学习sql注入:猜测数据库

I recently read a great article by the esteemed @craigkerstiens describing why he feels SQL is such a valuable skill for developers. This topic really resonated with me. It lined up well with notes I’d already started sketching out for a similar article about developing a love for data.

我最近读了一篇受人尊敬的@craigkerstiens撰写 的精彩文章 ，描述了他为什么认为SQL对开发人员如此宝贵的技能。 这个话题真的引起了我的共鸣。 它与我已经开始草拟的有关发展对数据的热爱的类似文章的注释很好地结合在一起。

The more I fleshed out my topic, however, the more I realized that many of my points and examples seemed to be centering around SQL. Reading Craig’s article convinced me to redirect my focus and talk more about why I personally have such an affinity for SQL.

但是，我越是充实自己的主题，我就越意识到我的许多观点和示例似乎都围绕SQL展开。 阅读Craig的文章说服了我重定向我的注意力，并更多地讨论了为什么我个人对SQL具有如此的亲和力。

In short, Craig makes the following assertions about SQL (and I quote):

简而言之，Craig对SQL提出以下断言(我引用)：

1. It is valuable across different roles and disciplines

1.它在不同的角色和学科中都很有价值

2. Learning it once doesn’t really require re-learning

2.学习一次并不需要重新学习

3. You seem like a superhero. You seem extra powerful when you know it because of the amount of people that aren’t fluent

3.你看起来像个超级英雄。 当您知道它的时候，您似乎会变得更加强大，因为他们不流利

I’ve found all these points to be true in my own experience, and I’d like to recast and expand on each one.

根据我自己的经验，我发现所有这些要点都是正确的，并且我想在每个方面重铸和扩展。

多功能效应 (The Versatility Effect)

The SQL skillset has proven to be an extremely valuable asset in my career. In fact, I believe SQL to be the single most powerful and versatile “programming” language I know.

在我的职业生涯中，SQL技能已被证明是极其宝贵的资产。 实际上，我相信SQL是我所知道的最强大，功能最多的“编程”语言。

I have been able to use SQL to solve many problems, and it’s my go-to tool anytime I face a new challenge. In fact, I keep an instance of PostgreSQL running on my laptop so I can quickly hop into my favorite SQL GUI whenever I need to test something out.

我已经能够使用SQL解决许多问题，并且当我面临新挑战时，它就是我的首选工具。 实际上，我在笔记本电脑上运行着一个PostgreSQL实例，因此无论何时需要进行测试，我都可以快速跳入我最喜欢SQL GUI 。

Here are just some of the cool things I’ve been able to do with SQL:

以下是我使用SQL可以完成的一些很棒的事情：

Are you having a hard time believing that list above? I promise you there’s not an ounce of exaggeration in it. Now, are there some items there that were dependent upon other capabilities of the RDBMS I was using at the time? Sure. Regardless, each of those solutions was implemented in SQL.

您很难相信上面的清单吗？ 我保证你没有一点夸张。 现在，是否有某些项目取决于我当时使用的RDBMS的其他功能？ 当然。 无论如何，这些解决方案中的每一个都是用SQL实现的。

自行车效果 (The Bicycle Effect)

While Structured Query Language has certainly undergone changes and has been expanded over the years, I agree with Craig that the fundamentals have not changed. The overall level of volatility compared to other languages has been relatively low.

尽管结构化查询语言肯定已经发生了变化并且在过去的几年中得到了扩展，但我同意Craig的基本观点没有改变。 与其他语言相比，总体波动率较低。

I would argue that this fact only strengthens the argument that one should invest the time to learn SQL. You can be confident that you’ll get a lot of mileage out of such an investment without having to look up the latest conventions the next time you need to use it.

我认为这一事实只会使人们认为应该花时间学习SQL的论点更加强烈。 您可以确信，这样的投资将使您受益匪浅，而无需在下次使用时查看最新的约定。

So, learn SQL! Here are some great places to get started:

因此，学习SQL！ 这是一些入门的好地方：

SQL Tutorial — Essential SQL For The BeginnersThis SQL tutorial helps you get started with SQL quickly and effectively through many practical examples. After the…www.sqltutorial.org

SQL教程-初学者必备SQL 该SQL教程通过许多实际示例帮助您快速有效地开始使用SQL。 之后... www.sqltutorial.org

There are even interactive tutorials:

甚至还有互动教程：

SQLBolt — Learn SQL — Introduction to SQLSQLBolt provides a set of interactive lessons and exercises to help you learn SQLsqlbolt.com

SQLBolt —学习SQL — SQL简介 SQLBolt提供了一组交互式课程和练习，以帮助您学习SQL sqlbolt.com

There are also some versatile sandboxes out there that allow you to run SQL in various dialects without having to install anything. For example, SQL Fiddle:

还有一些通用的沙箱，可让您以各种方言运行SQL，而无需安装任何工具。 例如， SQL Fiddle ：

Or, DB Fiddle:

或者， DB Fiddle ：

超级英雄效应 (The Superhero Effect)

I remember a colleague once saying he broke into a cold sweat every time he had to write SQL. ?

我记得一位同事曾经说过，每次必须编写SQL时，他都流口水。 ？

It sounds exaggerated, but SQL can be intimidating to anyone who properly regards the database as the sensitive asset it is and is not familiar with how to safely interact with it. SQL, being one of the adults in the room, also doesn’t get as much attention as other shiny new programming languages. That means that it remains a less common skillset among contemporary and emerging developers.

听起来有些夸张，但对于任何适当地将数据库视为数据库的敏感资产并且不熟悉如何安全地与数据库交互的人来说，SQL都会使他们感到恐惧。 作为会议室中的成年人之一，SQL并没有像其他崭新的编程语言那样受到广泛关注。 这意味着它在当代和新兴开发人员中仍然不那么普遍。

As such, having a solid understanding of SQL and the insight to see the set-based facets of a given problem or challenge provides the opportunity to be a hero.

因此，对SQL有扎实的理解，并能洞悉给定问题或挑战的基于集合的方面，这为成为英雄提供了机会。

One of my favorite personal experiences was helping a customer debug a slow and complex SAS program. The goal of this program was to extract a list of state transitions from an audit table in order to measure the mean duration a widget spent in each phase of a given business workflow. The implementation of these calculations was complex and required building multiple local data sets.

我最喜欢的个人经历之一是帮助客户调试缓慢而复杂的SAS程序。 该程序的目标是从审计表中提取状态转换列表，以测量小部件在给定业务工作流程的每个阶段花费的平均时间。 这些计算的实现很复杂，需要构建多个本地数据集。

I remember reverse engineering this program and realizing that I could solve the problem much more easily using a single SQL query and the magical LAG window function.

我记得对该程序进行了逆向工程，并意识到我可以使用单个SQL查询和神奇的LAG窗口函数来更轻松地解决问题。

The customer was simply blown away.

顾客简直被吹走了。

Not just because he learned about the LAG function, but because he saw just how powerful SQL can be.

不仅因为他了解了LAG函数，还因为他了解了SQL的强大功能。

An even more dramatic example was during a large data warehouse migration where I replaced an entire Java program (that took more than 20 minutes to complete!) with a single SQL query that ran in seconds. The original author of the program was shocked! That was a really good day. ?

一个更引人注目的示例是在大型数据仓库迁移期间，我用一个运行了几秒钟SQL查询替换了整个Java程序(完成耗时超过20分钟！)。 该程序的原始作者感到震惊！ 那真是美好的一天。 ？

So, I encourage you to dive into SQL today and broaden your skillset with one of the most versatile tools I’ve had the pleasure of working with. If you already know SQL and agree, or if I’ve convinced you to give it a try, please consider leaving me a comment.

因此，我鼓励您立即学习SQL，并使用我最喜欢使用的最通用的工具之一来扩展您的技能。 如果您已经了解SQL并表示同意，或者如果我说服您尝试一下，请考虑给我评论。

翻译自: https://www.freecodecamp.org/news/for-the-love-of-sql-why-you-should-learn-it-and-how-itll-help-you-out-22fe307a253/

学习sql注入:猜测数据库