mysql安全值守数据库常用语句
目录
- 1.用户权限设置
- mysql中用户如何定义
- 2.元数据查询
- 3.union查询详解
- 4.分组查询展示
- 5.字符串函数
- 6.mysql数据库导入导出
1.用户权限设置
mysql中用户如何定义
用户名@主机域
有以下几种表示方式:
1. 10.0.0.51
2. 10.0.0.%
3. %
4. 10.0.0.0/255.255.255.0
5. Db01
6. Localhost
7. 127.0.0.1- 用户创建
create user 321@'%'identified by '123';
- 用户删除
drop user username;
username:删除的用户名权限分为
-
全局:可以管理整个MySQL
-
库:可以管理指定的数据库
-
表:可以管理指定数据库的指定表
-
字段:可以管理指定数据库的指定表的指定字段
-
查看用户权限赋予情况
show grants for xinjing@'%'- 用户授权
grant all privileges on stu.* to ‘xinjing’@’%’ identified by ‘123’ with option;//授权给xinjing在stu库中所有表的所有权限并且还拥有给其他用户授权的权利
revoke all privileges on stu.* from 'xinjing'@'%'; //取消授权2.元数据查询
Select version();服务器版本信息
Select database();当前数据库名
Select user():当前用户名
Show status;服务器状态
Show variables;服务器配置变量
Show global variables like ‘%datadir%‘:看数据文件存放位置
show global variables like ‘%datadir%’; 看数据文件存放位置
select @@datadir; 查询数据库的路径
select @@basedir 查询mysql的安装路径
3.union查询详解
把2条或者多条SQL语句的查询结果合并成一个结果集
- 比如:sql1: N行,sql2: M行,sql1 union sql2 —> N+M行
mysql> select * from temp1;
+-----+-------+
| uid | uname |
+-----+-------+
| 1 | haha |
| 2 | xixi |
| 3 | hehe |
+-----+-------+
3 rows in set (0.00 sec)mysql> select * from temp2;
+-----+-----+
| eid | age |
+-----+-----+
| 1 | 21 |
| 2 | 20 |
| 3 | 14 |
+-----+-----+
3 rows in set (0.00 sec)mysql> select * from temp1 union select * from temp2;
+-----+-------+
| uid | uname |
+-----+-------+
| 1 | haha |
| 2 | xixi |
| 3 | hehe |
| 1 | 21 |
| 2 | 20 |
| 3 | 14 |
+-----+-------+
6 rows in set (0.00 sec)mysql> select * from temp1 union select 1,2;
+-----+-------+
| uid | uname |
+-----+-------+
| 1 | haha |
| 2 | xixi |
| 3 | hehe |
| 1 | 2 |
+-----+-------+
4 rows in set (0.00 sec)
mysql> select * from temp1 union select 12,2;
+-----+-------+
| uid | uname |
+-----+-------+
| 1 | haha |
| 2 | xixi |
| 3 | hehe |
| 12 | 2 |
+-----+-------+
4 rows in set (0.00 sec)
- 要求结果集中的列数一致就可以。一般就是2列或者多列
4.分组查询展示
GROUP_CONCAT()
- 是将分组中括号里对应的字符串进行连接.如果分组中括号里的参数xxx有多行,那么就会将这多行的字符串连接,每个字符串之间会有特定的符号进行分隔。
- 格式:
group_concat( [distinct] 要连接的字段 [order by 排序字段 asc/desc ] [separator '分隔符'] )select sid,group_concat(cid),group_concat(cj order by cj desc SEPARATOR ' ') from score
group by sid
5.字符串函数
| 函数 | 作用 |
|---|---|
| lower(column str) | 将字符串全部转化为小写 |
| upper(column str) | 将字符串全部转化为大写 |
| concat(str1,str2) | 将多个字符串首尾相连后返回 |
| concat_ws(separator,str1,str2) | 将多个字符串指定连接符separator的首尾相连后返回 |
| substr(str,pos,[,len]) | 从字符串中的指定位置pos开始取一个字串返回 |
| length(str) | 返回字符串的存储长度 |
| char_length(str) | 返回字符串的字符个数 |
mysql> select lower("ABcd");
ERROR 2006 (HY000): MySQL server has gone away
No connection. Trying to reconnect...
Connection id: 14
Current database: sys+---------------+
| lower("ABcd") |
+---------------+
| abcd |
+---------------+
1 row in set (0.01 sec)mysql> select upper("ABcd");
+---------------+
| upper("ABcd") |
+---------------+
| ABCD |
+---------------+
1 row in set (0.00 sec)mysql> select concat('abc','123');
+---------------------+
| concat('abc','123') |
+---------------------+
| abc123 |
+---------------------+
1 row in set (0.02 sec)mysql> select concat_ws(':','abc','123');
+----------------------------+
| concat_ws(':','abc','123') |
+----------------------------+
| abc:123 |
+----------------------------+
1 row in set (0.00 sec)mysql> select substr('hello',2,3);
+---------------------+
| substr('hello',2,3) |
+---------------------+
| ell |
+---------------------+
1 row in set (0.00 sec)mysql> select substr('hello',2,1);
+---------------------+
| substr('hello',2,1) |
+---------------------+
| e |
+---------------------+
1 row in set (0.00 sec)mysql> select length('hello');
+-----------------+
| length('hello') |
+-----------------+
| 5 |
+-----------------+
1 row in set (0.00 sec)mysql> select char_length('hello');
+----------------------+
| char_length('hello') |
+----------------------+
| 5 |
+----------------------+
1 row in set (0.00 sec)6.mysql数据库导入导出
- 表数据导入导出
- 导出TXT文件(有漏洞,mysql已经封了)
select * from demo1 into outfile '/temp/utemp1data.txt';
use student;
show VARIABLES like "secure_file_priv";
mysql> show VARIABLES like "secure_file_priv";
+------------------+-------+
| Variable_name | Value |
+------------------+-------+
| secure_file_priv | NULL |
+------------------+-------+
1 row in set, 1 warning (0.00 sec)
可以看到没有权限
- 导出TXT文件
oad data local infile '/root/utemp1data.txt' into table temp;
- 数据库导入导出
–mysqldump导出
– dump出表utemp1
– mysqldump -uroot -p student utemp1>utemp1.sql
– dump出库student
– mysqldump -uroot -p student>student.sql
– dump所有的数据库及数据库表
– mysqldump -u root -p --all-databases>mysqldatabases.sql;
– mysql的数据库导入"<"
– 新建一个数据库
create database dumpdemo1
– 回到mysql接口
– mysql -u root -p654321 dumpdemo1<student.sql
– 进入mysql验证
use dumpdemo1
show tables;
– mysql的数据库导入 “source”
mysql -u root -p
create database sourcedumpdemo;
source /var/lib/mysql-files/student.sql