Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

How to realize WHERE IN Parametric compilation in SQL

2025-01-28 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Database >

Share

Shulou(Shulou.com)05/31 Report--

This article mainly shows you "how to achieve WHERE IN parametric compilation in SQL", the content is easy to understand, clear, hope to help you solve your doubts, the following let the editor lead you to study and learn "how to achieve WHERE IN parametric compilation in SQL" this article.

Examples

For business requirements, you need to query the database records with domain name fields in the range of ("thief.one", "nmask.cn", "sec.thief.one") from the asset asset table through the SQL statement. How to write the SQL statement?

Splicing (error)

Values = "'thief.one','nmask.cn','sec.thief.one'" sql = "select * from asset where domain in (" + values+ ")" print sql

Description: by constructing sql statements by string concatenation of search conditions, the syntax can be passed, but there are security risks (see sql injection vulnerability)

Parameterization 1 (error)

Values = ("thief.one", "nmask.cn", "sec.thief.one"),) sql = "select * from asset where domain in% s" print sqlprint values

Description: pass in the query content after where in by parameterization. On the face of it, there is no problem, but in the compilation process, ("thief.one", "nmask.cn", "sec.thief.one") as a whole will be regarded as a string, and as a query condition, does not meet the requirements.

Parameterization 2 (correct)

Values = ("thief.one", "nmask.cn", "sec.thief.one") sql = "select * from asset where domain in ({})" .format ("," .join (['% s' for i in values])) print sqlprint values

Description: by calculating the number of strings in values, dynamically construct the compiled parameters.

These are all the contents of the article "how to achieve WHERE IN Parametric compilation in SQL". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Parameters compilation content characters strings articles statements queries methods conditions errors requirements learning help security business number examples dynamics domain names vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple Redmi Shulou Tech Info Docker Shulou Technology Xiaomi macOS Shulou Information vpn Linux MariaDB OPPO Reno Microsoft MySQL Apple NVidia Huawei Redmi Shulou Tech Info Docker Shulou Technology Xiaomi macOS Shulou Information vpn Linux MariaDB OPPO Reno Microsoft MySQL Apple NVidia Huawei

Share To

Related

Database

More Database >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

© 2024 shulou.com SLNews company. All rights reserved.

12
Report