Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What does the "@" symbol do in SQL?

Tags:

sql

I was browsing through the questions and noticed this:

SELECT prodid, issue FROM Sales  WHERE custid = @custid  AND datesold = SELECT MAX(datesold)               FROM Sales s               WHERE s.prodid = Sales.prodid                   AND s.issue = Sales.issue                   AND s.custid = @custid 

I was wondering what the "@" does in front of custID? Is it just a way of referencing the custID from the table being selected?

like image 517
Levi Avatar asked Dec 12 '08 03:12

Levi


People also ask

What means '%' in SQL?

The SQL LIKE Operator There are two wildcards often used in conjunction with the LIKE operator: The percent sign (%) represents zero, one, or multiple characters. The underscore sign (_) represents one, single character.

Why is (+) used in SQL?

The plus sign is Oracle syntax for an outer join. There isn't a minus operator for joins. An outer join means return all rows from one table. Also return the rows from the outer joined where there's a match on the join key.

What does count (*) do in SQL?

COUNT(*) returns the number of rows in a specified table, and it preserves duplicate rows. It counts each row separately. This includes rows that contain null values.


1 Answers

The @CustID means it's a parameter that you will supply a value for later in your code. This is the best way of protecting against SQL injection. Create your query using parameters, rather than concatenating strings and variables. The database engine puts the parameter value into where the placeholder is, and there is zero chance for SQL injection.

like image 134
Kibbee Avatar answered Sep 20 '22 08:09

Kibbee