SQL is a standard language for accessing and manipulating databases.

What is SQL?
• • •
SQL stands for Structured Query Language SQL lets you access and manipulate databases SQL is an ANSI (American National Standards Institute) standard

What Can SQL do?
• • • • • • • • • •
SQL SQL SQL SQL SQL SQL SQL SQL SQL SQL can can can can can can can can can can execute queries against a database retrieve data from a database insert records in a database update records in a database delete records from a database create new databases create new tables in a database create stored procedures in a database create views in a database set permissions on tables, procedures, and views

SQL is a Standard - BUT....
Although SQL is an ANSI (American National Standards Institute) standard, there are many different versions of the SQL language. However, to be compliant with the ANSI standard, they all support at least the major commands (such as SELECT, UPDATE, DELETE, INSERT, WHERE) in a similar manner. Note: Most of the SQL database programs also have their own proprietary extensions in addition to the SQL standard!

Using SQL in Your Web Site
To build a web site that shows some data from a database, you will need the following:

• • • •

An RDBMS database program (i.e. MS Access, SQL Server, MySQL) A server-side scripting language, like PHP or ASP SQL HTML / CSS

RDBMS
RDBMS stands for Relational Database Management System.

RDBMS is the basis for SQL, and for all modern database systems like MS SQL Server, IBM DB2, Oracle, MySQL, and Microsoft Access. The data in RDBMS is stored in database objects called tables. A table is a collections of related data entries and it consists of columns and rows.

SQL Data Types
1

Data types and ranges for Microsoft Access, MySQL and SQL Server.

Microsoft Access Data Types
Data type Text Description Use for text or combinations of text and numbers. 255 characters maximum Memo is used for larger amounts of text. Stores up to 65,536 characters. Note: You cannot sort a memo field. However, they are searchable Allows whole numbers from 0 to 255 Allows whole numbers between -32,768 and 32,767 Allows whole numbers between -2,147,483,648 and 2,147,483,647 Single precision floating-point. Will handle most decimals Double precision floating-point. Will handle most decimals Use for currency. Holds up to 15 digits of whole dollars, plus 4 decimal places. Tip: You can choose which country's currency to use AutoNumber fields automatically give each record its own number, usually starting at 1 Use for dates and times A logical field can be displayed as Yes/No, True/False, or On/Off. In code, use the constants True and False (equivalent to -1 and 0). Note: Null values are not allowed in Yes/No fields Can store pictures, audio, video, or other BLOBs (Binary Large OBjects) 1 byte 2 bytes 4 bytes 4 bytes 8 bytes 8 bytes Storage

Memo

Byte Integer Long Single Double Currency

AutoNumber

4 bytes

Date/Time Yes/No

8 bytes 1 bit

Ole Object

up to 1GB

Hyperlink Lookup Wizard

Contain links to other files, including web pages Let you type a list of options, which can then be chosen from a drop-down list 4 bytes

MySQL Data Types
In MySQL there are three main types : text, number, and Date/Time types. Text types: Data type CHAR(size) Description Holds a fixed length string (can contain letters, numbers, and special characters). The fixed size is specified in parenthesis. Can store up to 255 characters Holds a variable length string (can contain letters, numbers, and special characters). The maximum size is specified in parenthesis. Can store up to 255 characters. Note: If you put a greater value than 255 it will be converted to a TEXT type Holds a string with a maximum length of 255 characters Holds a string with a maximum length of 65,535 characters For BLOBs (Binary Large OBjects). Holds up to 65,535 bytes of data Holds a string with a maximum length of 16,777,215 characters For BLOBs (Binary Large OBjects). Holds up to 16,777,215 bytes of data Holds a string with a maximum length of 4,294,967,295 characters For BLOBs (Binary Large OBjects). Holds up to 4,294,967,295 bytes of data Let you enter a list of possible values. You can list up to 65535 values in an ENUM list. If a value is inserted that is not in the list, a blank value will be inserted. Note: The values are sorted in the order you enter them. You enter the possible values in this format: ENUM('X','Y','Z') SET Similar to ENUM except that SET may contain up to 64 list items and can store more than one choice

VARCHAR(size)

TINYTEXT TEXT BLOB MEDIUMTEXT MEDIUMBLOB LONGTEXT LONGBLOB ENUM(x,y,z,etc.)

Number types:

Data type TINYINT(size)

Description -128 to 127 normal. 0 to 255 UNSIGNED*. The maximum number of digits may be specified in parenthesis -32768 to 32767 normal. 0 to 65535 UNSIGNED*. The maximum number of digits may be specified in parenthesis -8388608 to 8388607 normal. 0 to 16777215 UNSIGNED*. The maximum number of digits may be specified in parenthesis -2147483648 to 2147483647 normal. 0 to 4294967295 UNSIGNED*. The maximum number of digits may be specified in parenthesis -9223372036854775808 to 9223372036854775807 normal. 0 to 18446744073709551615 UNSIGNED*. The maximum number of digits may be specified in parenthesis A small number with a floating decimal point. The maximum number of digits may be specified in the size parameter. The maximum number of digits to the right of the decimal point is specified in the d parameter A large number with a floating decimal point. The maximum number of digits may be specified in the size parameter. The maximum number of digits to the right of the decimal point is specified in the d parameter A DOUBLE stored as a string , allowing for a fixed decimal point. The maximum number of digits may be specified in the size parameter. The maximum number of digits to the right of the decimal point is specified in the d parameter

SMALLINT(size)

MEDIUMINT(size)

INT(size)

BIGINT(size)

FLOAT(size,d)

DOUBLE(size,d)

DECIMAL(size,d)

*The integer types have an extra option called UNSIGNED. Normally, the integer goes from an negative to positive value. Adding the UNSIGNED attribute will move that range up so it starts at zero instead of a negative number. Date types: Data type DATE() Description A date. Format: YYYY-MM-DD Note: The supported range is from '1000-01-01' to '9999-12-31' DATETIME() *A date and time combination. Format: YYYY-MM-DD HH:MM:SS Note: The supported range is from '1000-01-01 00:00:00' to '9999-12-31 23:59:59' TIMESTAMP() *A timestamp. TIMESTAMP values are stored as the number of seconds since the Unix epoch ('1970-01-01 00:00:00' UTC). Format: YYYY-MM-DD HH:MM:SS Note: The supported range is from '1970-01-01 00:00:01' UTC to '2038-01-09 03:14:07' UTC

TIME()

A time. Format: HH:MM:SS Note: The supported range is from '-838:59:59' to '838:59:59'

YEAR()

A year in two-digit or four-digit format. Note: Values allowed in four-digit format: 1901 to 2155. Values allowed in two-digit format: 70 to 69, representing years from 1970 to 2069

*Even if DATETIME and TIMESTAMP return the same format, they work very differently. In an INSERT or UPDATE query, the TIMESTAMP automatically set itself to the current date and time. TIMESTAMP also accepts various formats, like YYYYMMDDHHMMSS, YYMMDDHHMMSS, YYYYMMDD, or YYMMDD.

SQL Server Data Types
Character strings: Data type char(n) varchar(n) varchar(max) text Description Fixed-length character string. Maximum 8,000 characters Variable-length character string. Maximum 8,000 characters Variable-length character string. Maximum 1,073,741,824 characters Variable-length character string. Maximum 2GB of text data Storage n

Unicode strings: Data type nchar(n) nvarchar(n) nvarchar(max) ntext Description Fixed-length Unicode data. Maximum 4,000 characters Variable-length Unicode data. Maximum 4,000 characters Variable-length Unicode data. Maximum 536,870,912 characters Variable-length Unicode data. Maximum 2GB of text data Storage

Binary types: Data type bit binary(n) Description Allows 0, 1, or NULL Fixed-length binary data. Maximum 8,000 bytes Storage

varbinary(n) varbinary(max) image

Variable-length binary data. Maximum 8,000 bytes Variable-length binary data. Maximum 2GB Variable-length binary data. Maximum 2GB

Number types: Data type tinyint smallint int bigint Description Allows whole numbers from 0 to 255 Allows whole numbers between -32,768 and 32,767 Allows whole numbers between -2,147,483,648 and 2,147,483,647 Allows whole numbers between -9,223,372,036,854,775,808 and 9,223,372,036,854,775,807 Fixed precision and scale numbers. Allows numbers from -10^38 +1 to 10^38 –1. The p parameter indicates the maximum total number of digits that can be stored (both to the left and to the right of the decimal point). p must be a value from 1 to 38. Default is 18. The s parameter indicates the maximum number of digits stored to the right of the decimal point. s must be a value from 0 to p. Default value is 0 numeric(p,s) Fixed precision and scale numbers. Allows numbers from -10^38 +1 to 10^38 –1. The p parameter indicates the maximum total number of digits that can be stored (both to the left and to the right of the decimal point). p must be a value from 1 to 38. Default is 18. The s parameter indicates the maximum number of digits stored to the right of the decimal point. s must be a value from 0 to p. Default value is 0 smallmoney money Monetary data from -214,748.3648 to 214,748.3647 Monetary data from -922,337,203,685,477.5808 to 922,337,203,685,477.5807 Floating precision number data from -1.79E + 308 to 1.79E + 308. The n parameter indicates whether the field should hold 4 or 8 bytes. float(24) holds a 4-byte field and float(53) holds an 8-byte field. Default value of n is 53. 4 bytes 8 bytes 5-17 bytes Storage 1 byte 2 bytes 4 bytes 8 bytes

decimal(p,s)

5-17 bytes

float(n)

4 or 8 bytes

real

Floating precision number data from -3.40E + 38 to 3.40E + 38

4 bytes

Date types: Data type datetime Description From January 1, 1753 to December 31, 9999 with an accuracy of 3.33 milliseconds From January 1, 0001 and December 31, 9999 with an accuracy of 100 nanoseconds From January 1, 1900 to June 6, 2079 with an accuracy of 1 minute Store a date only. From January 1, 0001 to December 31, 9999 Store a time only to an accuracy of 100 nanoseconds The same as datetime2 with the addition of a time zone offset Storage 8 bytes

datetime2

6-8 bytes

smalldatetime date time datetimeoffset

4 bytes 3 bytes 3-5 bytes 8-10 bytes

timestamp

Stores a unique number that gets updated every time a row gets created or modified. The timestamp value is based upon an internal clock and does not correspond to real time. Each table may have only one timestamp variable

Other data types: Data type sql_variant Description Stores up to 8,000 bytes of data of various data types, except text, ntext, and timestamp Stores a globally unique identifier (GUID) Stores XML formatted data. Maximum 2GB Stores a reference to a cursor used for database operations Stores a result-set for later processing

uniqueidentifier xml cursor table

Database Tables
A database most often contains one or more tables. Each table is identified by a name (e.g. "Customers" or "Orders"). Tables contain records (rows) with data.

Below is an example of a table called "Persons": P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

The table above contains three records (one for each person) and five columns (P_Id, LastName, FirstName, Address, and City).

SQL Statements
Most of the actions you need to perform on a database are done with SQL statements. The following SQL statement will select all the records in the "Persons" table:

SELECT * FROM Persons
In this tutorial we will teach you all about the different SQL statements.

Keep in Mind That...

SQL is not case sensitive

Semicolon after SQL Statements?
Some database systems require a semicolon at the end of each SQL statement. Semicolon is the standard way to separate each SQL statement in database systems that allow more than one SQL statement to be executed in the same call to the server. We are using MS Access and SQL Server 2000 and we do not have to put a semicolon after each SQL statement, but some database programs force you to use it.

SQL DML and DDL
SQL can be divided into two parts: The Data Manipulation Language (DML) and the Data Definition Language (DDL). The query and update commands form the DML part of SQL:

• • • •

SELECT - extracts data from a database UPDATE - updates data in a database DELETE - deletes data from a database INSERT INTO - inserts new data into a database

The DDL part of SQL permits database tables to be created or deleted. It also define indexes (keys), specify links between tables, and impose constraints between tables. The most important DDL statements in SQL are:

• • • • • • •

CREATE DATABASE - creates a new database ALTER DATABASE - modifies a database CREATE TABLE - creates a new table ALTER TABLE - modifies a table DROP TABLE - deletes a table CREATE INDEX - creates an index (search key) DROP INDEX - deletes an index

The SQL SELECT Statement
The SELECT statement is used to select data from a database. The result is stored in a result table, called the result-set.

SQL SELECT Syntax 

SELECT column_name(s) FROM table_name
and

SELECT * FROM table_name
Note: SQL is not case sensitive. SELECT is the same as select.

An SQL SELECT Example
The "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

Now we want to select the content of the columns named "LastName" and "FirstName" from the table above.

We use the following SELECT statement:

SELECT LastName,FirstName FROM Persons
The result-set will look like this: LastName Hansen Svendson Pettersen FirstName Ola Tove Kari

SELECT * Example
Now we want to select all the columns from the "Persons" table. We use the following SELECT statement:

SELECT * FROM Persons
Tip: The asterisk (*) is a quick way of selecting all columns! The result-set will look like this: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

Navigation in a Result-set
Most database software systems allow navigation in the result-set with programming functions, like: MoveTo-First-Record, Get-Record-Content, Move-To-Next-Record, etc. Programming functions like these are not a part of this tutorial. To learn about accessing data with function calls, please visit our ADO tutorial or our PHP tutorial.

The SQL SELECT DISTINCT Statement
In a table, some of the columns may contain duplicate values. This is not a problem, however, sometimes you will want to list only the different (distinct) values in a table. The DISTINCT keyword can be used to return only distinct (different) values.

SQL SELECT DISTINCT Syntax 

SELECT DISTINCT column_name(s) FROM table_name

SELECT DISTINCT Example
The "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

Now we want to select only the distinct values from the column named "City" from the table above. We use the following SELECT statement:

SELECT DISTINCT City FROM Persons
The result-set will look like this: City Sandnes Stavanger

The WHERE clause is used to filter records.

The WHERE Clause
The WHERE clause is used to extract only those records that fulfill a specified criterion.

SQL WHERE Syntax 

SELECT column_name(s) FROM table_name WHERE column_name operator value

WHERE Clause Example
The "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

Now we want to select only the persons living in the city "Sandnes" from the table above. We use the following SELECT statement:

SELECT * FROM Persons WHERE City='Sandnes'
The result-set will look like this: P_Id 1 2 LastName Hansen Svendson FirstName Ola Tove Address Timoteivn 10 Borgvn 23 City Sandnes Sandnes

Quotes Around Text Fields
SQL uses single quotes around text values (most database systems will also accept double quotes). Although, numeric values should not be enclosed in quotes. For text values:

This is correct: SELECT * FROM Persons WHERE FirstName='Tove' This is wrong: SELECT * FROM Persons WHERE FirstName=Tove
For numeric values:

This is correct: SELECT * FROM Persons WHERE Year=1965 This is wrong: SELECT * FROM Persons WHERE Year='1965'

Operators Allowed in the WHERE Clause
With the WHERE clause, the following operators can be used: Operator = <> > < >= <= BETWEEN LIKE IN Equal Not equal Greater than Less than Greater than or equal Less than or equal Between an inclusive range Search for a pattern If you know the exact value you want to return for at least one of the columns Description

Note: In some versions of SQL the <> operator may be written as !=

The AND & OR operators are used to filter records based on more than one condition.

The AND & OR Operators
The AND operator displays a record if both the first condition and the second condition is true. The OR operator displays a record if either the first condition or the second condition is true.

AND Operator Example
The "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

Now we want to select only the persons with the first name equal to "Tove" AND the last name equal to "Svendson": We use the following SELECT statement:

SELECT * FROM Persons WHERE FirstName='Tove' AND LastName='Svendson'
The result-set will look like this: P_Id 2 LastName Svendson FirstName Tove Address Borgvn 23 City Sandnes

OR Operator Example
Now we want to select only the persons with the first name equal to "Tove" OR the first name equal to "Ola":

We use the following SELECT statement:

SELECT * FROM Persons WHERE FirstName='Tove' OR FirstName='Ola'
The result-set will look like this: P_Id 1 2 LastName Hansen Svendson FirstName Ola Tove Address Timoteivn 10 Borgvn 23 City Sandnes Sandnes

Combining AND & OR
You can also combine AND and OR (use parenthesis to form complex expressions). Now we want to select only the persons with the last name equal to "Svendson" AND the first name equal to "Tove" OR to "Ola": We use the following SELECT statement:

SELECT * FROM Persons WHERE LastName='Svendson' AND (FirstName='Tove' OR FirstName='Ola')
The result-set will look like this: P_Id 2 LastName Svendson FirstName Tove Address Borgvn 23 City Sandnes

The ORDER BY Keyword
The ORDER BY keyword is used to sort the result-set by a specified column. The ORDER BY keyword sort the records in ascending order by default. If you want to sort the records in a descending order, you can use the DESC keyword.

SQL ORDER BY Syntax 

SELECT column_name(s)

FROM table_name ORDER BY column_name(s) ASC|DESC

ORDER BY Example
The "Persons" table: P_Id 1 2 3 4 LastName Hansen Svendson Pettersen Nilsen FirstName Ola Tove Kari Tom Address Timoteivn 10 Borgvn 23 Storgt 20 Vingvn 23 City Sandnes Sandnes Stavanger Stavanger

Now we want to select all the persons from the table above, however, we want to sort the persons by their last name. We use the following SELECT statement:

SELECT * FROM Persons ORDER BY LastName
The result-set will look like this: P_Id 1 4 3 2 LastName Hansen Nilsen Pettersen Svendson FirstName Ola Tom Kari Tove Address Timoteivn 10 Vingvn 23 Storgt 20 Borgvn 23 City Sandnes Stavanger Stavanger Sandnes

ORDER BY DESC Example
Now we want to select all the persons from the table above, however, we want to sort the persons descending by their last name. We use the following SELECT statement:

SELECT * FROM Persons ORDER BY LastName DESC
The result-set will look like this: P_Id 2 3 4 1 LastName Svendson Pettersen Nilsen Hansen FirstName Tove Kari Tom Ola Address Borgvn 23 Storgt 20 Vingvn 23 Timoteivn 10 City Sandnes Stavanger Stavanger Sandnes

The INSERT INTO statement is used to insert new records in a table.

The INSERT INTO Statement
The INSERT INTO statement is used to insert a new row in a table.

SQL INSERT INTO Syntax 
It is possible to write the INSERT INTO statement in two forms. The first form doesn't specify the column names where the data will be inserted, only their values:

INSERT INTO table_name VALUES (value1, value2, value3,...)
The second form specifies both the column names and the values to be inserted:

INSERT INTO table_name (column1, column2, column3,...) VALUES (value1, value2, value3,...)

SQL INSERT INTO Example
We have the following "Persons" table: P_Id LastName FirstName Address City

1 2 3

Hansen Svendson Pettersen

Ola Tove Kari

Timoteivn 10 Borgvn 23 Storgt 20

Sandnes Sandnes Stavanger

Now we want to insert a new row in the "Persons" table. We use the following SQL statement:

INSERT INTO Persons VALUES (4,'Nilsen', 'Johan', 'Bakken 2', 'Stavanger')
The "Persons" table will now look like this: P_Id 1 2 3 4 LastName Hansen Svendson Pettersen Nilsen FirstName Ola Tove Kari Johan Address Timoteivn 10 Borgvn 23 Storgt 20 Bakken 2 City Sandnes Sandnes Stavanger Stavanger

Insert Data Only in Specified Columns
It is also possible to only add data in specific columns. The following SQL statement will add a new row, but only add data in the "P_Id", "LastName" and the "FirstName" columns:

INSERT INTO Persons (P_Id, LastName, FirstName) VALUES (5, 'Tjessem', 'Jakob')
The "Persons" table will now look like this: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

4 5

Nilsen Tjessem

Johan Jakob

Bakken 2

Stavanger

The INSERT INTO statement is used to insert new records in a table.

The INSERT INTO Statement
The INSERT INTO statement is used to insert a new row in a table.

SQL INSERT INTO Syntax 
It is possible to write the INSERT INTO statement in two forms. The first form doesn't specify the column names where the data will be inserted, only their values:

INSERT INTO table_name VALUES (value1, value2, value3,...)
The second form specifies both the column names and the values to be inserted:

INSERT INTO table_name (column1, column2, column3,...) VALUES (value1, value2, value3,...)

SQL INSERT INTO Example
We have the following "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

Now we want to insert a new row in the "Persons" table. We use the following SQL statement:

INSERT INTO Persons

VALUES (4,'Nilsen', 'Johan', 'Bakken 2', 'Stavanger')
The "Persons" table will now look like this: P_Id 1 2 3 4 LastName Hansen Svendson Pettersen Nilsen FirstName Ola Tove Kari Johan Address Timoteivn 10 Borgvn 23 Storgt 20 Bakken 2 City Sandnes Sandnes Stavanger Stavanger

Insert Data Only in Specified Columns
It is also possible to only add data in specific columns. The following SQL statement will add a new row, but only add data in the "P_Id", "LastName" and the "FirstName" columns:

INSERT INTO Persons (P_Id, LastName, FirstName) VALUES (5, 'Tjessem', 'Jakob')
The "Persons" table will now look like this: P_Id 1 2 3 4 5 LastName Hansen Svendson Pettersen Nilsen Tjessem FirstName Ola Tove Kari Johan Jakob Address Timoteivn 10 Borgvn 23 Storgt 20 Bakken 2 City Sandnes Sandnes Stavanger Stavanger

   

The DELETE Statement
The DELETE statement is used to delete rows in a table.

SQL DELETE Syntax 

DELETE FROM table_name WHERE some_column=some_value
Note: Notice the WHERE clause in the DELETE syntax. The WHERE clause specifies which record or records that should be deleted. If you omit the WHERE clause, all records will be deleted!

SQL DELETE Example
The "Persons" table: P_Id 1 2 3 4 5 LastName Hansen Svendson Pettersen Nilsen Tjessem FirstName Ola Tove Kari Johan Jakob Address Timoteivn 10 Borgvn 23 Storgt 20 Bakken 2 Nissestien 67 City Sandnes Sandnes Stavanger Stavanger Sandnes

Now we want to delete the person "Tjessem, Jakob" in the "Persons" table. We use the following SQL statement:

DELETE FROM Persons WHERE LastName='Tjessem' AND FirstName='Jakob'
The "Persons" table will now look like this: P_Id 1 2 3 4 LastName Hansen Svendson Pettersen Nilsen FirstName Ola Tove Kari Johan Address Timoteivn 10 Borgvn 23 Storgt 20 Bakken 2 City Sandnes Sandnes Stavanger Stavanger

Delete All Rows
It is possible to delete all rows in a table without deleting the table. This means that the table structure, attributes, and indexes will be intact:

DELETE FROM table_name or DELETE * FROM table_name
Note: Be very careful when deleting records. You cannot undo this statement!

The DELETE Statement
The DELETE statement is used to delete rows in a table.

SQL DELETE Syntax 

DELETE FROM table_name WHERE some_column=some_value
Note: Notice the WHERE clause in the DELETE syntax. The WHERE clause specifies which record or records that should be deleted. If you omit the WHERE clause, all records will be deleted!

SQL DELETE Example
The "Persons" table: P_Id 1 2 3 4 5 LastName Hansen Svendson Pettersen Nilsen Tjessem FirstName Ola Tove Kari Johan Jakob Address Timoteivn 10 Borgvn 23 Storgt 20 Bakken 2 Nissestien 67 City Sandnes Sandnes Stavanger Stavanger Sandnes

Now we want to delete the person "Tjessem, Jakob" in the "Persons" table. We use the following SQL statement:

DELETE FROM Persons WHERE LastName='Tjessem' AND FirstName='Jakob'
The "Persons" table will now look like this:

P_Id 1 2 3 4

LastName Hansen Svendson Pettersen Nilsen

FirstName Ola Tove Kari Johan

Address Timoteivn 10 Borgvn 23 Storgt 20 Bakken 2

City Sandnes Sandnes Stavanger Stavanger

Delete All Rows
It is possible to delete all rows in a table without deleting the table. This means that the table structure, attributes, and indexes will be intact:

DELETE FROM table_name or DELETE * FROM table_name
Note: Be very careful when deleting records. You cannot undo this statement!

The DELETE Statement
The DELETE statement is used to delete rows in a table.

SQL DELETE Syntax 

DELETE FROM table_name WHERE some_column=some_value
Note: Notice the WHERE clause in the DELETE syntax. The WHERE clause specifies which record or records that should be deleted. If you omit the WHERE clause, all records will be deleted!

SQL DELETE Example
The "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

4 5

Nilsen Tjessem

Johan Jakob

Bakken 2 Nissestien 67

Stavanger Sandnes

Now we want to delete the person "Tjessem, Jakob" in the "Persons" table. We use the following SQL statement:

DELETE FROM Persons WHERE LastName='Tjessem' AND FirstName='Jakob'
The "Persons" table will now look like this: P_Id 1 2 3 4 LastName Hansen Svendson Pettersen Nilsen FirstName Ola Tove Kari Johan Address Timoteivn 10 Borgvn 23 Storgt 20 Bakken 2 City Sandnes Sandnes Stavanger Stavanger

Delete All Rows
It is possible to delete all rows in a table without deleting the table. This means that the table structure, attributes, and indexes will be intact:

DELETE FROM table_name or DELETE * FROM table_name
Note: Be very careful when deleting records. You cannot undo this statement!

The LIKE Operator
The LIKE operator is used to search for a specified pattern in a column.

SQL LIKE Syntax 

SELECT column_name(s) FROM table_name WHERE column_name LIKE pattern

LIKE Operator Example
The "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

Now we want to select the persons living in a city that starts with "s" from the table above. We use the following SELECT statement:

SELECT * FROM Persons WHERE City LIKE 's%'
The "%" sign can be used to define wildcards (missing letters in the pattern) both before and after the pattern. The result-set will look like this: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

Next, we want to select the persons living in a city that ends with an "s" from the "Persons" table. We use the following SELECT statement:

SELECT * FROM Persons WHERE City LIKE '%s'
The result-set will look like this: P_Id 1 2 LastName Hansen Svendson FirstName Ola Tove Address Timoteivn 10 Borgvn 23 City Sandnes Sandnes

Next, we want to select the persons living in a city that contains the pattern "tav" from the "Persons" table. We use the following SELECT statement:

SELECT * FROM Persons WHERE City LIKE '%tav%'
The result-set will look like this: P_Id 3 LastName Pettersen FirstName Kari Address Storgt 20 City Stavanger

It is also possible to select the persons living in a city that NOT contains the pattern "tav" from the "Persons" table, by using the NOT keyword. We use the following SELECT statement:

SELECT * FROM Persons WHERE City NOT LIKE '%tav%'
The result-set will look like this: P_Id 1 2 LastName Hansen Svendson FirstName Ola Tove Address Timoteivn 10 Borgvn 23 City Sandnes Sandnes

   

SQL Wildcards
SQL wildcards can substitute for one or more characters when searching for data in a database. SQL wildcards must be used with the SQL LIKE operator. With SQL, the following wildcards can be used: Wildcard % _ [charlist] Description A substitute for zero or more characters A substitute for exactly one character Any single character in charlist

[^charlist] or [!charlist]

Any single character not in charlist

SQL Wildcard Examples
We have the following "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

Using the % Wildcard
Now we want to select the persons living in a city that starts with "sa" from the "Persons" table. We use the following SELECT statement:

SELECT * FROM Persons WHERE City LIKE 'sa%'
The result-set will look like this: P_Id 1 2 LastName Hansen Svendson FirstName Ola Tove Address Timoteivn 10 Borgvn 23 City Sandnes Sandnes

Next, we want to select the persons living in a city that contains the pattern "nes" from the "Persons" table. We use the following SELECT statement:

SELECT * FROM Persons WHERE City LIKE '%nes%'

The result-set will look like this: P_Id 1 2 LastName Hansen Svendson FirstName Ola Tove Address Timoteivn 10 Borgvn 23 City Sandnes Sandnes

Using the _ Wildcard
Now we want to select the persons with a first name that starts with any character, followed by "la" from the "Persons" table. We use the following SELECT statement:

SELECT * FROM Persons WHERE FirstName LIKE '_la'
The result-set will look like this: P_Id 1 LastName Hansen FirstName Ola Address Timoteivn 10 City Sandnes

Next, we want to select the persons with a last name that starts with "S", followed by any character, followed by "end", followed by any character, followed by "on" from the "Persons" table. We use the following SELECT statement:

SELECT * FROM Persons WHERE LastName LIKE 'S_end_on'
The result-set will look like this: P_Id 2 LastName Svendson FirstName Tove Address Borgvn 23 City Sandnes

Using the [charlist] Wildcard
Now we want to select the persons with a last name that starts with "b" or "s" or "p" from the "Persons" table.

We use the following SELECT statement:

SELECT * FROM Persons WHERE LastName LIKE '[bsp]%'
The result-set will look like this: P_Id 2 3 LastName Svendson Pettersen FirstName Tove Kari Address Borgvn 23 Storgt 20 City Sandnes Stavanger

Next, we want to select the persons with a last name that do not start with "b" or "s" or "p" from the "Persons" table. We use the following SELECT statement:

SELECT * FROM Persons WHERE LastName LIKE '[!bsp]%'
The result-set will look like this: P_Id 1 LastName Hansen FirstName Ola Address Timoteivn 10 City Sandnes

   

The IN Operator
The IN operator allows you to specify multiple values in a WHERE clause.

SQL IN Syntax 

SELECT column_name(s) FROM table_name WHERE column_name IN (value1,value2,...)

IN Operator Example
The "Persons" table: P_Id LastName FirstName Address City

1 2 3

Hansen Svendson Pettersen

Ola Tove Kari

Timoteivn 10 Borgvn 23 Storgt 20

Sandnes Sandnes Stavanger

Now we want to select the persons with a last name equal to "Hansen" or "Pettersen" from the table above. We use the following SELECT statement:

SELECT * FROM Persons WHERE LastName IN ('Hansen','Pettersen')
The result-set will look like this: P_Id 1 3 LastName Hansen Pettersen FirstName Ola Kari Address Timoteivn 10 Storgt 20 City Sandnes Stavanger

   

The IN Operator
The IN operator allows you to specify multiple values in a WHERE clause.

SQL IN Syntax 

SELECT column_name(s) FROM table_name WHERE column_name IN (value1,value2,...)

IN Operator Example
The "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

Now we want to select the persons with a last name equal to "Hansen" or "Pettersen" from the table above. We use the following SELECT statement:

SELECT * FROM Persons WHERE LastName IN ('Hansen','Pettersen')
The result-set will look like this: P_Id 1 3 LastName Hansen Pettersen FirstName Ola Kari Address Timoteivn 10 Storgt 20 City Sandnes Stavanger

 

SQL Alias
You can give a table or a column another name by using an alias. This can be a good thing to do if you have very long or complex table names or column names. An alias name could be anything, but usually it is short.

SQL Alias Syntax for Tables 

SELECT column_name(s) FROM table_name AS alias_name
SQL Alias Syntax for Columns

SELECT column_name AS alias_name FROM table_name

Alias Example
Assume we have a table called "Persons" and another table called "Product_Orders". We will give the table aliases of "p" an "po" respectively. Now we want to list all the orders that "Ola Hansen" is responsible for. We use the following SELECT statement:

SELECT po.OrderID, p.LastName, p.FirstName FROM Persons AS p, Product_Orders AS po WHERE p.LastName='Hansen' WHERE p.FirstName='Ola'

The same SELECT statement without aliases:

SELECT Product_Orders.OrderID, Persons.LastName, Persons.FirstName FROM Persons, Product_Orders WHERE Persons.LastName='Hansen' WHERE Persons.FirstName='Ola'
As you'll see from the two SELECT statements above; aliases can make queries easier to both write and to read.

SQL JOIN
The JOIN keyword is used in an SQL statement to query data from two or more tables, based on a relationship between certain columns in these tables. Tables in a database are often related to each other with keys. A primary key is a column (or a combination of columns) with a unique value for each row. Each primary key value must be unique within the table. The purpose is to bind data together, across tables, without repeating all of the data in every table. Look at the "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

Note that the "P_Id" column is the primary key in the "Persons" table. This means that no two rows can have the same P_Id. The P_Id distinguishes two persons even if they have the same name. Next, we have the "Orders" table: O_Id 1 2 3 4 5 OrderNo 77895 44678 22456 24562 34764 P_Id 3 3 1 1 15

Note that the "O_Id" column is the primary key in the "Orders" table and that the "P_Id" column refers to the persons in the "Persons" table without using their names. Notice that the relationship between the two tables above is the "P_Id" column.

Different SQL JOINs

Before we continue with examples, we will list the types of JOIN you can use, and the differences between them.

• • • •

JOIN: Return rows when there is at least one match in both tables LEFT JOIN: Return all rows from the left table, even if there are no matches in the right table RIGHT JOIN: Return all rows from the right table, even if there are no matches in the left table FULL JOIN: Return rows when there is a match in one of the tables

SQL INNER JOIN Keyword
The INNER JOIN keyword return rows when there is at least one match in both tables.

SQL INNER JOIN Syntax 

SELECT column_name(s) FROM table_name1 INNER JOIN table_name2 ON table_name1.column_name=table_name2.column_name
PS: INNER JOIN is the same as JOIN.

SQL INNER JOIN Example
The "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

The "Orders" table: O_Id 1 2 3 4 5 OrderNo 77895 44678 22456 24562 34764 P_Id 3 3 1 1 15

Now we want to list all the persons with any orders. We use the following SELECT statement:

SELECT Persons.LastName, Persons.FirstName, Orders.OrderNo FROM Persons INNER JOIN Orders ON Persons.P_Id=Orders.P_Id ORDER BY Persons.LastName
The result-set will look like this: LastName Hansen Hansen Pettersen Pettersen FirstName Ola Ola Kari Kari OrderNo 22456 24562 77895 44678

The INNER JOIN keyword return rows when there is at least one match in both tables. If there are rows in "Persons" that do not have matches in "Orders", those rows will NOT be listed.

SQL INNER JOIN Keyword
The INNER JOIN keyword return rows when there is at least one match in both tables.

SQL INNER JOIN Syntax 

SELECT column_name(s) FROM table_name1 INNER JOIN table_name2 ON table_name1.column_name=table_name2.column_name
PS: INNER JOIN is the same as JOIN.

SQL INNER JOIN Example
The "Persons" table: P_Id 1 LastName Hansen FirstName Ola Address Timoteivn 10 City Sandnes

2 3

Svendson Pettersen

Tove Kari

Borgvn 23 Storgt 20

Sandnes Stavanger

The "Orders" table: O_Id 1 2 3 4 5 OrderNo 77895 44678 22456 24562 34764 P_Id 3 3 1 1 15

Now we want to list all the persons with any orders. We use the following SELECT statement:

SELECT Persons.LastName, Persons.FirstName, Orders.OrderNo FROM Persons INNER JOIN Orders ON Persons.P_Id=Orders.P_Id ORDER BY Persons.LastName
The result-set will look like this: LastName Hansen Hansen Pettersen Pettersen FirstName Ola Ola Kari Kari OrderNo 22456 24562 77895 44678

The INNER JOIN keyword return rows when there is at least one match in both tables. If there are rows in "Persons" that do not have matches in "Orders", those rows will NOT be listed.

SQL INNER JOIN Keyword

The INNER JOIN keyword return rows when there is at least one match in both tables.

SQL INNER JOIN Syntax 

SELECT column_name(s) FROM table_name1 INNER JOIN table_name2 ON table_name1.column_name=table_name2.column_name
PS: INNER JOIN is the same as JOIN.

SQL INNER JOIN Example
The "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

The "Orders" table: O_Id 1 2 3 4 5 OrderNo 77895 44678 22456 24562 34764 P_Id 3 3 1 1 15

Now we want to list all the persons with any orders. We use the following SELECT statement:

SELECT Persons.LastName, Persons.FirstName, Orders.OrderNo FROM Persons INNER JOIN Orders ON Persons.P_Id=Orders.P_Id ORDER BY Persons.LastName

The result-set will look like this: LastName Hansen Hansen Pettersen Pettersen FirstName Ola Ola Kari Kari OrderNo 22456 24562 77895 44678

The INNER JOIN keyword return rows when there is at least one match in both tables. If there are rows in "Persons" that do not have matches in "Orders", those rows will NOT be listed.

SQL INNER JOIN Keyword
The INNER JOIN keyword return rows when there is at least one match in both tables.

SQL INNER JOIN Syntax 

SELECT column_name(s) FROM table_name1 INNER JOIN table_name2 ON table_name1.column_name=table_name2.column_name
PS: INNER JOIN is the same as JOIN.

SQL INNER JOIN Example
The "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

The "Orders" table: O_Id OrderNo P_Id

1 2 3 4 5

77895 44678 22456 24562 34764

3 3 1 1 15

Now we want to list all the persons with any orders. We use the following SELECT statement:

SELECT Persons.LastName, Persons.FirstName, Orders.OrderNo FROM Persons INNER JOIN Orders ON Persons.P_Id=Orders.P_Id ORDER BY Persons.LastName
The result-set will look like this: LastName Hansen Hansen Pettersen Pettersen FirstName Ola Ola Kari Kari OrderNo 22456 24562 77895 44678

The INNER JOIN keyword return rows when there is at least one match in both tables. If there are rows in "Persons" that do not have matches in "Orders", those rows will NOT be listed.

The SQL UNION Operator
The UNION operator is used to combine the result-set of two or more SELECT statements. Notice that each SELECT statement within the UNION must have the same number of columns. The columns must also have similar data types. Also, the columns in each SELECT statement must be in the same order.

SQL UNION Syntax 

SELECT column_name(s) FROM table_name1 UNION SELECT column_name(s) FROM table_name2

Note: The UNION operator selects only distinct values by default. To allow duplicate values, use UNION ALL.

SQL UNION ALL Syntax 

SELECT column_name(s) FROM table_name1 UNION ALL SELECT column_name(s) FROM table_name2
PS: The column names in the result-set of a UNION are always equal to the column names in the first SELECT statement in the UNION.

SQL UNION Example
Look at the following tables: "Employees_Norway": E_ID 01 02 03 04 E_Name Hansen, Ola Svendson, Tove Svendson, Stephen Pettersen, Kari

"Employees_USA": E_ID 01 02 03 04 E_Name Turner, Sally Kent, Clark Svendson, Stephen Scott, Stephen

Now we want to list all the different employees in Norway and USA. We use the following SELECT statement:

SELECT E_Name FROM Employees_Norway UNION SELECT E_Name FROM Employees_USA

The result-set will look like this: E_Name Hansen, Ola Svendson, Tove Svendson, Stephen Pettersen, Kari Turner, Sally Kent, Clark Scott, Stephen

Note: This command cannot be used to list all employees in Norway and USA. In the example above we have two employees with equal names, and only one of them will be listed. The UNION command selects only distinct values.

SQL UNION ALL Example
Now we want to list all employees in Norway and USA:

SELECT E_Name FROM Employees_Norway UNION ALL SELECT E_Name FROM Employees_USA
Result E_Name Hansen, Ola Svendson, Tove Svendson, Stephen Pettersen, Kari Turner, Sally Kent, Clark

Svendson, Stephen Scott, Stephen

   
The SQL SELECT INTO statement can be used to create backup copies of tables.

The SQL SELECT INTO Statement
The SELECT INTO statement selects data from one table and inserts it into a different table. The SELECT INTO statement is most often used to create backup copies of tables.

SQL SELECT INTO Syntax 
We can select all columns into the new table:

SELECT * INTO new_table_name [IN externaldatabase] FROM old_tablename
Or we can select only the columns we want into the new table:

SELECT column_name(s) INTO new_table_name [IN externaldatabase] FROM old_tablename

SQL SELECT INTO Example
Make a Backup Copy - Now we want to make an exact copy of the data in our "Persons" table. We use the following SQL statement:

SELECT * INTO Persons_Backup FROM Persons
We can also use the IN clause to copy the table into another database:

SELECT * INTO Persons_Backup IN 'Backup.mdb' FROM Persons

We can also copy only a few fields into the new table:

SELECT LastName,FirstName INTO Persons_Backup FROM Persons

SQL SELECT INTO - With a WHERE Clause
We can also add a WHERE clause. The following SQL statement creates a "Persons_Backup" table with only the persons who lives in the city "Sandnes":

SELECT LastName,Firstname INTO Persons_Backup FROM Persons WHERE City='Sandnes'

SQL SELECT INTO - Joined Tables
Selecting data from more than one table is also possible. The following example creates a "Persons_Order_Backup" table contains data from the two tables "Persons" and "Orders":

SELECT Persons.LastName,Orders.OrderNo INTO Persons_Order_Backup FROM Persons INNER JOIN Orders ON Persons.P_Id=Orders.P_Id

   

The CREATE DATABASE Statement
The CREATE DATABASE statement is used to create a database.

SQL CREATE DATABASE Syntax 

CREATE DATABASE database_name

CREATE DATABASE Example

Now we want to create a database called "my_db". We use the following CREATE DATABASE statement:

CREATE DATABASE my_db
Database tables can be added with the CREATE TABLE statement.

The CREATE TABLE Statement
The CREATE TABLE statement is used to create a table in a database.

SQL CREATE TABLE Syntax 

CREATE TABLE ( column_name1 column_name2 column_name3 .... )

table_name data_type, data_type, data_type,

The data type specifies what type of data the column can hold. For a complete reference of all the data types available in MS Access, MySQL, and SQL Server, go to our complete Data Types reference.

CREATE TABLE Example
Now we want to create a table called "Persons" that contains five columns: P_Id, LastName, FirstName, Address, and City. We use the following CREATE TABLE statement:

CREATE TABLE Persons ( P_Id int, LastName varchar(255), FirstName varchar(255), Address varchar(255), City varchar(255) )
The P_Id column is of type int and will hold a number. The LastName, FirstName, Address, and City columns are of type varchar with a maximum length of 255 characters. The empty "Persons" table will now look like this: P_Id LastName FirstName Address City

The empty table can be filled with data with the INSERT INTO statement.

SQL Constraints
Constraints are used to limit the type of data that can go into a table. Constraints can be specified when a table is created (with the CREATE TABLE statement) or after the table is created (with the ALTER TABLE statement). We will focus on the following constraints:

• • • • • •

NOT NULL UNIQUE PRIMARY KEY FOREIGN KEY CHECK DEFAULT

The next chapters will describe each constraint in details.

SQL NOT NULL Constraint
The NOT NULL constraint enforces a column to NOT accept NULL values. The NOT NULL constraint enforces a field to always contain a value. This means that you cannot insert a new record, or update a record without adding a value to this field. The following SQL enforces the "P_Id" column and the "LastName" column to not accept NULL values:

CREATE TABLE Persons ( P_Id int NOT NULL, LastName varchar(255) NOT NULL, FirstName varchar(255), Address varchar(255), City varchar(255) )

   

SQL UNIQUE Constraint
6

SQL UNIQUE Constraint
The UNIQUE constraint uniquely identifies each record in a database table.

The UNIQUE and PRIMARY KEY constraints both provide a guarantee for uniqueness for a column or set of columns. A PRIMARY KEY constraint automatically has a UNIQUE constraint defined on it. Note that you can have have many UNIQUE constraints per table, but only one PRIMARY KEY constraint per table.

SQL UNIQUE Constraint on CREATE TABLE
The following SQL creates a UNIQUE constraint on the "P_Id" column when the "Persons" table is created: MySQL:

CREATE TABLE Persons ( P_Id int NOT NULL, LastName varchar(255) NOT NULL, FirstName varchar(255), Address varchar(255), City varchar(255), UNIQUE (P_Id) )
SQL Server / Oracle / MS Access:

CREATE TABLE Persons ( P_Id int NOT NULL UNIQUE, LastName varchar(255) NOT NULL, FirstName varchar(255), Address varchar(255), City varchar(255) )
To allow naming of a UNIQUE constraint, and for defining a UNIQUE constraint on multiple columns, use the following SQL syntax: MySQL / SQL Server / Oracle / MS Access:

CREATE TABLE Persons ( P_Id int NOT NULL, LastName varchar(255) NOT NULL, FirstName varchar(255), Address varchar(255), City varchar(255), CONSTRAINT uc_PersonID UNIQUE (P_Id,LastName) )

SQL UNIQUE Constraint on ALTER TABLE
To create a UNIQUE constraint on the "P_Id" column when the table is already created, use the following SQL: MySQL / SQL Server / Oracle / MS Access:

ALTER TABLE Persons ADD UNIQUE (P_Id)
To allow naming of a UNIQUE constraint, and for defining a UNIQUE constraint on multiple columns, use the following SQL syntax: MySQL / SQL Server / Oracle / MS Access:

ALTER TABLE Persons ADD CONSTRAINT uc_PersonID UNIQUE (P_Id,LastName)

To DROP a UNIQUE Constraint
To drop a UNIQUE constraint, use the following SQL: MySQL:

ALTER TABLE Persons DROP INDEX uc_PersonID
SQL Server / Oracle / MS Access:

ALTER TABLE Persons DROP CONSTRAINT uc_PersonID

   

SQL PRIMARY KEY Constraint
The PRIMARY KEY constraint uniquely identifies each record in a database table. Primary keys must contain unique values. A primary key column cannot contain NULL values. Each table should have a primary key, and each table can have only one primary key.

SQL PRIMARY KEY Constraint on CREATE TABLE
The following SQL creates a PRIMARY KEY on the "P_Id" column when the "Persons" table is created: MySQL:

CREATE TABLE Persons ( P_Id int NOT NULL, LastName varchar(255) NOT NULL, FirstName varchar(255), Address varchar(255), City varchar(255), PRIMARY KEY (P_Id) )
SQL Server / Oracle / MS Access:

CREATE TABLE Persons ( P_Id int NOT NULL PRIMARY KEY, LastName varchar(255) NOT NULL, FirstName varchar(255), Address varchar(255), City varchar(255) )
To allow naming of a PRIMARY KEY constraint, and for defining a PRIMARY KEY constraint on multiple columns, use the following SQL syntax: MySQL / SQL Server / Oracle / MS Access:

CREATE TABLE Persons ( P_Id int NOT NULL, LastName varchar(255) NOT NULL, FirstName varchar(255), Address varchar(255), City varchar(255), CONSTRAINT pk_PersonID PRIMARY KEY (P_Id,LastName) )

SQL PRIMARY KEY Constraint on ALTER TABLE
To create a PRIMARY KEY constraint on the "P_Id" column when the table is already created, use the following SQL: MySQL / SQL Server / Oracle / MS Access:

ALTER TABLE Persons

ADD PRIMARY KEY (P_Id)
To allow naming of a PRIMARY KEY constraint, and for defining a PRIMARY KEY constraint on multiple columns, use the following SQL syntax: MySQL / SQL Server / Oracle / MS Access:

ALTER TABLE Persons ADD CONSTRAINT pk_PersonID PRIMARY KEY (P_Id,LastName)
Note: If you use the ALTER TABLE statement to add a primary key, the primary key column(s) must already have been declared to not contain NULL values (when the table was first created).

To DROP a PRIMARY KEY Constraint
To drop a PRIMARY KEY constraint, use the following SQL: MySQL:

ALTER TABLE Persons DROP PRIMARY KEY
SQL Server / Oracle / MS Access:

ALTER TABLE Persons DROP CONSTRAINT pk_PersonID

   

SQL FOREIGN KEY Constraint
8

SQL FOREIGN KEY Constraint
A FOREIGN KEY in one table points to a PRIMARY KEY in another table. Let's illustrate the foreign key with an example. Look at the following two tables: The "Persons" table: P_Id LastName FirstName Address City

1 2 3

Hansen Svendson Pettersen

Ola Tove Kari

Timoteivn 10 Borgvn 23 Storgt 20

Sandnes Sandnes Stavanger

The "Orders" table: O_Id 1 2 3 4 OrderNo 77895 44678 22456 24562 P_Id 3 3 2 1

Note that the "P_Id" column in the "Orders" table points to the "P_Id" column in the "Persons" table. The "P_Id" column in the "Persons" table is the PRIMARY KEY in the "Persons" table. The "P_Id" column in the "Orders" table is a FOREIGN KEY in the "Orders" table. The FOREIGN KEY constraint is used to prevent actions that would destroy link between tables. The FOREIGN KEY constraint also prevents that invalid data is inserted into the foreign key column, because it has to be one of the values contained in the table it points to.

SQL FOREIGN KEY Constraint on CREATE TABLE
The following SQL creates a FOREIGN KEY on the "P_Id" column when the "Orders" table is created: MySQL:

CREATE TABLE Orders ( O_Id int NOT NULL, OrderNo int NOT NULL, P_Id int, PRIMARY KEY (O_Id), FOREIGN KEY (P_Id) REFERENCES Persons(P_Id) )
SQL Server / Oracle / MS Access:

CREATE TABLE Orders ( O_Id int NOT NULL PRIMARY KEY, OrderNo int NOT NULL, P_Id int FOREIGN KEY REFERENCES Persons(P_Id) )
To allow naming of a FOREIGN KEY constraint, and for defining a FOREIGN KEY constraint on multiple columns, use the following SQL syntax: MySQL / SQL Server / Oracle / MS Access:

CREATE TABLE Orders ( O_Id int NOT NULL, OrderNo int NOT NULL, P_Id int, PRIMARY KEY (O_Id), CONSTRAINT fk_PerOrders FOREIGN KEY (P_Id) REFERENCES Persons(P_Id) )

SQL FOREIGN KEY Constraint on ALTER TABLE
To create a FOREIGN KEY constraint on the "P_Id" column when the "Orders" table is already created, use the following SQL: MySQL / SQL Server / Oracle / MS Access:

ALTER TABLE Orders ADD FOREIGN KEY (P_Id) REFERENCES Persons(P_Id)
To allow naming of a FOREIGN KEY constraint, and for defining a FOREIGN KEY constraint on multiple columns, use the following SQL syntax: MySQL / SQL Server / Oracle / MS Access:

ALTER TABLE Orders ADD CONSTRAINT fk_PerOrders FOREIGN KEY (P_Id) REFERENCES Persons(P_Id)

To DROP a FOREIGN KEY Constraint
To drop a FOREIGN KEY constraint, use the following SQL:

MySQL:

ALTER TABLE Orders DROP FOREIGN KEY fk_PerOrders
SQL Server / Oracle / MS Access:

ALTER TABLE Orders DROP CONSTRAINT fk_PerOrders

SQL CHECK Constraint
The CHECK constraint is used to limit the value range that can be placed in a column. If you define a CHECK constraint on a single column it allows only certain values for this column. If you define a CHECK constraint on a table it can limit the values in certain columns based on values in other columns in the row.

SQL CHECK Constraint on CREATE TABLE
The following SQL creates a CHECK constraint on the "P_Id" column when the "Persons" table is created. The CHECK constraint specifies that the column "P_Id" must only include integers greater than 0. My SQL:

CREATE TABLE Persons ( P_Id int NOT NULL, LastName varchar(255) NOT NULL, FirstName varchar(255), Address varchar(255), City varchar(255), CHECK (P_Id>0) )
SQL Server / Oracle / MS Access:

CREATE TABLE Persons ( P_Id int NOT NULL CHECK (P_Id>0), LastName varchar(255) NOT NULL, FirstName varchar(255), Address varchar(255), City varchar(255) )
To allow naming of a CHECK constraint, and for defining a CHECK constraint on multiple columns, use the following SQL syntax:

MySQL / SQL Server / Oracle / MS Access:

CREATE TABLE Persons ( P_Id int NOT NULL, LastName varchar(255) NOT NULL, FirstName varchar(255), Address varchar(255), City varchar(255), CONSTRAINT chk_Person CHECK (P_Id>0 AND City='Sandnes') )

SQL CHECK Constraint on ALTER TABLE
To create a CHECK constraint on the "P_Id" column when the table is already created, use the following SQL: MySQL / SQL Server / Oracle / MS Access:

ALTER TABLE Persons ADD CHECK (P_Id>0)
To allow naming of a CHECK constraint, and for defining a CHECK constraint on multiple columns, use the following SQL syntax: MySQL / SQL Server / Oracle / MS Access:

ALTER TABLE Persons ADD CONSTRAINT chk_Person CHECK (P_Id>0 AND City='Sandnes')

To DROP a CHECK Constraint
To drop a CHECK constraint, use the following SQL: SQL Server / Oracle / MS Access:

ALTER TABLE Persons DROP CONSTRAINT chk_Person

SQL DEFAULT Constraint
The DEFAULT constraint is used to insert a default value into a column. The default value will be added to all new records, if no other value is specified.

SQL DEFAULT Constraint on CREATE TABLE
The following SQL creates a DEFAULT constraint on the "City" column when the "Persons" table is created:

My SQL / SQL Server / Oracle / MS Access:

CREATE TABLE Persons ( P_Id int NOT NULL, LastName varchar(255) NOT NULL, FirstName varchar(255), Address varchar(255), City varchar(255) DEFAULT 'Sandnes' )
The DEFAULT constraint can also be used to insert system values, by using functions like GETDATE():

CREATE TABLE Orders ( O_Id int NOT NULL, OrderNo int NOT NULL, P_Id int, OrderDate date DEFAULT GETDATE() )

SQL DEFAULT Constraint on ALTER TABLE
To create a DEFAULT constraint on the "City" column when the table is already created, use the following SQL: MySQL:

ALTER TABLE Persons ALTER City SET DEFAULT 'SANDNES'
SQL Server / Oracle / MS Access:

ALTER TABLE Persons ALTER COLUMN City SET DEFAULT 'SANDNES'

To DROP a DEFAULT Constraint
To drop a DEFAULT constraint, use the following SQL: MySQL:

ALTER TABLE Persons ALTER City DROP DEFAULT
SQL Server / Oracle / MS Access:

ALTER TABLE Persons ALTER COLUMN City DROP DEFAULT

The CREATE INDEX statement is used to create indexes in tables. Indexes allow the database application to find data fast; without reading the whole table.

Indexes
An index can be created in a table to find data more quickly and efficiently. The users cannot see the indexes, they are just used to speed up searches/queries. Note: Updating a table with indexes takes more time than updating a table without (because the indexes also need an update). So you should only create indexes on columns (and tables) that will be frequently searched against.

SQL CREATE INDEX Syntax
Creates an index on a table. Duplicate values are allowed:

CREATE INDEX index_name ON table_name (column_name)
SQL CREATE UNIQUE INDEX Syntax
Creates a unique index on a table. Duplicate values are not allowed:

CREATE UNIQUE INDEX index_name ON table_name (column_name)
Note: The syntax for creating indexes varies amongst different databases. Therefore: Check the syntax for creating indexes in your database.

CREATE INDEX Example
The SQL statement below creates an index named "PIndex" on the "LastName" column in the "Persons" table:

CREATE INDEX PIndex ON Persons (LastName)
If you want to create an index on a combination of columns, you can list the column names within the parentheses, separated by commas:

CREATE INDEX PIndex ON Persons (LastName, FirstName)

   

Indexes, tables, and databases can easily be deleted/removed with the DROP statement.

The DROP INDEX Statement
The DROP INDEX statement is used to delete an index in a table.

DROP INDEX Syntax for MS Access: 

DROP INDEX index_name ON table_name
DROP INDEX Syntax for MS SQL Server:

DROP INDEX table_name.index_name
DROP INDEX Syntax for DB2/Oracle:

DROP INDEX index_name
DROP INDEX Syntax for MySQL:

ALTER TABLE table_name DROP INDEX index_name

The DROP TABLE Statement
The DROP TABLE statement is used to delete a table.

DROP TABLE table_name

The DROP DATABASE Statement
The DROP DATABASE statement is used to delete a database.

DROP DATABASE database_name

The TRUNCATE TABLE Statement
What if we only want to delete the data inside the table, and not the table itself? Then, use the TRUNCATE TABLE statement:

TRUNCATE TABLE table_name

   

The ALTER TABLE Statement
The ALTER TABLE statement is used to add, delete, or modify columns in an existing table.

SQL ALTER TABLE Syntax 
To add a column in a table, use the following syntax:

ALTER TABLE table_name ADD column_name datatype
To delete a column in a table, use the following syntax (notice that some database systems don't allow deleting a column):

ALTER TABLE table_name DROP COLUMN column_name
To change the data type of a column in a table, use the following syntax:

ALTER TABLE table_name ALTER COLUMN column_name datatype

SQL ALTER TABLE Example
Look at the "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

Now we want to add a column named "DateOfBirth" in the "Persons" table. We use the following SQL statement:

ALTER TABLE Persons ADD DateOfBirth date
Notice that the new column, "DateOfBirth", is of type date and is going to hold a date. The data type specifies what type of data the column can hold. For a complete reference of all the data types available in MS Access, MySQL, and SQL Server, go to our complete Data Types reference. The "Persons" table will now like this:

P_Id 1 2 3

LastName Hansen Svendson Pettersen

FirstName Ola Tove Kari

Address Timoteivn 10 Borgvn 23 Storgt 20

City Sandnes Sandnes Stavanger

DateOfBirth

Change Data Type Example
Now we want to change the data type of the column named "DateOfBirth" in the "Persons" table. We use the following SQL statement:

ALTER TABLE Persons ALTER COLUMN DateOfBirth year
Notice that the "DateOfBirth" column is now of type year and is going to hold a year in a two-digit or fourdigit format.

DROP COLUMN Example
Next, we want to delete the column named "DateOfBirth" in the "Persons" table. We use the following SQL statement:

ALTER TABLE Persons DROP COLUMN DateOfBirth
The "Persons" table will now like this: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

   

SQL AUTO INCREMENT Field
1

Auto-increment allows a unique number to be generated when a new record is inserted into a table.

AUTO INCREMENT a Field
Very often we would like the value of the primary key field to be created automatically every time a new record is inserted. We would like to create an auto-increment field in a table.

Syntax for MySQL
The following SQL statement defines the "P_Id" column to be an auto-increment primary key field in the "Persons" table:

CREATE TABLE Persons ( P_Id int NOT NULL AUTO_INCREMENT, LastName varchar(255) NOT NULL, FirstName varchar(255), Address varchar(255), City varchar(255), PRIMARY KEY (P_Id) )
MySQL uses the AUTO_INCREMENT keyword to perform an auto-increment feature. By default, the starting value for AUTO_INCREMENT is 1, and it will increment by 1 for each new record. To let the AUTO_INCREMENT sequence start with another value, use the following SQL statement:

ALTER TABLE Persons AUTO_INCREMENT=100
To insert a new record into the "Persons" table, we will not have to specify a value for the "P_Id" column (a unique value will be added automatically):

INSERT INTO Persons (FirstName,LastName) VALUES ('Lars','Monsen')
The SQL statement above would insert a new record into the "Persons" table. The "P_Id" column would be assigned a unique value. The "FirstName" column would be set to "Lars" and the "LastName" column would be set to "Monsen".

Syntax for SQL Server
The following SQL statement defines the "P_Id" column to be an auto-increment primary key field in the "Persons" table:

CREATE TABLE Persons ( P_Id int PRIMARY KEY IDENTITY, LastName varchar(255) NOT NULL, FirstName varchar(255), Address varchar(255), City varchar(255) )
The MS SQL Server uses the IDENTITY keyword to perform an auto-increment feature. By default, the starting value for IDENTITY is 1, and it will increment by 1 for each new record. To specify that the "P_Id" column should start at value 10 and increment by 5, change the identity to IDENTITY(10,5). To insert a new record into the "Persons" table, we will not have to specify a value for the "P_Id" column (a unique value will be added automatically):

INSERT INTO Persons (FirstName,LastName) VALUES ('Lars','Monsen')
The SQL statement above would insert a new record into the "Persons" table. The "P_Id" column would be assigned a unique value. The "FirstName" column would be set to "Lars" and the "LastName" column would be set to "Monsen".

Syntax for Access
The following SQL statement defines the "P_Id" column to be an auto-increment primary key field in the "Persons" table:

CREATE TABLE Persons ( P_Id PRIMARY KEY AUTOINCREMENT, LastName varchar(255) NOT NULL, FirstName varchar(255), Address varchar(255), City varchar(255) )
The MS Access uses the AUTOINCREMENT keyword to perform an auto-increment feature. By default, the starting value for AUTOINCREMENT is 1, and it will increment by 1 for each new record.

To specify that the "P_Id" column should start at value 10 and increment by 5, change the autoincrement to AUTOINCREMENT(10,5). To insert a new record into the "Persons" table, we will not have to specify a value for the "P_Id" column (a unique value will be added automatically):

INSERT INTO Persons (FirstName,LastName) VALUES ('Lars','Monsen')
The SQL statement above would insert a new record into the "Persons" table. The "P_Id" column would be assigned a unique value. The "FirstName" column would be set to "Lars" and the "LastName" column would be set to "Monsen".

Syntax for Oracle
In Oracle the code is a little bit more tricky. You will have to create an auto-increment field with the sequence object (this object generates a number sequence). Use the following CREATE SEQUENCE syntax:

CREATE SEQUENCE seq_person MINVALUE 1 START WITH 1 INCREMENT BY 1 CACHE 10
The code above creates a sequence object called seq_person, that starts with 1 and will increment by 1. It will also cache up to 10 values for performance. The cache option specifies how many sequence values will be stored in memory for faster access. To insert a new record into the "Persons" table, we will have to use the nextval function (this function retrieves the next value from seq_person sequence):

INSERT INTO Persons (P_Id,FirstName,LastName) VALUES (seq_person.nextval,'Lars','Monsen')
The SQL statement above would insert a new record into the "Persons" table. The "P_Id" column would be assigned the next number from the seq_person sequence. The "FirstName" column would be set to "Lars" and the "LastName" column would be set to "Monsen".

   

SQL Views
1

A view is a virtual table. This chapter shows how to create, update, and delete a view.

SQL CREATE VIEW Statement
In SQL, a view is a virtual table based on the result-set of an SQL statement. A view contains rows and columns, just like a real table. The fields in a view are fields from one or more real tables in the database. You can add SQL functions, WHERE, and JOIN statements to a view and present the data as if the data were coming from one single table.

SQL CREATE VIEW Syntax 

CREATE VIEW view_name AS SELECT column_name(s) FROM table_name WHERE condition
Note: A view always shows up-to-date data! The database engine recreates the data, using the view's SQL statement, every time a user queries a view.

SQL CREATE VIEW Examples
If you have the Northwind database you can see that it has several views installed by default. The view "Current Product List" lists all active products (products that are not discontinued) from the "Products" table. The view is created with the following SQL:

CREATE VIEW [Current Product List] AS SELECT ProductID,ProductName FROM Products WHERE Discontinued=No
We can query the view above as follows:

SELECT * FROM [Current Product List]
Another view in the Northwind sample database selects every product in the "Products" table with a unit price higher than the average unit price:

CREATE VIEW [Products Above Average Price] AS SELECT ProductName,UnitPrice FROM Products WHERE UnitPrice>(SELECT AVG(UnitPrice) FROM Products)

We can query the view above as follows:

SELECT * FROM [Products Above Average Price]
Another view in the Northwind database calculates the total sale for each category in 1997. Note that this view selects its data from another view called "Product Sales for 1997":

CREATE VIEW [Category Sales For 1997] AS SELECT DISTINCT CategoryName,Sum(ProductSales) AS CategorySales FROM [Product Sales for 1997] GROUP BY CategoryName
We can query the view above as follows:

SELECT * FROM [Category Sales For 1997]
We can also add a condition to the query. Now we want to see the total sale only for the category "Beverages":

SELECT * FROM [Category Sales For 1997] WHERE CategoryName='Beverages'

SQL Updating a View
You can update a view by using the following syntax:

SQL CREATE OR REPLACE VIEW Syntax 

CREATE OR REPLACE VIEW view_name AS SELECT column_name(s) FROM table_name WHERE condition
Now we want to add the "Category" column to the "Current Product List" view. We will update the view with the following SQL:

CREATE VIEW [Current Product List] AS SELECT ProductID,ProductName,Category FROM Products WHERE Discontinued=No

SQL Dropping a View
You can delete a view with the DROP VIEW command.

SQL DROP VIEW Syntax 

DROP VIEW view_name

   

SQL Dates
The most difficult part when working with dates is to be sure that the format of the date you are trying to insert, matches the format of the date column in the database. As long as your data contains only the date portion, your queries will work as expected. However, if a time portion is involved, it gets complicated. Before talking about the complications of querying for dates, we will look at the most important built-in functions for working with dates.

MySQL Date Functions
The following table lists the most important built-in date functions in MySQL: Function NOW() CURDATE() CURTIME() DATE() EXTRACT() DATE_ADD() DATE_SUB() DATEDIFF() DATE_FORMAT() Description Returns the current date and time Returns the current date Returns the current time Extracts the date part of a date or date/time expression Returns a single part of a date/time Adds a specified time interval to a date Subtracts a specified time interval from a date Returns the number of days between two dates Displays date/time data in different formats

SQL Server Date Functions
The following table lists the most important built-in date functions in SQL Server:

Function GETDATE() DATEPART() DATEADD() DATEDIFF() CONVERT()

Description Returns the current date and time Returns a single part of a date/time Adds or subtracts a specified time interval from a date Returns the time between two dates Displays date/time data in different formats

SQL Date Data Types
MySQL comes with the following data types for storing a date or a date/time value in the database:

• • • •

DATE - format YYYY-MM-DD DATETIME - format: YYYY-MM-DD HH:MM:SS TIMESTAMP - format: YYYY-MM-DD HH:MM:SS YEAR - format YYYY or YY

SQL Server comes with the following data types for storing a date or a date/time value in the database:

• • • •

DATE - format YYYY-MM-DD DATETIME - format: YYYY-MM-DD HH:MM:SS SMALLDATETIME - format: YYYY-MM-DD HH:MM:SS TIMESTAMP - format: a unique number

Note: The date types are chosen for a column when you create a new table in your database! For an overview of all data types available, go to our complete Data Types reference.

SQL Working with Dates
You can compare two dates easily if there is no time component involved! Assume we have the following "Orders" table: OrderId 1 2 ProductName Geitost Camembert Pierrot OrderDate 2008-11-11 2008-11-09

3 4

Mozzarella di Giovanni Mascarpone Fabioli

2008-11-11 2008-10-29

Now we want to select the records with an OrderDate of "2008-11-11" from the table above. We use the following SELECT statement:

SELECT * FROM Orders WHERE OrderDate='2008-11-11'
The result-set will look like this: OrderId 1 3 ProductName Geitost Mozzarella di Giovanni OrderDate 2008-11-11 2008-11-11

Now, assume that the "Orders" table looks like this (notice the time component in the "OrderDate" column): OrderId 1 2 3 4 ProductName Geitost Camembert Pierrot Mozzarella di Giovanni Mascarpone Fabioli OrderDate 2008-11-11 13:23:44 2008-11-09 15:45:21 2008-11-11 11:12:01 2008-10-29 14:56:59

If we use the same SELECT statement as above:

SELECT * FROM Orders WHERE OrderDate='2008-11-11'
we will get no result! This is because the query is looking only for dates with no time portion. Tip: If you want to keep your queries simple and easy to maintain, do not allow time components in your dates!

 

SQL NULL Values
3

NULL values represent missing unknown data. By default, a table column can hold NULL values. This chapter will explain the IS NULL and IS NOT NULL operators.

SQL NULL Values
If a column in a table is optional, we can insert a new record or update an existing record without adding a value to this column. This means that the field will be saved with a NULL value. NULL values are treated differently from other values. NULL is used as a placeholder for unknown or inapplicable values. Note: It is not possible to compare NULL and 0; they are not equivalent.

SQL Working with NULL Values
Look at the following "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Borgvn 23 Address City Sandnes Sandnes Stavanger

Suppose that the "Address" column in the "Persons" table is optional. This means that if we insert a record with no value for the "Address" column, the "Address" column will be saved with a NULL value. How can we test for NULL values? It is not possible to test for NULL values with comparison operators, such as =, <, or <>. We will have to use the IS NULL and IS NOT NULL operators instead.

SQL IS NULL
How do we select only the records with NULL values in the "Address" column? We will have to use the IS NULL operator:

SELECT LastName,FirstName,Address FROM Persons WHERE Address IS NULL
The result-set will look like this: LastName Hansen Pettersen FirstName Ola Kari Address

Tip: Always use IS NULL to look for NULL values.

SQL IS NOT NULL
How do we select only the records with no NULL values in the "Address" column? We will have to use the IS NOT NULL operator:

SELECT LastName,FirstName,Address FROM Persons WHERE Address IS NOT NULL
The result-set will look like this: LastName Svendson FirstName Tove Address Borgvn 23

In the next chapter we will look at the ISNULL(), NVL(), IFNULL() and COALESCE() functions.

SQL NULL Functions
3

SQL ISNULL(), NVL(), IFNULL() and COALESCE() Functions
Look at the following "Products" table: P_Id ProductName UnitPrice UnitsInStock UnitsOnOrder

1 2 3

Jarlsberg Mascarpone Gorgonzola

10.45 32.56 15.67

16 23 9

15

20

Suppose that the "UnitsOnOrder" column is optional, and may contain NULL values. We have the following SELECT statement:

SELECT ProductName,UnitPrice*(UnitsInStock+UnitsOnOrder) FROM Products
In the example above, if any of the "UnitsOnOrder" values are NULL, the result is NULL. Microsoft's ISNULL() function is used to specify how we want to treat NULL values. The NVL(), IFNULL(), and COALESCE() functions can also be used to achieve the same result. In this case we want NULL values to be zero. Below, if "UnitsOnOrder" is NULL it will not harm the calculation, because ISNULL() returns a zero if the value is NULL: SQL Server / MS Access

SELECT ProductName,UnitPrice*(UnitsInStock+ISNULL(UnitsOnOrder,0)) FROM Products
Oracle Oracle does not have an ISNULL() function. However, we can use the NVL() function to achieve the same result:

SELECT ProductName,UnitPrice*(UnitsInStock+NVL(UnitsOnOrder,0)) FROM Products
MySQL MySQL does have an ISNULL() function. However, it works a little bit different from Microsoft's ISNULL() function. In MySQL we can use the IFNULL() function, like this:

SELECT ProductName,UnitPrice*(UnitsInStock+IFNULL(UnitsOnOrder,0)) FROM Products
or we can use the COALESCE() function, like this:

SELECT ProductName,UnitPrice*(UnitsInStock+COALESCE(UnitsOnOrder,0)) FROM Products

SQL Data Types
3

Data types and ranges for Microsoft Access, MySQL and SQL Server.

Microsoft Access Data Types
Data type Text Description Use for text or combinations of text and numbers. 255 characters maximum Memo is used for larger amounts of text. Stores up to 65,536 characters. Note: You cannot sort a memo field. However, they are searchable Allows whole numbers from 0 to 255 Allows whole numbers between -32,768 and 32,767 Allows whole numbers between -2,147,483,648 and 2,147,483,647 Single precision floating-point. Will handle most decimals Double precision floating-point. Will handle most decimals Use for currency. Holds up to 15 digits of whole dollars, plus 4 decimal places. Tip: You can choose which country's currency to use AutoNumber fields automatically give each record its own number, usually starting at 1 Use for dates and times A logical field can be displayed as Yes/No, True/False, or On/Off. In code, use the constants True and False (equivalent to -1 and 0). Note: Null values are not allowed in Yes/No fields Can store pictures, audio, video, or other BLOBs (Binary Large OBjects) Contain links to other files, including web pages 1 byte 2 bytes 4 bytes 4 bytes 8 bytes 8 bytes Storage

Memo

Byte Integer Long Single Double Currency

AutoNumber

4 bytes

Date/Time Yes/No

8 bytes 1 bit

Ole Object Hyperlink

up to 1GB

Lookup Wizard

Let you type a list of options, which can then be chosen from a drop-down list

4 bytes

MySQL Data Types
In MySQL there are three main types : text, number, and Date/Time types. Text types: Data type CHAR(size) Description Holds a fixed length string (can contain letters, numbers, and special characters). The fixed size is specified in parenthesis. Can store up to 255 characters Holds a variable length string (can contain letters, numbers, and special characters). The maximum size is specified in parenthesis. Can store up to 255 characters. Note: If you put a greater value than 255 it will be converted to a TEXT type Holds a string with a maximum length of 255 characters Holds a string with a maximum length of 65,535 characters For BLOBs (Binary Large OBjects). Holds up to 65,535 bytes of data Holds a string with a maximum length of 16,777,215 characters For BLOBs (Binary Large OBjects). Holds up to 16,777,215 bytes of data Holds a string with a maximum length of 4,294,967,295 characters For BLOBs (Binary Large OBjects). Holds up to 4,294,967,295 bytes of data Let you enter a list of possible values. You can list up to 65535 values in an ENUM list. If a value is inserted that is not in the list, a blank value will be inserted. Note: The values are sorted in the order you enter them. You enter the possible values in this format: ENUM('X','Y','Z') SET Similar to ENUM except that SET may contain up to 64 list items and can store more than one choice

VARCHAR(size)

TINYTEXT TEXT BLOB MEDIUMTEXT MEDIUMBLOB LONGTEXT LONGBLOB ENUM(x,y,z,etc.)

Number types: Data type Description

TINYINT(size)

-128 to 127 normal. 0 to 255 UNSIGNED*. The maximum number of digits may be specified in parenthesis -32768 to 32767 normal. 0 to 65535 UNSIGNED*. The maximum number of digits may be specified in parenthesis -8388608 to 8388607 normal. 0 to 16777215 UNSIGNED*. The maximum number of digits may be specified in parenthesis -2147483648 to 2147483647 normal. 0 to 4294967295 UNSIGNED*. The maximum number of digits may be specified in parenthesis -9223372036854775808 to 9223372036854775807 normal. 0 to 18446744073709551615 UNSIGNED*. The maximum number of digits may be specified in parenthesis A small number with a floating decimal point. The maximum number of digits may be specified in the size parameter. The maximum number of digits to the right of the decimal point is specified in the d parameter A large number with a floating decimal point. The maximum number of digits may be specified in the size parameter. The maximum number of digits to the right of the decimal point is specified in the d parameter A DOUBLE stored as a string , allowing for a fixed decimal point. The maximum number of digits may be specified in the size parameter. The maximum number of digits to the right of the decimal point is specified in the d parameter

SMALLINT(size)

MEDIUMINT(size)

INT(size)

BIGINT(size)

FLOAT(size,d)

DOUBLE(size,d)

DECIMAL(size,d)

*The integer types have an extra option called UNSIGNED. Normally, the integer goes from an negative to positive value. Adding the UNSIGNED attribute will move that range up so it starts at zero instead of a negative number. Date types: Data type DATE() Description A date. Format: YYYY-MM-DD Note: The supported range is from '1000-01-01' to '9999-12-31' DATETIME() *A date and time combination. Format: YYYY-MM-DD HH:MM:SS Note: The supported range is from '1000-01-01 00:00:00' to '9999-12-31 23:59:59' TIMESTAMP() *A timestamp. TIMESTAMP values are stored as the number of seconds since the Unix epoch ('1970-01-01 00:00:00' UTC). Format: YYYY-MM-DD HH:MM:SS Note: The supported range is from '1970-01-01 00:00:01' UTC to '2038-01-09 03:14:07' UTC TIME() A time. Format: HH:MM:SS

Note: The supported range is from '-838:59:59' to '838:59:59' YEAR() A year in two-digit or four-digit format. Note: Values allowed in four-digit format: 1901 to 2155. Values allowed in two-digit format: 70 to 69, representing years from 1970 to 2069 *Even if DATETIME and TIMESTAMP return the same format, they work very differently. In an INSERT or UPDATE query, the TIMESTAMP automatically set itself to the current date and time. TIMESTAMP also accepts various formats, like YYYYMMDDHHMMSS, YYMMDDHHMMSS, YYYYMMDD, or YYMMDD.

SQL Server Data Types
Character strings: Data type char(n) varchar(n) varchar(max) text Description Fixed-length character string. Maximum 8,000 characters Variable-length character string. Maximum 8,000 characters Variable-length character string. Maximum 1,073,741,824 characters Variable-length character string. Maximum 2GB of text data Storage n

Unicode strings: Data type nchar(n) nvarchar(n) nvarchar(max) ntext Description Fixed-length Unicode data. Maximum 4,000 characters Variable-length Unicode data. Maximum 4,000 characters Variable-length Unicode data. Maximum 536,870,912 characters Variable-length Unicode data. Maximum 2GB of text data Storage

Binary types: Data type bit binary(n) Description Allows 0, 1, or NULL Fixed-length binary data. Maximum 8,000 bytes Storage

varbinary(n) varbinary(max) image

Variable-length binary data. Maximum 8,000 bytes Variable-length binary data. Maximum 2GB Variable-length binary data. Maximum 2GB

Number types: Data type tinyint smallint int bigint Description Allows whole numbers from 0 to 255 Allows whole numbers between -32,768 and 32,767 Allows whole numbers between -2,147,483,648 and 2,147,483,647 Allows whole numbers between -9,223,372,036,854,775,808 and 9,223,372,036,854,775,807 Fixed precision and scale numbers. Allows numbers from -10^38 +1 to 10^38 –1. The p parameter indicates the maximum total number of digits that can be stored (both to the left and to the right of the decimal point). p must be a value from 1 to 38. Default is 18. The s parameter indicates the maximum number of digits stored to the right of the decimal point. s must be a value from 0 to p. Default value is 0 numeric(p,s) Fixed precision and scale numbers. Allows numbers from -10^38 +1 to 10^38 –1. The p parameter indicates the maximum total number of digits that can be stored (both to the left and to the right of the decimal point). p must be a value from 1 to 38. Default is 18. The s parameter indicates the maximum number of digits stored to the right of the decimal point. s must be a value from 0 to p. Default value is 0 smallmoney money Monetary data from -214,748.3648 to 214,748.3647 Monetary data from -922,337,203,685,477.5808 to 922,337,203,685,477.5807 Floating precision number data from -1.79E + 308 to 1.79E + 308. The n parameter indicates whether the field should hold 4 or 8 bytes. float(24) holds a 4-byte field and float(53) holds an 8-byte field. Default value of n is 53. 4 bytes 8 bytes 5-17 bytes Storage 1 byte 2 bytes 4 bytes 8 bytes

decimal(p,s)

5-17 bytes

float(n)

4 or 8 bytes

real

Floating precision number data from -3.40E + 38 to 3.40E + 38

4 bytes

Date types: Data type datetime Description From January 1, 1753 to December 31, 9999 with an accuracy of 3.33 milliseconds From January 1, 0001 and December 31, 9999 with an accuracy of 100 nanoseconds From January 1, 1900 to June 6, 2079 with an accuracy of 1 minute Store a date only. From January 1, 0001 to December 31, 9999 Store a time only to an accuracy of 100 nanoseconds The same as datetime2 with the addition of a time zone offset Storage 8 bytes

datetime2

6-8 bytes

smalldatetime date time datetimeoffset

4 bytes 3 bytes 3-5 bytes 8-10 bytes

timestamp

Stores a unique number that gets updated every time a row gets created or modified. The timestamp value is based upon an internal clock and does not correspond to real time. Each table may have only one timestamp variable

Other data types: Data type sql_variant Description Stores up to 8,000 bytes of data of various data types, except text, ntext, and timestamp Stores a globally unique identifier (GUID) Stores XML formatted data. Maximum 2GB Stores a reference to a cursor used for database operations Stores a result-set for later processing

uniqueidentifier xml cursor table

SQL Data Types
3

Data types and ranges for Microsoft Access, MySQL and SQL Server.

Microsoft Access Data Types
Data type Text Description Use for text or combinations of text and numbers. 255 characters maximum Memo is used for larger amounts of text. Stores up to 65,536 characters. Note: You cannot sort a memo field. However, they are searchable Allows whole numbers from 0 to 255 Allows whole numbers between -32,768 and 32,767 Allows whole numbers between -2,147,483,648 and 2,147,483,647 Single precision floating-point. Will handle most decimals Double precision floating-point. Will handle most decimals Use for currency. Holds up to 15 digits of whole dollars, plus 4 decimal places. Tip: You can choose which country's currency to use AutoNumber fields automatically give each record its own number, usually starting at 1 Use for dates and times A logical field can be displayed as Yes/No, True/False, or On/Off. In code, use the constants True and False (equivalent to -1 and 0). Note: Null values are not allowed in Yes/No fields Can store pictures, audio, video, or other BLOBs (Binary Large OBjects) Contain links to other files, including web pages Let you type a list of options, which can then be chosen from a drop-down list 4 bytes 1 byte 2 bytes 4 bytes 4 bytes 8 bytes 8 bytes Storage

Memo

Byte Integer Long Single Double Currency

AutoNumber

4 bytes

Date/Time Yes/No

8 bytes 1 bit

Ole Object Hyperlink Lookup Wizard

up to 1GB

MySQL Data Types
In MySQL there are three main types : text, number, and Date/Time types.

Text types: Data type CHAR(size) Description Holds a fixed length string (can contain letters, numbers, and special characters). The fixed size is specified in parenthesis. Can store up to 255 characters Holds a variable length string (can contain letters, numbers, and special characters). The maximum size is specified in parenthesis. Can store up to 255 characters. Note: If you put a greater value than 255 it will be converted to a TEXT type Holds a string with a maximum length of 255 characters Holds a string with a maximum length of 65,535 characters For BLOBs (Binary Large OBjects). Holds up to 65,535 bytes of data Holds a string with a maximum length of 16,777,215 characters For BLOBs (Binary Large OBjects). Holds up to 16,777,215 bytes of data Holds a string with a maximum length of 4,294,967,295 characters For BLOBs (Binary Large OBjects). Holds up to 4,294,967,295 bytes of data Let you enter a list of possible values. You can list up to 65535 values in an ENUM list. If a value is inserted that is not in the list, a blank value will be inserted. Note: The values are sorted in the order you enter them. You enter the possible values in this format: ENUM('X','Y','Z') SET Similar to ENUM except that SET may contain up to 64 list items and can store more than one choice

VARCHAR(size)

TINYTEXT TEXT BLOB MEDIUMTEXT MEDIUMBLOB LONGTEXT LONGBLOB ENUM(x,y,z,etc.)

Number types: Data type TINYINT(size) Description -128 to 127 normal. 0 to 255 UNSIGNED*. The maximum number of digits may be specified in parenthesis -32768 to 32767 normal. 0 to 65535 UNSIGNED*. The maximum number of digits may be specified in parenthesis -8388608 to 8388607 normal. 0 to 16777215 UNSIGNED*. The maximum number of digits may be specified in parenthesis -2147483648 to 2147483647 normal. 0 to 4294967295 UNSIGNED*. The maximum

SMALLINT(size)

MEDIUMINT(size)

INT(size)

number of digits may be specified in parenthesis BIGINT(size) -9223372036854775808 to 9223372036854775807 normal. 0 to 18446744073709551615 UNSIGNED*. The maximum number of digits may be specified in parenthesis A small number with a floating decimal point. The maximum number of digits may be specified in the size parameter. The maximum number of digits to the right of the decimal point is specified in the d parameter A large number with a floating decimal point. The maximum number of digits may be specified in the size parameter. The maximum number of digits to the right of the decimal point is specified in the d parameter A DOUBLE stored as a string , allowing for a fixed decimal point. The maximum number of digits may be specified in the size parameter. The maximum number of digits to the right of the decimal point is specified in the d parameter

FLOAT(size,d)

DOUBLE(size,d)

DECIMAL(size,d)

*The integer types have an extra option called UNSIGNED. Normally, the integer goes from an negative to positive value. Adding the UNSIGNED attribute will move that range up so it starts at zero instead of a negative number. Date types: Data type DATE() Description A date. Format: YYYY-MM-DD Note: The supported range is from '1000-01-01' to '9999-12-31' DATETIME() *A date and time combination. Format: YYYY-MM-DD HH:MM:SS Note: The supported range is from '1000-01-01 00:00:00' to '9999-12-31 23:59:59' TIMESTAMP() *A timestamp. TIMESTAMP values are stored as the number of seconds since the Unix epoch ('1970-01-01 00:00:00' UTC). Format: YYYY-MM-DD HH:MM:SS Note: The supported range is from '1970-01-01 00:00:01' UTC to '2038-01-09 03:14:07' UTC TIME() A time. Format: HH:MM:SS Note: The supported range is from '-838:59:59' to '838:59:59' YEAR() A year in two-digit or four-digit format. Note: Values allowed in four-digit format: 1901 to 2155. Values allowed in two-digit format: 70 to 69, representing years from 1970 to 2069 *Even if DATETIME and TIMESTAMP return the same format, they work very differently. In an INSERT or UPDATE query, the TIMESTAMP automatically set itself to the current date and time. TIMESTAMP also accepts various formats, like YYYYMMDDHHMMSS, YYMMDDHHMMSS, YYYYMMDD, or YYMMDD.

SQL Server Data Types
Character strings: Data type char(n) varchar(n) varchar(max) text Description Fixed-length character string. Maximum 8,000 characters Variable-length character string. Maximum 8,000 characters Variable-length character string. Maximum 1,073,741,824 characters Variable-length character string. Maximum 2GB of text data Storage n

Unicode strings: Data type nchar(n) nvarchar(n) nvarchar(max) ntext Description Fixed-length Unicode data. Maximum 4,000 characters Variable-length Unicode data. Maximum 4,000 characters Variable-length Unicode data. Maximum 536,870,912 characters Variable-length Unicode data. Maximum 2GB of text data Storage

Binary types: Data type bit binary(n) varbinary(n) varbinary(max) image Description Allows 0, 1, or NULL Fixed-length binary data. Maximum 8,000 bytes Variable-length binary data. Maximum 8,000 bytes Variable-length binary data. Maximum 2GB Variable-length binary data. Maximum 2GB Storage

Number types: Data type tinyint Description Allows whole numbers from 0 to 255 Storage 1 byte

smallint int bigint

Allows whole numbers between -32,768 and 32,767 Allows whole numbers between -2,147,483,648 and 2,147,483,647 Allows whole numbers between -9,223,372,036,854,775,808 and 9,223,372,036,854,775,807 Fixed precision and scale numbers. Allows numbers from -10^38 +1 to 10^38 –1. The p parameter indicates the maximum total number of digits that can be stored (both to the left and to the right of the decimal point). p must be a value from 1 to 38. Default is 18. The s parameter indicates the maximum number of digits stored to the right of the decimal point. s must be a value from 0 to p. Default value is 0

2 bytes 4 bytes 8 bytes

decimal(p,s)

5-17 bytes

numeric(p,s)

Fixed precision and scale numbers. Allows numbers from -10^38 +1 to 10^38 –1. The p parameter indicates the maximum total number of digits that can be stored (both to the left and to the right of the decimal point). p must be a value from 1 to 38. Default is 18. The s parameter indicates the maximum number of digits stored to the right of the decimal point. s must be a value from 0 to p. Default value is 0

5-17 bytes

smallmoney money

Monetary data from -214,748.3648 to 214,748.3647 Monetary data from -922,337,203,685,477.5808 to 922,337,203,685,477.5807 Floating precision number data from -1.79E + 308 to 1.79E + 308. The n parameter indicates whether the field should hold 4 or 8 bytes. float(24) holds a 4-byte field and float(53) holds an 8-byte field. Default value of n is 53.

4 bytes 8 bytes

float(n)

4 or 8 bytes

real

Floating precision number data from -3.40E + 38 to 3.40E + 38

4 bytes

Date types: Data type datetime Description From January 1, 1753 to December 31, 9999 with an accuracy of 3.33 milliseconds From January 1, 0001 and December 31, 9999 with an accuracy of 100 nanoseconds Storage 8 bytes

datetime2

6-8 bytes

smalldatetime date time datetimeoffset

From January 1, 1900 to June 6, 2079 with an accuracy of 1 minute Store a date only. From January 1, 0001 to December 31, 9999 Store a time only to an accuracy of 100 nanoseconds The same as datetime2 with the addition of a time zone offset

4 bytes 3 bytes 3-5 bytes 8-10 bytes

timestamp

Stores a unique number that gets updated every time a row gets created or modified. The timestamp value is based upon an internal clock and does not correspond to real time. Each table may have only one timestamp variable

Other data types: Data type sql_variant Description Stores up to 8,000 bytes of data of various data types, except text, ntext, and timestamp Stores a globally unique identifier (GUID) Stores XML formatted data. Maximum 2GB Stores a reference to a cursor used for database operations Stores a result-set for later processing

uniqueidentifier xml cursor table

 

SQL AVG() Function
3

The AVG() Function
The AVG() function returns the average value of a numeric column.

SQL AVG() Syntax 

SELECT AVG(column_name) FROM table_name

SQL AVG() Example

We have the following "Orders" table: O_Id 1 2 3 4 5 6 OrderDate 2008/11/12 2008/10/23 2008/09/02 2008/09/03 2008/08/30 2008/10/04 OrderPrice 1000 1600 700 300 2000 100 Customer Hansen Nilsen Hansen Hansen Jensen Nilsen

Now we want to find the average value of the "OrderPrice" fields. We use the following SQL statement:

SELECT AVG(OrderPrice) AS OrderAverage FROM Orders
The result-set will look like this: OrderAverage

950

Now we want to find the customers that have an OrderPrice value higher then the average OrderPrice value. We use the following SQL statement:

SELECT Customer FROM Orders WHERE OrderPrice>(SELECT AVG(OrderPrice) FROM Orders)
The result-set will look like this: Customer Hansen Nilsen Jensen

SQL COUNT() Function
4

The COUNT() function returns the number of rows that matches a specified criteria.

SQL COUNT(column_name) Syntax
The COUNT(column_name) function returns the number of values (NULL values will not be counted) of the specified column:

SELECT COUNT(column_name) FROM table_name
SQL COUNT(*) Syntax
The COUNT(*) function returns the number of records in a table:

SELECT COUNT(*) FROM table_name
SQL COUNT(DISTINCT column_name) Syntax
The COUNT(DISTINCT column_name) function returns the number of distinct values of the specified column:

SELECT COUNT(DISTINCT column_name) FROM table_name
Note: COUNT(DISTINCT) works with ORACLE and Microsoft SQL Server, but not with Microsoft Access.

SQL COUNT(column_name) Example
We have the following "Orders" table: O_Id 1 2 3 4 5 6 OrderDate 2008/11/12 2008/10/23 2008/09/02 2008/09/03 2008/08/30 2008/10/04 OrderPrice 1000 1600 700 300 2000 100 Customer Hansen Nilsen Hansen Hansen Jensen Nilsen

Now we want to count the number of orders from "Customer Nilsen". We use the following SQL statement:

SELECT COUNT(Customer) AS CustomerNilsen FROM Orders WHERE Customer='Nilsen'
The result of the SQL statement above will be 2, because the customer Nilsen has made 2 orders in total: CustomerNilsen 2

SQL COUNT(*) Example
If we omit the WHERE clause, like this:

SELECT COUNT(*) AS NumberOfOrders FROM Orders
The result-set will look like this: NumberOfOrders 6

which is the total number of rows in the table.

SQL COUNT(DISTINCT column_name) Example
Now we want to count the number of unique customers in the "Orders" table. We use the following SQL statement:

SELECT COUNT(DISTINCT Customer) AS NumberOfCustomers FROM Orders
The result-set will look like this: NumberOfCustomers 3

which is the number of unique customers (Hansen, Nilsen, and Jensen) in the "Orders" table.

SQL FIRST() Function
4

The FIRST() Function
The FIRST() function returns the first value of the selected column.

SQL FIRST() Syntax 

SELECT FIRST(column_name) FROM table_name

SQL FIRST() Example
We have the following "Orders" table: O_Id 1 2 3 4 5 6 OrderDate 2008/11/12 2008/10/23 2008/09/02 2008/09/03 2008/08/30 2008/10/04 OrderPrice 1000 1600 700 300 2000 100 Customer Hansen Nilsen Hansen Hansen Jensen Nilsen

Now we want to find the first value of the "OrderPrice" column. We use the following SQL statement:

SELECT FIRST(OrderPrice) AS FirstOrderPrice FROM Orders
The result-set will look like this: FirstOrderPrice 1000

   

 

SQL LAST() Function
4

The LAST() Function
The LAST() function returns the last value of the selected column.

SQL LAST() Syntax 

SELECT LAST(column_name) FROM table_name

SQL LAST() Example
We have the following "Orders" table: O_Id 1 2 3 4 5 6 OrderDate 2008/11/12 2008/10/23 2008/09/02 2008/09/03 2008/08/30 2008/10/04 OrderPrice 1000 1600 700 300 2000 100 Customer Hansen Nilsen Hansen Hansen Jensen Nilsen

Now we want to find the last value of the "OrderPrice" column. We use the following SQL statement:

SELECT LAST(OrderPrice) AS LastOrderPrice FROM Orders
The result-set will look like this: LastOrderPrice 100

SQL MAX() Function
4

The MAX() Function
The MAX() function returns the largest value of the selected column.

SQL MAX() Syntax 

SELECT MAX(column_name) FROM table_name

SQL MAX() Example
We have the following "Orders" table: O_Id 1 2 3 4 5 6 OrderDate 2008/11/12 2008/10/23 2008/09/02 2008/09/03 2008/08/30 2008/10/04 OrderPrice 1000 1600 700 300 2000 100 Customer Hansen Nilsen Hansen Hansen Jensen Nilsen

Now we want to find the largest value of the "OrderPrice" column. We use the following SQL statement:

SELECT MAX(OrderPrice) AS LargestOrderPrice FROM Orders
The result-set will look like this: LargestOrderPrice 2000

   

SQL MAX() Function
4

The MAX() Function
The MAX() function returns the largest value of the selected column.

SQL MAX() Syntax 

SELECT MAX(column_name) FROM table_name

SQL MAX() Example
We have the following "Orders" table: O_Id 1 2 3 4 5 6 OrderDate 2008/11/12 2008/10/23 2008/09/02 2008/09/03 2008/08/30 2008/10/04 OrderPrice 1000 1600 700 300 2000 100 Customer Hansen Nilsen Hansen Hansen Jensen Nilsen

Now we want to find the largest value of the "OrderPrice" column. We use the following SQL statement:

SELECT MAX(OrderPrice) AS LargestOrderPrice FROM Orders
The result-set will look like this: LargestOrderPrice 2000

   

SQL SUM() Function
5

The SUM() Function
The SUM() function returns the total sum of a numeric column.

SQL SUM() Syntax 

SELECT SUM(column_name) FROM table_name

SQL SUM() Example
We have the following "Orders" table: O_Id OrderDate OrderPrice Customer

1 2 3 4 5 6

2008/11/12 2008/10/23 2008/09/02 2008/09/03 2008/08/30 2008/10/04

1000 1600 700 300 2000 100

Hansen Nilsen Hansen Hansen Jensen Nilsen

Now we want to find the sum of all "OrderPrice" fields". We use the following SQL statement:

SELECT SUM(OrderPrice) AS OrderTotal FROM Orders
The result-set will look like this: OrderTotal

5700

   

SQL GROUP BY Statement
5

Aggregate functions often need an added GROUP BY statement.

The GROUP BY Statement
The GROUP BY statement is used in conjunction with the aggregate functions to group the result-set by one or more columns.

SQL GROUP BY Syntax 

SELECT column_name, aggregate_function(column_name) FROM table_name WHERE column_name operator value GROUP BY column_name

SQL GROUP BY Example
We have the following "Orders" table: O_Id 1 2 3 4 5 6 OrderDate 2008/11/12 2008/10/23 2008/09/02 2008/09/03 2008/08/30 2008/10/04 OrderPrice 1000 1600 700 300 2000 100 Customer Hansen Nilsen Hansen Hansen Jensen Nilsen

Now we want to find the total sum (total order) of each customer. We will have to use the GROUP BY statement to group the customers. We use the following SQL statement:

SELECT Customer,SUM(OrderPrice) FROM Orders GROUP BY Customer

The result-set will look like this: Customer Hansen Nilsen Jensen SUM(OrderPrice) 2000 1700 2000

Nice! Isn't it? :) Let's see what happens if we omit the GROUP BY statement:

SELECT Customer,SUM(OrderPrice) FROM Orders
The result-set will look like this: Customer Hansen Nilsen Hansen Hansen Jensen Nilsen SUM(OrderPrice) 5700 5700 5700 5700 5700 5700

The result-set above is not what we wanted. Explanation of why the above SELECT statement cannot be used: The SELECT statement above has two columns specified (Customer and SUM(OrderPrice). The "SUM(OrderPrice)" returns a single value (that is the total sum of the "OrderPrice" column), while "Customer" returns 6 values (one value for each row in the "Orders" table). This will therefore not give us the correct result. However, you have seen that the GROUP BY statement solves this problem.

GROUP BY More Than One Column
We can also use the GROUP BY statement on more than one column, like this:

SELECT Customer,OrderDate,SUM(OrderPrice) FROM Orders GROUP BY Customer,OrderDate

SQL HAVING Clause
5

The HAVING Clause
The HAVING clause was added to SQL because the WHERE keyword could not be used with aggregate functions.

SQL HAVING Syntax 

SELECT column_name, aggregate_function(column_name) FROM table_name WHERE column_name operator value GROUP BY column_name HAVING aggregate_function(column_name) operator value

SQL HAVING Example
We have the following "Orders" table: O_Id 1 2 3 4 5 6 OrderDate 2008/11/12 2008/10/23 2008/09/02 2008/09/03 2008/08/30 2008/10/04 OrderPrice 1000 1600 700 300 2000 100 Customer Hansen Nilsen Hansen Hansen Jensen Nilsen

Now we want to find if any of the customers have a total order of less than 2000. We use the following SQL statement:

SELECT Customer,SUM(OrderPrice) FROM Orders GROUP BY Customer HAVING SUM(OrderPrice)<2000
The result-set will look like this:

Customer Nilsen

SUM(OrderPrice) 1700

Now we want to find if the customers "Hansen" or "Jensen" have a total order of more than 1500. We add an ordinary WHERE clause to the SQL statement:

SELECT Customer,SUM(OrderPrice) FROM Orders WHERE Customer='Hansen' OR Customer='Jensen' GROUP BY Customer HAVING SUM(OrderPrice)>1500
The result-set will look like this: Customer Hansen Jensen SUM(OrderPrice) 2000 2000

   

SQL UCASE() Function
5

The UCASE() Function
The UCASE() function converts the value of a field to uppercase.

SQL UCASE() Syntax 

SELECT UCASE(column_name) FROM table_name

SQL UCASE() Example
We have the following "Persons" table: P_Id LastName FirstName Address City

1 2 3

Hansen Svendson Pettersen

Ola Tove Kari

Timoteivn 10 Borgvn 23 Storgt 20

Sandnes Sandnes Stavanger

Now we want to select the content of the "LastName" and "FirstName" columns above, and convert the "LastName" column to uppercase. We use the following SELECT statement:

SELECT UCASE(LastName) as LastName,FirstName FROM Persons
The result-set will look like this: LastName HANSEN SVENDSON PETTERSEN FirstName Ola Tove Kari

 

SQL LCASE() Function
5

The LCASE() Function
The LCASE() function converts the value of a field to lowercase.

SQL LCASE() Syntax 

SELECT LCASE(column_name) FROM table_name

SQL LCASE() Example
We have the following "Persons" table: P_Id LastName FirstName Address City

1 2 3

Hansen Svendson Pettersen

Ola Tove Kari

Timoteivn 10 Borgvn 23 Storgt 20

Sandnes Sandnes Stavanger

Now we want to select the content of the "LastName" and "FirstName" columns above, and convert the "LastName" column to lowercase. We use the following SELECT statement:

SELECT LCASE(LastName) as LastName,FirstName FROM Persons
The result-set will look like this: LastName hansen svendson pettersen FirstName Ola Tove Kari

 

SQL MID() Function
6

The MID() Function
The MID() function is used to extract characters from a text field.

SQL MID() Syntax 

SELECT MID(column_name,start[,length]) FROM table_name

Parameter column_name start length

Description Required. The field to extract characters from. Required. Specifies the starting position (starts at 1). Optional. The number of characters to return. If omitted, the MID() function returns

the rest of the text.

SQL MID() Example
We have the following "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

Now we want to extract the first four characters of the "City" column above. We use the following SELECT statement:

SELECT MID(City,1,4) as SmallCity FROM Persons
The result-set will look like this: SmallCity Sand Sand Stav

   

SQL LEN() Function
6

The LEN() Function
The LEN() function returns the length of the value in a text field.

SQL LEN() Syntax 

SELECT LEN(column_name) FROM table_name

SQL LEN() Example
We have the following "Persons" table: P_Id 1 2 3 LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

Now we want to select the length of the values in the "Address" column above. We use the following SELECT statement:

SELECT LEN(Address) as LengthOfAddress FROM Persons
The result-set will look like this: LengthOfAddress 12 9 9

SQL ROUND() Function
6

The ROUND() Function
The ROUND() function is used to round a numeric field to the number of decimals specified.

SQL ROUND() Syntax 

SELECT ROUND(column_name,decimals) FROM table_name

Parameter column_name decimals

Description Required. The field to round. Required. Specifies the number of decimals to be returned.

SQL ROUND() Example
We have the following "Products" table: Prod_Id 1 2 3 ProductName Jarlsberg Mascarpone Gorgonzola Unit 1000 g 1000 g 1000 g UnitPrice 10.45 32.56 15.67

Now we want to display the product name and the price rounded to the nearest integer. We use the following SELECT statement:

SELECT ProductName, ROUND(UnitPrice,0) as UnitPrice FROM Products
The result-set will look like this: ProductName Jarlsberg Mascarpone Gorgonzola UnitPrice 10 33 16

   

SQL NOW() Function
6

The NOW() Function
The NOW() function returns the current system date and time.

SQL NOW() Syntax 

SELECT NOW() FROM table_name

SQL NOW() Example
We have the following "Products" table: Prod_Id 1 2 3 ProductName Jarlsberg Mascarpone Gorgonzola Unit 1000 g 1000 g 1000 g UnitPrice 10.45 32.56 15.67

Now we want to display the products and prices per today's date. We use the following SELECT statement:

SELECT ProductName, UnitPrice, Now() as PerDate FROM Products
The result-set will look like this: ProductName Jarlsberg Mascarpone Gorgonzola UnitPrice 10.45 32.56 15.67 PerDate 10/7/2008 11:25:02 AM 10/7/2008 11:25:02 AM 10/7/2008 11:25:02 AM

SQL FORMAT() Function
6

The FORMAT() Function
The FORMAT() function is used to format how a field is to be displayed.

SQL FORMAT() Syntax 

SELECT FORMAT(column_name,format) FROM table_name

Parameter column_name format

Description Required. The field to be formatted. Required. Specifies the format.

SQL FORMAT() Example
We have the following "Products" table: Prod_Id 1 2 3 ProductName Jarlsberg Mascarpone Gorgonzola Unit 1000 g 1000 g 1000 g UnitPrice 10.45 32.56 15.67

Now we want to display the products and prices per today's date (with today's date displayed in the following format "YYYY-MM-DD"). We use the following SELECT statement:

SELECT ProductName, UnitPrice, FORMAT(Now(),'YYYY-MM-DD') as PerDate FROM Products
The result-set will look like this: ProductName Jarlsberg Mascarpone Gorgonzola UnitPrice 10.45 32.56 15.67 PerDate 2008-10-07 2008-10-07 2008-10-07

SQL Quick Reference From W3Schools
7

SQL Statement AND / OR

Syntax SELECT column_name(s) FROM table_name WHERE condition AND|OR condition ALTER TABLE table_name ADD column_name datatype or ALTER TABLE table_name DROP COLUMN column_name

ALTER TABLE

AS (alias)

SELECT column_name AS column_alias FROM table_name or SELECT column_name FROM table_name AS table_alias

BETWEEN

SELECT column_name(s) FROM table_name WHERE column_name BETWEEN value1 AND value2 CREATE DATABASE database_name CREATE TABLE table_name ( column_name1 data_type, column_name2 data_type, column_name2 data_type, ... ) CREATE INDEX index_name ON table_name (column_name) or CREATE UNIQUE INDEX index_name ON table_name (column_name)

CREATE DATABASE CREATE TABLE

CREATE INDEX

CREATE VIEW

CREATE VIEW view_name AS SELECT column_name(s) FROM table_name

WHERE condition DELETE DELETE FROM table_name WHERE some_column=some_value or DELETE FROM table_name (Note: Deletes the entire table!!) DELETE * FROM table_name (Note: Deletes the entire table!!) DROP DATABASE DROP INDEX DROP DATABASE database_name DROP INDEX table_name.index_name (SQL Server) DROP INDEX index_name ON table_name (MS Access) DROP INDEX index_name (DB2/Oracle) ALTER TABLE table_name DROP INDEX index_name (MySQL) DROP TABLE table_name SELECT column_name, aggregate_function(column_name) FROM table_name WHERE column_name operator value GROUP BY column_name SELECT column_name, aggregate_function(column_name) FROM table_name WHERE column_name operator value GROUP BY column_name HAVING aggregate_function(column_name) operator value SELECT column_name(s) FROM table_name WHERE column_name IN (value1,value2,..) INSERT INTO table_name VALUES (value1, value2, value3,....) or INSERT INTO table_name (column1, column2, column3,...) VALUES (value1, value2, value3,....) INNER JOIN SELECT column_name(s) FROM table_name1 INNER JOIN table_name2 ON table_name1.column_name=table_name2.column_name

DROP TABLE GROUP BY

HAVING

IN

INSERT INTO

LEFT JOIN

SELECT column_name(s) FROM table_name1 LEFT JOIN table_name2 ON table_name1.column_name=table_name2.column_name SELECT column_name(s) FROM table_name1 RIGHT JOIN table_name2 ON table_name1.column_name=table_name2.column_name SELECT column_name(s) FROM table_name1 FULL JOIN table_name2 ON table_name1.column_name=table_name2.column_name SELECT column_name(s) FROM table_name WHERE column_name LIKE pattern SELECT column_name(s) FROM table_name ORDER BY column_name [ASC|DESC] SELECT column_name(s) FROM table_name SELECT * FROM table_name SELECT DISTINCT column_name(s) FROM table_name SELECT * INTO new_table_name [IN externaldatabase] FROM old_table_name or SELECT column_name(s) INTO new_table_name [IN externaldatabase] FROM old_table_name

RIGHT JOIN

FULL JOIN

LIKE

ORDER BY

SELECT

SELECT *

SELECT DISTINCT

SELECT INTO

SELECT TOP

SELECT TOP number|percent column_name(s) FROM table_name TRUNCATE TABLE table_name SELECT column_name(s) FROM table_name1 UNION SELECT column_name(s) FROM table_name2

TRUNCATE TABLE UNION

UNION ALL

SELECT column_name(s) FROM table_name1 UNION ALL SELECT column_name(s) FROM table_name2 UPDATE table_name SET column1=value, column2=value,... WHERE some_column=some_value SELECT column_name(s) FROM table_name WHERE column_name operator value

UPDATE

WHERE

Source : http://www.w3schools.com/sql/sql_quickref.asp

SQL Hosting
7

SQL Hosting
If you want your web site to be able to store and display data from a database, your web server should have access to a database system that uses the SQL language. If your web server will be hosted by an Internet Service Provider (ISP), you will have to look for SQL hosting plans. The most common SQL hosting databases are MySQL, MS SQL Server, and MS Access. You can have SQL databases on both Windows and Linux/UNIX operating systems. Below is an overview of which database system that runs on which OS. MS SQL Server Runs only on Windows OS. MySQL Runs on both Windows and Linux/UNIX operating systems. MS Access (recommended only for small websites) Runs only on Windows OS. To learn more about web hosting, please visit our Hosting tutorial.

You Have Learned SQL, Now What?
7

SQL Summary
This SQL tutorial has taught you the standard computer language for accessing and manipulating database systems. You have learned how to execute queries, retrieve data, insert new records, delete records and update records in a database with SQL. You have also learned how to create databases, tables, and indexes with SQL, and how to drop them. You have learned the most important aggregate functions in SQL. You now know that SQL is the standard language that works with all the well-known database systems like MS SQL Server, IBM DB2, Oracle, MySQL, and MS Access.

Now You Know SQL, What's Next?
Our recommendation is to learn about ADO or PHP MySQL. If you want to learn more about ADO, please visit our ADO tutorial. If you want to learn more about MySQL, please visit our PHP tutorial

                     

           

PHP 
http://www.w3schools.com/php/default.asp                     

PHP Tutorial
8

PHP Tutorial
PHP is a powerful server-side scripting language for creating dynamic and interactive websites. PHP is the widely-used, free, and efficient alternative to competitors such as Microsoft's ASP. PHP is perfectly suited for Web development and can be embedded directly into the HTML code. The PHP syntax is very similar to Perl and C. PHP is often used together with Apache (web server) on various operating systems. It also supports ISAPI and can be used with Microsoft's IIS on Windows. Start learning PHP now!

PHP References
At W3Schools you will find complete references of all PHP functions:

• • • • • • • • • • • • • • • • • •

Array functions Calendar functions Date functions Directory functions Error functions Filesystem functions Filter functions FTP functions HTTP functions LibXML functions Mail functions Math functions Misc functions MySQL functions SimpleXML functions String functions XML Parser functions Zip functions

PHP Exam - Get Your Diploma!

W3Schools' Online Certification Program.
The perfect solution for busy professionals who need to balance work, family, and career building. More than 3000 certificates already issued!

The HTML Certificate documents your knowledge of HTML, XHTML, and CSS. The JavaScript Certificate documents your knowledge of JavaScript and HTML DOM. The XML Certificate documents your knowledge of XML, XML DOM and XSLT. The ASP Certificate documents your knowledge of ASP, SQL, and ADO. The PHP Certificate documents your knowledge of PHP and SQL (MySQL).

What You Should Already Know
Before you continue you should have a basic understanding of the following:

• •

HTML Some scripting knowledge

If you want to study these subjects first, find the tutorials on our Home page.

What is PHP?
• • • • • •
PHP stands for PHP: Hypertext Preprocessor PHP is a server-side scripting language, like ASP PHP scripts are executed on the server PHP supports many databases (MySQL, Informix, Oracle, Sybase, Solid, PostgreSQL, Generic ODBC, etc.) PHP is an open source software PHP is free to download and use

What is a PHP File?
• • •
PHP files can contain text, HTML tags and scripts PHP files are returned to the browser as plain HTML PHP files have a file extension of ".php", ".php3", or ".phtml"

What is MySQL?
• • •
MySQL is a database server MySQL is ideal for both small and large applications MySQL supports standard SQL

• •

MySQL compiles on a number of platforms MySQL is free to download and use

PHP + MySQL

PHP combined with MySQL are cross-platform (you can develop in Windows and serve on a Unix platform)

Why PHP?
• • • •
PHP PHP PHP PHP runs on different platforms (Windows, Linux, Unix, etc.) is compatible with almost all servers used today (Apache, IIS, etc.) is FREE to download from the official PHP resource: www.php.net is easy to learn and runs efficiently on the server side

Where to Start?
To get access to a web server with PHP support, you can:

• •

Install Apache (or IIS) on your own server, install PHP, and MySQL Or find a web hosting plan with PHP and MySQL support

PHP Installation
1

What do You Need?
If your server supports PHP you don't need to do anything. Just create some .php files in your web directory, and the server will parse them for you. Because it is free, most web hosts offer PHP support. However, if your server does not support PHP, you must install PHP. Here is a link to a good tutorial from PHP.net on how to install PHP5: http://www.php.net/manual/en/install.php

Download PHP 
Download PHP for free here: http://www.php.net/downloads.php

Download MySQL Database 
Download MySQL for free here: http://www.mysql.com/downloads/index.html

Download Apache Server 
Download Apache for free here: http://httpd.apache.org/download.cgi

PHP Syntax
1

PHP code is executed on the server, and the plain HTML result is sent to the browser.

Basic PHP Syntax
A PHP scripting block always starts with <?php and ends with ?>. A PHP scripting block can be placed anywhere in the document. On servers with shorthand support enabled you can start a scripting block with <? and end with ?>. For maximum compatibility, we recommend that you use the standard form (<?php) rather than the shorthand form.

<?php ?>
A PHP file normally contains HTML tags, just like an HTML file, and some PHP scripting code. Below, we have an example of a simple PHP script which sends the text "Hello World" to the browser:

<html> <body> <?php echo "Hello World"; ?> </body> </html>
Each code line in PHP must end with a semicolon. The semicolon is a separator and is used to distinguish one set of instructions from another. There are two basic statements to output text with PHP: echo and print. In the example above we have used the echo statement to output the text "Hello World". Note: The file must have the .php extension. If the file has a .html extension, the PHP code will not be executed.

Comments in PHP
In PHP, we use // to make a single-line comment or /* and */ to make a large comment block.

<html> <body> <?php //This is a comment /* This is a comment block */ ?> </body> </html>

 
PHP Variables
1

Variables are used for storing values, such as numbers, strings or function results, so that they can be used many times in a script.

Variables in PHP
Variables are used for storing a values, like text strings, numbers or arrays. When a variable is set it can be used over and over again in your script All variables in PHP start with a $ sign symbol. The correct way of setting a variable in PHP:

$var_name = value;
New PHP programmers often forget the $ sign at the beginning of the variable. In that case it will not work. Let's try creating a variable with a string, and a variable with a number:

<?php $txt = "Hello World!"; $number = 16; ?>

PHP is a Loosely Typed Language
In PHP a variable does not need to be declared before being set. In the example above, you see that you do not have to tell PHP which data type the variable is. PHP automatically converts the variable to the correct data type, depending on how they are set. In a strongly typed programming language, you have to declare (define) the type and name of the variable before using it. In PHP the variable is declared automatically when you use it.

Variable Naming Rules
• • •
A variable A variable A variable separated name must start with a letter or an underscore "_" name can only contain alpha-numeric characters and underscores (a-z, A-Z, 0-9, and _ ) name should not contain spaces. If a variable name is more than one word, it should be with underscore ($my_string), or with capitalization ($myString)

PHP String
1

A string variable is used to store and manipulate a piece of text.

Strings in PHP
String variables are used for values that contains character strings. In this tutorial we are going to look at some of the most common functions and operators used to manipulate strings in PHP. After we create a string we can manipulate it. A string can be used directly in a function or it can be stored in a variable. Below, the PHP script assigns the string "Hello World" to a string variable called $txt:

<?php $txt="Hello World"; echo $txt; ?>
The output of the code above will be:

Hello World
Now, lets try to use some different functions and operators to manipulate our string.

The Concatenation Operator
There is only one string operator in PHP. The concatenation operator (.) is used to put two string values together. To concatenate two variables together, use the dot (.) operator:

<?php $txt1="Hello World"; $txt2="1234"; echo $txt1 . " " . $txt2; ?>
The output of the code above will be:

Hello World 1234
If we look at the code above you see that we used the concatenation operator two times. This is because we had to insert a third string. Between the two string variables we added a string with a single character, an empty space, to separate the two variables.

Using the strlen() function
The strlen() function is used to find the length of a string. Let's find the length of our string "Hello world!":

<?php echo strlen("Hello world!"); ?>
The output of the code above will be:

12
The length of a string is often used in loops or other functions, when it is important to know when the string ends. (i.e. in a loop, we would want to stop the loop after the last character in the string)

Using the strpos() function
The strpos() function is used to search for a string or character within a string. If a match is found in the string, this function will return the position of the first match. If no match is found, it will return FALSE. Let's see if we can find the string "world" in our string:

<?php echo strpos("Hello world!","world"); ?>
The output of the code above will be:

6
As you see the position of the string "world" in our string is position 6. The reason that it is 6, and not 7, is that the first position in the string is 0, and not 1.

Complete PHP String Reference
For a complete reference of all string functions, go to our complete PHP String Reference. The reference contains a brief description and examples of use for each function!

1

 

 
PHP String
1

A string variable is used to store and manipulate a piece of text.

Strings in PHP
String variables are used for values that contains character strings. In this tutorial we are going to look at some of the most common functions and operators used to manipulate strings in PHP.

After we create a string we can manipulate it. A string can be used directly in a function or it can be stored in a variable. Below, the PHP script assigns the string "Hello World" to a string variable called $txt:

<?php $txt="Hello World"; echo $txt; ?>
The output of the code above will be:

Hello World
Now, lets try to use some different functions and operators to manipulate our string.

The Concatenation Operator
There is only one string operator in PHP. The concatenation operator (.) is used to put two string values together. To concatenate two variables together, use the dot (.) operator:

<?php $txt1="Hello World"; $txt2="1234"; echo $txt1 . " " . $txt2; ?>
The output of the code above will be:

Hello World 1234
If we look at the code above you see that we used the concatenation operator two times. This is because we had to insert a third string. Between the two string variables we added a string with a single character, an empty space, to separate the two variables.

Using the strlen() function
The strlen() function is used to find the length of a string. Let's find the length of our string "Hello world!":

<?php

echo strlen("Hello world!"); ?>
The output of the code above will be:

12
The length of a string is often used in loops or other functions, when it is important to know when the string ends. (i.e. in a loop, we would want to stop the loop after the last character in the string)

Using the strpos() function
The strpos() function is used to search for a string or character within a string. If a match is found in the string, this function will return the position of the first match. If no match is found, it will return FALSE. Let's see if we can find the string "world" in our string:

<?php echo strpos("Hello world!","world"); ?>
The output of the code above will be:

6
As you see the position of the string "world" in our string is position 6. The reason that it is 6, and not 7, is that the first position in the string is 0, and not 1.

Complete PHP String Reference
For a complete reference of all string functions, go to our complete PHP String Reference. The reference contains a brief description and examples of use for each function!

PHP If...Else Statements
1

The if, elseif and else statements in PHP are used to perform different actions based on different conditions.

Conditional Statements
Very often when you write code, you want to perform different actions for different decisions. You can use conditional statements in your code to do this.

• •

if...else statement - use this statement if you want to execute a set of code when a condition is true and another if the condition is not true elseif statement - is used with the if...else statement to execute a set of code if one of several condition are true

The If...Else Statement
If you want to execute some code if a condition is true and another code if a condition is false, use the if....else statement.

Syntax 

if (condition) code to be executed if condition is true; else code to be executed if condition is false;
Example
The following example will output "Have a nice weekend!" if the current day is Friday, otherwise it will output "Have a nice day!":

<html> <body> <?php $d=date("D"); if ($d=="Fri") echo "Have a nice weekend!"; else echo "Have a nice day!"; ?> </body> </html>
If more than one line should be executed if a condition is true/false, the lines should be enclosed within curly braces:

<html> <body> <?php $d=date("D"); if ($d=="Fri") { echo "Hello!<br />"; echo "Have a nice weekend!"; echo "See you on Monday!"; } ?> </body> </html>

The ElseIf Statement
If you want to execute some code if one of several conditions are true use the elseif statement

Syntax 

if (condition) code to be executed if condition is true; elseif (condition) code to be executed if condition is true; else code to be executed if condition is false;
Example
The following example will output "Have a nice weekend!" if the current day is Friday, and "Have a nice Sunday!" if the current day is Sunday. Otherwise it will output "Have a nice day!":

<html> <body> <?php $d=date("D"); if ($d=="Fri") echo "Have a nice weekend!"; elseif ($d=="Sun") echo "Have a nice Sunday!"; else echo "Have a nice day!"; ?> </body> </html>

1

PHP Switch Statement
1

The Switch statement in PHP is used to perform one of several different actions based on one of several different conditions.

The Switch Statement
If you want to select one of many blocks of code to be executed, use the Switch statement. The switch statement is used to avoid long blocks of if..elseif..else code.

Syntax 

switch (expression) { case label1: code to be executed if expression = label1; break; case label2: code to be executed if expression = label2; break; default: code to be executed if expression is different from both label1 and label2; }
Example
This is how it works:

• • • • •

A single expression (most often a variable) is evaluated once The value of the expression is compared with the values for each case in the structure If there is a match, the code associated with that case is executed After a code is executed, break is used to stop the code from running into the next case The default statement is used if none of the cases are true

<html> <body> <?php switch ($x) { case 1: echo "Number 1"; break; case 2: echo "Number 2"; break; case 3:

echo "Number 3"; break; default: echo "No number between 1 and 3"; } ?> </body> </html>

 
PHP Arrays
1

An array can store one or more values in a single variable name.

What is an array?
When working with PHP, sooner or later, you might want to create many similar variables. Instead of having many similar variables, you can store the data as elements in an array. Each element in the array has its own ID so that it can be easily accessed. There are three different kind of arrays:

• • •

Numeric array - An array with a numeric ID key Associative array - An array where each ID key is associated with a value Multidimensional array - An array containing one or more arrays

Numeric Arrays
A numeric array stores each element with a numeric ID key. There are different ways to create a numeric array.

Example 1 
In this example the ID key is automatically assigned:

$names = array("Peter","Quagmire","Joe");

Example 2
In this example we assign the ID key manually:

$names[0] = "Peter"; $names[1] = "Quagmire"; $names[2] = "Joe";
The ID keys can be used in a script:

<?php $names[0] = "Peter"; $names[1] = "Quagmire"; $names[2] = "Joe"; echo $names[1] . " and " . $names[2] . " are ". $names[0] . "'s neighbors"; ?>
The code above will output:

Quagmire and Joe are Peter's neighbors

Associative Arrays
An associative array, each ID key is associated with a value. When storing data about specific named values, a numerical array is not always the best way to do it. With associative arrays we can use the values as keys and assign values to them.

Example 1 
In this example we use an array to assign ages to the different persons:

$ages = array("Peter"=>32, "Quagmire"=>30, "Joe"=>34);
Example 2
This example is the same as example 1, but shows a different way of creating the array:

$ages['Peter'] = "32"; $ages['Quagmire'] = "30"; $ages['Joe'] = "34";
The ID keys can be used in a script:

<?php

$ages['Peter'] = "32"; $ages['Quagmire'] = "30"; $ages['Joe'] = "34"; echo "Peter is " . $ages['Peter'] . " years old."; ?>
The code above will output:

Peter is 32 years old.

Multidimensional Arrays
In a multidimensional array, each element in the main array can also be an array. And each element in the sub-array can be an array, and so on.

Example 
In this example we create a multidimensional array, with automatically assigned ID keys:

$families = array ( "Griffin"=>array ( "Peter", "Lois", "Megan" ), "Quagmire"=>array ( "Glenn" ), "Brown"=>array ( "Cleveland", "Loretta", "Junior" ) );
The array above would look like this if written to the output:

Array ( [Griffin] => Array ( [0] => Peter [1] => Lois [2] => Megan ) [Quagmire] => Array

( [0] => Glenn ) [Brown] => Array ( [0] => Cleveland [1] => Loretta [2] => Junior ) )
Example 2
Lets try displaying a single value from the array above:

echo "Is " . $families['Griffin'][2] . " a part of the Griffin family?";
The code above will output:

Is Megan a part of the Griffin family?

1

 

 
PHP Looping
1

Looping statements in PHP are used to execute the same block of code a specified number of times.

Looping
Very often when you write code, you want the same block of code to run a number of times. You can use looping statements in your code to perform this. In PHP we have the following looping statements:

• • •

while - loops through a block of code if and as long as a specified condition is true do...while - loops through a block of code once, and then repeats the loop as long as a special condition is true for - loops through a block of code a specified number of times

foreach - loops through a block of code for each element in an array

The while Statement
The while statement will execute a block of code if and as long as a condition is true.

Syntax 

while (condition) code to be executed;
Example
The following example demonstrates a loop that will continue to run as long as the variable i is less than, or equal to 5. i will increase by 1 each time the loop runs:

<html> <body> <?php $i=1; while($i<=5) { echo "The number is " . $i . "<br />"; $i++; } ?> </body> </html>

The do...while Statement
The do...while statement will execute a block of code at least once - it then will repeat the loop as long as a condition is true.

Syntax 

do { code to be executed; } while (condition);
Example
The following example will increment the value of i at least once, and it will continue incrementing the variable i as long as it has a value of less than 5:

<html> <body> <?php

$i=0; do { $i++; echo "The number is " . $i . "<br />"; } while ($i<5); ?> </body> </html>

The for Statement
The for statement is the most advanced of the loops in PHP. In it's simplest form, the for statement is used when you know how many times you want to execute a statement or a list of statements.

Syntax 

for (init; cond; incr) { code to be executed; }
Parameters:

• • •

init: Is mostly used to set a counter, but can be any code to be executed once at the beginning of the loop statement. cond: Is evaluated at beginning of each loop iteration. If the condition evaluates to TRUE, the loop continues and the code executes. If it evaluates to FALSE, the execution of the loop ends. incr: Is mostly used to increment a counter, but can be any code to be executed at the end of each loop.

Note: Each of the parameters can be empty or have multiple expressions separated by commas.

cond: All expressions separated by a comma are evaluated but the result is taken from the last part. This parameter being empty means the loop should be run indefinitely. This is useful when using a conditional break statement inside the loop for ending the loop.

Example
The following example prints the text "Hello World!" five times:

<html> <body> <?php for ($i=1; $i<=5; $i++) { echo "Hello World!<br />"; }

?> </body> </html>

The foreach Statement
The foreach statement is used to loop through arrays. For every loop, the value of the current array element is assigned to $value (and the array pointer is moved by one) - so on the next loop, you'll be looking at the next element.

Syntax 

foreach (array as value) { code to be executed; }
Example
The following example demonstrates a loop that will print the values of the given array:

<html> <body> <?php $arr=array("one", "two", "three"); foreach ($arr as $value) { echo "Value: " . $value . "<br />"; } ?> </body> </html>

1

 

   
PHP Functions
1

The real power of PHP comes from its functions. In PHP - there are more than 700 built-in functions available.

PHP Functions
In this tutorial we will show you how to create your own functions. For a reference and examples of the built-in functions, please visit our PHP Reference.

Create a PHP Function
A function is a block of code that can be executed whenever we need it. Creating PHP functions:

• • • • •

All functions start with the word "function()" Name the function - It should be possible to understand what the function does by its name. The name can start with a letter or underscore (not a number) Add a "{" - The function code starts after the opening curly brace Insert the function code Add a "}" - The function is finished by a closing curly brace

Example
A simple function that writes my name when it is called:

<html> <body> <?php function writeMyName() { echo "Kai Jim Refsnes"; } writeMyName(); ?> </body> </html>

Use a PHP Function
Now we will use the function in a PHP script:

<html> <body> <?php

function writeMyName() { echo "Kai Jim Refsnes"; } echo "Hello world!<br />"; echo "My name is "; writeMyName(); echo ".<br />That's right, "; writeMyName(); echo " is my name."; ?> </body> </html>
The output of the code above will be:

Hello world! My name is Kai Jim Refsnes. That's right, Kai Jim Refsnes is my name.

PHP Functions - Adding parameters
Our first function (writeMyName()) is a very simple function. It only writes a static string. To add more functionality to a function, we can add parameters. A parameter is just like a variable. You may have noticed the parentheses after the function name, like: writeMyName(). The parameters are specified inside the parentheses.

Example 1 
The following example will write different first names, but the same last name:

<html> <body> <?php function writeMyName($fname) { echo $fname . " Refsnes.<br />"; } echo "My name is "; writeMyName("Kai Jim"); echo "My name is "; writeMyName("Hege"); echo "My name is "; writeMyName("Stale"); ?> </body> </html>
The output of the code above will be:

My name is Kai Jim Refsnes. My name is Hege Refsnes. My name is Stale Refsnes.
Example 2
The following function has two parameters:

<html> <body> <?php function writeMyName($fname,$punctuation) { echo $fname . " Refsnes" . $punctuation . "<br />"; } echo "My name is "; writeMyName("Kai Jim","."); echo "My name is "; writeMyName("Hege","!"); echo "My name is "; writeMyName("Ståle","..."); ?> </body> </html>
The output of the code above will be:

My name is Kai Jim Refsnes. My name is Hege Refsnes! My name is Ståle Refsnes...

PHP Functions - Return values
Functions can also be used to return values.

Example 

<html> <body> <?php function add($x,$y) { $total = $x + $y; return $total; } echo "1 + 16 = " . add(1,16); ?> </body> </html>
The output of the code above will be:

1 + 16 = 17

1

 

   
PHP Forms and User Input
1

The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input.

PHP Form Handling
The most important thing to notice when dealing with HTML forms and PHP is that any form element in an HTML page will automatically be available to your PHP scripts. Form example:

<html> <body> <form action="welcome.php" method="post"> Name: <input type="text" name="name" /> Age: <input type="text" name="age" /> <input type="submit" /> </form> </body> </html>
The example HTML page above contains two input fields and a submit button. When the user fills in this form and click on the submit button, the form data is sent to the "welcome.php" file. The "welcome.php" file looks like this:

<html> <body> Welcome <?php echo $_POST["name"]; ?>.<br /> You are <?php echo $_POST["age"]; ?> years old. </body> </html>

A sample output of the above script may be:

Welcome John. You are 28 years old.
The PHP $_GET and $_POST variables will be explained in the next chapters.

Form Validation
User input should be validated whenever possible. Client side validation is faster, and will reduce server load. However, any site that gets enough traffic to worry about server resources, may also need to worry about site security. You should always use server side validation if the form accesses a database. A good way to validate a form on the server is to post the form to itself, instead of jumping to a different page. The user will then get the error messages on the same page as the form. This makes it easier to discover the error.

1

 

 
PHP $_GET
1

The $_GET variable is used to collect values from a form with method="get".

The $_GET Variable
The $_GET variable is an array of variable names and values sent by the HTTP GET method. The $_GET variable is used to collect values from a form with method="get". Information sent from a form with the GET method is visible to everyone (it will be displayed in the browser's address bar) and it has limits on the amount of information to send (max. 100 characters).

Example 

<form action="welcome.php" method="get"> Name: <input type="text" name="name" /> Age: <input type="text" name="age" /> <input type="submit" /> </form>

When the user clicks the "Submit" button, the URL sent could look something like this:

http://www.w3schools.com/welcome.php?name=Peter&age=37
The "welcome.php" file can now use the $_GET variable to catch the form data (notice that the names of the form fields will automatically be the ID keys in the $_GET array):

Welcome <?php echo $_GET["name"]; ?>.<br /> You are <?php echo $_GET["age"]; ?> years old!

Why use $_GET?
Note: When using the $_GET variable all variable names and values are displayed in the URL. So this method should not be used when sending passwords or other sensitive information! However, because the variables are displayed in the URL, it is possible to bookmark the page. This can be useful in some cases. Note: The HTTP GET method is not suitable on large variable values; the value cannot exceed 100 characters.

The $_REQUEST Variable
The PHP $_REQUEST variable contains the contents of both $_GET, $_POST, and $_COOKIE. The PHP $_REQUEST variable can be used to get the result from form data sent with both the GET and POST methods.

Example 

Welcome <?php echo $_REQUEST["name"]; ?>.<br /> You are <?php echo $_REQUEST["age"]; ?> years old!

1

 

 
PHP $_GET
1

The $_GET variable is used to collect values from a form with method="get".

The $_GET Variable
The $_GET variable is an array of variable names and values sent by the HTTP GET method. The $_GET variable is used to collect values from a form with method="get". Information sent from a form with the GET method is visible to everyone (it will be displayed in the browser's address bar) and it has limits on the amount of information to send (max. 100 characters).

Example 

<form action="welcome.php" method="get"> Name: <input type="text" name="name" /> Age: <input type="text" name="age" /> <input type="submit" /> </form>
When the user clicks the "Submit" button, the URL sent could look something like this:

http://www.w3schools.com/welcome.php?name=Peter&age=37
The "welcome.php" file can now use the $_GET variable to catch the form data (notice that the names of the form fields will automatically be the ID keys in the $_GET array):

Welcome <?php echo $_GET["name"]; ?>.<br /> You are <?php echo $_GET["age"]; ?> years old!

Why use $_GET?
Note: When using the $_GET variable all variable names and values are displayed in the URL. So this method should not be used when sending passwords or other sensitive information! However, because the variables are displayed in the URL, it is possible to bookmark the page. This can be useful in some cases. Note: The HTTP GET method is not suitable on large variable values; the value cannot exceed 100 characters.

The $_REQUEST Variable
The PHP $_REQUEST variable contains the contents of both $_GET, $_POST, and $_COOKIE. The PHP $_REQUEST variable can be used to get the result from form data sent with both the GET and POST methods.

Example 

Welcome <?php echo $_REQUEST["name"]; ?>.<br /> You are <?php echo $_REQUEST["age"]; ?> years old!

1

 

 
PHP Date()
1

The PHP date() function is used to format a time or a date.

The PHP Date() Function
The PHP date() function formats a timestamp to a more readable date and time.

Syntax 

date(format,timestamp)

Parameter format timestamp

Description Required. Specifies the format of the timestamp Optional. Specifies a timestamp. Default is the current date and time (as a timestamp)

PHP Date - What is a Timestamp?
A timestamp is the number of seconds since January 1, 1970 at 00:00:00 GMT. This is also known as the Unix Timestamp.

PHP Date - Format the Date
The first parameter in the date() function specifies how to format the date/time. It uses letters to represent date and time formats. Here are some of the letters that can be used:

• • •

d - The day of the month (01-31) m - The current month, as a number (01-12) Y - The current year in four digits

An overview of all the letters that can be used in the format parameter, can be found in our PHP Date reference. Other characters, like"/", ".", or "-" can also be inserted between the letters to add additional formatting:

<?php echo date("Y/m/d"); echo "<br />"; echo date("Y.m.d"); echo "<br />"; echo date("Y-m-d"); ?>
The output of the code above could be something like this:

2006/07/11 2006.07.11 2006-07-11

PHP Date - Adding a Timestamp
The second parameter in the date() function specifies a timestamp. This parameter is optional. If you do not supply a timestamp, the current time will be used. In our next example we will use the mktime() function to create a timestamp for tomorrow. The mktime() function returns the Unix timestamp for a specified date.

Syntax 

mktime(hour,minute,second,month,day,year,is_dst)
To go one day in the future we simply add one to the day argument of mktime():

<?php $tomorrow = mktime(0,0,0,date("m"),date("d")+1,date("Y")); echo "Tomorrow is ".date("Y/m/d", $tomorrow); ?>
The output of the code above could be something like this:

Tomorrow is 2006/07/12

PHP Date - Reference
For more information about all the PHP date functions, please visit our PHP Date Reference.

1

 

 
PHP Include File
1

Server Side Includes (SSI) are used to create functions, headers, footers, or elements that will be reused on multiple pages.

Server Side Includes
You can insert the content of a file into a PHP file before the server executes it, with the include() or require() function. The two functions are identical in every way, except how they handle errors. The include() function generates a warning (but the script will continue execution) while the require() function generates a fatal error (and the script execution will stop after the error). These two functions are used to create functions, headers, footers, or elements that can be reused on multiple pages. This can save the developer a considerable amount of time. This means that you can create a standard header or menu file that you want all your web pages to include. When the header needs to be updated, you can only update this one include file, or when you add a new page to your site, you can simply change the menu file (instead of updating the links on all web pages).

The include() Function
The include() function takes all the text in a specified file and copies it into the file that uses the include function.

Example 1 
Assume that you have a standard header file, called "header.php". To include the header file in a page, use the include() function, like this:

<html> <body> <?php include("header.php"); ?> <h1>Welcome to my home page</h1> <p>Some text</p> </body> </html>

Example 2
Now, let's assume we have a standard menu file that should be used on all pages (include files usually have a ".php" extension). Look at the "menu.php" file below:

<html> <body> <a href="http://www.w3schools.com/default.php">Home</a> | <a href="http://www.w3schools.com/about.php">About Us</a> | <a href="http://www.w3schools.com/contact.php">Contact Us</a>
The three files, "default.php", "about.php", and "contact.php" should all include the "menu.php" file. Here is the code in "default.php":

<?php include("menu.php"); ?> <h1>Welcome to my home page</h1> <p>Some text</p> </body> </html>
If you look at the source code of the "default.php" in a browser, it will look something like this:

<html> <body> <a href="default.php">Home</a> | <a href="about.php">About Us</a> | <a href="contact.php">Contact Us</a> <h1>Welcome to my home page</h1> <p>Some text</p> </body> </html>
And, of course, we would have to do the same thing for "about.php" and "contact.php". By using include files, you simply have to update the text in the "menu.php" file if you decide to rename or change the order of the links or add another web page to the site.

The require() Function
The require() function is identical to include(), except that it handles errors differently. The include() function generates a warning (but the script will continue execution) while the require() function generates a fatal error (and the script execution will stop after the error). If you include a file with the include() function and an error occurs, you might get an error message like the one below. PHP code:

<html> <body>

<?php include("wrongFile.php"); echo "Hello World!"; ?> </body> </html>
Error message:

Warning: include(wrongFile.php) [function.include]: failed to open stream: No such file or directory in C:\home\website\test.php on line 5 Warning: include() [function.include]: Failed opening 'wrongFile.php' for inclusion (include_path='.;C:\php5\pear') in C:\home\website\test.php on line 5 Hello World!
Notice that the echo statement is still executed! This is because a Warning does not stop the script execution. Now, let's run the same example with the require() function. PHP code:

<html> <body> <?php require("wrongFile.php"); echo "Hello World!"; ?> </body> </html>
Error message:

Warning: require(wrongFile.php) [function.require]: failed to open stream: No such file or directory in C:\home\website\test.php on line 5 Fatal error: require() [function.require]: Failed opening required 'wrongFile.php' (include_path='.;C:\php5\pear') in C:\home\website\test.php on line 5
The echo statement was not executed because the script execution stopped after the fatal error. It is recommended to use the require() function instead of include(), because scripts should not continue executing if files are missing or misnamed.

1

 

 
PHP File Handling
1

The fopen() function is used to open files in PHP.

Opening a File
The fopen() function is used to open files in PHP. The first parameter of this function contains the name of the file to be opened and the second parameter specifies in which mode the file should be opened:

<html> <body> <?php $file=fopen("welcome.txt","r"); ?> </body> </html>
The file may be opened in one of the following modes: Modes r r+ w Description Read only. Starts at the beginning of the file Read/Write. Starts at the beginning of the file Write only. Opens and clears the contents of file; or creates a new file if it doesn't exist Read/Write. Opens and clears the contents of file; or creates a new file if it doesn't exist Append. Opens and writes to the end of the file or creates a new file if it doesn't exist Read/Append. Preserves file content by writing to the end of the file Write only. Creates a new file. Returns FALSE and an error if file already exists

w+

a a+ x

x+

Read/Write. Creates a new file. Returns FALSE and an error if file already exists

Note: If the fopen() function is unable to open the specified file, it returns 0 (false).

Example 
The following example generates a message if the fopen() function is unable to open the specified file:

<html> <body> <?php $file=fopen("welcome.txt","r") or exit("Unable to open file!"); ?> </body> </html>

Closing a File
The fclose() function is used to close an open file:

<?php $file = fopen("test.txt","r"); //some code to be executed fclose($file); ?>

Check End-of-file
The feof() function checks if the "end-of-file" (EOF) has been reached. The feof() function is useful for looping through data of unknown length. Note: You cannot read from files opened in w, a, and x mode!

if (feof($file)) echo "End of file";

Reading a File Line by Line
The fgets() function is used to read a single line from a file. Note: After a call to this function the file pointer has moved to the next line.

Example 
The example below reads a file line by line, until the end of file is reached:

<?php $file = fopen("welcome.txt", "r") or exit("Unable to open file!"); //Output a line of the file until the end is reached while(!feof($file)) { echo fgets($file). "<br />"; } fclose($file); ?>

Reading a File Character by Character
The fgetc() function is used to read a single character from a file. Note: After a call to this function the file pointer moves to the next character.

Example 
The example below reads a file character by character, until the end of file is reached:

<?php $file=fopen("welcome.txt","r") or exit("Unable to open file!"); while (!feof($file)) { echo fgetc($file); } fclose($file); ?>

PHP Filesystem Reference
For a full reference of the PHP filesystem functions, visit our PHP Filesystem Reference.

PHP File Upload
1

With PHP, it is possible to upload files to the server.

Create an Upload-File Form
To allow users to upload files from a form can be very useful. Look at the following HTML form for uploading files:

<html> <body> <form action="upload_file.php" method="post" enctype="multipart/form-data"> <label for="file">Filename:</label> <input type="file" name="file" id="file" /> <br /> <input type="submit" name="submit" value="Submit" /> </form> </body> </html>
Notice the following about the HTML form above:

• •

The enctype attribute of the <form> tag specifies which content-type to use when submitting the form. "multipart/form-data" is used when a form requires binary data, like the contents of a file, to be uploaded The type="file" attribute of the <input> tag specifies that the input should be processed as a file. For example, when viewed in a browser, there will be a browse-button next to the input field

Note: Allowing users to upload files is a big security risk. Only permit trusted users to perform file uploads.

Create The Upload Script
The "upload_file.php" file contains the code for uploading a file:

<?php if ($_FILES["file"]["error"] > 0) { echo "Error: " . $_FILES["file"]["error"] . "<br />"; } else {

echo echo echo echo } ?>

"Upload: " . $_FILES["file"]["name"] . "<br />"; "Type: " . $_FILES["file"]["type"] . "<br />"; "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />"; "Stored in: " . $_FILES["file"]["tmp_name"];

By using the global PHP $_FILES array you can upload files from a client computer to the remote server. The first parameter is the form's input name and the second index can be either "name", "type", "size", "tmp_name" or "error". Like this:

• • • • •

$_FILES["file"]["name"] - the name of the uploaded file $_FILES["file"]["type"] - the type of the uploaded file $_FILES["file"]["size"] - the size in bytes of the uploaded file $_FILES["file"]["tmp_name"] - the name of the temporary copy of the file stored on the server $_FILES["file"]["error"] - the error code resulting from the file upload

This is a very simple way of uploading files. For security reasons, you should add restrictions on what the user is allowed to upload.

Restrictions on Upload
In this script we add some restrictions to the file upload. The user may only upload .gif or .jpeg files and the file size must be under 20 kb:

<?php if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/pjpeg")) && ($_FILES["file"]["size"] < 20000)) { if ($_FILES["file"]["error"] > 0) { echo "Error: " . $_FILES["file"]["error"] . "<br />"; } else { echo "Upload: " . $_FILES["file"]["name"] . "<br />"; echo "Type: " . $_FILES["file"]["type"] . "<br />"; echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />"; echo "Stored in: " . $_FILES["file"]["tmp_name"]; } } else { echo "Invalid file"; } ?>
Note: For IE to recognize jpg files the type must be pjpeg, for FireFox it must be jpeg.

Saving the Uploaded File
The examples above create a temporary copy of the uploaded files in the PHP temp folder on the server. The temporary copied files disappears when the script ends. To store the uploaded file we need to copy it to a different location:

<?php if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/pjpeg")) && ($_FILES["file"]["size"] < 20000)) { if ($_FILES["file"]["error"] > 0) { echo "Return Code: " . $_FILES["file"]["error"] . "<br />"; } else { echo "Upload: " . $_FILES["file"]["name"] . "<br />"; echo "Type: " . $_FILES["file"]["type"] . "<br />"; echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />"; echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />"; if (file_exists("upload/" . $_FILES["file"]["name"])) { echo $_FILES["file"]["name"] . " already exists. "; } else { move_uploaded_file($_FILES["file"]["tmp_name"], "upload/" . $_FILES["file"]["name"]); echo "Stored in: " . "upload/" . $_FILES["file"]["name"]; } } } else { echo "Invalid file"; } ?>
The script above checks if the file already exists, if it does not, it copies the file to the specified folder. Note: This example saves the file to a new folder called "upload"

1

PHP Cookies
1

A cookie is often used to identify a user.

What is a Cookie?
A cookie is often used to identify a user. A cookie is a small file that the server embeds on the user's computer. Each time the same computer requests a page with a browser, it will send the cookie too. With PHP, you can both create and retrieve cookie values.

How to Create a Cookie?
The setcookie() function is used to set a cookie. Note: The setcookie() function must appear BEFORE the <html> tag.

Syntax 

setcookie(name, value, expire, path, domain);
Example 1
In the example below, we will create a cookie named "user" and assign the value "Alex Porter" to it. We also specify that the cookie should expire after one hour:

<?php setcookie("user", "Alex Porter", time()+3600); ?> <html> .....
Note: The value of the cookie is automatically URLencoded when sending the cookie, and automatically decoded when received (to prevent URLencoding, use setrawcookie() instead).

Example 2 
You can also set the expiration time of the cookie in another way. It may be easier than using seconds.

<?php $expire=time()+60*60*24*30; setcookie("user", "Alex Porter", $expire); ?> <html> .....
In the example above the expiration time is set to a month (60 sec * 60 min * 24 hours * 30 days).

How to Retrieve a Cookie Value?
The PHP $_COOKIE variable is used to retrieve a cookie value. In the example below, we retrieve the value of the cookie named "user" and display it on a page:

<?php // Print a cookie echo $_COOKIE["user"]; // A way to view all cookies print_r($_COOKIE); ?>
In the following example we use the isset() function to find out if a cookie has been set:

<html> <body> <?php if (isset($_COOKIE["user"])) echo "Welcome " . $_COOKIE["user"] . "!<br />"; else echo "Welcome guest!<br />"; ?> </body> </html>

How to Delete a Cookie?
When deleting a cookie you should assure that the expiration date is in the past. Delete example:

<?php // set the expiration date to one hour ago setcookie("user", "", time()-3600); ?>

What if a Browser Does NOT Support Cookies?
If your application deals with browsers that do not support cookies, you will have to use other methods to pass information from one page to another in your application. One method is to pass the data through forms (forms and user input are described earlier in this tutorial). The form below passes the user input to "welcome.php" when the user clicks on the "Submit" button:

<html> <body> <form action="welcome.php" method="post"> Name: <input type="text" name="name" /> Age: <input type="text" name="age" /> <input type="submit" /> </form> </body> </html>
Retrieve the values in the "welcome.php" file like this:

<html> <body> Welcome <?php echo $_POST["name"]; ?>.<br /> You are <?php echo $_POST["age"]; ?> years old. </body> </html>

PHP Sessions
1

A PHP session variable is used to store information about, or change settings for a user session. Session variables hold information about one single user, and are available to all pages in one application.

PHP Session Variables
When you are working with an application, you open it, do some changes and then you close it. This is much like a Session. The computer knows who you are. It knows when you start the application and when you end. But on the internet there is one problem: the web server does not know who you are and what you do because the HTTP address doesn't maintain state. A PHP session solves this problem by allowing you to store user information on the server for later use (i.e. username, shopping items, etc). However, session information is temporary and will be deleted after the user has left the website. If you need a permanent storage you may want to store the data in a database. Sessions work by creating a unique id (UID) for each visitor and store variables based on this UID. The UID is either stored in a cookie or is propagated in the URL.

Starting a PHP Session
Before you can store user information in your PHP session, you must first start up the session.

Note: The session_start() function must appear BEFORE the <html> tag:

<?php session_start(); ?> <html> <body> </body> </html>
The code above will register the user's session with the server, allow you to start saving user information, and assign a UID for that user's session.

Storing a Session Variable
The correct way to store and retrieve session variables is to use the PHP $_SESSION variable:

<?php session_start(); // store session data $_SESSION['views']=1; ?> <html> <body> <?php //retrieve session data echo "Pageviews=". $_SESSION['views']; ?> </body> </html>
Output:

Pageviews=1
In the example below, we create a simple page-views counter. The isset() function checks if the "views" variable has already been set. If "views" has been set, we can increment our counter. If "views" doesn't exist, we create a "views" variable, and set it to 1:

<?php session_start(); if(isset($_SESSION['views'])) $_SESSION['views']=$_SESSION['views']+1; else $_SESSION['views']=1; echo "Views=". $_SESSION['views']; ?>

Destroying a Session
If you wish to delete some session data, you can use the unset() or the session_destroy() function. The unset() function is used to free the specified session variable:

<?php unset($_SESSION['views']); ?>
You can also completely destroy the session by calling the session_destroy() function:

<?php session_destroy(); ?>
Note: session_destroy() will reset your session and you will lose all your stored session data.

PHP Sending E­mails
1

PHP allows you to send e-mails directly from a script.

The PHP mail() Function
The PHP mail() function is used to send emails from inside a script. Syntax

mail(to,subject,message,headers,parameters)

Parameter to subject

Description Required. Specifies the receiver / receivers of the email Required. Specifies the subject of the email. Note: This parameter cannot contain any newline characters Required. Defines the message to be sent. Each line should be separated with a LF (\n). Lines should not exceed 70 characters

message

headers

Optional. Specifies additional headers, like From, Cc, and Bcc. The additional headers should be separated with a CRLF (\r\n) Optional. Specifies an additional parameter to the sendmail program

parameters

Note: For the mail functions to be available, PHP requires an installed and working email system. The program to be used is defined by the configuration settings in the php.ini file. Read more in our PHP Mail reference.

PHP Simple E-Mail
The simplest way to send an email with PHP is to send a text email. In the example below we first declare the variables ($to, $subject, $message, $from, $headers), then we use the variables in the mail() function to send an e-mail:

<?php $to = "someone@example.com"; $subject = "Test mail"; $message = "Hello! This is a simple email message."; $from = "someonelse@example.com"; $headers = "From: $from"; mail($to,$subject,$message,$headers); echo "Mail Sent."; ?>

PHP Mail Form
With PHP, you can create a feedback-form on your website. The example below sends a text message to a specified e-mail address:

<html> <body> <?php if (isset($_REQUEST['email'])) //if "email" is filled out, send email { //send email $email = $_REQUEST['email'] ; $subject = $_REQUEST['subject'] ; $message = $_REQUEST['message'] ; mail( "someone@example.com", "Subject: $subject", $message, "From: $email" ); echo "Thank you for using our mail form"; } else //if "email" is not filled out, display the form {

echo "<form method='post' action='mailform.php'> Email: <input name='email' type='text' /><br /> Subject: <input name='subject' type='text' /><br /> Message:<br /> <textarea name='message' rows='15' cols='40'> </textarea><br /> <input type='submit' /> </form>"; } ?> </body> </html>
This is how the example above works:

• • • •

First, check if the email input field is filled out If it is not set (like when the page is first visited); output the HTML form If it is set (after the form is filled out); send the email from the form When submit is pressed after the form is filled out, the page reloads, sees that the email input is set, and sends the email

Note: This is the simplest way to send e-mail, but it is not secure. In the next chapter of this tutorial you can read more about vulnerabilities in e-mail scripts, and how to validate user input to make it more secure.

PHP Mail Reference
For more information about the PHP mail() function, visit our PHP Mail Reference.

1

PHP Secure E­mails
1

There is a weakness in the PHP e-mail script in the previous chapter.

PHP E-mail Injections
First, look at the PHP code from the previous chapter:

<html> <body>

<?php if (isset($_REQUEST['email'])) //if "email" is filled out, send email { //send email $email = $_REQUEST['email'] ; $subject = $_REQUEST['subject'] ; $message = $_REQUEST['message'] ; mail("someone@example.com", "Subject: $subject", $message, "From: $email" ); echo "Thank you for using our mail form"; } else //if "email" is not filled out, display the form { echo "<form method='post' action='mailform.php'> Email: <input name='email' type='text' /><br /> Subject: <input name='subject' type='text' /><br /> Message:<br /> <textarea name='message' rows='15' cols='40'> </textarea><br /> <input type='submit' /> </form>"; } ?> </body> </html>
The problem with the code above is that unauthorized users can insert data into the mail headers via the input form. What happens if the user adds the following text to the email input field in the form?

someone@example.com%0ACc:person2@example.com %0ABcc:person3@example.com,person3@example.com, anotherperson4@example.com,person5@example.com %0ABTo:person6@example.com
The mail() function puts the text above into the mail headers as usual, and now the header has an extra Cc:, Bcc:, and To: field. When the user clicks the submit button, the e-mail will be sent to all of the addresses above!

PHP Stopping E-mail Injections
The best way to stop e-mail injections is to validate the input. The code below is the same as in the previous chapter, but now we have added an input validator that checks the email field in the form:

<html> <body> <?php

function spamcheck($field) { //filter_var() sanitizes the e-mail //address using FILTER_SANITIZE_EMAIL $field=filter_var($field, FILTER_SANITIZE_EMAIL); //filter_var() validates the e-mail //address using FILTER_VALIDATE_EMAIL if(filter_var($field, FILTER_VALIDATE_EMAIL)) { return TRUE; } else { return FALSE; } } if (isset($_REQUEST['email'])) {//if "email" is filled out, proceed //check if the email address is invalid $mailcheck = spamcheck($_REQUEST['email']); if ($mailcheck==FALSE) { echo "Invalid input"; } else {//send email $email = $_REQUEST['email'] ; $subject = $_REQUEST['subject'] ; $message = $_REQUEST['message'] ; mail("someone@example.com", "Subject: $subject", $message, "From: $email" ); echo "Thank you for using our mail form"; } } else {//if "email" is not filled out, display the form echo "<form method='post' action='mailform.php'> Email: <input name='email' type='text' /><br /> Subject: <input name='subject' type='text' /><br /> Message:<br /> <textarea name='message' rows='15' cols='40'> </textarea><br /> <input type='submit' /> </form>"; } ?> </body> </html>
In the code above we use PHP filters to validate input:

• •

The FILTER_SANITIZE_EMAIL filter removes all illegal e-mail characters from a string The FILTER_VALIDATE_EMAIL filter validates value as an e-mail address

You can read more about filters in our PHP Filter chapter.

1

PHP Secure E­mails
1

There is a weakness in the PHP e-mail script in the previous chapter.

PHP E-mail Injections
First, look at the PHP code from the previous chapter:

<html> <body> <?php if (isset($_REQUEST['email'])) //if "email" is filled out, send email { //send email $email = $_REQUEST['email'] ; $subject = $_REQUEST['subject'] ; $message = $_REQUEST['message'] ; mail("someone@example.com", "Subject: $subject", $message, "From: $email" ); echo "Thank you for using our mail form"; } else //if "email" is not filled out, display the form { echo "<form method='post' action='mailform.php'> Email: <input name='email' type='text' /><br /> Subject: <input name='subject' type='text' /><br /> Message:<br /> <textarea name='message' rows='15' cols='40'> </textarea><br /> <input type='submit' /> </form>"; } ?> </body> </html>
The problem with the code above is that unauthorized users can insert data into the mail headers via the input form.

What happens if the user adds the following text to the email input field in the form?

someone@example.com%0ACc:person2@example.com %0ABcc:person3@example.com,person3@example.com, anotherperson4@example.com,person5@example.com %0ABTo:person6@example.com
The mail() function puts the text above into the mail headers as usual, and now the header has an extra Cc:, Bcc:, and To: field. When the user clicks the submit button, the e-mail will be sent to all of the addresses above!

PHP Stopping E-mail Injections
The best way to stop e-mail injections is to validate the input. The code below is the same as in the previous chapter, but now we have added an input validator that checks the email field in the form:

<html> <body> <?php function spamcheck($field) { //filter_var() sanitizes the e-mail //address using FILTER_SANITIZE_EMAIL $field=filter_var($field, FILTER_SANITIZE_EMAIL); //filter_var() validates the e-mail //address using FILTER_VALIDATE_EMAIL if(filter_var($field, FILTER_VALIDATE_EMAIL)) { return TRUE; } else { return FALSE; } } if (isset($_REQUEST['email'])) {//if "email" is filled out, proceed //check if the email address is invalid $mailcheck = spamcheck($_REQUEST['email']); if ($mailcheck==FALSE) { echo "Invalid input"; } else {//send email $email = $_REQUEST['email'] ; $subject = $_REQUEST['subject'] ; $message = $_REQUEST['message'] ; mail("someone@example.com", "Subject: $subject", $message, "From: $email" );

echo "Thank you for using our mail form"; } } else {//if "email" is not filled out, display the form echo "<form method='post' action='mailform.php'> Email: <input name='email' type='text' /><br /> Subject: <input name='subject' type='text' /><br /> Message:<br /> <textarea name='message' rows='15' cols='40'> </textarea><br /> <input type='submit' /> </form>"; } ?> </body> </html>
In the code above we use PHP filters to validate input:

• •

The FILTER_SANITIZE_EMAIL filter removes all illegal e-mail characters from a string The FILTER_VALIDATE_EMAIL filter validates value as an e-mail address

You can read more about filters in our PHP Filter chapter.

1

PHP Exception Handling
1

Exceptions are used to change the normal flow of a script if a specified error occurs

What is an Exception
With PHP 5 came a new object oriented way of dealing with errors. Exception handling is used to change the normal flow of the code execution if a specified error (exceptional) condition occurs. This condition is called an exception. This is what normally happens when an exception is triggered:

• •

The current code state is saved The code execution will switch to a predefined (custom) exception handler function

Depending on the situation, the handler may then resume the execution from the saved code state, terminate the script execution or continue the script from a different location in the code

We will show different error handling methods:

• • • • •

Basic use of Exceptions Creating a custom exception handler Multiple exceptions Re-throwing an exception Setting a top level exception handler

Note: Exceptions should only be used with error conditions, and should not be used to jump to another place in the code at a specified point.

Basic Use of Exceptions
When an exception is thrown, the code following it will not be executed, and PHP will try to find the matching "catch" block. If an exception is not caught, a fatal error will be issued with an "Uncaught Exception" message. Lets try to throw an exception without catching it:

<?php //create function with an exception function checkNum($number) { if($number>1) { throw new Exception("Value must be 1 or below"); } return true; } //trigger exception checkNum(2); ?>
The code above will get an error like this:

Fatal error: with message Stack trace: checkNum(28)

Uncaught exception 'Exception' 'Value must be 1 or below' in C:\webfolder\test.php:6 #0 C:\webfolder\test.php(12): #1 {main} thrown in C:\webfolder\test.php on line 6

Try, throw and catch
To avoid the error from the example above, we need to create the proper code to handle an exception. Proper exception code should include:

1. 2. 3.

Try - A function using an exception should be in a "try" block. If the exception does not trigger, the code will continue as normal. However if the exception triggers, an exception is "thrown" Throw - This is how you trigger an exception. Each "throw" must have at least one "catch" Catch - A "catch" block retrieves an exception and creates an object containing the exception information

Lets try to trigger an exception with valid code:

<?php //create function with an exception function checkNum($number) { if($number>1) { throw new Exception("Value must be 1 or below"); } return true; } //trigger exception in a "try" block try { checkNum(2); //If the exception is thrown, this text will not be shown echo 'If you see this, the number is 1 or below'; } //catch exception catch(Exception $e) { echo 'Message: ' .$e->getMessage(); } ?>
The code above will get an error like this:

Message: Value must be 1 or below

Example explained:
The code above throws an exception and catches it: 1. 2. 3. 4. 5. The checkNum() function is created. It checks if a number is greater than 1. If it is, an exception is thrown The checkNum() function is called in a "try" block The exception within the checkNum() function is thrown The "catch" block retrives the exception and creates an object ($e) containing the exception information The error message from the exception is echoed by calling $e->getMessage() from the exception object

However, one way to get around the "every throw must have a catch" rule is to set a top level exception handler to handle errors that slip through.

Creating a Custom Exception Class
Creating a custom exception handler is quite simple. We simply create a special class with functions that can be called when an exception occurs in PHP. The class must be an extension of the exception class. The custom exception class inherits the properties from PHP's exception class and you can add custom functions to it. Lets create an exception class:

<?php class customException extends Exception { public function errorMessage() { //error message $errorMsg = 'Error on line '.$this->getLine().' in '.$this->getFile() .': <b>'.$this->getMessage().'</b> is not a valid E-Mail address'; return $errorMsg; } } $email = "someone@example...com"; try { //check if if(filter_var($email, FILTER_VALIDATE_EMAIL) === FALSE) { //throw exception if email is not valid throw new customException($email); } } catch (customException $e) { //display custom message echo $e->errorMessage(); } ?>
The new class is a copy of the old exception class with an addition of the errorMessage() function. Since it is a copy of the old class, and it inherits the properties and methods from the old class, we can use the exception class methods like getLine() and getFile() and getMessage().

Example explained:
The code above throws an exception and catches it with a custom exception class: 1. 2. 3. 4. 5. The customException() class is created as an extension of the old exception class. This way it inherits all methods and properties from the old exception class The errorMessage() function is created. This function returns an error message if an e-mail address is invalid The $email variable is set to a string that is not a valid e-mail address The "try" block is executed and an exception is thrown since the e-mail address is invalid The "catch" block catches the exception and displays the error message

Multiple Exceptions
It is possible for a script to use multiple exceptions to check for multiple conditions. It is possible to use several if..else blocks, a switch, or nest multiple exceptions. These exceptions can use different exception classes and return different error messages:

<?php class customException extends Exception { public function errorMessage() { //error message $errorMsg = 'Error on line '.$this->getLine().' in '.$this->getFile() .': <b>'.$this->getMessage().'</b> is not a valid E-Mail address'; return $errorMsg; } } $email = "someone@example.com"; try { //check if if(filter_var($email, FILTER_VALIDATE_EMAIL) === FALSE) { //throw exception if email is not valid throw new customException($email); } //check for "example" in mail address if(strpos($email, "example") !== FALSE) { throw new Exception("$email is an example e-mail"); } } catch (customException $e) { echo $e->errorMessage(); } catch(Exception $e) { echo $e->getMessage(); } ?>

Example explained:
The code above tests two conditions and throws an exception if any of the conditions are not met: 1. 2. 3. The customException() class is created as an extension of the old exception class. This way it inherits all methods and properties from the old exception class The errorMessage() function is created. This function returns an error message if an e-mail address is invalid The $email variable is set to a string that is a valid e-mail address, but contains the string "example"

4. 5. 6.

The "try" block is executed and an exception is not thrown on the first condition The second condition triggers an exception since the e-mail contains the string "example" The "catch" block catches the exception and displays the correct error message

If there was no customException catch, only the base exception catch, the exception would be handled there

Re-throwing Exceptions
Sometimes, when an exception is thrown, you may wish to handle it differently than the standard way. It is possible to throw an exception a second time within a "catch" block. A script should hide system errors from users. System errors may be important for the coder, but is of no interest to the user. To make things easier for the user you can re-throw the exception with a user friendly message:

<?php class customException extends Exception { public function errorMessage() { //error message $errorMsg = $this->getMessage().' is not a valid E-Mail address.'; return $errorMsg; } } $email = "someone@example.com"; try { try { //check for "example" in mail address if(strpos($email, "example") !== FALSE) { //throw exception if email is not valid throw new Exception($email); } } catch(Exception $e) { //re-throw exception throw new customException($email); } } catch (customException $e) { //display custom message echo $e->errorMessage(); } ?>

Example explained:
The code above tests if the email-address contains the string "example" in it, if it does, the exception is rethrown:

1. 2. 3. 4. 5. 6. 7.

The customException() class is created as an extension of the old exception class. This way it inherits all methods and properties from the old exception class The errorMessage() function is created. This function returns an error message if an e-mail address is invalid The $email variable is set to a string that is a valid e-mail address, but contains the string "example" The "try" block contains another "try" block to make it possible to re-throw the exception The exception is triggered since the e-mail contains the string "example" The "catch" block catches the exception and re-throws a "customException" The "customException" is caught and displays an error message

If the exception is not caught in its current "try" block, it will search for a catch block on "higher levels".

Set a Top Level Exception Handler
The set_exception_handler() function sets a user-defined function to handle all uncaught exceptions.

<?php function myException($exception) { echo "<b>Exception:</b> " , $exception->getMessage(); } set_exception_handler('myException'); throw new Exception('Uncaught Exception occurred'); ?>
The output of the code above should be something like this:

Exception: Uncaught Exception occurred
In the code above there was no "catch" block. Instead, the top level exception handler triggered. This function should be used to catch uncaught exceptions.

Rules for exceptions
• • • •
Code may be surrounded in a try block, to help catch potential exceptions Each try block or "throw" must have at least one corresponding catch block Multiple catch blocks can be used to catch different classes of exceptions Exceptions can be thrown (or re-thrown) in a catch block within a try block

A simple rule: If you throw something, you have to catch it.

1

PHP Filter
1

PHP filters are used to validate and filter data coming from insecure sources, like user input.

What is a PHP Filter?
A PHP filter is used to validate and filter data coming from insecure sources. To test, validate and filter user input or custom data is an important part of any web application. The PHP filter extension is designed to make data filtering easier and quicker.

Why use a Filter?
Almost all web applications depend on external input. Usually this comes from a user or another application (like a web service). By using filters you can be sure your application gets the correct input type. You should always filter all external data! Input filtering is one of the most important application security issues. What is external data?

• • • • •

Input data from a form Cookies Web services data Server variables Database query results

Functions and Filters
To filter a variable, use one of the following filter functions:

• • • •

filter_var() - Filters a single variable with a specified filter filter_var_array() - Filter several variables with the same or different filters filter_input - Get one input variable and filter it filter_input_array - Get several input variables and filter them with the same or different filters

In the example below, we validate an integer using the filter_var() function:

<?php $int = 123; if(!filter_var($int, FILTER_VALIDATE_INT))

{ echo("Integer is not valid"); } else { echo("Integer is valid"); } ?>
The code above uses the "FILTER_VALIDATE_INT" filter to filter the variable. Since the integer is valid, the output of the code above will be: "Integer is valid". If we try with a variable that is not an integer (like "123abc"), the output will be: "Integer is not valid". For a complete list of functions and filters, visit our PHP Filter Reference.

Validating and Sanitizing
There are two kinds of filters: Validating filters:

• • •

Are used to validate user input Strict format rules (like URL or E-Mail validating) Returns the expected type on success or FALSE on failure

Sanitizing filters:

• • •

Are used to allow or disallow specified characters in a string No data format rules Always return the string

Options and Flags
Options and flags are used to add additional filtering options to the specified filters. Different filters have different options and flags. In the example below, we validate an integer using the filter_var() and the "min_range" and "max_range" options:

<?php $var=300; $int_options = array( "options"=>array ( "min_range"=>0, "max_range"=>256 )

); if(!filter_var($var, FILTER_VALIDATE_INT, $int_options)) { echo("Integer is not valid"); } else { echo("Integer is valid"); } ?>
Like the code above, options must be put in an associative array with the name "options". If a flag is used it does not need to be in an array. Since the integer is "300" it is not in the specified range, and the output of the code above will be: "Integer is not valid". For a complete list of functions and filters, visit our PHP Filter Reference. Check each filter to see what options and flags are available.

Validate Input
Let's try validating input from a form. The first thing we need to do is to confirm that the input data we are looking for exists. Then we filter the input data using the filter_input() function. In the example below, the input variable "email" is sent to the PHP page:

<?php if(!filter_has_var(INPUT_GET, "email")) { echo("Input type does not exist"); } else { if (!filter_input(INPUT_GET, "email", FILTER_VALIDATE_EMAIL)) { echo "E-Mail is not valid"; } else { echo "E-Mail is valid"; } } ?>

Example Explained
The example above has an input (email) sent to it using the "GET" method:

1. 2.

Check if an "email" input variable of the "GET" type exist If the input variable exists, check if it is a valid e-mail address

Sanitize Input
Let's try cleaning up an URL sent from a form. First we confirm that the input data we are looking for exists. Then we sanitize the input data using the filter_input() function. In the example below, the input variable "url" is sent to the PHP page:

<?php if(!filter_has_var(INPUT_POST, "url")) { echo("Input type does not exist"); } else { $url = filter_input(INPUT_POST, "url", FILTER_SANITIZE_URL); } ?>

Example Explained
The example above has an input (url) sent to it using the "POST" method: 1. 2. Check if the "url" input of the "POST" type exists If the input variable exists, sanitize (take away invalid characters) and store it in the $url variable

If the input variable is a string like this "http://www.W3ååSchøøools.com/", the $url variable after the sanitizing will look like this:

http://www.W3Schools.com/

Filter Multiple Inputs
A form almost always consist of more than one input field. To avoid calling the filter_var or filter_input functions over and over, we can use the filter_var_array or the filter_input_array functions. In this example we use the filter_input_array() function to filter three GET variables. The received GET variables is a name, an age and an e-mail address:

<?php $filters = array ( "name" => array

( "filter"=>FILTER_SANITIZE_STRING ), "age" => array ( "filter"=>FILTER_VALIDATE_INT, "options"=>array ( "min_range"=>1, "max_range"=>120 ) ), "email"=> FILTER_VALIDATE_EMAIL, ); $result = filter_input_array(INPUT_GET, $filters); if (!$result["age"]) { echo("Age must be a number between 1 and 120.<br />"); } elseif(!$result["email"]) { echo("E-Mail is not valid.<br />"); } else { echo("User input is valid"); } ?>

Example Explained
The example above has three inputs (name, age and email) sent to it using the "GET" method: 1. 2. 3. Set an array containing the name of input variables and the filters used on the specified input variables Call the filter_input_array() function with the GET input variables and the array we just set Check the "age" and "email" variables in the $result variable for invalid inputs. (If any of the input variables are invalid, that input variable will be FALSE after the filter_input_array() function)

The second parameter of the filter_input_array() function can be an array or a single filter ID. If the parameter is a single filter ID all values in the input array are filtered by the specified filter. If the parameter is an array it must follow these rules:

• •

Must be an associative array containing an input variable as an array key (like the "age" input variable) The array value must be a filter ID or an array specifying the filter, flags and options

Using Filter Callback
It is possible to call a user defined function and use it as a filter using the FILTER_CALLBACK filter. This way, we have full control of the data filtering.

You can create your own user defined function or use an existing PHP function The function you wish to use to filter is specified the same way as an option is specified. In an associative array with the name "options" In the example below, we use a user created function to convert all "_" to whitespaces:

<?php function convertSpace($string) { return str_replace("_", " ", $string); } $string = "Peter_is_a_great_guy!"; echo filter_var($string, FILTER_CALLBACK, array("options"=>"convertSpace")); ?>
The result from the code above should look like this:

Peter is a great guy!

Example Explained
The example above converts all "_" to whitespaces: 1. 2. Create a function to replace "_" to whitespaces Call the filter_var() function with the FILTER_CALLBACK filter and an array containing our function

2

PHP MySQL Introduction
2

MySQL is the most popular open-source database system.

What is MySQL?
MySQL is a database. The data in MySQL is stored in database objects called tables.

A table is a collections of related data entries and it consists of columns and rows. Databases are useful when storing information categorically. A company may have a database with the following tables: "Employees", "Products", "Customers" and "Orders".

Database Tables
A database most often contains one or more tables. Each table is identified by a name (e.g. "Customers" or "Orders"). Tables contain records (rows) with data. Below is an example of a table called "Persons": LastName Hansen Svendson Pettersen FirstName Ola Tove Kari Address Timoteivn 10 Borgvn 23 Storgt 20 City Sandnes Sandnes Stavanger

The table above contains three records (one for each person) and four columns (LastName, FirstName, Address, and City).

Queries
A query is a question or a request. With MySQL, we can query a database for specific information and have a recordset returned. Look at the following query:

SELECT LastName FROM Persons
The query above selects all the data in the "LastName" column from the "Persons" table, and will return a recordset like this: LastName

Hansen Svendson Pettersen

Download MySQL Database
If you don't have a PHP server with a MySQL Database, you can download MySQL for free here: http://www.mysql.com/downloads/index.html

Facts About MySQL Database
One great thing about MySQL is that it can be scaled down to support embedded database applications. Perhaps it is because of this reputation that many people believe that MySQL can only handle small to medium-sized systems. The truth is that MySQL is the de-facto standard database for web sites that support huge volumes of both data and end users (like Friendster, Yahoo, Google). Look at http://www.mysql.com/customers/ for an overview of companies using MySQL.

2

PHP MySQL Connect to a Database
2

The free MySQL database is very often used with PHP.

Create a Connection to a MySQL Database
Before you can access data in a database, you must create a connection to the database. In PHP, this is done with the mysql_connect() function.

Syntax 

mysql_connect(servername,username,password);

Parameter servername

Description Optional. Specifies the server to connect to. Default value is "localhost:3306"

username

Optional. Specifies the username to log in with. Default value is the name of the user that owns the server process Optional. Specifies the password to log in with. Default is ""

password

Note: There are more available parameters, but the ones listed above are the most important. Visit our full PHP MySQL Reference for more details.

Example 
In the following example we store the connection in a variable ($con) for later use in the script. The "die" part will be executed if the connection fails:

<?php $con = mysql_connect("localhost","peter","abc123"); if (!$con) { die('Could not connect: ' . mysql_error()); } // some code ?>

Closing a Connection
The connection will be closed automatically when the script ends. To close the connection before, use the mysql_close() function:

<?php $con = mysql_connect("localhost","peter","abc123"); if (!$con) { die('Could not connect: ' . mysql_error()); } // some code mysql_close($con); ?>

PHP MySQL Create Database and Tables
2

A database holds one or multiple tables.

Create a Database
The CREATE DATABASE statement is used to create a database in MySQL.

Syntax 

CREATE DATABASE database_name
To learn more about SQL, please visit our SQL tutorial. To get PHP to execute the statement above we must use the mysql_query() function. This function is used to send a query or command to a MySQL connection.

Example 
The following example creates a database called "my_db":

<?php $con = mysql_connect("localhost","peter","abc123"); if (!$con) { die('Could not connect: ' . mysql_error()); } if (mysql_query("CREATE DATABASE my_db",$con)) { echo "Database created"; } else { echo "Error creating database: " . mysql_error(); } mysql_close($con); ?>

Create a Table
The CREATE TABLE statement is used to create a table in MySQL.

Syntax 

CREATE TABLE ( column_name1 column_name2 column_name3 .... )

table_name data_type, data_type, data_type,

To learn more about SQL, please visit our SQL tutorial. We must add the CREATE TABLE statement to the mysql_query() function to execute the command.

Example 
The following example creates a table named "Persons", with three columns. The column names will be "FirstName", "LastName" and "Age":

<?php $con = mysql_connect("localhost","peter","abc123"); if (!$con) { die('Could not connect: ' . mysql_error()); } // Create database if (mysql_query("CREATE DATABASE my_db",$con)) { echo "Database created"; } else { echo "Error creating database: " . mysql_error(); } // Create table mysql_select_db("my_db", $con); $sql = "CREATE TABLE Persons ( FirstName varchar(15), LastName varchar(15), Age int )"; // Execute query mysql_query($sql,$con); mysql_close($con); ?>
Important: A database must be selected before a table can be created. The database is selected with the mysql_select_db() function. Note: When you create a database field of type varchar, you must specify the maximum length of the field, e.g. varchar(15). The data type specifies what type of data the column can hold. For a complete reference of all the data types available in MySQL, go to our complete Data Types reference.

Primary Keys and Auto Increment Fields
Each table should have a primary key field. A primary key is used to uniquely identify the rows in a table. Each primary key value must be unique within the table. Furthermore, the primary key field cannot be null because the database engine requires a value to locate the record. The following example sets the personID field as the primary key field. The primary key field is often an ID number, and is often used with the AUTO_INCREMENT setting. AUTO_INCREMENT automatically increases

the value of the field by 1 each time a new record is added. To ensure that the primary key field cannot be null, we must add the NOT NULL setting to the field.

Example 

$sql = "CREATE TABLE Persons ( personID int NOT NULL AUTO_INCREMENT, PRIMARY KEY(personID), FirstName varchar(15), LastName varchar(15), Age int )"; mysql_query($sql,$con);

2

PHP MySQL Insert Into
2

The INSERT INTO statement is used to insert new records in a table.

Insert Data Into a Database Table
The INSERT INTO statement is used to add new records to a database table.

Syntax 
It is possible to write the INSERT INTO statement in two forms. The first form doesn't specify the column names where the data will be inserted, only their values:

INSERT INTO table_name VALUES (value1, value2, value3,...)
The second form specifies both the column names and the values to be inserted:

INSERT INTO table_name (column1, column2, column3,...) VALUES (value1, value2, value3,...)
To learn more about SQL, please visit our SQL tutorial.

To get PHP to execute the statements above we must use the mysql_query() function. This function is used to send a query or command to a MySQL connection.

Example 
In the previous chapter we created a table named "Persons", with three columns; "Firstname", "Lastname" and "Age". We will use the same table in this example. The following example adds two new records to the "Persons" table:

<?php $con = mysql_connect("localhost","peter","abc123"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("my_db", $con); mysql_query("INSERT INTO Persons (FirstName, LastName, Age) VALUES ('Peter', 'Griffin', '35')"); mysql_query("INSERT INTO Persons (FirstName, LastName, Age) VALUES ('Glenn', 'Quagmire', '33')"); mysql_close($con); ?>

Insert Data From a Form Into a Database
Now we will create an HTML form that can be used to add new records to the "Persons" table. Here is the HTML form:

<html> <body> <form action="insert.php" method="post"> Firstname: <input type="text" name="firstname" /> Lastname: <input type="text" name="lastname" /> Age: <input type="text" name="age" /> <input type="submit" /> </form> </body> </html>
When a user clicks the submit button in the HTML form in the example above, the form data is sent to "insert.php". The "insert.php" file connects to a database, and retrieves the values from the form with the PHP $_POST variables. Then, the mysql_query() function executes the INSERT INTO statement, and a new record will be added to the "Persons" table. Here is the "insert.php" page:

<?php $con = mysql_connect("localhost","peter","abc123"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("my_db", $con); $sql="INSERT INTO Persons (FirstName, LastName, Age) VALUES ('$_POST[firstname]','$_POST[lastname]','$_POST[age]')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "1 record added"; mysql_close($con) ?>

2

PHP MySQL Select
2

The SELECT statement is used to select data from a database.

Select Data From a Database Table
The SELECT statement is used to select data from a database.

Syntax 

SELECT column_name(s) FROM table_name
To learn more about SQL, please visit our SQL tutorial. To get PHP to execute the statement above we must use the mysql_query() function. This function is used to send a query or command to a MySQL connection.

Example 
The following example selects all the data stored in the "Persons" table (The * character selects all the data in the table):

<?php $con = mysql_connect("localhost","peter","abc123"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("my_db", $con); $result = mysql_query("SELECT * FROM Persons"); while($row = mysql_fetch_array($result)) { echo $row['FirstName'] . " " . $row['LastName']; echo "<br />"; } mysql_close($con); ?>
The example above stores the data returned by the mysql_query() function in the $result variable. Next, we use the mysql_fetch_array() function to return the first row from the recordset as an array. Each call to mysql_fetch_array() returns the next row in the recordset. The while loop loops through all the records in the recordset. To print the value of each row, we use the PHP $row variable ($row['FirstName'] and $row['LastName']). The output of the code above will be:

Peter Griffin Glenn Quagmire

Display the Result in an HTML Table
The following example selects the same data as the example above, but will display the data in an HTML table:

<?php $con = mysql_connect("localhost","peter","abc123"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("my_db", $con); $result = mysql_query("SELECT * FROM Persons"); echo "<table border='1'> <tr> <th>Firstname</th> <th>Lastname</th> </tr>"; while($row = mysql_fetch_array($result)) { echo "<tr>";

echo "<td>" . $row['FirstName'] . "</td>"; echo "<td>" . $row['LastName'] . "</td>"; echo "</tr>"; } echo "</table>"; mysql_close($con); ?>
The output of the code above will be: Firstname Lastname Glenn Peter Quagmire Griffin

2

PHP MySQL The Where Clause
2

The WHERE clause is used to filter records.

The WHERE clause
The WHERE clause is used to extract only those records that fulfill a specified criterion.

Syntax 

SELECT column_name(s) FROM table_name WHERE column_name operator value
To learn more about SQL, please visit our SQL tutorial. To get PHP to execute the statement above we must use the mysql_query() function. This function is used to send a query or command to a MySQL connection.

Example 
The following example selects all rows from the "Persons" table where "FirstName='Peter':

<?php $con = mysql_connect("localhost","peter","abc123"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("my_db", $con); $result = mysql_query("SELECT * FROM Persons WHERE FirstName='Peter'"); while($row = mysql_fetch_array($result)) { echo $row['FirstName'] . " " . $row['LastName']; echo "<br />"; } ?>
The output of the code above will be:

Peter Griffin

2

PHP MySQL The Where Clause
2

The WHERE clause is used to filter records.

The WHERE clause
The WHERE clause is used to extract only those records that fulfill a specified criterion.

Syntax 

SELECT column_name(s) FROM table_name WHERE column_name operator value
To learn more about SQL, please visit our SQL tutorial. To get PHP to execute the statement above we must use the mysql_query() function. This function is used to send a query or command to a MySQL connection.

Example 
The following example selects all rows from the "Persons" table where "FirstName='Peter':

<?php $con = mysql_connect("localhost","peter","abc123"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("my_db", $con); $result = mysql_query("SELECT * FROM Persons WHERE FirstName='Peter'"); while($row = mysql_fetch_array($result)) { echo $row['FirstName'] . " " . $row['LastName'];

echo "<br />"; } ?>
The output of the code above will be:

Peter Griffin

2

PHP MySQL Update
2

The UPDATE statement is used to modify data in a table.

Update Data In a Database
The UPDATE statement is used to update existing records in a table.

Syntax 

UPDATE table_name SET column1=value, column2=value2,... WHERE some_column=some_value
Note: Notice the WHERE clause in the UPDATE syntax. The WHERE clause specifies which record or records that should be updated. If you omit the WHERE clause, all records will be updated! To learn more about SQL, please visit our SQL tutorial. To get PHP to execute the statement above we must use the mysql_query() function. This function is used to send a query or command to a MySQL connection.

Example 
Earlier in the tutorial we created a table named "Persons". Here is how it looks: FirstName LastName Age

Peter Glenn

Griffin Quagmire

35 33

The following example updates some data in the "Persons" table:

<?php $con = mysql_connect("localhost","peter","abc123"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("my_db", $con); mysql_query("UPDATE Persons SET Age = '36' WHERE FirstName = 'Peter' AND LastName = 'Griffin'"); mysql_close($con); ?>
After the update, the "Persons" table will look like this: FirstName Peter Glenn LastName Griffin Quagmire Age 36 33

2

PHP MySQL Delete
2

The DELETE statement is used to delete records in a table.

Delete Data In a Database
The DELETE FROM statement is used to delete records from a database table.

Syntax 

DELETE FROM table_name WHERE some_column = some_value
Note: Notice the WHERE clause in the DELETE syntax. The WHERE clause specifies which record or records that should be deleted. If you omit the WHERE clause, all records will be deleted! To learn more about SQL, please visit our SQL tutorial. To get PHP to execute the statement above we must use the mysql_query() function. This function is used to send a query or command to a MySQL connection.

Example 
Look at the following "Persons" table: FirstName Peter Glenn LastName Griffin Quagmire Age 35 33

The following example deletes all the records in the "Persons" table where LastName='Griffin':

<?php $con = mysql_connect("localhost","peter","abc123"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("my_db", $con); mysql_query("DELETE FROM Persons WHERE LastName='Griffin'"); mysql_close($con); ?>
After the deletion, the table will look like this: FirstName Glenn LastName Quagmire Age 33

PHP Database ODBC
2

ODBC is an Application Programming Interface (API) that allows you to connect to a data source (e.g. an MS Access database).

Create an ODBC Connection
With an ODBC connection, you can connect to any database, on any computer in your network, as long as an ODBC connection is available. Here is how to create an ODBC connection to a MS Access Database: 1. 2. 3. 4. 5. 6. 7. 8. Open the Administrative Tools icon in your Control Panel. Double-click on the Data Sources (ODBC) icon inside. Choose the System DSN tab. Click on Add in the System DSN tab. Select the Microsoft Access Driver. Click Finish. In the next screen, click Select to locate the database. Give the database a Data Source Name (DSN). Click OK.

Note that this configuration has to be done on the computer where your web site is located. If you are running Internet Information Server (IIS) on your own computer, the instructions above will work, but if your web site is located on a remote server, you have to have physical access to that server, or ask your web host to to set up a DSN for you to use.

Connecting to an ODBC
The odbc_connect() function is used to connect to an ODBC data source. The function takes four parameters: the data source name, username, password, and an optional cursor type. The odbc_exec() function is used to execute an SQL statement.

Example 
The following example creates a connection to a DSN called northwind, with no username and no password. It then creates an SQL and executes it:

$conn=odbc_connect('northwind','',''); $sql="SELECT * FROM customers"; $rs=odbc_exec($conn,$sql);

Retrieving Records
The odbc_fetch_row() function is used to return records from the result-set. This function returns true if it is able to return rows, otherwise false. The function takes two parameters: the ODBC result identifier and an optional row number:

odbc_fetch_row($rs)

Retrieving Fields from a Record
The odbc_result() function is used to read fields from a record. This function takes two parameters: the ODBC result identifier and a field number or name. The code line below returns the value of the first field from the record:

$compname=odbc_result($rs,1);
The code line below returns the value of a field called "CompanyName":

$compname=odbc_result($rs,"CompanyName");

Closing an ODBC Connection
The odbc_close() function is used to close an ODBC connection.

odbc_close($conn);

An ODBC Example
The following example shows how to first create a database connection, then a result-set, and then display the data in an HTML table.

<html> <body> <?php $conn=odbc_connect('northwind','',''); if (!$conn) {exit("Connection Failed: " . $conn);} $sql="SELECT * FROM customers"; $rs=odbc_exec($conn,$sql); if (!$rs) {exit("Error in SQL");} echo "<table><tr>"; echo "<th>Companyname</th>"; echo "<th>Contactname</th></tr>"; while (odbc_fetch_row($rs)) { $compname=odbc_result($rs,"CompanyName"); $conname=odbc_result($rs,"ContactName"); echo "<tr><td>$compname</td>";

echo "<td>$conname</td></tr>"; } odbc_close($conn); echo "</table>"; ?> </body> </html>

2

NEXT TUTORIAIS
PHP XML
XML Expat Parser XML DOM XML SimpleXML

PHP and AJAX
AJAX Introduction XMLHttpRequest AJAX Suggest AJAX XML AJAX Database AJAX responseXML AJAX Live Search AJAX RSS Reader AJAX Poll

PHP Reference
PHP PHP PHP PHP PHP PHP PHP PHP PHP PHP PHP PHP PHP PHP PHP PHP PHP PHP Array Calendar Date Directory Error Filesystem Filter FTP HTTP Libxml Mail Math Misc MySQL SimpleXML String XML Zip

PHP Quiz

PHP Quiz PHP Exam

 

Sign up to vote on this title
UsefulNot useful