Posts Tagged with "mysql"

SQL injections. Preventive security.

Posted by Stanislav Furman on June 19, 2019

With this article I want to start a series of articles about web applications security. This topic is truly interesting, sometimes challenging and, of course, very important for any web developer. Even if you think that your website is small and is not attractive to hackers, keep in mind that your website, if it is vulnerable, can be used to trick random users or even attack an external system. For example, using a security hole in your system an attacker can spread an exploit.

In this article I will talk about preventive measures against SQL Injections (aka SQLi). Those are preventive measures that may help in case you have legacy code, or someone in your team accidentally (or blindly) writes code vulnerable to SQLi.

Continue reading

How to update fields from another table in MySQL

Posted by Stanislav Furman on May 28, 2014

This article is to continue the series of short handy MySQL tips that I started a while ago. 

If you need to update a number of column fields in a MySQL table with data from another table, there is a simple way to do it. Lets say you need to update user phone numbers in table1 with the corresponding phone numbers from table2. Then you could run the following query.

Continue reading

Meet AMPPS - a good alternative for XAMPP and WAMP

Posted by Stanislav Furman on October 7, 2013
Meet AMPPS - a good free alternative for XAMPP and WAMP

Concatenating NULL and blank fields in MySQL

Posted by Stanislav Furman on May 17, 2013

If you ever need to concatenate fields that are empty or equal null, you may run into troubles because MySQL doesn't concatenate NULL-fields as you might expect - if there is one of the concatenating fields equals NULL, the whole concatenating value will be NULL.

See the following dummy table:


firstname | middlename | lastname | email
John        J.           Smith      [email protected]
Amanda      NULL         Smith      [email protected]

As you can see Amanda Smith doesn't have middle name. So, if you now run a query that will try to concatenate first name, middle name and last name, you'll get NULL value instead of expected concatenated value.

Continue reading

MySQL. How to insert a row or update if exists in MySQL.

Posted by Stanislav Furman on February 25, 2013
Insert a row into DB, or update row on duplicated key in MySQL.