List:General Discussion« Previous MessageNext Message »
From:Mark Matthews Date:May 1 2003 1:14am
Subject:Re: Next issue: Can't execute multiple statements?
View as plain text  
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jennifer Goodie wrote:

> It works at the commandline.  It must be a driver specific problem.  Or
> maybe it is a syntax issue and one of the queries is failing?  Have you
> tried it at the commandline to see what is happening?  I'm too lazy to
look
> for your last thread to see what what platform you are running on and what
> language you are using.

';' has special significance for the parser inside mysql command-line
client, it means 'end of statement'...The command-line client takes care
of sending each query separated by ';' to the server, one-by-one.

>>-----Original Message-----
>>From: TheMechE [mailto:TheMechE@stripped]
>>Sent: Wednesday, April 30, 2003 11:51 AM
>>To: mysql@stripped
>>Subject: Next issue: Can't execute multiple statements?
>>
>>
>>This is hard to believe....
>>
>>Does mySQL really not accept a SQL string with multiple
>>Statements separated
>>by semi-colons? Or is that a driver specific problem?
>>I'm having some serious concern here about these performance
>>liabilities....

MySQL-4.1 will support this, when a connection option is passed in.
However, you have to realize that to the un-careful programmer (which is
many, when under time/budget/experience constraints), the ';' is more of
a security liability than a performance liability due to the ability to
create SQL Injection attacks when a database supports multiple
statements via a delimiter in standard SQL. If you're going to use
multiple queries, you should also be _very_ aware of how to use them
_safely_. See http://www.owasp.org/ for more information about using
this feature safely.

	-Mark
- --
For technical support contracts, visit https://order.mysql.com/?ref=mmma

    __  ___     ___ ____  __
   /  |/  /_ __/ __/ __ \/ /  Mark Matthews <mark@stripped>
  / /|_/ / // /\ \/ /_/ / /__ MySQL AB, SW Dev. Manager - J2EE/Windows
 /_/  /_/\_, /___/\___\_\___/ Flossmoor (Chicago), IL USA
        <___/ www.mysql.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE+sHTktvXNTca6JD8RAokZAJsGW3wMqv4O28ThfY5cNKaabuCPugCgn2pc
YezZS9TtJD+3MhPCuyECfmM=
=9gPH
-----END PGP SIGNATURE-----
Thread
Next issue: Can't execute multiple statements?TheMechE1 May
  • RE: Next issue: Can't execute multiple statements?Jennifer Goodie1 May
    • Re: Next issue: Can't execute multiple statements?Mark Matthews1 May
RE: Next issue: Can't execute multiple statements?TheMechE1 May
  • Re: Next issue: Can't execute multiple statements?Dan Nelson1 May