04-21-2009
? is a parameter placeholder. That way you don't have to directly compose the SQL with parameters given (failure to escape the parameters properly is the major reason for SQL injection attacks).
Typically, the ? is not valid at the database layer. Normally the database library will dynamically replace them with the parameters (converting where necessary) in the SQL and pass the resulting the query to the database. In other cases, the database engine may accept placeholders itself, especially true if the db supports prepared statements so that an SQL can be prepared once, thus allowing it to be instantiated multiple times to perform the same query with different set of parameters.
8 More Discussions You Might Find Interesting
1. UNIX and Linux Applications
hi, linux gurus...
i'm trying to write a script in ksh called ResetPass that allows a user to change mysql passwords. the script accepts user, password and host like this: ResetPass <user> <password> <host>. here's the code:
*****************************************************
mysql... (1 Reply)
Discussion started by: ankimo
1 Replies
2. Programming
Hi there,
I have a hierarchical database that include 4 tables. Table A is the parent of B, B is Parent of C, C is parent of D. If I want to query everything in D that is associated with A.name, how do I do that? Thanks!
YanYan (0 Replies)
Discussion started by: pinkgladiator
0 Replies
3. Shell Programming and Scripting
Hi there, I have a table that stores multiple records for many different servers, each of which is timestamped ... I wanted to write a query that would enable me to only output the "latest" record (based on timestamp) for each "unique" server. So for example my main table looks like this
... (3 Replies)
Discussion started by: hcclnoodles
3 Replies
4. Web Development
hello all
i have 2 columns every column in the following format
column1
2011-04-01 11:39:54
column2
2019-02-03 00:00:00
i want get difference between above data as following
2 days 11:39
how to do so ?
i tried many functions but nothing works
please advice what is the query... (6 Replies)
Discussion started by: mogabr
6 Replies
5. Shell Programming and Scripting
Hi,
I want to access mysql query from database , for that i have tried the below code
#! /bin/bash
TABLE_NAME=database1
USER_NAME=root
IP_ADDR=111.20.9.256
somevar=`echo "select altid from alert where altid='2724'"| mysql -h $IP_ADDR -u $USER_NAME $TABLE_NAME `
echo $somevar
... (1 Reply)
Discussion started by: aish11
1 Replies
6. Programming
Hi,
I want to run below query on shellscript but having one problm.
ADV=$( mysql -h "$IP_ADDR" -u "$USER_NAME" "$TABLE_NAME" -BNe" SELECT ADV FROM indata where inid='$INSTRUID' and Date='$latest Date';" )
here Date column contans different below dates
2011-12-01... (0 Replies)
Discussion started by: aish11
0 Replies
7. Programming
Hello
i have created mysql query to compare to values and get difference in percentage
as following:
SELECT file_name, 100 - ((100 * (SELECT file_count FROM xipi_files z WHERE x.file_group = z.file_group AND x.file_name = z.file_name AND z.insert_date = CURDATE( ) - INTERVAL 1 DAY)) /... (1 Reply)
Discussion started by: mogabr
1 Replies
8. Programming
Hi All,
i have a table in mysql with the following data
Table name Test
Assettype Serial_No Status location
Mouse 123456 In Stock chennai
Mouse 98765 Allocated chennai
Keyboard ... (2 Replies)
Discussion started by: venkitesh
2 Replies
LEARN ABOUT OPENSOLARIS
mysql_zap
zap(1) MySQL database zap(1)
NAME
zap - a perl script used to kill processes
USAGE
/usr/bin/mysql_zap [-signal] [-?Ift] pattern
SYNOPSIS
zap [-I|-?] [-f] [-t]
DESCRIPTION
zap supports by executing
-I|-? info
-f force
-t test
NOTE
If -f isn't given, ask user for confirmation for each process to kill. If signal isn't given, try first with signal 15 and after that with
signal 9. If -t is given the processes is only shown on stdout.
SEE ALSO
isamchk(1), isamlog(1), mysql(1), mysqlaccess(1), mysqladmin(1), mysqld(1), mysqld_multi(1), mysqld_safe(1), mysqldump(1), mysql_fix_privi-
lege_tables(1), mysqlshow(1), perror(1), replace(1)
For more information please refer to the MySQL reference manual, which may already be installed locally and which is also available online
at http://www.mysql.com/doc/en/
BUGS
Please refer to http://bugs.mysql.com/ to report bugs.
AUTHOR
Ver 1.0, distribution 4.0.24 Michael (Monty) Widenius (monty@mysql.com), MySQL AB (http://www.mysql.com/). This software comes with no war-
ranty. Manual page by L. (Kill-9) Pedersen (kill-9@kill-9.dk), Mercurmedia Data Model Architect / system developer (http://www.mercurme-
dia.com)
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+--------------------+------------------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+--------------------+------------------------------------+
|Availability | SUNWmysqlr, SUNWmysqlu, SUNWmysqlt |
+--------------------+------------------------------------+
|Interface Stability | External |
+--------------------+------------------------------------+
NOTES
Source for mysql is available on http://opensolaris.org.
MySQL 4.0 19 December 2000 zap(1)