A programmer wrote code with the underlying SQL to check if a user can access / log into a system. SELECT * FROM users WHERE login = ‘ replaced by the input login ‘ AND password = ‘ replaced by the input password ‘ What is the query if login is ‘OR true -- and password is Hello? Write the query. What does the query above return? What is the name of this security issue?

Solve B I. This Project asks you to submit a SQL text file (e.g. project2.sql) with all your answers to all the questions listed in this assignment. Your answers will be written in SQL format. All SQL statements will be tested in a MySQL database including: CREATE TABLE, ALTER TABLE, INSERT and SELECT. You must use the following table structures for your MySQL DDL and DML commands: STUDENT(StudentID, LastName, FirstName, Address, City, State, Zip, Phone) StudentID will be automatically increased integer identifier Choose VARCHAR or CHAR based on your personal understanding of the fields for the rest part of the relation/table STUDENT_TEXTBOOK(StudentID, TextbookID, Class, Semester, Year) Semester would be CHAR Year would be integer TEXTBOOK(TextbookID, Description, Price, Location, BookstoreID) TextbookID will be automatically increased integer identifier Price is a decimal with 2 decimal places after zero Description and Location can be VARCHAR or CHAR based on your personal...

What happens if you leave a key partition's argument empty (in SQL)?

When writing queries in a programming language, why should we avoid creating a query by concatenating strings and instead use prepared statements or stored procedures in defense against SQL injection? a. concatenating strings helps prevent sql injection b. prepared statements or stored procedures help prevent the user/hacker from deliberately modifying the query by injecting sql instructions in the input values c. prepared statements prevent the query from taking as long to execute d. prepared statements enable the developer to just supply values without injecting sql

Write queries in SQL to answer each of the following questions: ************************************************************************************************ (Table: instructor (ID, name, dept_name, salary) student (ID, name, dept_name, tot_cred) teaches (ID, course_id, sec_id, semester, year) takes (ID, course_id, sec_id, semester, year, grade) ) Find the names of all instructors from Music department whose name includes the substring 'ric'. Find the names of all students from Physics department and convert the names to lowercase. Find the names of all instructors and order the names in descending. Find all instructors in Finance department who have taught some course in 2008. Find all students from Physics department who took course 'CS-319'.

Adjust the following information so that1) all users on the system are able to run the SQL Executable and 2) multiple users (such as a team of software engineers) have the power to modify the SQL Executable Introduce any new groups that are needed and assign them group IDs USERS SQL Manager UID: 3 GROUPS SQL Users GID: 5 FILESDatabase File Owner 3 Group NA owner: rw group: - world: - setUID: 0 setGID: 0 sticky: 0 SQL Executable Owner 3 Group 5 owner: rwx group: r-x world: - setUID: 1 setGID: 0 sticky: 0

Chapter 16 How to manage transactions and locking Excercises using the My Guitar Shop Database Use Microsoft SQL Server Write a script that includes two SQL statements coded as a transaction to delete the row with a customer ID of 8 from the Customers table. To do this, you must first delete all addresses for that customer from the Addresses table. If these statements execute successfully, commit the changes. Otherwise, roll back the changes.

SQL procedure a. Write a procedure in SQL that inserts a new customer record into the "Customers" table. b. Create a procedure that updates the quantity of a product in the "Inventory" table based on the product ID. c. Write a procedure that calculates the average salary of all employees in the "Employees" table and displays the result.

Solve C I. This Project asks you to submit a SQL text file (e.g. project2.sql) with all your answers to all the questions listed in this assignment. Your answers will be written in SQL format. All SQL statements will be tested in a MySQL database including: CREATE TABLE, ALTER TABLE, INSERT and SELECT. You must use the following table structures for your MySQL DDL and DML commands: STUDENT(StudentID, LastName, FirstName, Address, City, State, Zip, Phone) StudentID will be automatically increased integer identifier Choose VARCHAR or CHAR based on your personal understanding of the fields for the rest part of the relation/table STUDENT_TEXTBOOK(StudentID, TextbookID, Class, Semester, Year) Semester would be CHAR Year would be integer TEXTBOOK(TextbookID, Description, Price, Location, BookstoreID) TextbookID will be automatically increased integer identifier Price is a decimal with 2 decimal places after zero Description and Location can be VARCHAR or CHAR based on your personal...

Problem Your task is to write an SQL query that uses SQL's time constants to dynamically determine the timezone the database server is configured to use. Your query should return the timezone as a single string value with the timezone offset relative to the Coordinated Universal Time (UTC). The single output column should be named tz_offset, and the value should be in the form: UTC: where and use two digits in 24-hour format, padded with leading zeroes if necessary. Example: if the server used India's timezone the output should be: | tz_offset | | UTC+05:30 (1 row) query.sql> init.sql 1