inserting, updating, and deleting data in relational databases, along with the importance of using prepared statements to prevent SQL injection attacks. Additionally, it highlights the significance of data models and the relationship between data entities.

Uploaded by

kazam
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

SQL Basics

for Database Access in the OOP Course


Database Management
System (DBMS)
 Independent software to manage enterprise data
 It facilitates
 CRUD operations, provides consistent, reliable data
 Faster data Access with low-cost maintenance
 Improved data sharing and data security
 Eliminates data loss, Backup/restore
 Effective data integration, Scalability and flexibility
 Compliance with privacy regulations
 Increased productivity and Better decision-making
Database (DB)
the storehouse of Data
 A database is an organized collection of structured
information, or data, typically stored electronically in a
computer system. A database is usually controlled by
a database management system (DBMS).
 ODBC, open database connectivity provide single
standardized method to connect verity of DBMS’s DBs
Data model, ERD or ORM
Object relationship model
Related Data in DB
emps and deps are related on deptno
SQL for RDBMS
Structured Query Language
 Create/Alter/Drop
 Databases, Tables, and many other object
 Insert into table (column,…) values (data,…)
 To add new data in table columns
 Select column,… from table where filter order by column,…
 To retrieve filtered and ordered data columns
 Update table set column,… = newData,… where filter
 To modify data in table columns
 Delete from table where filter
 To remove from in table

commit makes changes permanent


rollback undo changes upto last commit
Create table

create table table_name


(
column1_name column1_type, SQLite
column2_name column2_ type,
INTEGER
column3_name column3_ type, REAL
… TEXT
BLOB
)
NULL
may be in one line only, above
preferred in DBMS editor
Insert into table

insert into table_name


(column_name, …)
values
(data, …)
NULL values

may be in one line only, two


lines preferred in DBMS editor
Delete from table

delete from table_name


where filter

may be in one line only, two


lines preferred in DBMS editor
Update table

update table_name
Set column_name1 = newdata1,
column_name2 = newdata2,

where filter

may be in one line only, multiple


lines preferred in DBMS editor
Select … from table

select column_name [as alias], …


from table_name | join of tabulars
[where filter]
[order by column, …]
expressions, operations and functions
group/aggregate functions

may be in one line only, four lines


preferred in DBMS editor
Dynamic statements
used within programs/apps
Concatenation of parts of query strings
and values of variables to form a valid
SQL statement in a string object.
SQL Injection Attacks

Dynamic string objects may be obtained


by any method, f-strings, prepared
statements, etc

Prepared statements or stored


procedures should be used for
performance and to avoid SQL injections.

You might also like