I am learning mysql client program.I was trying to understand client option -comments.I have seen document regarding this in mysql MySQL 5.6 Reference Manual.
But I didn't get any code example to illustrate this option.Please tell me how to Enter this command in correct syntax.Also it would more clear to me if i get opportunity to see this example on any online mysql terminal.Thanks
MySQL comments are lines that begin with #, like Unix shells. It's as simple as that. Example:
# this is a comment describing the next line which select all data from the `users` table
SELECT * from `users`;
The -comments argument to the mysql command line client is used to tell it to send the comments to the server which is not done by default. These comments are later visible in the query logs and stored procedures (which is the simplest way to see it in action).
Related
I am very new to mysql and I have I a situation where I need to update all my stored procedure in all my database. for example I have 10 database just say:
client_1,client_2,client_3,.....client_10.
Every database have same stored procedure just say:
proc_1,proc_2,proc_3,proc_4.
So if I made any changes to one of my stored procedure then it should get updated in all other database So that I don't have to do it manually.
I know the similar question have been asked but I am looking for some different approach. So what I want is some kind of mysql query or something like that in which we will pass the name of the database like:
client_1, client_3, client_8
and changes will only made to this databases.
I am using heidiSql- 10.2 with MySQL 5.6.
Thanks.
I am not entirely sure what you are wanting to do but I think you want something like this. First save the definition of your stored procedure to a file. Make sure it doesn't contain an schema references like client1.tableA. You want it to be able to run in any copy of your schema correctly. Be sure to follow the syntax rules defined by MySQL
Defining Stored Programs
Then once the stored procedure is saved you can use the mysql command line to run it for each client you want to update.
You would first connect to the database server using the mysql command line. Then issue a USE command to activate the first client database. Then run the script using the SOURCE command. See MySQL Batch Commands Then repeat for each client.
USE client1;
source c:\temp\storedProcedure.sql
USE client2;
source c:\temp\storedProcedure.sql
If this is not exactly what you needed hopefully it gives you some ideas to get you what you need.
Note that you could do the connection to the database and execute these commands via batch file instead of manually if you wanted to.
There are no statements in MySQL that create/drop/alter multiple procedures at once. You can only change one procedure at a time.
You can write an SQL script that includes a series of statements. But it's up to you to write that script.
You may write some script in Python (or other favorite language) that outputs the SQL script.
I don't know HeidiSQL, but I doubt it has any facility to apply the same change to many procedures. Nor does any other MySQL client that I'm aware of.
I have postponed writing SQL code for university, and now that I want to start learning it, I have no idea how to.
In C I'd define headers and begin with coding main, but in SQL classes all I have is a plain example
CREATE TABLE Sailors(
sid INTEGER,
sname VARCHAR(30) NOT NULL,
rating INTEGER DEFAULT 0,
age REAL DEFAULT 18
)
and some commands for using the table I created.
My questions are: How is a correct script supposed to look? How do I run it to create a database? (MySQL) How do I use MySQL to run scripts and where do I type commands in real time to do stuff I haven't scripted?
I just can't wrap my head around it. All tutorials I've seen use a terminal I can't find, or another I did find and I can't use because I get errors using any command (can't create file in some directory and some modules report errors so it shuts down)
The following is a very vague description of Mysql to get an idea of it:
Mysql (or SQL) is separated in 3 types of language:
DML : Data Manipulation Language
DDL : Data Definition Language
DCL : Data Control Language
Read about them to find out which kind of command belongs where.
You will find out that you almost exclusively need DML and DDL to work with Data in MySQL. While DCL is mostly used to keep the database running, control user privileges , etc.
Also when running code there will be only one command of your script executed at a time without a possibility to point somewhere else in your script.
Loops and Cursors can be used , but have to be stored in a special form of script called stored procedure. Usually you execute your code in a sequence without a code based relation between the different commands (the relation comes from the context of the commands).
Get Data into your Database:
(Consider installing the community edition for MySQL if you have problems running MySQL correctly)
To get Data into your Database , you should import data from files into your database. The MySQL-GUIs available (Workbench, Toad, Navicat, HeidSQL...) usually provide an Import Wizard that makes it easy to import Data from all kind of Files (txt, Excel, Database Files ..).
You can create an excel spreadsheet and import it into your database for example.
here is a picture of the Workbench SQL Editor:
https://dev.mysql.com/doc/workbench/en/images/wb-getting-started-tutorial-adding-data-movies.png
Workbench (or any other GUI) will be your IDE. Getting into it will answer many of your questions.
Regarding the correct script:
A complete MySQL command is called a query.
A Query is defined by a ; at the end (default) .
A chain of MySQL commands is called a script.
Therefore, a correct script consists of correct querys.
To solve more complex problems, use stored procedures in MySQL (this should come close to your usage of the word script).
some MYSQL commands you will have to be familiar with:
select
update
insert into
delete
create table
drop table
alter table
You have a lot to read. But make sure that your Database is running and you have some data in it to test code. As you already have programming experience, you should understand this really fast with the right setup.
From looking at https://dev.mysql.com/doc/refman/5.7/en/mysql-batch-commands.html
I am under the understanding that they can both be used to execute an SQL script, however there are no comments on why there are two methods of doing this, or any differences between the two.
There is very little difference between the two.
Every MySQL client command (that is, commands which affect the client, rather than normal query verbs like SELECT and UPDATE) has both a full form (e.g, SOURCE, HELP, PAGER, QUIT) and an abbreviated form (e.g, \., \h, \P, \q). They are generally synonymous; the primary difference is that the full forms can only be used at the start of a command, but the abbreviations can be used at any point. For instance:
SELECT * FROM TABLE GO
does not work, but
SELECT * FROM TABLE \g
does. This is only really relevant to \g and \G, though; most other commands would not make sense to use in this way.
Is it possible to do so? I've tried multiple gui(mysql workbench, navicat, toad for mysql) and none of them save the comments like this:
-- something important
select .....
-- something else important
etc.
Is there a setting I am passing by or is this something that simply cannot be done? I ask since TOAD for Oracle saves what I posted in the code block above.
The mysql command line client will save comments for EVENTs, FUNCTIONs, PROCEDUREs, TRIGGERs, but only if you include the --comments option.
You can always have mysql include comments, by creating a ~/.my.cnf file with the following:
[mysql]
comments=1
Unfortunately, MySQL doesn't seem to preserve comments for VIEWs, even if this option is provided.
The only way I have determined to store comments inside a VIEW, is to include a dummy string at the end of the ORDER BY fields. For example:
CREATE
DEFINER = `root`#`localhost`
SQL SECURITY INVOKER
VIEW
ex
AS
SELECT
*
FROM
mysql.user
ORDER BY
user,
'a comment can go here';
Visit the MySQL Manual for more details.
Before MySQL 5.1, you could use MySQL-specific comments (/*! a comment */) inside VIEWs, but that "feature" was removed in 5.1 and letter. See here for more details.
I've got one easy question: say there is a site with a query like:
SELECT id, name, message FROM messages WHERE id = $_GET['q'].
Is there any way to get something updated/deleted in the database (MySQL)? Until now I've never seen an injection that was able to delete/update using a SELECT query, so, is it even possible?
Before directly answering the question, it's worth noting that even if all an attacker can do is read data that he shouldn't be able to, that's usually still really bad. Consider that by using JOINs and SELECTing from system tables (like mysql.innodb_table_stats), an attacker who starts with a SELECT injection and no other knowledge of your database can map your schema and then exfiltrate the entirety of the data that you have in MySQL. For the vast majority of databases and applications, that already represents a catastrophic security hole.
But to answer the question directly: there are a few ways that I know of by which injection into a MySQL SELECT can be used to modify data. Fortunately, they all require reasonably unusual circumstances to be possible. All example injections below are given relative to the example injectable query from the question:
SELECT id, name, message FROM messages WHERE id = $_GET['q']
1. "Stacked" or "batched" queries.
The classic injection technique of just putting an entire other statement after the one being injected into. As suggested in another answer here, you could set $_GET['q'] to 1; DELETE FROM users; -- so that the query forms two statements which get executed consecutively, the second of which deletes everything in the users table.
In mitigation
Most MySQL connectors - notably including PHP's (deprecated) mysql_* and (non-deprecated) mysqli_* functions - don't support stacked or batched queries at all, so this kind of attack just plain doesn't work. However, some do - notably including PHP's PDO connector (although the support can be disabled to increase security).
2. Exploiting user-defined functions
Functions can be called from a SELECT, and can alter data. If a data-altering function has been created in the database, you could make the SELECT call it, for instance by passing 0 OR SOME_FUNCTION_NAME() as the value of $_GET['q'].
In mitigation
Most databases don't contain any user-defined functions - let alone data-altering ones - and so offer no opportunity at all to perform this sort of exploit.
3. Writing to files
As described in Muhaimin Dzulfakar's (somewhat presumptuously named) paper Advanced MySQL Exploitation, you can use INTO OUTFILE or INTO DUMPFILE clauses on a MySQL select to dump the result into a file. Since, by using a UNION, any arbitrary result can be SELECTed, this allows writing new files with arbitrary content at any location that the user running mysqld can access. Conceivably this can be exploited not merely to modify data in the MySQL database, but to get shell access to the server on which it is running - for instance, by writing a PHP script to the webroot and then making a request to it, if the MySQL server is co-hosted with a PHP server.
In mitigation
Lots of factors reduce the practical exploitability of this otherwise impressive-sounding attack:
MySQL will never let you use INTO OUTFILE or INTO DUMPFILE to overwrite an existing file, nor write to a folder that doesn't exist. This prevents attacks like creating a .ssh folder with a private key in the mysql user's home directory and then SSHing in, or overwriting the mysqld binary itself with a malicious version and waiting for a server restart.
Any halfway decent installation package will set up a special user (typically named mysql) to run mysqld, and give that user only very limited permissions. As such, it shouldn't be able to write to most locations on the file system - and certainly shouldn't ordinarily be able to do things like write to a web application's webroot.
Modern installations of MySQL come with --secure-file-priv set by default, preventing MySQL from writing to anywhere other than a designated data import/export directory and thereby rendering this attack almost completely impotent... unless the owner of the server has deliberately disabled it. Fortunately, nobody would ever just completely disable a security feature like that since that would obviously be - oh wait never mind.
4. Calling the sys_exec() function from lib_mysqludf_sys to run arbitrary shell commands
There's a MySQL extension called lib_mysqludf_sys that - judging from its stars on GitHub and a quick Stack Overflow search - has at least a few hundred users. It adds a function called sys_exec that runs shell commands. As noted in #2, functions can be called from within a SELECT; the implications are hopefully obvious. To quote from the source, this function "can be a security hazard".
In mitigation
Most systems don't have this extension installed.
If you say you use mysql_query that doesn't support multiple queries, you cannot directly add DELETE/UPDATE/INSERT, but it's possible to modify data under some circumstances. For example, let's say you have the following function
DELIMITER //
CREATE DEFINER=`root`#`localhost` FUNCTION `testP`()
RETURNS int(11)
LANGUAGE SQL
NOT DETERMINISTIC
MODIFIES SQL DATA
SQL SECURITY DEFINER
COMMENT ''
BEGIN
DELETE FROM test2;
return 1;
END //
Now you can call this function in SELECT :
SELECT id, name, message FROM messages WHERE id = NULL OR testP()
(id = NULL - always NULL(FALSE), so testP() always gets executed.
It depends on the DBMS connector you are using. Most of the time your scenario should not be possible, but under certain circumstances it could work. For further details you should take a look at chapter 4 and 5 from the Blackhat-Paper Advanced MySQL Exploitation.
Yes it's possible.
$_GET['q'] would hold 1; DELETE FROM users; --
SELECT id, name, message FROM messages WHERE id = 1; DELETE FROM users; -- whatever here');