SQL Tutorial

• SQL | Datatypes
• SQL | DDL, DML, TCL and DCL
• SQL | TRANSACTIONS
• SQL | VIEWS
• SQL | Comments
• SQL | Constraints
• SQL | Creating Roles
• SQL | Indexes
• SQL | SEQUENCES
• SQL | Query Processing
• CTE in SQL
• SQL Trigger | Student Database
• Book Management Database
• Introduction to NoSQL

SQL Clauses / Operators

• SQL | WITH clause
• SQL | With Ties Clause
• SQL | Arithmetic Operators
• SQL | Wildcard operators
• SQL | Intersect & Except clause
• SQL | USING Clause
• SQL | MERGE Statement
• MERGE Statement in SQL Explained
• SQL | DDL, DML, DCL and TCL Commands
• SQL | CREATE DOMAIN
• SQL | DESCRIBE Statement
• SQL | Case Statement
• SQL | UNIQUE Constraint
• SQL | Create Table Extension
• SQL | ALTER (RENAME)
• SQL | ALTER (ADD, DROP, MODIFY)
• SQL | LIMIT Clause
• SQL | INSERT IGNORE Statement
• SQL | LIKE
• SQL | SOME
• SQL | OFFSET-FETCH Clause
• SQL | Except Clause
• Combining aggregate and non-aggregate values in SQL using Joins and Over clause
• SQL | ALL and ANY
• SQL | EXISTS
• SQL | GROUP BY
• SQL | Union Clause
• SQL | Aliases
• SQL | ORDER BY
• SQL | SELECT TOP Clause
• SQL | UPDATE Statement
• SQL | DELETE Statement
• SQL | INSERT INTO Statement
• SQL | AND and OR operators
• SQL | WHERE Clause
• SQL | Distinct Clause
• SQL | SELECT Query
• SQL | DROP, TRUNCATE
• SQL | CREATE
• SQL | Join (Cartesian Join & Self Join)
• SQL | Alternative Quote Operator
• SQL | Concatenation Operator
• SQL | MINUS Operator
• SQL | DIVISION
• SQL | NOT Operator
• SQL | BETWEEN & IN Operator
• SQL | Join (Inner, Left, Right and Full Joins)
• SQL | CHECK Constraint

SQL-Injection

• SQL Injection
• How to use SQLMAP to test a website for SQL Injection vulnerability
• Mitigation of SQL Injection Attack using Prepared Statements (Parameterized Queries)
• Basic SQL Injection and Mitigation with Example

SQL Functions

• SQL | Mathematical functions (SQRT, PI, SQUARE, ROUND, CEILING & FLOOR)
• SQL | Conversion Function
• SQL general functions | NVL, NVL2, DECODE, COALESCE, NULLIF, LNNVL and NANVL
• SQL | Conditional Expressions
• SQL | Character Functions with Examples
• SQL | LISTAGG
• SQL | Aggregate functions
• SQL | Functions (Aggregate and Scalar Functions)
• SQL | Date functions
• SQL | NULL
• SQL | Numeric Functions
• SQL | String functions
• SQL | Advanced Functions

SQL Queries

• SQL | Joining three or more tables
• SQL | How to Get the names of the table
• SQL | Sub queries in From Clause
• SQL | Correlated Subqueries
• SQL | Top-N Queries
• SQL | SUB Queries
• SQL | How to print duplicate rows in a table?
• SQL | How to find Nth highest salary from a table
• DBMS | Nested Queries in SQL
• SQL query to find second highest salary?

PL/SQL

• PL/SQL Introduction
• Cursors in PL/SQL
• Sum Of Two Numbers in PL/SQL
• Reverse a number in PL/SQL
• Factorial of a number in PL/SQL
• Print Patterns in PL/SQL
• Decision Making in PL/SQL
• Oracle SQL | Pseudocolumn
• SQL | Procedures in PL/SQL
• Print different star patterns in SQL
• GCD of two numbers in PL/SQL
• Centered triangular number in PL/SQL
• Floyd’s triangle in PL/SQL
• Convert distance from km to meters and centimeters in PL/SQL
• Convert the given numbers into words in Pl/SQL
• Sum of digits of a number in PL/ SQL
• Sum of digits equal to a given number in PL/SQL
• Sum and average of three numbers in PL/SQL
• Check whether a string is palindrome or not in PL/SQL
• Count odd and even digits in a number in PL/SQL
• No. of vowels and consonants in a given string in PL/SQL
• Area and Perimeter of a circle in PL/SQL
• Finding sum of first n natural numbers in PL/SQL
• Area and Perimeter of Rectangle in PL/SQL
• Sum of the first and last digit of a number in PL/SQL
• Count no. of characters and words in a string in PL/SQL
• Greatest number among three given numbers in PL/SQL
• Concatenation of strings in PL/SQL
• PL/SQL | User Input

MySQL

• MySQL | Regular expressions(Regexp)
• MySQL | Grant/Revoke Privileges
• MySQL | DATABASE() and CURRENT_USER() Functions
• MySQL | BIN() Function
• MySQL | IFNULL
• MySQL | LAST_DAY() Function
• MySQL | RENAME USER
• MySQL | DROP USER
• MySQL | CREATE USER Statement
• MySQL | Change User Password
• PHP | MySQL WHERE Clause
• PHP | MySQL ORDER BY Clause
• PHP | MySQL UPDATE Query
• PHP | MySQL Delete Query
• PHP | MySQL LIMIT Clause
• PHP | MySQL Select Query
• PHP | Inserting into MySQL database
• PHP | MySQL ( Creating Table )
• PHP | MySQL ( Creating Database )

SQL Server

• SQL SERVER | Conditional Statements
• SQL Server Identity
• SQL Server | STUFF() Function

Misc

• SQL using Python
• SQL using Python and SQLite
• SQL using Python (Handling large data)
• Check if Table, View, Trigger, etc present in Oracle
• Performing Database Operations in Java | SQL CREATE, INSERT, UPDATE, DELETE and SELECT
• Difference between Simple and Complex View in SQL
• Difference between Static and Dynamic SQL
• Having Vs Where Clause?
• Inner Join Vs Outer Join
• Difference between SQL and NoSQL

Mitigation of SQL Injection Attack using Prepared Statements (Parameterized Queries)

SQL Injection (SQLi) is one of the most common web application vulnerabilities. It allows attackers to interfere with an application's SQL queries. By injecting malicious SQL code, attackers can gain unauthorized access to a database, retrieve sensitive data, modify or delete data, and execute administrative operations on the database.

Prepared Statements (or Parameterized Queries) offer a robust means to mitigate the risk of SQL injection attacks. Instead of directly incorporating user inputs into SQL statements, prepared statements allow you to define a SQL query with placeholders for user input. The database system ensures that these inputs are treated as data rather than executable code, which prevents attackers from injecting malicious SQL code.

How Prepared Statements Work:

1. Preparation: The SQL statement template is sent to the database server. The server initializes a SQL statement and returns a statement handle, but doesn't execute the SQL command.

2. Binding: You bind the user input values to the statement handle. This means you provide the actual values that replace the placeholders. These values are treated strictly as data.

3. Execution: Once the statement is prepared and bound, it is executed by the database server.

Example using PHP and MySQLi:

Without Prepared Statement (Vulnerable to SQLi):

$sql = "INSERT INTO users (username, password) VALUES ('" . $_POST['username'] . "', '" . $_POST['password'] . "')";
mysqli_query($conn, $sql);

Using Prepared Statement:

$stmt = $conn->prepare("INSERT INTO users (username, password) VALUES (?, ?)");
$stmt->bind_param("ss", $_POST['username'], $_POST['password']);
$stmt->execute();

In the above example:

• The ? characters are placeholders in the SQL statement.
• The bind_param method binds the actual values to these placeholders.
• The "ss" argument specifies the data type for each placeholder (s stands for string in this case).

Advantages of Prepared Statements:

1. Security: They effectively guard against SQL injection attacks.
2. Performance: For repetitive queries, prepared statements can improve performance as the database server can optimize the query execution after the initial setup.

Limitations:

1. Learning Curve: Developers familiar with building SQL queries through string concatenation might find it challenging initially.
2. Not Always Convenient: For dynamically constructed queries, using prepared statements might feel a bit cumbersome.

Additional Recommendations:

1. Least Privilege: Always run your database connections with the least privilege necessary. Don't connect to your database using an admin account.
2. Error Handling: Ensure error messages from the database don't get displayed directly to the end-users, as they might reveal database schema details.
3. Web Application Firewall (WAF): Consider using a WAF to detect and block potential SQLi attempts.

In conclusion, while prepared statements offer a strong defense against SQL injection, they should be used as part of a comprehensive security strategy that involves multiple layers of protection.

1. Parameterized Queries to Prevent SQL Injection:

   • Use placeholders for parameters to ensure data is treated as data, not code.

   -- Example in SQL (for illustration purposes)
   SELECT * FROM users WHERE username = ? AND password = ?;
   

2. Secure Database Access in Java with Prepared Statements:

   • Using PreparedStatement in Java for secure database access.

   String sql = "SELECT * FROM users WHERE username = ? AND password = ?";
   try (PreparedStatement pstmt = connection.prepareStatement(sql)) {
       pstmt.setString(1, inputUsername);
       pstmt.setString(2, inputPassword);
       ResultSet rs = pstmt.executeQuery();
       // Process the result set
   } catch (SQLException e) {
       e.printStackTrace();
   }
   

3. How to Use PreparedStatement in JDBC to Avoid SQL Injection:

   • JDBC example with PreparedStatement to prevent SQL injection.

   String sql = "INSERT INTO users (username, password) VALUES (?, ?)";
   try (PreparedStatement pstmt = connection.prepareStatement(sql)) {
       pstmt.setString(1, inputUsername);
       pstmt.setString(2, inputPassword);
       pstmt.executeUpdate();
   } catch (SQLException e) {
       e.printStackTrace();
   }
   

4. Preventing SQL Injection in PHP with Prepared Statements:

   • Using PDO in PHP for prepared statements.

   $stmt = $pdo->prepare("SELECT * FROM users WHERE username = ? AND password = ?");
   $stmt->execute([$inputUsername, $inputPassword]);
   $result = $stmt->fetchAll();
   

5. Parameterized Queries in Hibernate for SQL Injection Prevention:

   • Hibernate example with parameterized queries.

   Query query = session.createQuery("FROM User WHERE username = :username AND password = :password");
   query.setParameter("username", inputUsername);
   query.setParameter("password", inputPassword);
   List<User> users = query.list();
   

6. Securing SQL Queries in Python with Prepared Statements:

   • Using parameterized queries with Python's sqlite3 module.

   cursor.execute("SELECT * FROM users WHERE username = ? AND password = ?", (inputUsername, inputPassword))
   result = cursor.fetchall()