Home
Search results “Nvarchar sql oracle”
Oracle SQL Tutorial 32 - VARCHAR2 and NVARCHAR2
 
03:06
This video we are going to discuss the VARCHAR2 and the NVARCHAR2 data types. The previous videos are a good foundation to this video. I've actually discussed so much stuff in those videos that I don’t have a whole lot to say. Good for you, right? I discussed over the previous videos that you should prefer to use VARCHAR2 over CHAR. That's because there is not a difference in performance or storage for a VARCHAR2 column. The only difference is that an CHAR column forces each value to take up a certain length even if it's not. There is one difference between the variable length and fixed length data types here that you need to know about, and that is storage limits. CHAR has a limit of 2000 bytes, while VARCHAR2 has a limit of 4000 bytes. That means you can store twice as much junk in a VARCHAR2 column! Other than that, these data types work exactly the same. I recommend you always use the VARCHAR2 data types instead of the CHAR data types, and only use NVARCHAR2 if you have a non-Unicode database. This will allow you to store Unicode characters in a column. Now, the amount of storage you can put in a VARCHAR2 column is twice what you can put in a CHAR column, but 4000 characters is still not very many characters. This is where the LOB data types come in, which we will discuss in the next video! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Support me! http://www.patreon.com/calebcurry Subscribe to my newsletter: http://bit.ly/JoinCCNewsletter Donate!: http://bit.ly/DonateCTVM2. ~~~~~~~~~~~~~~~Additional Links~~~~~~~~~~~~~~~ More content: http://CalebCurry.com Facebook: http://www.facebook.com/CalebTheVideoMaker Google+: https://plus.google.com/+CalebTheVideoMaker2 Twitter: http://twitter.com/calebCurry Amazing Web Hosting - http://bit.ly/ccbluehost (The best web hosting for a cheap price!)
Views: 5796 Caleb Curry
Oracle SQL Tutorial 29 - NCHAR Part 1
 
04:58
NCHAR is another data type available in Oracle database. This data type is very similar to the char data type with some key differences. NCHAR is also known as the national character set. This is a data type that allows us to store Unicode characters. It is really recommended that you watch the two videos over Unicode and UTF-8 because this video is going to talk a lot about it. Why is it that we have an entire data type dedicated to storing Unicode? That will be easily understood once we understand how character sets and encodings are applied to Oracle. They are applied at the database level. That means that you have a character set that applies to the entire database. This is in contrast to some database management systems that allow you to apply a data type at the table and column level. For example, in MySQL you can make a table have a character set, and make a specific column in that table a different character set. That means we can customize everything at the expense of adding potential complexity and confusion. Oracle does not work that way. In Oracle, we define one character set for the entire database. The problem with defining a character set for the entire database is that it may not be the character set we want to use for everything. That is where the NCHAR column comes in. The NCHAR column allows us to have a Unicode column inside of a database that does not use Unicode as the default character set. That is important because it is very often that we want to use Unicode but we may not need to use it for everything, for example if that application is working with ASCII nearly all of the time. If you are using Unicode for the database, then NCHAR is not going to be needed and should not be used. This data type is not as widely accepted, so only use it if you absolutely need to, specifically when you need to store Unicode in a non-Unicode database. Additionally, there is some controversy when it comes to whether or not you should use the CHAR and NCHAR data types in Oracle at all. We will discuss why in an upcoming video. In the next video we are going to go over some specific character sets that Oracle can use. See you then! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Suppor me! http://www.patreon.com/calebcurry Subscribe to my newsletter: http://bit.ly/JoinCCNewsletter Donate!: http://bit.ly/DonateCTVM2. ~~~~~~~~~~~~~~~Additional Links~~~~~~~~~~~~~~~ More content: http://CalebCurry.com Facebook: http://www.facebook.com/CalebTheVideoMaker Google+: https://plus.google.com/+CalebTheVideoMaker2 Twitter: http://twitter.com/calebCurry Amazing Web Hosting - http://bit.ly/ccbluehost (The best web hosting for a cheap price!)
Views: 4325 Caleb Curry
Difference between char,nchar,varchar,nvarchar in SqlServer
 
13:40
Compleate diffrence between char,nchar,varchar,nvarchar in SqlServer
Views: 15770 Tech mohan
Differences between Char and Varchar Datatypes |  MSSQL Training
 
16:36
** For Online Training Registration: https://goo.gl/r6kJbB ? Call: +91-8179191999 💡 Visit Our Website for Classroom Training: https://nareshit.in/sql-server-training/ 💡 For Online Training: https://nareshit.com/course/sql-server-online-training/ #sqlserver #server #programming #course #Tutorials #Training #Videos -------------------------- 💡 About NareshIT: "Naresh IT is having 14+ years of experience in software training industry and the best Software Training Institute for online training, classroom training, weekend training, corporate training of Hadoop, Salesforce, AWS, DevOps, Spark, Data Science, Python, Tableau, RPA , Java, C#.NET, ASP.NET, Oracle, Testing Tools, Silver light, Linq, SQL Server, Selenium, Android, iPhone, C Language, C++, PHP and Digital Marketing in USA, Hyderabad, Chennai and Vijayawada, Bangalore India which provides online training across all the locations -------------------------- 💡 Our Online Training Features: 🎈 Training with Real-Time Experts 🎈 Industry Specific Scenario’s 🎈 Flexible Timings 🎈 Soft Copy of Material 🎈 Share Videos of each and every session. -------------------------- 💡 Please write back to us at 📧 [email protected]/ 📧 [email protected] or Call us at the USA: ☎+1404-232-9879 or India: ☎ +918179191999 -------------------------- 💡 Check The Below Links ► For Course Reg: https://goo.gl/r6kJbB ► Subscribe to Our Channel: https://goo.gl/q9ozyG ► Circle us on G+: https://plus.google.com/+NareshIT ► Like us on Facebook: https://www.facebook.com/NareshIT ► Follow us on Twitter: https://twitter.com/nareshitek ► Follow us on Linkedin: https://goo.gl/CRBZ5F ► Follow us on Instagram: https://goo.gl/3UXYK3
Views: 18832 Naresh i Technologies
DIFFERENCE BETWEEN CHAR AND VARCHAR2 DATATYPE IN ORACLE SQL
 
04:36
This video tutorial explains the difference between similar looking and used char datatype and varchar2 datatypes with an simple example. This video will answer the question such as how is the data internally stored differently for char and vacchar2 datatype. Also why is varchar2 much better option to be used than char data type is explained. If you want more such videos of exciting and amazing 'difference between' concepts, check out the links below : union and union all : https://youtu.be/n9FqQOd8liY replace and translate : https://youtu.be/HKYF77BGzOE procedure and function : https://youtu.be/q3LmOenL120 in and exists : https://youtu.be/REX4IjRYlFw rank and dense_rank : https://youtu.be/WGSX998hZ9M delete and truncate : https://youtu.be/u76wMm2byXo %type and %rowtype : https://youtu.be/MlLUFeZ_3eM
Views: 3396 Kishan Mashru
nchar, nvarchar, and ntext Microsoft SQL Server Tutorial - Unicode Data Types
 
03:57
What considerations do Unicode data types such as nvarchar and nchar have over ASCII ones? This Microsoft SQL Server tutorial provides an overview.
Views: 7639 Edward Kench
Oracle SQL Tutorial 27 - CHAR Part 1
 
03:52
This video and the next is going to cover CHAR and NCHAR. Be sure to check out the previous two videos as these are going to introduce you to some foundational knowledge required to understand these data types. CHAR is a fixed-length data type. What that means is that every value for a CHAR column is going to be the same length. You specify the length in parenthesis when you create the table. The thing you need to know though is that the default measurement is in bytes. That means if you specify the length to be CHAR(50), the length of each value will be 50 bytes, by default. If you want to change that to 50 characters, you can pass in the word CHAR as in CHAR(50 CHAR). This is known as a qualifier. Specifically, they are known as length semantics qualifiers (describes the meaning of the given length). Now, I said the default was bytes, but you can actually change the default to characters. In that situation, you can actually use the keyword BYTE to break away from the default. In general, it's best to put CHAR or BYTE even if it is the default. In general, it's best to keep things consistent. It's okay to have these measured in CHAR or BYTE, but it is recommended that every column is the same. It allows you to be more consistent as if some columns measure length in bytes and some measure length in characters, things can get confusing. If you do want to change the default, look up NLS_LENGTH_SEMANTICS as well as the potential problems it may bring. What values are allowed in parenthesis? That is what we are going to discuss in the next video. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Support me! http://www.patreon.com/calebcurry Subscribe to my newsletter: http://bit.ly/JoinCCNewsletter Donate!: http://bit.ly/DonateCTVM2. ~~~~~~~~~~~~~~~Additional Links~~~~~~~~~~~~~~~ More content: http://CalebCurry.com Facebook: http://www.facebook.com/CalebTheVideoMaker Google+: https://plus.google.com/+CalebTheVideoMaker2 Twitter: http://twitter.com/calebCurry Amazing Web Hosting - http://bit.ly/ccbluehost (The best web hosting for a cheap price!)
Views: 4847 Caleb Curry
Every VARCHAR2(N) Declaration a Bug in PL/SQL!?
 
07:51
Every VARCHAR2(N) Declaration a Bug!? That's right. VARCHAR2 declarations mean that you have to provide an "N" or constraint on the size of the variable. If you have such declarations all over your code, that's a form of hard-coding and you are likely to get hammered by VALUE_ERROR exceptions. This video shows how to fix this problem. See the Practically Perfect PL/SQL YouTube channel for related videos. https://www.youtube.com/channel/UCpJpLMRm452kVcie3RpINPw ============================================ Copyright © 2015 Oracle and/or its affiliates. Oracle is a registered trademark of Oracle and/or its affiliates. All rights reserved. Other names may be registered trademarks of their respective owners. Oracle disclaims any warranties or representations as to the accuracy or completeness of this recording, demonstration, and/or written materials (the “Materials”). The Materials are provided “as is” without any warranty of any kind, either express or implied, including without limitation warranties or merchantability, fitness for a particular purpose, and non-infringement.
11. CHAR, VARCHAR and TEXT Data Type in SQL (Hindi)
 
03:32
Please Subscribe Channel Like, Share and Comment Visit : www.geekyshows.com
Views: 38185 Geeky Shows
PL/SQL Tutorial: Differences Between PLS_INTEGER and BINARY_INTEGER
 
07:25
Differences Between PLS_INTEGER and BINARY_INTEGER SQL Tutorial SQL Tutorial for beginners PLSQL Tutorial PLSQL Tutorial for beginners PL/SQL Tutorial PL SQL Tutorial PL SQL Tutorial for beginners PL/SQL Tutorial for beginners Oracle SQL Tutorial
Views: 635 TechLake
011 E - Difference betwween CHAR, VARCHAR, VARCHAR2, NVARCHAR
 
06:01
The difference between different types of character datatypes CHAR VARCHAR VARCHAR2 NVARCHAR
Views: 3557 Rishabh Jain
Differences between Unicode and Non Unicode Datatypes | MSSQL Training
 
22:17
** For Online Training Registration: https://goo.gl/r6kJbB ? Call: +91-8179191999 💡 Visit Our Website for Classroom Training: https://nareshit.in/sql-server-training/ 💡 For Online Training: https://nareshit.com/course/sql-server-online-training/ #sqlserver #server #programming #course #Tutorials #Training #Videos -------------------------- 💡 About NareshIT: "Naresh IT is having 14+ years of experience in software training industry and the best Software Training Institute for online training, classroom training, weekend training, corporate training of Hadoop, Salesforce, AWS, DevOps, Spark, Data Science, Python, Tableau, RPA , Java, C#.NET, ASP.NET, Oracle, Testing Tools, Silver light, Linq, SQL Server, Selenium, Android, iPhone, C Language, C++, PHP and Digital Marketing in USA, Hyderabad, Chennai and Vijayawada, Bangalore India which provides online training across all the locations -------------------------- 💡 Our Online Training Features: 🎈 Training with Real-Time Experts 🎈 Industry Specific Scenario’s 🎈 Flexible Timings 🎈 Soft Copy of Material 🎈 Share Videos of each and every session. -------------------------- 💡 Please write back to us at 📧 [email protected]/ 📧 [email protected] or Call us at the USA: ☎+1404-232-9879 or India: ☎ +918179191999 -------------------------- 💡 Check The Below Links ► For Course Reg: https://goo.gl/r6kJbB ► Subscribe to Our Channel: https://goo.gl/q9ozyG ► Circle us on G+: https://plus.google.com/+NareshIT ► Like us on Facebook: https://www.facebook.com/NareshIT ► Follow us on Twitter: https://twitter.com/nareshitek ► Follow us on Linkedin: https://goo.gl/CRBZ5F ► Follow us on Instagram: https://goo.gl/3UXYK3
Views: 12435 Naresh i Technologies
4 Unicode and N character in SQL Server
 
12:01
with Arabic content by easy way to learn شرح بالعربي
Audit table changes in sql server
 
06:45
sql server 2008 ddl trigger audit sql server table changes tracking In this video we will discuss, how to audit table changes in SQL Server using a DDL trigger. Table to store the audit data Create table TableChanges ( DatabaseName nvarchar(250), TableName nvarchar(250), EventType nvarchar(250), LoginName nvarchar(250), SQLCommand nvarchar(2500), AuditDateTime datetime ) Go The following trigger audits all table changes in all databases on a SQL Server. CREATE TRIGGER tr_AuditTableChanges ON ALL SERVER FOR CREATE_TABLE, ALTER_TABLE, DROP_TABLE AS BEGIN DECLARE @EventData XML SELECT @EventData = EVENTDATA() INSERT INTO SampleDB.dbo.TableChanges (DatabaseName, TableName, EventType, LoginName, SQLCommand, AuditDateTime) VALUES ( @EventData.value('(/EVENT_INSTANCE/DatabaseName)[1]', 'varchar(250)'), @EventData.value('(/EVENT_INSTANCE/ObjectName)[1]', 'varchar(250)'), @EventData.value('(/EVENT_INSTANCE/EventType)[1]', 'nvarchar(250)'), @EventData.value('(/EVENT_INSTANCE/LoginName)[1]', 'varchar(250)'), @EventData.value('(/EVENT_INSTANCE/TSQLCommand)[1]', 'nvarchar(2500)'), GetDate() ) END In the above example we are using EventData() function which returns event data in XML format. Text version of the video http://csharp-video-tutorials.blogspot.com/2015/09/audit-table-changes-in-sql-server.html Slides http://csharp-video-tutorials.blogspot.com/2015/09/audit-table-changes-in-sql-server_12.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html Full SQL Server Course https://www.youtube.com/playlist?list=PL4cyC4G0M1RQ_Rm52cQ4CcOJ_T_HXeMB4 All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists
Views: 42625 kudvenkat
how to auto increment varchar in sql server
 
08:26
how to auto increment varchar in sql server
Views: 14962 Kannababu Banna
9. What are the Difference Between VARCHAR and VARCHAR2 in Oracle Database
 
02:13
What are the Difference Between VARCHAR and VARCHAR2 in Oracle Database
Part 6   Transform rows into columns in sql server
 
08:53
Link for all dot net and sql server video tutorial playlists http://www.youtube.com/user/kudvenkat/playlists Link for slides, code samples and text version of the video http://csharp-video-tutorials.blogspot.com/2014/06/part-6-transform-rows-into-columns-in.html This is another common sql server interview question. We will be using Countries table in this example. SQL to create the table Create Table Countries ( Country nvarchar(50), City nvarchar(50) ) GO Insert into Countries values ('USA','New York') Insert into Countries values ('USA','Houston') Insert into Countries values ('USA','Dallas') Insert into Countries values ('India','Hyderabad') Insert into Countries values ('India','Bangalore') Insert into Countries values ('India','New Delhi') Insert into Countries values ('UK','London') Insert into Countries values ('UK','Birmingham') Insert into Countries values ('UK','Manchester') Here is the interview question. Write a sql query to transpose rows to columns. Using PIVOT operator we can very easily transform rows to columns. Select Country, City1, City2, City3 From ( Select Country, City, 'City'+ cast(row_number() over(partition by Country order by Country) as varchar(10)) ColumnSequence from Countries ) Temp pivot ( max(City) for ColumnSequence in (City1, City2, City3) ) Piv
Views: 199935 kudvenkat
Over clause in SQL Server
 
09:13
over partition by in sql server 2008 sql server over clause partition partition by clause in sql server 2008 over partition by clause in sql In this video we will discuss the power and use of Over clause in SQL Server. The OVER clause combined with PARTITION BY is used to break up data into partitions. Syntax : function (...) OVER (PARTITION BY col1, Col2, ...) The specified function operates for each partition. For example : COUNT(Gender) OVER (PARTITION BY Gender) will partition the data by GENDER i.e there will 2 partitions (Male and Female) and then the COUNT() function is applied over each partition. Any of the following functions can be used. Please note this is not the complete list. COUNT(), AVG(), SUM(), MIN(), MAX(), ROW_NUMBER(), RANK(), DENSE_RANK() etc. Example : SQl Script to create Employees table Create Table Employees ( Id int primary key, Name nvarchar(50), Gender nvarchar(10), Salary int ) Go Insert Into Employees Values (1, 'Mark', 'Male', 5000) Insert Into Employees Values (2, 'John', 'Male', 4500) Insert Into Employees Values (3, 'Pam', 'Female', 5500) Insert Into Employees Values (4, 'Sara', 'Female', 4000) Insert Into Employees Values (5, 'Todd', 'Male', 3500) Insert Into Employees Values (6, 'Mary', 'Female', 5000) Insert Into Employees Values (7, 'Ben', 'Male', 6500) Insert Into Employees Values (8, 'Jodi', 'Female', 7000) Insert Into Employees Values (9, 'Tom', 'Male', 5500) Insert Into Employees Values (10, 'Ron', 'Male', 5000) Go Write a query to retrieve total count of employees by Gender. Also in the result we want Average, Minimum and Maximum salary by Gender. This can be very easily achieved using a simple GROUP BY query as show below. SELECT Gender, COUNT(*) AS GenderTotal, AVG(Salary) AS AvgSal, MIN(Salary) AS MinSal, MAX(Salary) AS MaxSal FROM Employees GROUP BY Gender What if we want non-aggregated values (like employee Name and Salary) in result set along with aggregated values You cannot include non-aggregated columns in the GROUP BY query. SELECT Name, Salary, Gender, COUNT(*) AS GenderTotal, AVG(Salary) AS AvgSal, MIN(Salary) AS MinSal, MAX(Salary) AS MaxSal FROM Employees GROUP BY Gender The above query will result in the following error : Column 'Employees.Name' is invalid in the select list because it is not contained in either an aggregate function or the GROUP BY clause One way to achieve this is by including the aggregations in a subquery and then JOINING it with the main query as shown in the example below. Look at the amount of T-SQL code we have to write. SELECT Name, Salary, Employees.Gender, Genders.GenderTotals, Genders.AvgSal, Genders.MinSal, Genders.MaxSal FROM Employees INNER JOIN (SELECT Gender, COUNT(*) AS GenderTotals, AVG(Salary) AS AvgSal, MIN(Salary) AS MinSal, MAX(Salary) AS MaxSal FROM Employees GROUP BY Gender) AS Genders ON Genders.Gender = Employees.Gender Better way of doing this is by using the OVER clause combined with PARTITION BY SELECT Name, Salary, Gender, COUNT(Gender) OVER(PARTITION BY Gender) AS GenderTotals, AVG(Salary) OVER(PARTITION BY Gender) AS AvgSal, MIN(Salary) OVER(PARTITION BY Gender) AS MinSal, MAX(Salary) OVER(PARTITION BY Gender) AS MaxSal FROM Employees Text version of the video http://csharp-video-tutorials.blogspot.com/2015/09/over-clause-in-sql-server.html Slides http://csharp-video-tutorials.blogspot.com/2015/09/over-clause-in-sql-server_29.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists
Views: 90762 kudvenkat
Datatypes : Oracle (Sql)
 
27:02
Oracle Datatypes Difference between Char and Varchar Date Number
Views: 79 CodeSmith 001
How To Using Date Fomat In SQL Server
 
11:50
This video for the SQL Programmer beginner only it will show you how to using date format in SQL Server
Views: 13990 Sourn Sarim
SQL Server Tutorial - Difference between char, nchar, varchar, nvarchar DataTypes in SqlServer
 
06:26
In this video you will learn aboutDifference between char, nchar, varchar, nvarchar DataTypes in SqlServer in Urdu and Hindi.
Views: 4892 IT4Solutions
Dynamic sql table name variable
 
11:59
Text version of the video http://csharp-video-tutorials.blogspot.com/2017/04/dynamic-sql-table-name-variable.html Slides http://csharp-video-tutorials.blogspot.com/2017/04/dynamic-sql-table-name-variable_20.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html All SQL Server Tutorial Videos https://www.youtube.com/playlist?list=PL08903FB7ACA1C2FB All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists In this video we will discuss how to pass table name dynamically for stored procedure in sql server. This is one of the sql questions that is very commonly asked. I have a web page with a textbox. When I enter a table name in the textbox and when I click "Load Data" button, we want to retrieve data from that respective table and display it on the page. Copy the SQL Script to create the tables from my blog using the link below http://csharp-video-tutorials.blogspot.com/2017/04/dynamic-sql-table-name-variable.html Create the following stored procedure. Notice we are passing table name as a parameter to the stored prcoedure. In the body of the stored procedure we are concatenating strings to build our dynamic sql statement. In our previous videos we discussed that this open doors for SQL injection. Create procedure spDynamicTableName @TableName nvarchar(100) As Begin Declare @sql nvarchar(max) Set @sql = 'Select * from ' + @TableName Execute sp_executesql @sql End So the obvious question that comes to our mind is, why are we not creating parameterised sql statement instead. The answers is we can't. SQL Server does not allow table names and column names to be passed as parameters. Notice in the example below, we are creating a parameterised query with @TabName as a parameter. When we execute the following code, the procedure gets created successfully. Create procedure spDynamicTableName1 @TableName nvarchar(100) As Begin Declare @sql nvarchar(max) Set @sql = 'Select * from @TabName' Execute sp_executesql @sql, N'@TabName nvarchar(100)', @TabName = @TableName End But when we try to execute it we get an error - Must declare the table variable "@TabName" Execute spDynamicTableName1 N'Countries' Add a Web Page to the project that we have been working with in our previous video. Name it "DynamicTableName.aspx". Copy and paste the HTML from my blog using the link below http://csharp-video-tutorials.blogspot.com/2017/04/dynamic-sql-table-name-variable.html Copy and paste the code from my blog in the code-behind page http://csharp-video-tutorials.blogspot.com/2017/04/dynamic-sql-table-name-variable.html At this point, run the application and type the following text in the "Table Name" textbox and click "Load Data" button. Notice "SalesDB" database is dropped. Our application is prone to SQL injection as we have implemented dynamic sql in our stored procedure by concatenating strings instead of using parameters. Employees; Drop database SalesDB One way to prevent SQL injection in this case is by using SQL Server built-in function - QUOTENAME(). We will discuss QUOTENAME() function in detail in our next video. For now understand that by default, this function wraps that string that is passed to it in a pair of brackets. SELECT QUOTENAME('Employees') returns [Employees] Modify the stored procedure to use QUOTENAME() function as shown below. Alter procedure spDynamicTableName @TableName nvarchar(100) As Begin Declare @sql nvarchar(max) Set @sql = 'Select * from ' + QUOTENAME(@TableName) Execute sp_executesql @sql End At this point, type the following text in the "Table Name" textbox and click "Load Data" button. Notice you will see a message - Invalid object name 'Employees; Drop database SalesDB'. Also "SalesDB" database is not dropped. Employees; Drop database SalesDB The entire text in "Table Name" textbox is wrapped in a pair of brackets by the QUOTENAME function and is treated as table name. Since we do have a table with the specified name, we get the error - Invalid object name.
Views: 27087 kudvenkat
Dynamic SQL in Stored Procedure
 
09:32
In this video we will discuss, using dynamic sql in a stored procedure and it's implications from sql injection perspective. We will discuss performance implications of using dynamic sql in a stored procedure in a later video. Text version of the video http://csharp-video-tutorials.blogspot.com/2017/04/dynamic-sql-in-stored-procedure.html Slides http://csharp-video-tutorials.blogspot.com/2017/04/dynamic-sql-in-stored-procedure_11.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html All SQL Server Tutorial Videos https://www.youtube.com/playlist?list=PL08903FB7ACA1C2FB All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists Consider the following stored procedure "spSearchEmployees". We implemented this procedure in Part 139 of SQL Server tutorial. This stored procedure does not have any dynamic sql in it. It is all static sql and is immune to sql injection. Create Procedure spSearchEmployees @FirstName nvarchar(100) = NULL, @LastName nvarchar(100) = NULL, @Gender nvarchar(50) = NULL, @Salary int = NULL As Begin Select * from Employees where (FirstName = @FirstName OR @FirstName IS NULL) AND (LastName = @LastName OR @LastName IS NULL) AND (Gender = @Gender OR @Gender IS NULL) AND (Salary = @Salary OR @Salary IS NULL) End Go Whether you are creating your dynamic sql queries in a client application like ASP.NET web application or in a stored procedure, you should never ever concatenate user input values. Instead you should be using parameters. Notice in the following example, we are creating dynamic sql queries by concatenating parameter values, instead of using parameterized queries. This stored procedure is prone to SQL injection. Let's prove this by creating a "Search Page" that calls this procedure. Create Procedure spSearchEmployeesBadDynamicSQL @FirstName nvarchar(100) = NULL, @LastName nvarchar(100) = NULL, @Gender nvarchar(50) = NULL, @Salary int = NULL As Begin Declare @sql nvarchar(max) Set @sql = 'Select * from Employees where 1 = 1' if(@FirstName is not null) Set @sql = @sql + ' and FirstName=''' + @FirstName + '''' if(@LastName is not null) Set @sql = @sql + ' and LastName=''' + @LastName + '''' if(@Gender is not null) Set @sql = @sql + ' and Gender=''' + @Gender + '''' if(@Salary is not null) Set @sql = @sql + ' and Salary=''' + @Salary + '''' Execute sp_executesql @sql End Go Add a Web Page to the project that we have been working with in our previous video. Name it "DynamicSQLInStoredProcedure.aspx". Copy and paste the HTML and code available on my blog at the following link http://csharp-video-tutorials.blogspot.com/2017/04/dynamic-sql-in-stored-procedure.html At this point, run the application and type the following text in the "Firsname" text and click "Search" button. Notice "SalesDB" database is dropped. Our application is prone to SQL injection as we have implemented dynamic sql in our stored procedure by concatenating strings instead of using parameters. ' Drop database SalesDB -- In the following stored procedure we have implemented dynamic sql by using parameters, so this is not prone to sql injecttion. This is an example for good dynamic sql implementation. Create Procedure spSearchEmployeesGoodDynamicSQL @FirstName nvarchar(100) = NULL, @LastName nvarchar(100) = NULL, @Gender nvarchar(50) = NULL, @Salary int = NULL As Begin Declare @sql nvarchar(max) Declare @sqlParams nvarchar(max) Set @sql = 'Select * from Employees where 1 = 1' if(@FirstName is not null) Set @sql = @sql + ' and [email protected]' if(@LastName is not null) Set @sql = @sql + ' and [email protected]' if(@Gender is not null) Set @sql = @sql + ' and [email protected]' if(@Salary is not null) Set @sql = @sql + ' and [email protected]' Execute sp_executesql @sql, N'@FN nvarchar(50), @LN nvarchar(50), @Gen nvarchar(50), @sal int', @[email protected], @[email protected], @[email protected], @[email protected] End Go On the code-behind page, use stored procedure spSearchEmployeesGoodDynamicSQL instead of spSearchEmployeesBadDynamicSQL. We do not have to change any other code. At this point run the application one more time and type the following text in the "Firstname" textbox and click the "Search" button. ' Drop database SalesDB -- Notice "SalesDB" database is not dropped, So in this case our application is not succeptible to SQL injection attack. Summary : Whether you are creating dynamic sql in a client application (like a web application) or in a stored procedure always use parameters instead of concatnating strings. Using parameters to create dynamic sql statements prevents sql injection.
Views: 35016 kudvenkat
numeric data types in oracle
 
11:16
numeric data types in oracle
Views: 13 karra sankar
Oracle Data Types  --- SQL
 
17:54
This video shows Oracle Data Types in Oracle SQL. Try to share these videos for poor students and subscribe this channel for more upcoming other technical videos.
Views: 25 Technology mart
SQL script to insert into many to many table
 
14:52
Text Article http://csharp-video-tutorials.blogspot.com/2017/02/sql-script-to-insert-into-many-to-many.html Slides http://csharp-video-tutorials.blogspot.com/2017/02/sql-script-to-insert-into-many-to-many_6.html SQL Server Interview Questions and Answers text articles & slides http://csharp-video-tutorials.blogspot.com/2014/05/sql-server-interview-questions-and.html SQL Server Interview Questions and Answers playlist https://www.youtube.com/playlist?list=PL6n9fhu94yhXcztdLO7i6mdyaegC8CJwR All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists In this video we will discuss how to insert data into a table that has many-to-many relationship Create table Students ( Id int primary key identity, StudentName nvarchar(50) ) Go Create table Courses ( Id int primary key identity, CourseName nvarchar(50) ) Go Create table StudentCourses ( StudentId int not null foreign key references Students(Id), CourseId int not null foreign key references Courses(Id) ) Go Students - Id column is identity column Courses - Id column is identity column StudentCourses - StudentId and CourseId columns are foreign keys referencing Id column in Students and Courses tables As you can see, StudentCourses is a bridge table that has many to many relationship with Students and Courses tables. This means a given student can be enrolled into many courses and a given course can have many students enrolled. Below is the question asked in an interview for SQL Server Developer role. Write a SQL script to insert data into StudentCourses table. Here are the rules that your script should follow. 1. There will be 2 inputs for the script Student Name - The name of the student who wants to enroll into a course Course Name - The name of the course the student wants to enroll into 2. If the student is already in the Students table, then use that existing Student Id. If the student is not already in the Students table, then a row for that student must be inserted into the Students table, and use that new student id. 3. Along the same lines, if the course is already in the Courses table, then use that existing Course Id. If the course is not already in the Courses table, then a row for that course must be inserted into the Courses table, and use that new course id. 4. There should be no duplicate student course enrollments, i.e a given student must not be enrolled in the same course twice. For example, Tom must not be enrolled in C# course twice. Answer : To avoid duplicate student course enrollments create a composite primary key on StudentId and CourseId columns in StudentCourses table. With this composite primary key in place, if someone tries to enroll the same student in the same course again we get violation of primary key constraint error. Alter table StudentCourses Add Constraint PK_StudentCourses Primary Key Clustered (CourseId, StudentId) Here is the SQL script that inserts data into the 3 tables as expected Declare @StudentName nvarchar(50) = 'Sam' Declare @CourseName nvarchar(50) = 'SQL Server' Declare @StudentId int Declare @CourseId int -- If the student already exists, use the existing student ID Select @StudentId = Id from Students where StudentName = @StudentName -- If the course already exists, use the existing course ID Select @CourseId = Id from Courses where CourseName = @CourseName -- If the student does not exist in the Students table If (@StudentId is null) Begin -- Insert the student Insert into Students values(@StudentName) -- Get the Id of the student Select @StudentId = SCOPE_IDENTITY() End -- If the course does not exist in the Courses table If (@CourseId is null) Begin -- Insert the course Insert into Courses values(@CourseName) -- Get the Id of the course Select @CourseId = SCOPE_IDENTITY() End -- Insert StudentId & CourseId in StudentCourses table Insert into StudentCourses values(@StudentId, @CourseId) If required, we can very easily convert this into a stored procedure as shown below. Create procedure spInsertIntoStudentCourses @StudentName nvarchar(50), @CourseName nvarchar(50) as Begin Declare @StudentId int Declare @CourseId int Select @StudentId = Id from Students where StudentName = @StudentName Select @CourseId = Id from Courses where CourseName = @CourseName If (@StudentId is null) Begin Insert into Students values(@StudentName) Select @StudentId = SCOPE_IDENTITY() End If (@CourseId is null) Begin Insert into Courses values(@CourseName) Select @CourseId = SCOPE_IDENTITY() End Insert into StudentCourses values(@StudentId, @CourseId) End Use the following statement to execute the stored procedure Execute spInsertIntoStudentCourses 'Tom','C#'
Views: 90162 kudvenkat
Session6 Data type in Oracle
 
15:25
Session 6: Datatypes In Oracle   ALPHABET           : A-Z , a-z NUMBER              : 0-9 (with precision and scale) DATE / Temporal  : any Date and time (Hours, Minutes, Seconds, Mili-seconds, Timestamp, Timezone etc)   Alphabet + Number = Alphanumeric Data                                     = String / CHARACTER Datatype Category Number                    =  Numeric Datatype Category Date                         = Date Datatype Category 1. CHARACTER Datatype: CHAR, VARCHAR, NCHAR: CHAR is fixed length datatype and VARCHAR is Variable length datatype to store character data. i.e. A-Z , a-z , 0-9 , all keyboard characters etc. The default size is 1 character and it can store maximum up to 2000 bytes. Example : EName, EmpID, PassportNo, SSN, etc. EName CHAR(10) := ‘TOM’; wastage of 7 space after the string EName VARCHAR(10) := ‘TOM’; Spaces can be Reuse which left after the string NCHAR additionally handles NLS(National Language Support). Oracle supports a reliable Unicode datatype through NCHAR , NVARCHAR2 , and NCLOB  VARCHAR2, NVARCHAR2: These are Variable length datatype. VARCHAR2 handles alphanumeric character string whereas NVARCHAR2 handles alphanumeric character string with NLS(National Language Support). The default size is 1 character and it can store maximum up to 4000 bytes.   LONG:  Variable length string.  (Maximum size: 2 GB - 1) Only one LONG column is allowed per table. RAW:    Variable length binary string (Maximum size 2000 bytes) LONG RAW: Variable length binary string (Maximum size 2GB) 2. NUMERIC Datatype: NUMBER: It stores Numeric values and performs numeric calculations. NUMBER,   NUMBER(n),   NUMBER(p,s) It stores Numbers up to 38 digits of precision. SeqNo NUMBER;                     1, 123, 12345678 EmpID NUMBER(4);                 1, 123, 1234 Sal NUMBER(7,2);                     23456.78 , 123.45 — correction in video: Sal NUMBER(a7,2); which is wrong please ignore. 1234567 can be a type of NUMBER, NUMBER(7), NUMBER(7,0) It can store both integer and floating point numbers NUMERIC(p,s) FLOAT:   Ex:  EmpSal FLOAT;    FLOAT(7)       Decimal Points allowed DEC(p,s), DECIMAL(p,s) , REAL, DOUBLE PRECISION INTEGER:   Ex:  SSN INTEGER;       Decimal Points are not allowed INT, SMALLINT 3. DATE Datatype: DATE: It stores DATE(Date, Month, Year) and Time(Hour, Minute, Second, AM/PM) and performs calculations with such data. Default DATE format in Oracle is “DD-MON-YY” Based on "Gregorian calendar" where the date ranges from “JAN 1 4712 BC” to “DEC 31 9999 AD” doj DATE;    “18-MAR-2010 12:30:00 PM” TIMESTAMP:    It can store all parameters as DATE datatype and additionally it can have “Fraction of seconds” and TIMESTAMP WITH TIMEZONE / TIMESTAMP WITHOUT TIMEZONE. Range from 0-9 digits, the default size is 6. 4. LOB Datatype: LOB: “Large Object” data. It can store pictures, motion pictures, Textfiles etc. CLOB: “Character Large Object” is used to store structured information like a text file with a specific file format. BLOB: “Binary Large Object” is used to store Un-structured information like Image, JPEG files, MPEG files etc. BFILE: “Binary File” is used to store the pointer to a specific file / Just store the location of a file. Maximum size: (4 GB - 1) * DB_BLOCK_SIZE initialization parameter (8 TB to 128 TB) Extra Information: NCLOB : It supports all the character set supported by CLOB and additionally it handles NLS(National Language Support ) Maximum size: (4 GB - 1) * DB_BLOCK_SIZE initialization parameter (8 TB to 128 TB) ROWID and UROWID(optional size) Datatype: contains fixed length Binary data. BBBBBBB.RRRR.FFFFF combination of BLOCK-ROW-DATABASE FILE Physical and Logical ROWID Upcoming Session: Session 7: Populating Data into Tables(INSERT Statement): Inserting data into all columns of a table Inserting data into Required columns of a table Inserting NULL value into a table Inserting Special Values(USER / SYSDATE) into a table Supplying data at runtime(using & and &&) THANK YOU :)
Views: 235 Prabhat Sahu
Part 1   How to find nth highest salary in sql
 
11:45
Link for all dot net and sql server video tutorial playlists http://www.youtube.com/user/kudvenkat/playlists Link for slides, code samples and text version of the video http://csharp-video-tutorials.blogspot.com/2014/05/part-1-how-to-find-nth-highest-salary_17.html This is a very common SQL Server Interview Question. There are several ways of finding the nth highest salary. By the end of this video, we will be able to answer all the following questions as well. How to find nth highest salary in SQL Server using a Sub-Query How to find nth highest salary in SQL Server using a CTE How to find the 2nd, 3rd or 15th highest salary Let's use the following Employees table for this demo Use the following script to create Employees table Create table Employees ( ID int primary key identity, FirstName nvarchar(50), LastName nvarchar(50), Gender nvarchar(50), Salary int ) GO Insert into Employees values ('Ben', 'Hoskins', 'Male', 70000) Insert into Employees values ('Mark', 'Hastings', 'Male', 60000) Insert into Employees values ('Steve', 'Pound', 'Male', 45000) Insert into Employees values ('Ben', 'Hoskins', 'Male', 70000) Insert into Employees values ('Philip', 'Hastings', 'Male', 45000) Insert into Employees values ('Mary', 'Lambeth', 'Female', 30000) Insert into Employees values ('Valarie', 'Vikings', 'Female', 35000) Insert into Employees values ('John', 'Stanmore', 'Male', 80000) GO To find the highest salary it is straight forward. We can simply use the Max() function as shown below. Select Max(Salary) from Employees To get the second highest salary use a sub query along with Max() function as shown below. Select Max(Salary) from Employees where Salary [ (Select Max(Salary) from Employees) To find nth highest salary using Sub-Query SELECT TOP 1 SALARY FROM ( SELECT DISTINCT TOP N SALARY FROM EMPLOYEES ORDER BY SALARY DESC ) RESULT ORDER BY SALARY To find nth highest salary using CTE WITH RESULT AS ( SELECT SALARY, DENSE_RANK() OVER (ORDER BY SALARY DESC) AS DENSERANK FROM EMPLOYEES ) SELECT TOP 1 SALARY FROM RESULT WHERE DENSERANK = N To find 2nd highest salary we can use any of the above queries. Simple replace N with 2. Similarly, to find 3rd highest salary, simple replace N with 3. Please Note: On many of the websites, you may have seen that, the following query can be used to get the nth highest salary. The below query will only work if there are no duplicates. WITH RESULT AS ( SELECT SALARY, ROW_NUMBER() OVER (ORDER BY SALARY DESC) AS ROWNUMBER FROM EMPLOYEES ) SELECT SALARY FROM RESULT WHERE ROWNUMBER = 3
Views: 947594 kudvenkat
GROUPING ID function in SQL Server
 
12:38
grouping_id function in sql server 2008 grouping_id in sql server 2008 example sql server grouping level In this video we will discuss 1. GROUPING_ID function in SQL Server 2. Difference between GROUPING and GROUPING_ID functions 3. Use of GROUPING_ID function GROUPING_ID function computes the level of grouping. Difference between GROUPING and GROUPING_ID Syntax : GROUPING function is used on single column, where as the column list for GROUPING_ID function must match with GROUP BY column list. GROUPING(Col1) GROUPING_ID(Col1, Col2, Col3,...) GROUPING indicates whether the column in a GROUP BY list is aggregated or not. Grouping returns 1 for aggregated or 0 for not aggregated in the result set. GROUPING_ID() function concatenates all the GOUPING() functions, perform the binary to decimal conversion, and returns the equivalent integer. In short GROUPING_ID (A, B, C) = GROUPING(A) + GROUPING(B) + GROUPING(C) Let us understand this with an example. SELECT Continent, Country, City, SUM(SaleAmount) AS TotalSales, CAST(GROUPING(Continent) AS NVARCHAR(1)) + CAST(GROUPING(Country) AS NVARCHAR(1)) + CAST(GROUPING(City) AS NVARCHAR(1)) AS Groupings, GROUPING_ID(Continent, Country, City) AS GPID FROM Sales GROUP BY ROLLUP(Continent, Country, City) Row Number 1 : Since the data is not aggregated by any column GROUPING(Continent), GROUPING(Country) and GROUPING(City) return 0 and as result we get a binar string with all ZEROS (000). When this converted to decimal we get 0 which is displayed in GPID column. Row Number 7 : The data is aggregated for Country and City columns, so GROUPING(Country) and GROUPING(City) return 1 where as GROUPING(Continent) return 0. As result we get a binar string (011). When this converted to decimal we get 10 which is displayed in GPID column. Row Number 15 : This is the Grand total row. Notice in this row the data is aggregated by all the 3 columns. Hence all the 3 GROUPING functions return 1. So we get a binary string with all ONES (111). When this converted to decimal we get 7 which is displayed in GPID column. Use of GROUPING_ID function : GROUPING_ID function is very handy if you want to sort and filter by level of grouping. Sorting by level of grouping : SELECT Continent, Country, City, SUM(SaleAmount) AS TotalSales, GROUPING_ID(Continent, Country, City) AS GPID FROM Sales GROUP BY ROLLUP(Continent, Country, City) ORDER BY GPID Filter by level of grouping : The following query retrieves only continent level aggregated data SELECT Continent, Country, City, SUM(SaleAmount) AS TotalSales, GROUPING_ID(Continent, Country, City) AS GPID FROM Sales GROUP BY ROLLUP(Continent, Country, City) HAVING GROUPING_ID(Continent, Country, City) = 3 Text version of the video http://csharp-video-tutorials.blogspot.com/2015/09/groupingid-function-in-sql-server.html Slides http://csharp-video-tutorials.blogspot.com/2015/09/groupingid-function-in-sql-server_27.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists
Views: 32454 kudvenkat
SQL Server except operator
 
05:14
sql except example sql except operator example sql server except example sql server except order by sql server except clause SQL Server except operator In this video we will discuss SQL Server except operator with examples. EXCEPT operator returns unique rows from the left query that aren’t in the right query’s results. Introduced in SQL Server 2005 The number and the order of the columns must be the same in all queries The data types must be same or compatible This is similar to minus operator in oracle Let us understand this with an example. SQL Script to create the tables Create Table TableA ( Id int primary key, Name nvarchar(50), Gender nvarchar(10) ) Go Insert into TableA values (1, 'Mark', 'Male') Insert into TableA values (2, 'Mary', 'Female') Insert into TableA values (3, 'Steve', 'Male') Insert into TableA values (4, 'John', 'Male') Insert into TableA values (5, 'Sara', 'Female') Go Create Table TableB ( Id int primary key, Name nvarchar(50), Gender nvarchar(10) ) Go Insert into TableB values (4, 'John', 'Male') Insert into TableB values (5, 'Sara', 'Female') Insert into TableB values (6, 'Pam', 'Female') Insert into TableB values (7, 'Rebeka', 'Female') Insert into TableB values (8, 'Jordan', 'Male') Go Notice that the following query returns the unique rows from the left query that aren’t in the right query’s results. Select Id, Name, Gender From TableA Except Select Id, Name, Gender From TableB To retrieve all of the rows from Table B that does not exist in Table A, reverse the two queries as shown below. Select Id, Name, Gender From TableB Except Select Id, Name, Gender From TableA You can also use Except operator on a single table. SQL script to create tblEmployees table Create table tblEmployees ( Id int identity primary key, Name nvarchar(100), Gender nvarchar(10), Salary int ) Go Insert into tblEmployees values ('Mark', 'Male', 52000) Insert into tblEmployees values ('Mary', 'Female', 55000) Insert into tblEmployees values ('Steve', 'Male', 45000) Insert into tblEmployees values ('John', 'Male', 40000) Insert into tblEmployees values ('Sara', 'Female', 48000) Insert into tblEmployees values ('Pam', 'Female', 60000) Insert into tblEmployees values ('Tom', 'Male', 58000) Insert into tblEmployees values ('George', 'Male', 65000) Insert into tblEmployees values ('Tina', 'Female', 67000) Insert into tblEmployees values ('Ben', 'Male', 80000) Go Except operator on a single table Select Id, Name, Gender, Salary From tblEmployees Where Salary ]= 50000 Except Select Id, Name, Gender, Salary From tblEmployees Where Salary ]= 60000 Order By clause should be used only once after the right query Select Id, Name, Gender, Salary From tblEmployees Where Salary ]= 50000 Except Select Id, Name, Gender, Salary From tblEmployees Where Salary ]= 60000 order By Name Text version of the video http://csharp-video-tutorials.blogspot.com/2015/09/sql-server-except-operator.html Slides http://csharp-video-tutorials.blogspot.com/2015/09/adsbygoogle-window.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists
Views: 42243 kudvenkat
Cast and Convert functions in SQL Server   Part 28
 
17:26
In this video we will learn, converting one data type to another using cast() and convert() functions. We will also learn how to use the style parameter, with convert() function. Finally we will look at a practical example of using CAST or CONVERT functions, along with group by. We will also talk about the differences between CAST and CONVERT functions and when to choose one over the other. Text version of the video http://csharp-video-tutorials.blogspot.com/2012/09/cast-and-convert-functions-in-sql.html Slides http://csharp-video-tutorials.blogspot.com/2013/08/part-28-cast-and-convert-functions.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists
Views: 183789 kudvenkat
Dynamic sql output parameter
 
05:25
Text version of the video http://csharp-video-tutorials.blogspot.com/2017/05/dynamic-sql-output-parameter.html Slides http://csharp-video-tutorials.blogspot.com/2017/05/dynamic-sql-output-parameter_8.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html All SQL Server Tutorial Videos https://www.youtube.com/playlist?list=PL08903FB7ACA1C2FB All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists In this video we will discuss, how to use output parameters with dynamic sql. Let us understand this with an example. SQL script to create Employees table Create table Employees ( ID int primary key identity, FirstName nvarchar(50), LastName nvarchar(50), Gender nvarchar(50), Salary int ) Go Insert into Employees values ('Mark', 'Hastings', 'Male', 60000) Insert into Employees values ('Steve', 'Pound', 'Male', 45000) Insert into Employees values ('Ben', 'Hoskins', 'Male', 70000) Insert into Employees values ('Philip', 'Hastings', 'Male', 45000) Insert into Employees values ('Mary', 'Lambeth', 'Female', 30000) Insert into Employees values ('Valarie', 'Vikings', 'Female', 35000) Insert into Employees values ('John', 'Stanmore', 'Male', 80000) Go We want to write a dynamic sql statement that returns total number of male of female employees. If the gender value is specified as "Male", then the query should return total male employees. Along the same lines, if the the value for gender is "Female", then we should get total number of female employees. The following dynamic sql, will give us what we want. In this case, the query returns total number of "Male" employees. If you want the total number of female employees, simply set @gender='Female'. Declare @sql nvarchar(max) Declare @gender nvarchar(10) Set @gender = 'Male' Set @sql = 'Select Count(*) from Employees where [email protected]' Execute sp_executesql @sql, N'@gender nvarchar(10)', @gender At the moment we are not using output parameters. If you want the count of employees to be returned using an OUTPUT parameter, then we have to do a slight modification to the query as shown below. The key here is to use the OUTPUT keyword in your dynamic sql. This is very similar to using OUTPUT parameters with a stored procedure. Declare @sql nvarchar(max) Declare @gender nvarchar(10) Declare @count int Set @gender = 'Male' Set @sql = 'Select @count = Count(*) from Employees where [email protected]' Execute sp_executesql @sql, N'@gender nvarchar(10), @count int OUTPUT', @gender, @count OUTPUT Select @count The OUTPUT parameter returns NULL, if you forget to use OUTPUT keyword.. The following query returns NULL, as we removed the OUTPUT keyword from @count parameter Declare @sql nvarchar(max) Declare @gender nvarchar(10) Declare @count int Set @gender = 'Male' Set @sql = 'Select @count = Count(*) from Employees where [email protected]' Execute sp_executesql @sql, N'@gender nvarchar(10), @count int OUTPUT', @gender, @count Select @count
Views: 16758 kudvenkat
Data types in SQL Server  - Part 5 Tamil
 
09:12
Subscribe to IT PORT : https://www.youtube.com/c/itport28 SQL Server Tutorial in Tamil : https://www.youtube.com/playlist?list=PLouAaeZ4xQ64enJDwWVvN3KduuZRlUrb3 SQL Server Concepts in Tamil : https://www.youtube.com/playlist?list=PLouAaeZ4xQ67kdNIByJKAGBIBhor_h4Hs SQL Server Analytic Functions in Tamil : https://www.youtube.com/playlist?list=PLouAaeZ4xQ65XIU5azEUgLVrBKEl-jWMV SQL Server Tutorial : https://www.youtube.com/playlist?list=PLouAaeZ4xQ66AYrzPtxt2SeeR4UABcBcO SQL Server Concepts : https://www.youtube.com/playlist?list=PLouAaeZ4xQ66zRe8-nDDy-YHY2o0rmbn4 SQL Server Analytic Functions : https://www.youtube.com/playlist?list=PLouAaeZ4xQ64hTsEdhLsVBquE1vERWngX In SQL Server, each column, local variable, expression, and parameter has a related data type. A data type is an attribute that specifies the type of data that the object can hold: integer data, character data, monetary data, date and time data, binary strings, and so on. There are 7 Data type Categories available: a) Exact numerics b) Approximate numerics c) Date and time d) Character Strings e) Unicode Character Strings f) Binary Strings g) Other data types Explained in Tamil
Views: 713 IT Port
Subqueries in sql   Part 59
 
14:34
In this video we will discuss about subqueries in sql server. Let us understand subqueris with an example. Please create the required tables and insert sample data using the script below. Create Table tblProducts ( [Id] int identity primary key, [Name] nvarchar(50), [Description] nvarchar(250) ) Create Table tblProductSales ( Id int primary key identity, ProductId int foreign key references tblProducts(Id), UnitPrice int, QuantitySold int ) Insert into tblProducts values ('TV', '52 inch black color LCD TV') Insert into tblProducts values ('Laptop', 'Very thin black color acer laptop') Insert into tblProducts values ('Desktop', 'HP high performance desktop') Insert into tblProductSales values(3, 450, 5) Insert into tblProductSales values(2, 250, 7) Insert into tblProductSales values(3, 450, 4) Insert into tblProductSales values(3, 450, 9) Write a query to retrieve products that are not at all sold? This can be very easily achieved using subquery as shown below. Select [Id], [Name], [Description] from tblProducts where Id not in (Select Distinct ProductId from tblProductSales) Most of the times subqueries can be very easily replaced with joins. The above query is rewritten using joins and produces the same results. Select tblProducts.[Id], [Name], [Description] from tblProducts left join tblProductSales on tblProducts.Id = tblProductSales.ProductId where tblProductSales.ProductId IS NULL In this example, we have seen how to use a subquery in the where clause. Let us now discuss about using a sub query in the SELECT clause. Write a query to retrieve the NAME and TOTALQUANTITY sold, using a subquery. Select [Name], (Select SUM(QuantitySold) from tblProductSales where ProductId = tblProducts.Id) as TotalQuantity from tblProducts order by Name Query with an equivalent join that produces the same result. Select [Name], SUM(QuantitySold) as TotalQuantity from tblProducts left join tblProductSales on tblProducts.Id = tblProductSales.ProductId group by [Name] order by Name From these examples, it should be very clear that, a subquery is simply a select statement, that returns a single value and can be nested inside a SELECT, UPDATE, INSERT, or DELETE statement. It is also possible to nest a subquery inside another subquery. According to MSDN, subqueries can be nested upto 32 levels. Subqueries are always encolsed in paranthesis and are also called as inner queries, and the query containing the subquery is called as outer query. The columns from a table that is present only inside a subquery, cannot be used in the SELECT list of the outer query. Next Video: What to choose for performance? Queries that involve a subquery or a join Text version of the video http://csharp-video-tutorials.blogspot.com/2013/01/subqueries-in-sql-part-59.html Slides http://csharp-video-tutorials.blogspot.com/2013/09/part-59-subqueries-in-sql-server.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists
Views: 212045 kudvenkat
Difference between rank dense rank and row number in SQL
 
04:43
row_number vs rank vs dense_rank in sql server dense_rank vs rank vs row_number sql server rank dense_rank row_number in sql server In this video we will discuss the similarities and difference between RANK, DENSE_RANK and ROW_NUMBER functions in SQL Server. Similarities between RANK, DENSE_RANK and ROW_NUMBER functions Returns an increasing integer value starting at 1 based on the ordering of rows imposed by the ORDER BY clause (if there are no ties) ORDER BY clause is required PARTITION BY clause is optional When the data is partitioned, the integer value is reset to 1 when the partition changes SQL Script to create the Employees table Create Table Employees ( Id int primary key, Name nvarchar(50), Gender nvarchar(10), Salary int ) Go Insert Into Employees Values (1, 'Mark', 'Male', 6000) Insert Into Employees Values (2, 'John', 'Male', 8000) Insert Into Employees Values (3, 'Pam', 'Female', 4000) Insert Into Employees Values (4, 'Sara', 'Female', 5000) Insert Into Employees Values (5, 'Todd', 'Male', 3000) Notice that no two employees in the table have the same salary. So all the 3 functions RANK, DENSE_RANK and ROW_NUMBER produce the same increasing integer value when ordered by Salary column. SELECT Name, Salary, Gender, ROW_NUMBER() OVER (ORDER BY Salary DESC) AS RowNumber, RANK() OVER (ORDER BY Salary DESC) AS [Rank], DENSE_RANK() OVER (ORDER BY Salary DESC) AS DenseRank FROM Employees You will only see the difference when there ties. Now let's include duplicate values for Salary column. To do this First delete existing data from the Employees table DELETE FROM Employees Insert new rows with duplicate valuse for Salary column Insert Into Employees Values (1, 'Mark', 'Male', 8000) Insert Into Employees Values (2, 'John', 'Male', 8000) Insert Into Employees Values (3, 'Pam', 'Female', 8000) Insert Into Employees Values (4, 'Sara', 'Female', 4000) Insert Into Employees Values (5, 'Todd', 'Male', 3500) Notice 3 employees have the same salary 8000. When you execute the following query you can clearly see the difference between RANK, DENSE_RANK and ROW_NUMBER functions. SELECT Name, Salary, Gender, ROW_NUMBER() OVER (ORDER BY Salary DESC) AS RowNumber, RANK() OVER (ORDER BY Salary DESC) AS [Rank], DENSE_RANK() OVER (ORDER BY Salary DESC) AS DenseRank FROM Employees Difference between RANK, DENSE_RANK and ROW_NUMBER functions ROW_NUMBER : Returns an increasing unique number for each row starting at 1, even if there are duplicates. RANK : Returns an increasing unique number for each row starting at 1. When there are duplicates, same rank is assigned to all the duplicate rows, but the next row after the duplicate rows will have the rank it would have been assigned if there had been no duplicates. So RANK function skips rankings if there are duplicates. DENSE_RANK : Returns an increasing unique number for each row starting at 1. When there are duplicates, same rank is assigned to all the duplicate rows but the DENSE_RANK function will not skip any ranks. This means the next row after the duplicate rows will have the next rank in the sequence. Text version of the video http://csharp-video-tutorials.blogspot.com/2015/10/difference-between-rank-denserank-and.html Slides http://csharp-video-tutorials.blogspot.com/2015/10/difference-between-rank-denserank-and_2.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists
Views: 43344 kudvenkat
Delete vs Truncate vs Drop :Oracle Interview Questions - Part 3
 
19:04
Delete, Truncate and Drop all can be used to remove the contents of a table but they have significant differences and unique properties. While Delete is a DML statement, truncate and DROP are DDL. Delete can be used to remove partial/Selective data. While truncate removes the entire content of the table.
Views: 1272 Tech Coach
Lead and Lag functions in SQL Server 2012
 
07:27
In this video we will discuss about Lead and Lag functions. Lead and Lag functions Introduced in SQL Server 2012 Lead function is used to access subsequent row data along with current row data Lag function is used to access previous row data along with current row data ORDER BY clause is required PARTITION BY clause is optional Syntax LEAD(Column_Name, Offset, Default_Value) OVER (ORDER BY Col1, Col2, ...) LAG(Column_Name, Offset, Default_Value) OVER (ORDER BY Col1, Col2, ...) Offset - Number of rows to lead or lag. Default_Value - The default value to return if the number of rows to lead or lag goes beyond first row or last row in a table or partition. If default value is not specified NULL is returned. We will use the following Employees table for the examples in this video SQL Script to create the Employees table Create Table Employees ( Id int primary key, Name nvarchar(50), Gender nvarchar(10), Salary int ) Go Insert Into Employees Values (1, 'Mark', 'Male', 1000) Insert Into Employees Values (2, 'John', 'Male', 2000) Insert Into Employees Values (3, 'Pam', 'Female', 3000) Insert Into Employees Values (4, 'Sara', 'Female', 4000) Insert Into Employees Values (5, 'Todd', 'Male', 5000) Insert Into Employees Values (6, 'Mary', 'Female', 6000) Insert Into Employees Values (7, 'Ben', 'Male', 7000) Insert Into Employees Values (8, 'Jodi', 'Female', 8000) Insert Into Employees Values (9, 'Tom', 'Male', 9000) Insert Into Employees Values (10, 'Ron', 'Male', 9500) Go Lead and Lag functions example WITHOUT partitions : This example Leads 2 rows and Lags 1 row from the current row. When you are on the first row, LEAD(Salary, 2, -1) allows you to move forward 2 rows and retrieve the salary from the 3rd row. When you are on the first row, LAG(Salary, 1, -1) allows us to move backward 1 row. Since there no rows beyond row 1, Lag function in this case returns the default value -1. When you are on the last row, LEAD(Salary, 2, -1) allows you to move forward 2 rows. Since there no rows beyond the last row 1, Lead function in this case returns the default value -1. When you are on the last row, LAG(Salary, 1, -1) allows us to move backward 1 row and retrieve the salary from the previous row. SELECT Name, Gender, Salary, LEAD(Salary, 2, -1) OVER (ORDER BY Salary) AS Lead_2, LAG(Salary, 1, -1) OVER (ORDER BY Salary) AS Lag_1 FROM Employees Lead and Lag functions example WITH partitions : Notice that in this example, Lead and Lag functions return default value if the number of rows to lead or lag goes beyond first row or last row in the partition. SELECT Name, Gender, Salary, LEAD(Salary, 2, -1) OVER (PARTITION By Gender ORDER BY Salary) AS Lead_2, LAG(Salary, 1, -1) OVER (PARTITION By Gender ORDER BY Salary) AS Lag_1 FROM Employees Text version of the video http://csharp-video-tutorials.blogspot.com/2015/10/lead-and-lag-functions-in-sql-server.html Slides http://csharp-video-tutorials.blogspot.com/2015/10/lead-and-lag-functions-in-sql-server_5.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists
Views: 52462 kudvenkat
Dynamic SQL in SQL Server
 
12:12
Text version of the video http://csharp-video-tutorials.blogspot.com/2017/03/dynamic-sql-in-sql-server.html Slides http://csharp-video-tutorials.blogspot.com/2017/03/dynamic-sql-in-sql-server_27.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html All SQL Server Tutorial Videos https://www.youtube.com/playlist?list=PL08903FB7ACA1C2FB All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists In this video we will discuss 1. What is Dynamic SQL 2. Simple example of using Dynamic SQL What is Dynamic SQL Dynamic SQL is a SQL built from strings at runtime. Simple example of using Dynamic SQL Here is the SQL Script to create Employees table and populate it with data Create table Employees ( ID int primary key identity, FirstName nvarchar(50), LastName nvarchar(50), Gender nvarchar(50), Salary int ) Go Insert into Employees values ('Mark', 'Hastings', 'Male', 60000) Insert into Employees values ('Steve', 'Pound', 'Male', 45000) Insert into Employees values ('Ben', 'Hoskins', 'Male', 70000) Insert into Employees values ('Philip', 'Hastings', 'Male', 45000) Insert into Employees values ('Mary', 'Lambeth', 'Female', 30000) Insert into Employees values ('Valarie', 'Vikings', 'Female', 35000) Insert into Employees values ('John', 'Stanmore', 'Male', 80000) Go One way to achieve this is by implementing a stored procedure as shown below that this page would call. Create Procedure spSearchEmployees @FirstName nvarchar(100), @LastName nvarchar(100), @Gender nvarchar(50), @Salary int As Begin Select * from Employees where (FirstName = @FirstName OR @FirstName IS NULL) AND (LastName = @LastName OR @LastName IS NULL) AND (Gender = @Gender OR @Gender IS NULL) AND (Salary = @Salary OR @Salary IS NULL) End Go The stored procedure in this case is not very complicated as we have only 4 search filters. What if there are 20 or more such filters. This stored procedure can get complex. To make things worse what if we want to specify conditions like AND, OR etc between these search filters. The stored procedure can get extremely large, complicated and difficult to maintain. One way to reduce the complexity is by using dynamic SQL as show below. Depending on for which search filters the user has provided the values on the "Search Page", we build the WHERE clause dynamically at runtime, which can reduce complexity. However, you might hear arguments that dynamic sql is bad both in-terms of security and performance. This is true if the dynamic sql is not properly implemented. From a security standpoint, it may open doors for SQL injection attack and from a performance standpoint, the cached query plans may not be reused. If properly implemented, we will not have these problems with dynamic sql. In our upcoming videos, we will discuss good and bad dynamic sql implementations. For now let's implement a simple example that makes use of dynamic sql. In the example below we are assuming the user has supplied values only for FirstName and LastName search fields. To execute the dynamicl sql we are using system stored procedure sp_executesql. sp_executesql takes two pre-defined parameters and any number of user-defined parameters. @statement - The is the first parameter which is mandatory, and contains the SQL statements to execute @params - This is the second parameter and is optional. This is used to declare parameters specified in @statement The rest of the parameters are the parameters that you declared in @params, and you pass them as you pass parameters to a stored procedure Declare @sql nvarchar(1000) Declare @params nvarchar(1000) Set @sql = 'Select * from Employees where [email protected] and [email protected]' Set @params = '@FirstName nvarchar(100), @LastName nvarchar(100)' Execute sp_executesql @sql, @params, @FirstName='Ben',@LastName='Hoskins' This is just the introduction to dynamic SQL. If a few things are unclear at the moment, don't worry. In our upcoming videos we will discuss the following 1. Implementing a real world "Search Web Page" with and without dynamic SQL 2. Performance and Security implications of dynamic sql. Along the way we will also discuss good and bad dynamic sql implementations. 3. Different options available for executing dynamic sql and their implications 4. Using dynamic sql in stored procedures and it's implications Once we discuss all the above, you will understand 1. The flexibility dynamic sql provides 2. Advantages and disadvantages of dynamic sql 3. When and when not to use dynamic sql
Views: 43782 kudvenkat
Why is varchar(max) getting truncated?
 
03:31
Have you ever tried to fit more than 8000 characters into a variable defined as varchar(max) (or nvarchar(max)) only to see your data get truncated? Today we explore why this happens and how to fix it, allowing you to create really long SQL strings. Related blog post with example code: https://bertwagner.com/2018/05/15/why-is-my-varcharmax-variable-getting-truncated/ Twitter: https://twitter.com/bertwagner Instagram: https://www.instagram.com/bertwagner/ https://www.instagram.com/sqlwithbert/ Facebook: https://www.facebook.com/SQLWithBert
Views: 471 Bert Wagner
84. DECIMAL Data Type in SQL (Hindi)
 
19:18
Please Subscribe Channel Like, Share and Comment Visit : www.geekyshows.com
Views: 8097 Geeky Shows
Part 4   Delete duplicate rows in sql
 
03:26
Link for all dot net and sql server video tutorial playlists http://www.youtube.com/user/kudvenkat/playlists Link for slides, code samples and text version of the video http://csharp-video-tutorials.blogspot.com/2014/05/part-4-delete-duplicate-rows-in-sql.html In this video, we will discuss deleting all duplicate rows except one from a sql server table. SQL Script to create Employees table Create table Employees ( ID int, FirstName nvarchar(50), LastName nvarchar(50), Gender nvarchar(50), Salary int ) GO Insert into Employees values (1, 'Mark', 'Hastings', 'Male', 60000) Insert into Employees values (1, 'Mark', 'Hastings', 'Male', 60000) Insert into Employees values (1, 'Mark', 'Hastings', 'Male', 60000) Insert into Employees values (2, 'Mary', 'Lambeth', 'Female', 30000) Insert into Employees values (2, 'Mary', 'Lambeth', 'Female', 30000) Insert into Employees values (3, 'Ben', 'Hoskins', 'Male', 70000) Insert into Employees values (3, 'Ben', 'Hoskins', 'Male', 70000) Insert into Employees values (3, 'Ben', 'Hoskins', 'Male', 70000) The delete query should delete all duplicate rows except one. Here is the SQL query that does the job. PARTITION BY divides the query result set into partitions. WITH EmployeesCTE AS ( SELECT *, ROW_NUMBER()OVER(PARTITION BY ID ORDER BY ID) AS RowNumber FROM Employees ) DELETE FROM EmployeesCTE WHERE RowNumber ] 1
Views: 350616 kudvenkat
Batch import data from Oracle tables to SQL Server
 
00:24
Batch import data from Oracle tables to SQL Server, by OracleToMsSql, http://www.withdata.com/oracletomssql/ . Download link: http://www.withdata.com/down/OracleToMsSql.exe .
Views: 2022 Shiji Pan
Prevent sql injection with dynamic sql
 
10:28
Text version of the video http://csharp-video-tutorials.blogspot.com/2017/04/prevent-sql-injection-with-dynamic-sql.html Slides http://csharp-video-tutorials.blogspot.com/2017/04/prevent-sql-injection-with-dynamic-sql_5.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html All SQL Server Tutorial Videos https://www.youtube.com/playlist?list=PL08903FB7ACA1C2FB All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists In this video we will discuss, how to prevent SQL injection when using dynamic SQL. In Part 140, we have implemented "Search Page" using dynamic SQL. Since we have used parameters to build our dynamic SQL statements, it is not prone to SQL Injection attack. This is an example of good dynamic SQL implementation. I have seen lot of software developers, not just the beginners but even experienced developers, buidling their dynamic sql queries by concatenating strings instead of using parameters without realizing that they are opening the doors for SQL Injection. Please check my blog at the following link for code used in the demo. http://csharp-video-tutorials.blogspot.com/2017/04/prevent-sql-injection-with-dynamic-sql.html Since we are concatenating the user input values to build the dynamic sql statement, the end user can very easily inject sql. Imagine, what happens for example, if the user enters the following in the "Firstname" textbox. ' Drop database SalesDB -- With the above SQL injected into the "Firstname" textbox, if you click the "Search" button, the following is the query which is sent to SQL server. This will drop the SalesDB. Select * from Employees where 1 = 1 AND FirstName = '' Drop database SalesDB --' On the other hand, if you use parameters to build your dynamic SQL statements, SQL Injection is not an issue. The following input in the "Firstname" textbox, would not drop the SalesDB database. ' Drop database SalesDB -- The text the user has provided in the "Firstname" textbox is treated as the value for @Firstname parameter. The following is the query that is generated and executed. exec sp_executesql N'Select * from Employees where 1 = 1 AND [email protected]',N'@FirstName nvarchar(26)',@FirstName=N''' Drop database SalesDB --' We don't have this problem of sql injection if we are using stored procedures. "SearchPageWithoutDynamicSQL.aspx" is using the stored procedure "spSearchEmployees" instead of dynamic SQL. The same input in the "Firstname" texbox on this page, would generate the following. Notice, whatever text we typed in the "Firstname" textbox is treated as the value for @FirstName parameter. exec spSearchEmployees @FirstName=N''' Drop database SalesDB --' An important point to keep in mind here is that if you have dynamic SQL in your stored procedure, and you are concatenating strings in that stored procedure to build your dynamic sql statements instead of using parameters, it is still prone to SQL injection. If this is not clear at the moment don't worry, we will discuss an example of this in out next video. So in summary, while dynamic sql provides great flexibility when implementing complicated logic with lot of permutations and combinations, if not properly implemented it may open doors for sql injection. Always use parameters to build dynamic sql statements, instead of concatenating user input values. Another benefit of using parameters to build dynamic sql statements is that it allows cached query plans to be reused, which greatly increases the performance. We will discuss an example of this in our upcoming videos.
Views: 21113 kudvenkat
NTILE function in SQL Server
 
05:10
In this video we will discuss NTILE function in SQL Server NTILE function 1. Introduced in SQL Server 2005 2. ORDER BY Clause is required 3. PARTITION BY clause is optional 4. Distributes the rows into a specified number of groups 5. If the number of rows is not divisible by number of groups, you may have groups of two different sizes. 6. Larger groups come before smaller groups For example NTILE(2) of 10 rows divides the rows in 2 Groups (5 in each group) NTILE(3) of 10 rows divides the rows in 3 Groups (4 in first group, 3 in 2nd & 3rd group) Syntax : NTILE (Number_of_Groups) OVER (ORDER BY Col1, Col2, ...) SQL Script to create Employees table Create Table Employees ( Id int primary key, Name nvarchar(50), Gender nvarchar(10), Salary int ) Go Insert Into Employees Values (1, 'Mark', 'Male', 5000) Insert Into Employees Values (2, 'John', 'Male', 4500) Insert Into Employees Values (3, 'Pam', 'Female', 5500) Insert Into Employees Values (4, 'Sara', 'Female', 4000) Insert Into Employees Values (5, 'Todd', 'Male', 3500) Insert Into Employees Values (6, 'Mary', 'Female', 5000) Insert Into Employees Values (7, 'Ben', 'Male', 6500) Insert Into Employees Values (8, 'Jodi', 'Female', 7000) Insert Into Employees Values (9, 'Tom', 'Male', 5500) Insert Into Employees Values (10, 'Ron', 'Male', 5000) Go NTILE function without PARTITION BY clause : Divides the 10 rows into 3 groups. 4 rows in first group, 3 rows in the 2nd & 3rd group. SELECT Name, Gender, Salary, NTILE(3) OVER (ORDER BY Salary) AS [Ntile] FROM Employees What if the specified number of groups is GREATER THAN the number of rows NTILE function will try to create as many groups as possible with one row in each group. With 10 rows in the table, NTILE(11) will create 10 groups with 1 row in each group. SELECT Name, Gender, Salary, NTILE(11) OVER (ORDER BY Salary) AS [Ntile] FROM Employees NTILE function with PARTITION BY clause : When the data is partitioned, NTILE function creates the specified number of groups with in each partition. The following query partitions the data into 2 partitions (Male & Female). NTILE(3) creates 3 groups in each of the partitions. SELECT Name, Gender, Salary, NTILE(3) OVER (PARTITION BY GENDER ORDER BY Salary) AS [Ntile] FROM Employees Link for all dot net and sql server video tutorial playlists https://www.youtube.com/user/kudvenkat/playlists?sort=dd&view=1 Link for slides, code samples and text version of the video http://csharp-video-tutorials.blogspot.com/2015/10/ntile-function-in-sql-server.html
Views: 39778 kudvenkat
Export SQL Server query results to Oracle
 
00:26
Export SQL Server query results to Oracle, by MsSqlToOracle, http://www.withdata.com/mssqltooracle/ . Download link: http://www.withdata.com/down/MsSqlToOracle.exe .
Views: 39 Shiji Pan
Difference between rows and range
 
05:52
range vs rows in sql server difference between rows clause and range clause in sql server range clause vs rows clause in sql server sql server running total query running total example in sql server In this video we will discuss the difference between rows and range in SQL Server. This is continuation to Part 116. Please watch Part 116 from SQL Server tutorial before proceeding. Let us understand the difference with an example. We will use the following Employees table in this demo. SQL Script to create the Employees table Create Table Employees ( Id int primary key, Name nvarchar(50), Salary int ) Go Insert Into Employees Values (1, 'Mark', 1000) Insert Into Employees Values (2, 'John', 2000) Insert Into Employees Values (3, 'Pam', 3000) Insert Into Employees Values (4, 'Sara', 4000) Insert Into Employees Values (5, 'Todd', 5000) Go Calculate the running total of Salary and display it against every employee row The following query calculates the running total. We have not specified an explicit value for ROWS or RANGE clause. SELECT Name, Salary, SUM(Salary) OVER(ORDER BY Salary) AS RunningTotal FROM Employees So the above query is using the default value which is RANGE BETWEEN UNBOUNDED PRECEDING AND CURRENT ROW This means the above query can be re-written using an explicit value for ROWS or RANGE clause as shown below. SELECT Name, Salary, SUM(Salary) OVER(ORDER BY Salary RANGE BETWEEN UNBOUNDED PRECEDING AND CURRENT ROW) AS RunningTotal FROM Employees We can also achieve the same result, by replacing RANGE with ROWS SELECT Name, Salary, SUM(Salary) OVER(ORDER BY Salary ROWS BETWEEN UNBOUNDED PRECEDING AND CURRENT ROW) AS RunningTotal FROM Employees What is the difference between ROWS and RANGE To understand the difference we need some duplicate values for the Salary column in the Employees table. Execute the following UPDATE script to introduce duplicate values in the Salary column Update Employees set Salary = 1000 where Id = 2 Update Employees set Salary = 3000 where Id = 4 Go Now execute the following query. Notice that we get the running total as expected. SELECT Name, Salary, SUM(Salary) OVER(ORDER BY Salary ROWS BETWEEN UNBOUNDED PRECEDING AND CURRENT ROW) AS RunningTotal FROM Employees The following query uses RANGE instead of ROWS SELECT Name, Salary, SUM(Salary) OVER(ORDER BY Salary RANGE BETWEEN UNBOUNDED PRECEDING AND CURRENT ROW) AS RunningTotal FROM Employees Notice we don't get the running total as expected. So, the main difference between ROWS and RANGE is in the way duplicate rows are treated. ROWS treat duplicates as distinct values, where as RANGE treats them as a single entity. All together side by side. The following query shows how running total changes 1. When no value is specified for ROWS or RANGE clause 2. When RANGE clause is used explicitly with it's default value 3. When ROWS clause is used instead of RANGE clause SELECT Name, Salary, SUM(Salary) OVER(ORDER BY Salary) AS [Default], SUM(Salary) OVER(ORDER BY Salary RANGE BETWEEN UNBOUNDED PRECEDING AND CURRENT ROW) AS [Range], SUM(Salary) OVER(ORDER BY Salary ROWS BETWEEN UNBOUNDED PRECEDING AND CURRENT ROW) AS [Rows] FROM Employees Text version of the video http://csharp-video-tutorials.blogspot.com/2015/10/difference-between-rows-and-range.html Slides http://csharp-video-tutorials.blogspot.com/2015/10/difference-between-rows-and-range_8.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists
Views: 35531 kudvenkat
SQL lesson 29, Difference between char and varchar2
 
06:13
The video will explain the difference between alphanumeric datatypes char and varchar2
Views: 5518 hammadshams