SQL Tutorial

• SQL | Datatypes
• SQL | DDL, DML, TCL and DCL
• SQL | TRANSACTIONS
• SQL | VIEWS
• SQL | Comments
• SQL | Constraints
• SQL | Creating Roles
• SQL | Indexes
• SQL | SEQUENCES
• SQL | Query Processing
• CTE in SQL
• SQL Trigger | Student Database
• Book Management Database
• Introduction to NoSQL

SQL Clauses / Operators

• SQL | WITH clause
• SQL | With Ties Clause
• SQL | Arithmetic Operators
• SQL | Wildcard operators
• SQL | Intersect & Except clause
• SQL | USING Clause
• SQL | MERGE Statement
• MERGE Statement in SQL Explained
• SQL | DDL, DML, DCL and TCL Commands
• SQL | CREATE DOMAIN
• SQL | DESCRIBE Statement
• SQL | Case Statement
• SQL | UNIQUE Constraint
• SQL | Create Table Extension
• SQL | ALTER (RENAME)
• SQL | ALTER (ADD, DROP, MODIFY)
• SQL | LIMIT Clause
• SQL | INSERT IGNORE Statement
• SQL | LIKE
• SQL | SOME
• SQL | OFFSET-FETCH Clause
• SQL | Except Clause
• Combining aggregate and non-aggregate values in SQL using Joins and Over clause
• SQL | ALL and ANY
• SQL | EXISTS
• SQL | GROUP BY
• SQL | Union Clause
• SQL | Aliases
• SQL | ORDER BY
• SQL | SELECT TOP Clause
• SQL | UPDATE Statement
• SQL | DELETE Statement
• SQL | INSERT INTO Statement
• SQL | AND and OR operators
• SQL | WHERE Clause
• SQL | Distinct Clause
• SQL | SELECT Query
• SQL | DROP, TRUNCATE
• SQL | CREATE
• SQL | Join (Cartesian Join & Self Join)
• SQL | Alternative Quote Operator
• SQL | Concatenation Operator
• SQL | MINUS Operator
• SQL | DIVISION
• SQL | NOT Operator
• SQL | BETWEEN & IN Operator
• SQL | Join (Inner, Left, Right and Full Joins)
• SQL | CHECK Constraint

SQL-Injection

• SQL Injection
• How to use SQLMAP to test a website for SQL Injection vulnerability
• Mitigation of SQL Injection Attack using Prepared Statements (Parameterized Queries)
• Basic SQL Injection and Mitigation with Example

SQL Functions

• SQL | Mathematical functions (SQRT, PI, SQUARE, ROUND, CEILING & FLOOR)
• SQL | Conversion Function
• SQL general functions | NVL, NVL2, DECODE, COALESCE, NULLIF, LNNVL and NANVL
• SQL | Conditional Expressions
• SQL | Character Functions with Examples
• SQL | LISTAGG
• SQL | Aggregate functions
• SQL | Functions (Aggregate and Scalar Functions)
• SQL | Date functions
• SQL | NULL
• SQL | Numeric Functions
• SQL | String functions
• SQL | Advanced Functions

SQL Queries

• SQL | Joining three or more tables
• SQL | How to Get the names of the table
• SQL | Sub queries in From Clause
• SQL | Correlated Subqueries
• SQL | Top-N Queries
• SQL | SUB Queries
• SQL | How to print duplicate rows in a table?
• SQL | How to find Nth highest salary from a table
• DBMS | Nested Queries in SQL
• SQL query to find second highest salary?

PL/SQL

• PL/SQL Introduction
• Cursors in PL/SQL
• Sum Of Two Numbers in PL/SQL
• Reverse a number in PL/SQL
• Factorial of a number in PL/SQL
• Print Patterns in PL/SQL
• Decision Making in PL/SQL
• Oracle SQL | Pseudocolumn
• SQL | Procedures in PL/SQL
• Print different star patterns in SQL
• GCD of two numbers in PL/SQL
• Centered triangular number in PL/SQL
• Floyd’s triangle in PL/SQL
• Convert distance from km to meters and centimeters in PL/SQL
• Convert the given numbers into words in Pl/SQL
• Sum of digits of a number in PL/ SQL
• Sum of digits equal to a given number in PL/SQL
• Sum and average of three numbers in PL/SQL
• Check whether a string is palindrome or not in PL/SQL
• Count odd and even digits in a number in PL/SQL
• No. of vowels and consonants in a given string in PL/SQL
• Area and Perimeter of a circle in PL/SQL
• Finding sum of first n natural numbers in PL/SQL
• Area and Perimeter of Rectangle in PL/SQL
• Sum of the first and last digit of a number in PL/SQL
• Count no. of characters and words in a string in PL/SQL
• Greatest number among three given numbers in PL/SQL
• Concatenation of strings in PL/SQL
• PL/SQL | User Input

MySQL

• MySQL | Regular expressions(Regexp)
• MySQL | Grant/Revoke Privileges
• MySQL | DATABASE() and CURRENT_USER() Functions
• MySQL | BIN() Function
• MySQL | IFNULL
• MySQL | LAST_DAY() Function
• MySQL | RENAME USER
• MySQL | DROP USER
• MySQL | CREATE USER Statement
• MySQL | Change User Password
• PHP | MySQL WHERE Clause
• PHP | MySQL ORDER BY Clause
• PHP | MySQL UPDATE Query
• PHP | MySQL Delete Query
• PHP | MySQL LIMIT Clause
• PHP | MySQL Select Query
• PHP | Inserting into MySQL database
• PHP | MySQL ( Creating Table )
• PHP | MySQL ( Creating Database )

SQL Server

• SQL SERVER | Conditional Statements
• SQL Server Identity
• SQL Server | STUFF() Function

Misc

• SQL using Python
• SQL using Python and SQLite
• SQL using Python (Handling large data)
• Check if Table, View, Trigger, etc present in Oracle
• Performing Database Operations in Java | SQL CREATE, INSERT, UPDATE, DELETE and SELECT
• Difference between Simple and Complex View in SQL
• Difference between Static and Dynamic SQL
• Having Vs Where Clause?
• Inner Join Vs Outer Join
• Difference between SQL and NoSQL

Difference between Static and Dynamic SQL

Static SQL and Dynamic SQL are terms used to describe how SQL statements are prepared and executed in a database environment. Let's look at the differences between the two:

1. Definition:

   • Static SQL: The SQL statements are known and defined at compile time. They do not change at runtime.
   • Dynamic SQL: The SQL statements are generated and defined at runtime. They can change and be constructed on-the-fly based on input or other runtime conditions.

2. Flexibility:

   • Static SQL: Less flexible because the query is fixed at compile time.
   • Dynamic SQL: More flexible as it allows for constructing SQL statements dynamically based on variable values, user inputs, or other runtime factors.

3. Performance:

   • Static SQL: Typically faster, as the database system can optimize the query plan in advance during the compile phase.
   • Dynamic SQL: Can have overhead because the SQL statement must be parsed, compiled, and optimized at runtime. However, some databases do cache execution plans for dynamic queries, mitigating this overhead.

4. Security:

   • Static SQL: More secure because it's not susceptible to SQL injection attacks as the query structure is predefined.
   • Dynamic SQL: Potentially vulnerable to SQL injection attacks if not properly handled. It's essential to use parameterized queries or prepared statements to ensure security.

5. Use Cases:

   • Static SQL: Suitable for situations where the query structure is known in advance and does not change.
   • Dynamic SQL: Useful in scenarios where the query structure depends on certain conditions, such as building reports, dynamic search filters, or constructing queries based on user input.

6. Implementation:

   • Static SQL: Implemented using standard SQL statements in embedded SQL or database APIs.
   • Dynamic SQL: Often implemented using string concatenation or database-specific APIs and functions that allow for the execution of string-based SQL statements.

7. Compilation:

   • Static SQL: The SQL statements are bound and optimized at compile time.
   • Dynamic SQL: The SQL statements are bound and optimized at execution time.

8. Examples:

   • Static SQL:

     SELECT first_name, last_name FROM employees WHERE department_id = 10;
     

   • Dynamic SQL:

     EXECUTE IMMEDIATE 'SELECT first_name, last_name FROM employees WHERE department_id = ' || variable_department_id;
     

When deciding between static and dynamic SQL, it's essential to consider the requirements of the application, the performance implications, and the security risks. While dynamic SQL provides great flexibility, it's crucial to implement it securely to prevent potential vulnerabilities.

1. Dynamic SQL Execution and Security Considerations:

   • Dynamic SQL Execution:

     EXECUTE IMMEDIATE 'SELECT * FROM Employees WHERE DepartmentID = :dept_id' USING department_id;
     

   • Security Considerations:

     • Always use bind variables or parameterized queries to prevent SQL injection.
     • Validate and sanitize user inputs before constructing dynamic queries.

2. Static vs Dynamic SQL in Stored Procedures:

   • Static SQL in Stored Procedure:

     CREATE PROCEDURE GetEmployeeInfo
     AS
     BEGIN
         SELECT EmployeeID, FirstName, LastName FROM Employees;
     END;
     

   • Dynamic SQL in Stored Procedure:

     CREATE PROCEDURE GetEmployeeInfoDynamic(@department_id INT)
     AS
     BEGIN
         DECLARE @sql NVARCHAR(MAX);
         SET @sql = 'SELECT EmployeeID, FirstName, LastName FROM Employees WHERE DepartmentID = ' + CAST(@department_id AS NVARCHAR(MAX));
         EXEC sp_executesql @sql;
     END;