Questions tagged as 'sql'


How to prevent SQL injection in my PHP code?

I developed a page in PHP for internal use of the company I work with and only very few people use it. You can use this page to do some queries, insertions, changes and deletions of a table in a MySQL database, however I believe that my PHP code...
asked by 03.02.2014 / 13:37

What is the difference between INNER JOIN and OUTER JOIN?

What is the difference between INNER JOIN and OUTER JOIN ? Can you give me some examples?     
asked by 19.02.2014 / 03:32

Is it possible to do an UPDATE with data from another table?

I know that it is possible to execute a INSERT with data from another table: INSERT INTO Tabela (Col01, Col02, Col03) SELECT Col01, Col02, Col03 FROM Outra_tabela WHERE Condicao = 'qualquer coisa' But I would like to do t...
asked by 08.12.2016 / 22:03

How do I get the name and attributes of tables from a MySQL database?

How to get the names of all tables in the MySQL database? How to get the attributes (name, type, etc ...) of a given table in the MySQL database?     
asked by 11.12.2013 / 18:08

Delete thousands of records from a table

I have a table, for example, pessoa , and I would like to all people over 40 , with the script below I do this: > DELETE FROM pessoa WHERE pessoa.idade > 40; The problem that there is more than 2 million records in the table ,...
asked by 14.12.2016 / 19:42

To what extent is it not advisable to use an ORM?

I'm working on a very large system using .NET ( MVC) application requires a critical level of performance . To what extent is it worth using an ORM? Is there any tool that I can compare in terms of ORM's performance and pure SQL? I kn...
asked by 28.04.2014 / 21:38

Type of the CPF or CNPJ field in the VARCHAR or INT database?

What type of CPF or CNPJ field in database VARCHAR or INT ? I've seen some posts suggesting to use INT to optimize performance in JOIN and filters. If you have 0 on the left, you can only complete it according...
asked by 22.01.2015 / 14:51

Why parameterized SQL queries (name =?) prevent SQL Injection?

Why parameterized SQL queries ( nome = ? ) prevent SQL Injection? Can you cite examples?     
asked by 12.05.2015 / 13:24

I am suffering from SQL Injection attacks

Since I opened an online project I'm having problems with trespassing, where someone is doing direct inserts in the database. It was the one that gave me initiative to by in all the variables received through the method $_GET and $_POS...
asked by 12.12.2015 / 12:36

Is it wrong to write byte of images in the database?

When should I make this direct recording at the bank? What are the situations? I know I can save the image path to the bank.     
asked by 11.04.2014 / 18:53