56 lines
1.3 KiB
Plaintext
56 lines
1.3 KiB
Plaintext
== Special Characters
|
|
|
|
[source]
|
|
----
|
|
/* */ are inline comments
|
|
-- , # are line comments
|
|
|
|
Example: Select * from users where name = 'admin' --and pass = 'pass'
|
|
----
|
|
|
|
|
|
[source]
|
|
----
|
|
; allows query chaining
|
|
|
|
Example: Select * from users; drop table users;
|
|
----
|
|
|
|
[source]
|
|
----
|
|
',+,|| allows string concatenation
|
|
Char() strings without quotes
|
|
|
|
Example: Select * from users where name = '+char(27) or 1=1
|
|
----
|
|
|
|
|
|
== Special Statements
|
|
|
|
=== Union
|
|
|
|
The Union operator is used, to combine the results of two or more SELECT Statements.
|
|
|
|
Rules to keep in mind, when working with a UNION:
|
|
|
|
- The number of columns selected in each statement must be the same.
|
|
- The datatype of the first column in the first SELECT statement, must match the datatype
|
|
of the first column in the second (third, fourth, ...) SELECT Statement. The Same applies to all other columns.
|
|
|
|
[source]
|
|
------
|
|
SELECT First_Name from user_system_data UNION SELECT login_count FROM user_data;
|
|
------
|
|
|
|
The UNION ALL Syntax also allows duplicate Values.
|
|
|
|
=== Joins
|
|
|
|
The Join operator is used to combine rows from two ore more tables, based on a related column
|
|
|
|
[source]
|
|
-----
|
|
SELECT * FROM user_data INNER JOIN user_data_tan ON user_data.userid=user_data_tan.userid;
|
|
-----
|
|
|
|
For more detailed information about JOINS visit: https://www.w3schools.com/sql/sql_join.asp |