The flat (or table) model consists of a single, two-dimensional array of data elements, where all members of a given column are assumed to be similar values, and all members of a row are assumed to be related to one another. For instance, columns for name and password that might be used as a part of a system security database. Each row would have the specific password associated with an individual user. Columns of the table often have a type associated with them, defining them as character data, date or time information, integers, or floating point numbers. This may not strictly qualify as a data model, as defined above.
Tag Archives: MySQL
Hierarchical Model
A hierarchical database model is a data model in which the data is organized into a tree-like structure. The structure allows representing information using parent/child relationships: each parent can have many children, but each child has only one parent (also known as a 1-to-many relationship). All attributes of a specific record are listed under an entity type.
In a database an entity type is the equivalent of a table. Each individual record is represented as a row, and each attribute as a column. Entity types are related to each other using 1:N mappings, also known as one-to-many relationships. This model is recognized as the first database model created by IBM in the 1960s.
Database Model
A database model is a theory or specification describing how a database is structured and used. S
Database systems can be based on different data models or database models respectively. A data model is a collection of concepts and rules for the description of the structure of the database. Structure of the database means the data types, the constraints and the relationships for the description or storage of data respectively.
A database model is the theoretical foundation of a database and fundamentally determines in which manner data can be stored, organized, and manipulated in a database system. It thereby defines the infrastructure offered by a particular database system.
A data model is not just a way of structuring data: it also defines a set of operations that can be performed on the data. The relational model, for example, defines operations such as select (project) and join. Although these operations may not be explicit in a particular query language, they provide the foundation on which a query language is built.
Below given are the common models
Hierarchical model
Network model
Relational model
Entity-relationship
Object-relational model
Flat model
Multivalue model
Dimensional model
EAV Model
SQL injection
SQL injection is a technique often used to attack databases through a website. This is done by including portions of SQL statements in a web form entry field in an attempt to get the website to pass a newly formed rogue SQL command to the database (e.g. dump the database contents to the attacker). SQL injection is a code injection technique that exploits a security vulnerability in a website’s software. The vulnerability happens when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL commands are thus injected from the web form into the database of an application (like queries) to change the database content or dump the database information like credit card or passwords to the attacker. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.
• SQL code is injected into the sql query
• Allows attacker to do almost anything the database user is permitted
• Example sql statement will return all the data from the ‘users’ table:
$sql = "SELECT * FROM users WHERE username='$user' AND password='$pass'"; $user and $pass contain the value ' OR 1=1"
• Further attack possibilities: insert data, delete data, read data, denial of service…
Counter Measures
• Use prepared statements when supported by the database
• Use database-specific escaping functions when creating the sql statement ex: mysqli_real_escape_string()
• Addslashes() is not a sufficient approach
CURTIME() Vs NOW()
CURTIME() returns the TIME part of the current time.
NOW() returns the date and time portions as a timestamp in various formats, depending on how it was requested
Example
mysql> SELECT NOW(),CURDATE(),CURTIME();
+———————+————+———–+
| NOW() | CURDATE() | CURTIME() |
+———————+————+———–+
| 2012-06-18 14:14:01 | 2012-06-18 | 14:14:01 |
+———————+————+———–+
1 row in set (0.03 sec)
The difference between MySQL CURTIME() and NOW()
CURTIME() returns the TIME part of the current time.
NOW() returns the date and time portions as a timestamp in various formats, depending on how it was requested
Example
mysql> SELECT NOW(),CURDATE(),CURTIME();
+———————+————+———–+
| NOW() | CURDATE() | CURTIME() |
+———————+————+———–+
| 2012-06-18 14:14:01 | 2012-06-18 | 14:14:01 |
+———————+————+———–+
1 row in set (0.03 sec)
MySQL CURDATE() Vs NOW()
CURDATE() returns the DATE part of the current time.
NOW() returns the date and time portions as a timestamp in various formats, depending on how it was requested
Example
mysql> SELECT NOW(),CURDATE(),CURTIME();
+———————+————+———–+
| NOW() | CURDATE() | CURTIME() |
+———————+————+———–+
| 2012-06-18 14:14:01 | 2012-06-18 | 14:14:01 |
+———————+————+———–+
1 row in set (0.03 sec)
The difference between MySQL CURDATE() and NOW()
CURDATE() returns the DATE part of the current time.
NOW() returns the date and time portions as a timestamp in various formats, depending on how it was requested
Example
mysql> SELECT NOW(),CURDATE(),CURTIME();
+———————+————+———–+
| NOW() | CURDATE() | CURTIME() |
+———————+————+———–+
| 2012-06-18 14:14:01 | 2012-06-18 | 14:14:01 |
+———————+————+———–+
1 row in set (0.03 sec)
mysql_connect() vs mysql_pconnect()
Difference between mysql_connect() and mysql_pconnect() PHP
mysql_pconnect() acts very much like mysql_connect() with two major differences.
When connecting using mysql_pconnect() , the function would first try to find a (persistent) link that’s already open with the same host, username and password. If one is found, an identifier for it will be returned instead of opening a new connection.
When connecting using mysql_connect(), the connection to the SQL server will not be closed when the execution of the script ends. Instead, the link will remain open for future use
Note :mysql_close() will not close links established by mysql_pconnect().
Difference between mysql_connect() and mysql_pconnect() PHP
Difference between mysql_connect() and mysql_pconnect() PHP
mysql_pconnect() acts very much like mysql_connect() with two major differences.
When connecting using mysql_pconnect() , the function would first try to find a (persistent) link that’s already open with the same host, username and password. If one is found, an identifier for it will be returned instead of opening a new connection.
When connecting using mysql_connect(), the connection to the SQL server will not be closed when the execution of the script ends. Instead, the link will remain open for future use
Note :mysql_close() will not close links established by mysql_pconnect().