#4 SQL 的历史

2016-03-14

历史

  1. 70 年代初,IBM 公司开发了 SEQUEL 语言 (Structured English Query Language,结构化英语查询语言),用于管理 RDB。
  2. 70 年代末,IBM 和甲骨文分别开始开发基于 SQL 的 RDBMS。
    PS: IBM 的产品就包括大名鼎鼎的 DB2,世界上最早的 SQL 数据库。
    PS: 甲骨文当时还叫做 Relational Software, Inc
  3. 1980 年,由于商标问题,SEQUEL 改名 SQL。
    虽然官方发音是 ess-cue-el, 但至今为止,不少人还是将其读做 /ˈsiːkwəl/
  4. 1986 年被美国国家标准学会标准化(ANSI X3.135-1986)
  5. 1987 年,ISO 采纳 ANSI SQL (ISO 9075:1987),所以这个版本也被称之为 SQL87。
  6. 后来,SQL 陆续推出 89,92,1999, 2003 .... 多个版本。
    应该是 ISO 负责制定和维护吧,也无所谓啦。

版本

SQL-86 (or SQL-87) is the ISO 9075:1987 standard of 1987
SQL-89 is the ISO/IEC 9075:1989 standard of 1989
SQL-92 is the ISO/IEC 9075:1992 standard of 1992
SQL:1999 is the ISO/IEC 9075:1999 standard of 1999
SQL:2003 is the ISO/IEC 9075:2003 standard of 2003
SQL:2006 is the ISO/IEC 9075:2006 standard of 2006
SQL:2008 is the ISO/IEC 9075:2008 standard of 2008
SQL:2011 is the ISO/IEC 9075:2011 standard of 2011
SQL:2016 is the ISO/IEC 9075:2016 standard of 2016

Year Name Alias Comments
1986 SQL-86 SQL-87 First formalized by ANSI
1989 SQL-89 Minor revision that added integrity constraints
1992 SQL-92 SQL2 Major revision (ISO 9075)
1999 SQL:1999 SQL3
2003 SQL:2003
2006 SQL:2006
2008 SQL:2008
2011 SQL:2011
2016 SQL:2016
2019 SQL:2019

SQL:1999
Added regular expression matching, recursive queries (e.g. transitive closure), triggers, support for procedural and control-of-flow statements, nonscalar types (arrays), and some object-oriented features (e.g. structured types), support for embedding SQL in Java (SQL/OLB) and vice versa (SQL/JRT)

2003

Introduced XML-related features (SQL/XML), window functions, standardized sequences, and columns with autogenerated values (including identity columns)

2006
ISO/IEC 9075-14:2006 defines ways that SQL can be used with XML. It defines ways of importing and storing XML data in an SQL database, manipulating it within the database, and publishing both XML and conventional SQL-data in XML form. In addition, it lets applications integrate queries into their SQL code with XQuery, the XML Query Language published by the World Wide Web Consortium (W3C), to concurrently access ordinary SQL-data and XML documents.

2008
Legalizes ORDER BY outside cursor definitions. Adds INSTEAD OF triggers, TRUNCATE statement,[34] FETCH clause

2011
Adds temporal data (PERIOD FOR)[35] (more information at: Temporal database#History). Enhancements for window functions and FETCH clause.

2016
Adds row pattern matching, polymorphic table functions, JSON

2019
Adds Part 15, multidimensional arrays (MDarray type and operators)

https://en.wikibooks.org/wiki/Structured_Query_Language
https://en.wikibooks.org/wiki/MySQL
https://en.wikibooks.org/wiki/PostgreSQL
https://en.wikibooks.org/wiki/SQLite
https://en.wikipedia.org/wiki/SQL_reserved_words

ISO 9075

最新的 SQL 标准一共分成 9 个部分(Part 5,6,7,8,12 可能是被废弃了):

  1. Part 1: Framework (SQL/Framework)
    基本概念
  2. Part 2: Foundation (SQL/Foundation)
    基础语法
  3. Part 3: Call-Level Interface (SQL/CLI)
    应该是编程语言方面的接口
  4. Part 4: Persistent stored modules (SQL/PSM)
    SQL 面向过程编程
  5. Part 9: Management of External Data (SQL/MED)
  6. Part 10: Object language bindings (SQL/OLB)
    Java SQLJ 相关内容
  7. Part 11: Information and definition schemas (SQL/Schemata)
  8. Part 13: SQL Routines and types using the Java TM programming language (SQL/JRT)
    又是 Java 相关
  9. Part 14: XML-Related Specifications (SQL/XML)
    XML 相关

PS: 前缀 ISO/IEC 9075-<n>:2016 – Information technology – Database languages – SQL – 省略。

PS: 还有一个拓展标准:ISO/IEC 13249 SQL Multimedia and Application Packages

变种

多数数据库没有严格按照标准来实现,导致不通平台上的 SQL 语句是不能跨平台的。

以下是两种主要的 SQL 方言:

  • T-SQL(Transact-SQL): SQLServer
  • PL/SQL: Oracle

#2 SQLAlchemy LIKE

2014-09-20

例子:搜索用户表 user 中字段 phone 包含 520 的行。

SQL

和 pymysql 等库一样的用:

keyword = '520'
conn.execute('select * from user where phone like "%%%s%%";' % keyword)
conn.execute('select * from user where phone like "%%%s%%";', keyword)

.like 方法

q = session.query(model.User.id, model.User.phone).filter(model.User.phone.like(f'%{keyword}%'))
qs = qs.all()
# print(qs.statement)
# SELECT "user".id, "user".phone
# FROM "user"
# WHERE "user".phone LIKE :phone_1

对应的大小写不敏感方法有 ilike (lower("user".phone) LIKE lower(:phone_1))
还有:not_like, not_ilike

.contains 方法

print(session.query(model.User.id, model.User.phone).filter(model.User.phone.contains(keyword)).statement)
# SELECT "user".id, "user".phone
# FROM "user"
# WHERE ("user".phone LIKE '%' || :phone_1 || '%')

.regexp_match 方法(1.4 新增)

对应的是 MySQL 支持的 REGEXP 操作符。

print(session.query(model.User.id, model.User.phone).filter(model.User.phone.regexp_match(keyword)).statement)
session.query(model.User.id, model.User.phone).filter(model.User.phone.regexp_match(keyword)).all()
# SELECT "user".id, "user".phone
# FROM "user"
# WHERE "user".phone <regexp> :phone_1

.startswith.endswith

print(session.query(model.User.id, model.User.phone).filter(model.User.phone.startswith(keyword)).statement)
# SELECT "user".id, "user".phone
# FROM "user"
# WHERE ("user".phone LIKE :phone_1 || '%')
print(session.query(model.User.id, model.User.phone).filter(model.User.phone.endswith(keyword)).statement)
# SELECT "user".id, "user".phone
# FROM "user"
# WHERE ("user".phone LIKE '%' || :phone_1)

.match 方法

对应的是数据库的 MATCH (col1,col2,...) AGAINST (expr [search_modifier]) 全文索引方法。
对单字段同样可用,不过需要先建立 FULLTEXT 索引。

print(session.query(model.User.id, model.User.phone).filter(model.User.phone.match(keyword)).statement)
session.query(model.User.id, model.User.phone).filter(model.User.phone.match(keyword)).all()
# SELECT "user".id, "user".phone
# FROM "user"
# WHERE "user".phone MATCH :phone_1

参考资料与拓展阅读

#1 转载:SQL 注入一点小心得

2013-11-10

好久没写技术博客,最近研究产品关于用户体验方面较多,加上项目突然比较多,设计原型、跟进开发、设计师等工作着实没时间写博客。
接下来技术上主要 php 深入学习和 mysql 优化。这两天看了关于 sql 注入方面的知识,拿出来分享一下 :)