标签:mysql
1、内置函数查询
查询服务器版本号及当前日期 mysql> SELECT VERSION(),current_date; +-----------+--------------+ | VERSION() | current_date | +-----------+--------------+ | 5.1.73 | 2017-03-13 | +-----------+--------------+ 1 row in set (0.04 sec) MySQL中不区分大小写,因此如下查询结果与上面是一置的 mysql> select version(),current_date; mysql> SelecT VERsion(),CuRRent_date; 这在手动sql injection中,第三种方式可以有效规避屏蔽大小写的筛选 查询当前时间 mysql> select now(); +---------------------+ | now() | +---------------------+ | 2017-03-13 12:46:48 | +---------------------+ 1 row in set (0.00 sec) 查询当前系统主机名 mysql> select user(); +----------------+ | user() | +----------------+ | root@localhost | +----------------+ 1 row in set (0.00 sec)
2、创建并使用数据库
查看系统中存在的数据库 mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | test | +--------------------+ 3 rows in set (0.01 sec) 创建数据库 mysql> create database test1; 使用数据库 mysql> use test1 Database changed 这里,sql语句中没有加;结尾,当然也可以加上;quit语句也是如此 查看test1数据库中的表 mysql> show tables; Empty set (0.00 sec) 创建表 mysql> create table t1 (name VARCHAR(20),age CHAR(4),sex CHAR(1),birthday DATE,address VARCHAR(20)); Query OK, 0 rows affected (0.07 sec) 查看表 mysql> describe t1; +----------+-------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +----------+-------------+------+-----+---------+-------+ | name | varchar(20) | YES | | NULL | | | age | char(4) | YES | | NULL | | | sex | char(1) | YES | | NULL | | | birthday | date | YES | | NULL | | | address | varchar(20) | YES | | NULL | | +----------+-------------+------+-----+---------+-------+ 5 rows in set (0.00 sec) 向表中插入数据 mysql> insert into t1 -> values (‘xjp‘,‘18‘,NULL,‘1994-01-10‘,‘110@qq.com‘); Query OK, 1 row affected (0.00 sec) 这里NULL代表不存在的值;在一行命令太长的情况下可以多行输入,在结束时输入;即可。 查询插入的数据 mysql> select * from t1; +------+------+------+------------+------------+ | name | age | sex | birthday | address | +------+------+------+------------+------------+ | xjp | 18 | NULL | 1994-01-10 | 110@qq.com | +------+------+------+------------+------------+ 1 row in set (0.00 sec)
SELECT语句用来从数据表中检索信息。语句的一般格式是:
SELECT what_to_select FROM which_table WHERE conditions_to_satisfy;
what_to_select指出你想要看到的内容,可以是列的一个表,或*表示“所有的列”。which_table指出你想要从其检索数据的表。WHERE子句是可选项,如果选择该项,conditions_to_satisfy指定行必须满足的检索条件。
修改表中的数据 mysql> UPDATE t1 SET age = ‘22‘ WHERE name = ‘xjp‘; Query OK, 1 row affected (0.00 sec) Rows matched: 1 Changed: 1 Warnings: 0 mysql> select * from t1; +------+------+------+------------+------------+ | name | age | sex | birthday | address | +------+------+------+------------+------------+ | xjp | 22 | NULL | 1994-01-10 | 110@qq.com | +------+------+------+------------+------------+ 1 row in set (0.00 sec) 插入更多数据 mysql> insert into t1 values (‘wls‘,‘18‘,NULL,‘1995-03-22‘,‘12320@qq.com‘); Query OK, 1 row affected (0.00 sec) mysql> insert into t1 values (‘alex‘,‘50‘,NULL,‘1987-06-22‘,‘12132320@qq.com‘); Query OK, 1 row affected (0.00 sec) mysql> insert into t1 values (‘gg‘,‘30‘,NULL,‘1990-06-10‘,‘143252320@qq.com‘); Query OK, 1 row affected (0.00 sec) mysql> insert into t1 values (‘kyf‘,‘33‘,NULL,‘1985-07-24‘,‘14435478320@qq.com‘); Query OK, 1 row affected (0.00 sec)
3、行查询
查询年龄在25岁以上的人和25岁以下的人
mysql> SELECT * FROM t1 WHERE age > ‘25‘; +------+------+------+------------+--------------------+ | name | age | sex | birthday | address | +------+------+------+------------+--------------------+ | alex | 50 | NULL | 1987-06-22 | 12132320@qq.com | | gg | 30 | NULL | 1990-06-10 | 143252320@qq.com | | kyf | 33 | NULL | 1985-07-24 | 14435478320@qq.com | +------+------+------+------------+--------------------+ 3 rows in set (0.00 sec) mysql> SELECT * FROM t1 WHERE age < ‘25‘; +------+------+------+------------+--------------+ | name | age | sex | birthday | address | +------+------+------+------------+--------------+ | xjp | 22 | NULL | 1994-01-10 | 110@qq.com | | wls | 18 | NULL | 1995-03-22 | 12320@qq.com | +------+------+------+------------+--------------+ 2 rows in set (0.00 sec)
查询年龄在25岁以上,和邮箱为12132320@qq.com的人
mysql> SELECT * FROM t1 WHERE age > ‘25‘ AND address = ‘12132320@qq.com‘; +------+------+------+------------+-----------------+ | name | age | sex | birthday | address | +------+------+------+------------+-----------------+ | alex | 50 | NULL | 1987-06-22 | 12132320@qq.com | +------+------+------+------------+-----------------+ 1 row in set (0.00 sec)
查询年龄是30或50岁的人
mysql> SELECT * FROM t1 WHERE age = ‘50‘ or age = ‘30‘; +------+------+------+------------+------------------+ | name | age | sex | birthday | address | +------+------+------+------------+------------------+ | alex | 50 | NULL | 1987-06-22 | 12132320@qq.com | | gg | 30 | NULL | 1990-06-10 | 143252320@qq.com | +------+------+------+------------+------------------+ 2 rows in set (0.00 sec)
AND和OR可以混用,但AND比OR具有更高的优先级。如果你使用两个操作符,使用圆括号指明如何对条件进行分组是一个好主意
mysql> SELECT * FROM t1 WHERE (age = ‘50‘ or age = ‘30‘) or (name = ‘wls‘ and name =‘kyf‘); +------+------+------+------------+------------------+ | name | age | sex | birthday | address | +------+------+------+------------+------------------+ | alex | 50 | NULL | 1987-06-22 | 12132320@qq.com | | gg | 30 | NULL | 1990-06-10 | 143252320@qq.com | +------+------+------+------------+------------------+ 2 rows in set (0.00 sec)
4、列查询
查询每个人的生日;用逗号隔开
mysql> SELECT name,birthday FROM t1; +------+------------+ | name | birthday | +------+------------+ | xjp | 1994-01-10 | | wls | 1995-03-22 | | alex | 1987-06-22 | | gg | 1990-06-10 | | kyf | 1985-07-24 | +------+------------+ 5 rows in set (0.00 sec)
查询gg和kyf 的生日
mysql> SELECT name,birthday FROM t1 WHERE name = ‘gg‘ OR name = ‘kyf‘; +------+------------+ | name | birthday | +------+------------+ | gg | 1990-06-10 | | kyf | 1985-07-24 | +------+------------+ 2 rows in set (0.00 sec)
5、order by
按年龄排序(默认为升序排列)
mysql> SELECT name,age FROM t1 ORDER BY age; +------+------+ | name | age | +------+------+ | wls | 18 | | xjp | 22 | | gg | 30 | | kyf | 33 | | alex | 50 | +------+------+ 5 rows in set (0.00 sec)
在字符类型列上,与所有其他比较操作类似,分类功能正常情况下是以区分大小写的方式执行的。这意味着,对于等同但大小写不同的列,并未定义其顺序。对于某一列,可以使用BINARY强制执行区分大小写的分类功能
按年龄排序(降序)
mysql> SELECT name,age FROM t1 ORDER BY age DESC; +------+------+ | name | age | +------+------+ | alex | 50 | | kyf | 33 | | gg | 30 | | xjp | 22 | | wls | 18 | +------+------+ 5 rows in set (0.00 sec)
order by 在sql injection中可用于查询当前页面的语句共有几个字段,如本文,有5个字段,那么order by 6,mysql会输出报错信息,就证明当前查询有5个字段
mysql> SELECT * FROM t1 ORDER BY 4; +------+------+------+------------+--------------------+ | name | age | sex | birthday | address | +------+------+------+------------+--------------------+ | kyf | 33 | NULL | 1985-07-24 | 14435478320@qq.com | | alex | 50 | NULL | 1987-06-22 | 12132320@qq.com | | gg | 30 | NULL | 1990-06-10 | 143252320@qq.com | | xjp | 22 | NULL | 1994-01-10 | 110@qq.com | | wls | 18 | NULL | 1995-03-22 | 12320@qq.com | +------+------+------+------------+--------------------+ 5 rows in set (0.00 sec) mysql> SELECT * FROM t1 ORDER BY 5; +------+------+------+------------+--------------------+ | name | age | sex | birthday | address | +------+------+------+------------+--------------------+ | xjp | 22 | NULL | 1994-01-10 | 110@qq.com | | alex | 50 | NULL | 1987-06-22 | 12132320@qq.com | | wls | 18 | NULL | 1995-03-22 | 12320@qq.com | | gg | 30 | NULL | 1990-06-10 | 143252320@qq.com | | kyf | 33 | NULL | 1985-07-24 | 14435478320@qq.com | +------+------+------+------------+--------------------+ 5 rows in set (0.00 sec) mysql> SELECT * FROM t1 ORDER BY 6; ERROR 1054 (42S22): Unknown column ‘6‘ in ‘order clause‘
本文出自 “linux启航” 博客,请务必保留此出处http://jiayimeng.blog.51cto.com/10604001/1906128
标签:mysql
原文地址:http://jiayimeng.blog.51cto.com/10604001/1906128
