0
点赞
收藏
分享

微信扫一扫

后端基础SQL——高级查询与子查询

q松_松q 2022-05-01 阅读 98

1、MySQL的基础查询语句

     ①排序:知道字段的情况下 select*from  表 order  by  字段名;

mysql> select*from bdd;
+----+--------------+
| xh | xm           |
+----+--------------+
| 43 | Hello        |
|  2 | bb           |
|  3 | bb           |
| 40 | Hello        |
| 41 | Hello        |
| 42 | bb           |
| 44 | 0x48656c6c6f |
+----+--------------+
7 rows in set (0.00 sec)

mysql> select*from bdd order by xh;
+----+--------------+
| xh | xm           |
+----+--------------+
|  2 | bb           |
|  3 | bb           |
| 40 | Hello        |
| 41 | Hello        |
| 42 | bb           |
| 43 | Hello        |
| 44 | 0x48656c6c6f |
+----+--------------+
7 rows in set (0.00 sec)

在不知道字段名的情况下,可以使用order by 1这样的语句;

order by 1指的是第一个字段排序,order by 2指的是第二个字段排序以此类推;

mysql> select*from bdd order by 1;
+----+--------------+
| xh | xm           |
+----+--------------+
|  2 | bb           |
|  3 | bb           |
| 40 | Hello        |
| 41 | Hello        |
| 42 | bb           |
| 43 | Hello        |
| 44 | 0x48656c6c6f |
+----+--------------+
7 rows in set (0.00 sec)

mysql> select*from bdd order by 2;
+----+--------------+
| xh | xm           |
+----+--------------+
| 44 | 0x48656c6c6f |
|  2 | bb           |
|  3 | bb           |
| 42 | bb           |
| 43 | Hello        |
| 40 | Hello        |
| 41 | Hello        |
+----+--------------+
7 rows in set (0.00 sec)

  desc倒序         asc正序;

mysql> select*from bdd order by xh desc;
+----+--------------+
| xh | xm           |
+----+--------------+
| 44 | 0x48656c6c6f |
| 43 | Hello        |
| 42 | bb           |
| 41 | Hello        |
| 40 | Hello        |
|  3 | bb           |
|  2 | bb           |
+----+--------------+
7 rows in set (0.00 sec)

mysql> select*from bdd order by xh asc;
+----+--------------+
| xh | xm           |
+----+--------------+
|  2 | bb           |
|  3 | bb           |
| 40 | Hello        |
| 41 | Hello        |
| 42 | bb           |
| 43 | Hello        |
| 44 | 0x48656c6c6f |
+----+--------------+
7 rows in set (0.00 sec)

②分页:select * from 表 limit n , m;[注:n表示从第几行开始,m表示取几条]

mysql> select*from bdd;
+----+--------------+
| xh | xm           |
+----+--------------+
| 43 | Hello        |
|  2 | bb           |
|  3 | bb           |
| 40 | Hello        |
| 41 | Hello        |
| 42 | bb           |
| 44 | 0x48656c6c6f |
+----+--------------+
7 rows in set (0.00 sec)

mysql> select * from bdd limit 0,1;
+----+-------+
| xh | xm    |
+----+-------+
| 43 | Hello |
+----+-------+
1 row in set (0.00 sec)

mysql> select*from bdd limit 0,2;
+----+-------+
| xh | xm    |
+----+-------+
| 43 | Hello |
|  2 | bb    |
+----+-------+
2 rows in set (0.00 sec)

mysql> select*from bdd limit 1,2;
+----+------+
| xh | xm   |
+----+------+
|  2 | bb   |
|  3 | bb   |
+----+------+
2 rows in set (0.00 sec)

mysql> select*from bdd limit 2,2;
+----+-------+
| xh | xm    |
+----+-------+
|  3 | bb    |
| 40 | Hello |
+----+-------+
2 rows in set (0.00 sec)

③模糊查询:select * from 表 where username like 'like';[注:like和=是一样的意思]

mysql> select * from bdd;
+----+--------------+
| xh | xm           |
+----+--------------+
| 43 | Hello        |
|  2 | bb           |
|  3 | bb           |
| 40 | Hello        |
| 41 | Hello        |
| 42 | bb           |
| 44 | 0x48656c6c6f |
+----+--------------+
7 rows in set (0.00 sec)

mysql> select * from bdd where xm='bb';
+----+------+
| xh | xm   |
+----+------+
|  2 | bb   |
|  3 | bb   |
| 42 | bb   |
+----+------+
3 rows in set (0.00 sec)

mysql> select*from bdd where xm like 'bb';
+----+------+
| xh | xm   |
+----+------+
|  2 | bb   |
|  3 | bb   |
| 42 | bb   |
+----+------+
3 rows in set (0.00 sec)

如果我们要取这张表里面所有含有b字符的东西的话,那就要在前后b的前后都加一个%,例'%b%'

如果要取b开头的,就在b的结尾加一个%,例'b%'

如果是b结尾的,就在b的开头加一个%,例'%b'

mysql> select*from bdd where xm like 'b';
Empty set (0.00 sec)

mysql> select * from bdd where xm like '%b%';
+----+------+
| xh | xm   |
+----+------+
|  2 | bb   |
|  3 | bb   |
| 42 | bb   |
+----+------+
3 rows in set (0.00 sec)

④运算符号:+、-、*、/、%;   [注:运算符中的%指的是取余]

mysql> select 9+1;
+-----+
| 9+1 |
+-----+
|  10 |
+-----+
1 row in set (0.00 sec)

mysql> select 10-1;
+------+
| 10-1 |
+------+
|    9 |
+------+
1 row in set (0.00 sec)

mysql> select 2*2;
+-----+
| 2*2 |
+-----+
|   4 |
+-----+
1 row in set (0.02 sec)

mysql> select 8/2;
+--------+
| 8/2    |
+--------+
| 4.0000 |
+--------+
1 row in set (0.00 sec)

mysql> select 9%4;
+------+
| 9%4  |
+------+
|    1 |
+------+
1 row in set (0.00 sec)

⑤逻辑运算:

AND&
ORI

NOT

编程中会进行判断,通常会用True或False来代替,一个是真一个是假;有的时候True和False会用0和1来代替,0代表假,1代表真;

mysql> select * from bdd;
+----+--------------+
| xh | xm           |
+----+--------------+
| 43 | Hello        |
|  2 | bb           |
|  3 | bb           |
| 40 | Hello        |
| 41 | Hello        |
| 42 | bb           |
| 44 | 0x48656c6c6f |
+----+--------------+
7 rows in set (0.00 sec)

mysql> select * from bdd where xm='bb';
+----+------+
| xh | xm   |
+----+------+
|  2 | bb   |
|  3 | bb   |
| 42 | bb   |
+----+------+
3 rows in set (0.00 sec)

mysql> select * from bdd where xm ='bb' and xh=42;
+----+------+
| xh | xm   |
+----+------+
| 42 | bb   |
+----+------+
1 row in set (0.00 sec)

mysql> select * from bdd where xm='bb' && xh=42;
+----+------+
| xh | xm   |
+----+------+
| 42 | bb   |
+----+------+
1 row in set (0.00 sec)

mysql> select * from bdd where xm='bb' or xh=43;
+----+-------+
| xh | xm    |
+----+-------+
| 43 | Hello |
|  2 | bb    |
|  3 | bb    |
| 42 | bb    |
+----+-------+
4 rows in set (0.00 sec)

mysql> select * from bdd where xm='bb' || xh=43;
+----+-------+
| xh | xm    |
+----+-------+
| 43 | Hello |
|  2 | bb    |
|  3 | bb    |
| 42 | bb    |
+----+-------+
4 rows in set (0.00 sec)

mysql> select * from bdd where not xm='bb';
+----+--------------+
| xh | xm           |
+----+--------------+
| 43 | Hello        |
| 40 | Hello        |
| 41 | Hello        |
| 44 | 0x48656c6c6f |
+----+--------------+
4 rows in set (0.00 sec)

mysql> select * from bdd where  xm!='bb';
+----+--------------+
| xh | xm           |
+----+--------------+
| 43 | Hello        |
| 40 | Hello        |
| 41 | Hello        |
| 44 | 0x48656c6c6f |
+----+--------------+
4 rows in set (0.00 sec)

⑥延迟:sleep(秒)           AND :执行有选择

   在or使用语句当中,如果前面的条件是假的,就不会执行后面的东西;

mysql> select sleep(5);
+----------+
| sleep(5) |
+----------+
|        0 |
+----------+

mysql> select * from bdd where xm ='bb';
+----+------+
| xh | xm   |
+----+------+
|  2 | bb   |
|  3 | bb   |
| 42 | bb   |
+----+------+
3 rows in set (0.00 sec)

mysql> select * from bdd where xm ='bb' and sleep(2);
Empty set (6.04 sec)//这里的6秒是因为xm字段里面又3条bb,一条2秒所以这里是6秒//

mysql> select * from bdd where xm ='bb' or sleep(1);
+----+------+
| xh | xm   |
+----+------+
|  2 | bb   |
|  3 | bb   |
| 42 | bb   |
+----+------+
3 rows in set (4.06 sec)
//这里xm字段里的3条bb都执行了3次1秒,执行了3次之后还是会去检查or  sleep(1),当xm='bb'这个条件不满足的时候,自己又执行了1次sleep(1),执行之后发现是等于0(假的意思),然后发现这一块没有等于0的东西,所以还是会执行多1秒,就是真的意思//

2、联合查询:union,会将两条语句并在一起输出;

     联合查询的字段名是取union前面那个查询的结果的字段名来作为字段名;

mysql> select * from bdd  where xh=42;
+----+------+
| xh | xm   |
+----+------+
| 42 | bb   |
+----+------+
1 row in set (0.00 sec)

mysql> select * from bdd where xh=42 union select 1,2;
+----+------+
| xh | xm   |
+----+------+
| 42 | bb   |
|  1 | 2    |
+----+------+
2 rows in set (0.01 sec)

联合查询的字段数必须相同;

mysql> select * from bdd where xh=42 union  select 1,2,3;
ERROR 1222 (21000): The used SELECT statements have a different number of columns

联合查询里前面的语句与后面的语句查询出来有相等的时候,就只会输出一个;

mysql> select * from bdd where xh=42 union select 42,'bb';
+----+------+
| xh | xm   |
+----+------+
| 42 | bb   |
+----+------+
1 row in set (0.00 sec)

如果要两个都输出的话,使用union  all  语句;

mysql> select * from bdd where xh=42 union all select 42,'bb';
+----+------+
| xh | xm   |
+----+------+
| 42 | bb   |
| 42 | bb   |
+----+------+
2 rows in set (0.00 sec)

3、子查询:子查询是一种常用的计算机语言SELECT—SQL语言中嵌套查询下层的程序模块。当        一个查询是另一个查询的条件时,称之为子查询。

     简单理解:子查询就如同1+2*5    (1+2)*2=6,子查询就是优先执行,然后执行得到的结果         作为某个查询的条件。

     使用子查询,外面必须要有一个单独属于它自己的括号。

mysql> select * from bdd where xh=43;
+----+-------+
| xh | xm    |
+----+-------+
| 43 | Hello |
+----+-------+
1 row in set (0.00 sec)

mysql> select * from bdd where xh=(select 43);//这里优先执行了括号里东西//
+----+-------+
| xh | xm    |
+----+-------+
| 43 | Hello |
+----+-------+
1 row in set (0.00 sec)

方便理解的例子:

select * from user where username = (select username from admin where id = 1);
//admin表当id=1的用户名是否在user表也存在//

select * from user where username in (select username from admin);
//检查admin表和user表是否有用户名相等//

4、渗透测试常用函数

     ①group_concat(col)  返回由属于一组的列值连接组合而成的结果;

mysql> select * from bdd;
+----+--------------+
| xh | xm           |
+----+--------------+
| 43 | Hello        |
|  2 | bb           |
|  3 | bb           |
| 40 | Hello        |
| 41 | Hello        |
| 42 | bb           |
| 44 | 0x48656c6c6f |
+----+--------------+
7 rows in set (0.00 sec)

mysql> select group_concat(xm) from bdd;
+-----------------------------------------+
| group_concat(xm)                        |
+-----------------------------------------+
| Hello,bb,bb,Hello,Hello,bb,0x48656c6c6f |
+-----------------------------------------+

② user() 返回当前登录用户名;

mysql> select user();
+----------------+
| user()         |
+----------------+
| root@localhost |
+----------------+
1 row in set (0.00 sec)

③version()   返回Mysql服务器的版本;

mysql> select version ();
+------------+
| version () |
+------------+
| 5.5.53     |
+------------+
1 row in set (0.00 sec)

5、select * from  表 ;*代表这张表里的所有字段

     例:select * from bdd;  =   select  xm,xh  from bdd;

举报

相关推荐

0 条评论