Data Science, SQL

SQL Injection — All Your Data Are Ours

Relational databases store information in tables — with columns that are analogous to elements in a data structure and rows which are one instance of that data structure. The SQL language is used to interact with that database information.

SQL injection refers to programming laziness when dealing with processing SQL allows clever attackers to manipulate HTML forms to “poison” SQL to subvert security measures and open up all your data to their scrutiny. There are few circumstances more terrifying than discovering your precious intellectual property, customer information including credit card details, and more are being perused by your competition or being sold on the dark web.

Herein we cover the basics of SQL injection, a huge topic with decades of background, to provide the first steps in understanding the importance of properly handling your SQL, the techniques used by your adversaries (even if you didn’t realize you had adversaries), and starting points to armoring your database.

The SQL injection attack works on “poisoning” dynamic SQL statements to cause a behavior other than what the programmers intended. A “dynamic statement” is one that’s generated at run-time using parameters passed in from a web form or URI query string.

Data Science, SQL

SQL Coalesce — Weeding Through The NULLs

Relational databases store information in tables — with columns that are analogous to elements in a data structure and rows that are one instance of that data structure. In SQL, a table cell without a value contains a special marker, NULL, which is not the same as zero, an empty string, or any other kind of value that works with equality tests; i.e. NULL != 0, NULL != "“, etc. The SQL Coalesce statement is one way of processing these NULL values for common uses like text processing.

Data Science, SQL

SQL Where — Getting At Your Dreams

Relational databases store information in tables — with columns that are analogous to elements in a data structure and rows which are one instance of that data structure — the order of which is undetermined; in no way guaranteed to reflect the order in which the data was inserted into the table.

The SQL Where clause restricts actions to those rows which satisfy a condition. The general form of SQL Where is:

SELECT column1, column2, … 
FROM table 
WHERE predicate;

Because SQL creates, reads, updates, and deletes (CRUD) database information, the WHERE predicate is used to corral its actions in SELECT, UPDATE, and DELETE statements.

Mentor Stories, School of Business

Udacity Mentor Spotlight: Vedran Leder — From Struggling To Mentoring

Udacity Mentors thrive on building a network of learners who want to upskill themselves. Vedran Leder, a current Udacity Mentor, knows this first hand.

After getting an undergraduate degree in Psychology, Leder struggled to find a full-time job in his field, build a network, and ultimately a career.

Data Science, SQL

SQL Delete — All Good Things Must End

Relational databases store information in tables — with columns that are analogous to elements in a data structure and rows which are one instance of that data structure — which are brought into existence via the SQL Create Table statement.

The SQL Delete statement is used to remove rows from data from the tables. It looks like:

DELETE FROM table WHERE condition ;

Be exceedingly careful around the WHERE clause; an error in restricting the scope of deletion can have shocking consequences. (Consider making a table backup with the SQL Create Table From statement.)

Data Science, SQL

SQL Create Table — Storing All The Things

type — what kind of data can be held
constraint — restrictions on the data

This blog entry covers many of the common SQL data types and the constrains that may be placed upon them. Practical examples and source code is provided. Table structure may be changed after creation with the SQL Alter statement.

Data Science, SQL

SQL Distinct — Getting the Basics Down

Relational databases store information in tables — columns that are analogous to elements in a data structure and rows which are one instance of that data structure. In those cases where this data set contains duplicate values (like membership location by state or province) SQL Distinct traverses these data, filters them, and returns just one of each duplicated value (making it easy to determine, for example, the number of members living in each state). SQL Distinct evaluates the span of a particular set of values.

Starting With SQL Distinct

We start with a table of some of Charles Dickens’ characters and the novels in which they appear. This table is imagined not as an exhaustive index of every character but those most worth discovering; it’s a table of the most notable and memorable characters in Dickens’ oeuvre.

Author: Michael Sattler

SQL Injection — All Your Data Are Ours

SQL Coalesce — Weeding Through The NULLs

SQL Where — Getting At Your Dreams

Udacity Mentor Spotlight: Vedran Leder — From Struggling To Mentoring

SQL Delete — All Good Things Must End

SQL Create Table — Storing All The Things

SQL Distinct — Getting the Basics Down

Starting With SQL Distinct

Advance Your Career

You have Successfully Subscribed!

Click below to download your preferred Career Guide