Many times a day I have to write similar queries to get single record:
select t.*
from some_table t
where t.Id = 123456
maybe there is some shortcuts for retrieving single record? Like entering id, table and SQL server generates rest code automatically
In Sql Server Go to
Tools-> Options-> Environments->Keyboard
You will get shortcuts, there you can define your own as well as get the standards.
you can set a short cut for a fully executable query like
select * from table where id =20
but not like below
select * from
Related
We have an application which indexes data using user-written SQL statements. We place those statements within parenthesis so we can limit that query to a certain criteria. For example:
select * from (select F_Name from table_1)q where ID > 25
Though we have discovered that this format does not function using a Sybase database. Reporting a syntax error around the parenthesis. I've tried playing around on a test instance but haven't been able to find a way to achieve this result. I'm not directly involved in the development and my SQL knowledge is limited. I'm assuming the 'q' is to give the subresult an alias for the application to use.
Does Sybase have a specific syntax? If so, how could this query be adapted for it?
Thanks in advance.
Sybase ASE is case sensitive w.r.t. all identifiers and the query shall work:
as per #HannoBinder query :
select id from ... is not the same as select ID from... so make sure of the case.
Also make sure that the column ID is returned by the Q query in order to be used in where clause .
If the table and column names are in Upper case the following query shall work:
select * from (select F_NAME, ID from TABLE_1) Q where ID > 25
Is there any possibility to write delete query inside Where clause.
Example:
Select ID,Name From MyTable Where ID IN(Delete From MyTable)
It may be crazy, but let me explain my situation. In our reporting tool, we are supporting to enter SQL where query.
We will use our own Select and From Clause query and combine the user's where query input.
Example:
Select ID,Name From MyTable Where ("Query typed by user")
Here, user can type any kind of where query filter..
If he types like ID=100 our final query becomes like this
Select ID,Name From MyTable Where (ID=100)
One of our customer asked us what will happen if anyone type the delete query as where query filter. he feels this may be the security hole..so we have tried that kind of possibility in our dev environment. But the sql returns error for the following query.
Select ID,Name From MyTable Where ID IN(Delete From MyTable)
So finally, my question is, is there any other possibility to write Delete Query inside Where clause or Select clause.. If it possible, how can I restrict it?
Yes. They can run a delete. They can type:
1 = 1; DELETE FROM MY_TABLE;
Or even worse in some ways, (since you should have backups):
1 = 0 UNION SELECT SOCIAL_SECURITY_NUMBER, CREDIT_CARD_NUMBER, OTHER_SENSITIVE_DATA FROM MY_SENSITIVE_TABLE;
Now, in your case its hard to validate. Normally if you are just passing a value to filter on you can use parameterised sql to save yourself. You however also need to let the user select a column. In cases like these, usually we use a drop down to allow the user to select a predefined list of columns and then validate the column name server side. We give the user a text box to enter the value to match and then parameterise that.
It's not quite possible. But he can do something like this :
Select ID,Name From MyTable Where (ID=100); (DELETE FROM MyTable Where 1 = 1)
by using ID=100); (DELETE FROM MyTable Where 1 = 1 instead of ID=100
I believe what your customer is talking about is SQL injection, as long as you have taken appropriate methods to block other queries from running after your select statement is done, then you should have no problem in letting them type whatever it is that you want.
From my experience there is no way to delete anything when you are doing a select statement.
Just make sure you have query terminator characters so they don't write something like the following.
select column1,column2, from myTable where ID in (1,2); delete from my table
this would be a valid worry from your customer if you aren't taking proper steps to prevent sql injection from happening.
You could have your SQL reporting tool just not have update, or delete permission and just have it have Read permission. However, it is up to you guys have you handle your sql injection security.
With SQL Server 2012 :
use master
select *
yields
Must specify table to select from
which is exactly what I would expect.
But the funny thing is that
use master
select count(*)
returns 1.
Can someone explain to me what is counted here?
Edit : And possibly include sources...
SQL Server is (behind the curtain) effectively applying a from to a dummy table, which has only one row. Thus you will get 1 for your count.
select 'test'
will do the same thing, as an example, return 'test' one time.
It's like the DUAL table in Oracle, SYSDUMMY1 in DB2, etc.
As requested, here's a couple of links to MS Connect on this topic:
Clicky
More Clicky
I am using DBVisualizer 8.0.6 and when I run a simply query like....
select * from table
It only shows the first 1000 rows and then stops the query and displays in the bottom left corner...
"Number of rows limited by maxrows"
How do I change this #? I'm writing a query which needs to export a little over 1000 rows but dbvisualizer has this set limit...
I tried something like
#set maxrows 2000
then commit
then run my query. Still returns only 1000 rows. This is for an Oracle table.
There is a box in SQL Commander labeled Max Rows. Set it to -1 for the complete result set.
Or you could just export directly to a file. This will allow to export many more rows than the DBVisualizer GUI can show you. When having to export a few million records (should you ever need that), this is quite useful.
Simply do something like this in your SQL Commander:
#export on;
#export set Filename="d:\temp\export" format="CSV" DecimalNumberFormat="00000000000" CsvRowDelimiter="\r\n" CsvIncludeColumnHeader="false";
SELECT YOURFIELD FROM YOURTABLE WHERE SOMEFIELD = AFILTERVALUE;
You can find more about this (and the various parameters) here:
http://www.dbvis.com/products/dbvis/doc/7.1/doc/ug/sqlCommander/sqlCommander.html#mozTocId448386
so apparently you need to have DBVisualizer Personal edition to set the maxrows, which the free edition doesn't support. You can get a free trial though. Then you can run something like...
#set maxrows 2000;
select * from table;
If anyone knows how to do this in the free version please feel free to comment, thanks.
From this page, it looks as though the maximum number of rows returned initially is specified within the Tool Properties dialog, on the General Settings tab, on the Table Data node in the Max Rows at First Display property.
select * from table where rownum < 10 would return 9 records for oracle.
But It varies db to db .
Sql server uses select top N fieldName from table.
For MySQL syntax changes as SELECT *FROM table LIMIT N
Maybe Some others use take , skip, etc... So using dbvisualizer , and its setting in the accepted answer is logical for cross db users. It doesn't bother you by varied sql syntax.
Platform: SQL Server 2008
Language: TSQL
I have a number of queries that currently take the general form of (for simplicity sake)
-- Sample begin results
SELECT * from DB01.dbo.table UNION ALL
SELECT * from DB02.dbo.table UNION ALL --many other databases follow with same syntax
How can I modify these queries such that, when a new database comes into existence (named, say DB39C), I ensure that my queries already includes those new records?
--Sample end results
SELECT * from DB01.dbo.table UNION ALL
SELECT * from DB02.dbo.table UNION ALL
SELECT * from DB39C.dbo.table -- this was created as soon as a new database came into existence
I am looking to make sure programmatically, that this happens without my awareness as new databases are added quite regularly and I need the queries I rely on to keep pace.
You might want to have a look at using something like
SELECT name AS DATABASENAME
FROM master.dbo.sysdatabases
and creating dynamic queries
sys.databases (Transact-SQL)