SQL Server vs MySQL

• thoreldan

  7 Dec 07, 00:11

  Originally posted by dumbdumb!:

  i did oracle

  why the ?
  
  you know companies are willing to spend top dollars on hiring experienced Oracle DBA ?
• jennyliana

  7 Dec 07, 00:17

  Ok..Ok..I got it. Thanks guys...
• ndmmxiaomayi

  7 Dec 07, 15:31

  You aren't going to get answers this way.
  
  First thing first.
  
  Do you know what's a server?
  
  Second thing - Do you know what's DBMS? If you don't know what this acronym means, Google it.
  
  Third thing - What's SQL?
• Shotgun

  7 Dec 07, 18:46

  SQL is something I HATE A LOT.
  
  Seriously, is there a better the way to create an SQL statement in JSP other than
  
  ',"+string+"blah = "'+string2+' "Where soNso= '"+string3+"';";
  
  I have to write so many " ' , and ; until i see also blur. ARgh
  
  ***No, im not playing with SQLInjection on this forum ***
• ndmmxiaomayi

  7 Dec 07, 18:50

  I do that a lot for PHP too. But without the + signs. I don't remember using + signs much except when doing additions.
• LatecomerX

  7 Dec 07, 21:02

  Originally posted by Shotgun:

  SQL is something I HATE A LOT.
  
  Seriously, is there a better the way to create an SQL statement in JSP other than
  
  ',"+string+"blah = "'+string2+' "Where soNso= '"+string3+"';";
  
  I have to write so many " ' , and ; until i see also blur. ARgh
  
  ***No, im not playing with SQLInjection on this forum ***

  Use prepared statements. Save you some trouble and your code from SQL injections as well.
  
• LatecomerX

  7 Dec 07, 21:04

  Originally posted by ndmmxiaomayi:

  I do that a lot for PHP too. But without the + signs. I don't remember using + signs much except when doing additions.

  Because can like this ma:
  

  code:

  
  mysql_query("INSERT INTO dbName VALUES(DEFAULT, $var1, '$var2', '$var3')");
  

  
  
• Shotgun

  7 Dec 07, 21:35

  Originally posted by LatecomerX:

  Use prepared statements. Save you some trouble and your code from SQL injections as well.
  

  Some examples? Do i have to code a new class?
  
  I need to address the SQL injection problem as well. Was playing with the idea of using javascript to screen out all the ; ' etc... but just the thought of it gave me a headache cos JS doesnt have a compiler to check errors.. =/ Best thing i got is firebug.
  
  **currently working using netbeans 5.5**
• ndmmxiaomayi

  7 Dec 07, 21:50

  Originally posted by LatecomerX:

  Because can like this ma:
  

  code:

  
  mysql_query("INSERT INTO dbName VALUES(DEFAULT, $var1, '$var2', '$var3')");
  

  
  

  Ya, and I find it very sickening. Hand pain to type. Can I have a cleaner syntax like Python?
• LatecomerX

  8 Dec 07, 03:27

  Originally posted by Shotgun:

  Some examples? Do i have to code a new class?
  
  I need to address the SQL injection problem as well. Was playing with the idea of using javascript to screen out all the ; ' etc... but just the thought of it gave me a headache cos JS doesnt have a compiler to check errors.. =/ Best thing i got is firebug.
  
  **currently working using netbeans 5.5**

  I suppose JSP has a PreparedStatement class.
  
  http://visualbuilder.com/java/jdbc/tutorial/pageorder/6/
  
  But anyway, for PHP, the MySQLi class has a prepare() method that allows the programmer to create prepared statements.
  
  http://sg.php.net/manual/en/function.mysqli-prepare.php
  
• ndmmxiaomayi

  8 Dec 07, 15:12

  Argh
  
  Why I never see this function before. Can save me.
• Shotgun

  9 Dec 07, 00:22

  So this saves me from SQL injections??? WOO!! THANK YOU!!
• dumbdumb!

  9 Dec 07, 00:49

  Originally posted by thoreldan:

  why the ?
  
  you know companies are willing to spend top dollars on hiring experienced Oracle DBA ?

  haha cuz they are looking for experienced! hahaha