MySQL——六、库表操作(下篇)
MySQL
-
- 一、INSERT语句
- 二、REPLACE语句
- 三、UPDATE语句
- 四、delete和TRUNCATE语句
- 五、MySQL用户授权
-
- 1、密码策略
- 2、用户授权和撤销授权
一、INSERT语句
#在表里面插入数据:默认情况下,一次插入操作只插入一行
方式1:
INSERT [INTO] 表名 [(column [, column...])] VALUES(value [, value...]);
方式2:
insert [into] 表名 set 字段1=值1, 字段2=值2
#一次性插入多条记录:
INSERT [INTO] table [(column [, column...])] VALUES(value [, value...]),(value [, value...])
注:
1、如果为每列都指定值,则表名后不需列出插入的列名
2、可以使用如下方式一次插入多行:insert into 表名[(列名,…)] select 语句
3、如果需要插入其他特殊字符,应该采用\转义字符做前缀
示例:
mysql8.0 [chap04]>create table t1(
-> id int primary key,
-> name char(30) not null,
-> birthday date
-> );
mysql8.0 [chap04]>insert t1 values (1,'xiaoming',20000101);
mysql8.0 [chap04]>insert into t1 values (2,'xiaohong',20000102),(3,'xiaolan',20000103),(4,'xiaohei',20000104);
mysql8.0 [chap04]>insert into t1(id,name) values (5,'xiaolv'),(6,'xiaobai');
mysql8.0 [chap04]>insert into t1 set id=6,name='xiaozi';
二、REPLACE语句
replace语句的语法格式有三种语法格式。
语法格式1:replace [into] 表名 [(字段列表)] values (值列表)
语法格式2:
replace [into] 目标表名[(字段列表1)] select (字段列表2) from 源表 where 条件表达式
语法格式3:
replace [into] 表名 set 字段1=值1, 字段2=值2
REPLACE与INSERT语句区别:
replace语句的功能与insert语句的功能基本相同,不同之处在于:使用replace语句向表插入新记录时,如果新记录的主键值或者唯一性约束的字段值与已有记录相同,则已有记录先被删除(注意:已有记录删除时也不能违背外键约束条件),然后再插入新记录。
使用replace的最大好处就是可以将delete和insert合二为一(效果相当于更新),形成一个原子操作,这样就无需将delete操作与insert操作置于事务中了
mysql> replace into class values(2,'02班');
ERROR 1451 (23000): Cannot delete or update a parent row: a foreign key constraint fails (`db1`.`student`, CONSTRAINT `student_ibfk_1` FOREIGN KEY (`c_num`) REFERENCES `class` (`cnum`))
mysql> replace into class values(3,'03班');
Query OK, 2 rows affected (0.01 sec)
mysql8.0 [chap04]>replace t1 (id,name,birthday) values (8,'xiaoqing',20010101);
mysql8.0 [chap04]>replace t1 values(5,'xiaolv',20000105);
mysql8.0 [chap04]>select * from t1;
+----+----------+------------+
| id | name | birthday |
+----+----------+------------+
| 1 | xiaoming | 2000-01-01 |
| 2 | xiaohong | 2000-01-02 |
| 3 | xiaolan | 2000-01-03 |
| 4 | xiaohei | 2000-01-04 |
| 5 | xiaolv | 2000-01-05 |
| 6 | xiaobai | NULL |
| 7 | xiaozi | NULL |
| 8 | xiaoqing | 2001-01-01 |
+----+----------+------------+
mysql8.0 [chap04]>replace t1(id,name,birthday) values (9,'zhouyi',20010102),(10,'zhouer',20010102);
三、UPDATE语句
UPDATE 表名
SET column = value [, column = value]
[WHERE condition];
修改可以一次修改多行数据,修改的数据可用where子句限定,where子句里是一个条件表达式,只有符合该条件的行才会被修改。没有where子句意味着where字句的表达式值为true。也可以同时修改多列,多列的修改中间采用逗号(,)隔开。
mysql8.0 [chap04]>select * from t1;
+----+----------+------------+
| id | name | birthday |
+----+----------+------------+
| 1 | xiaoming | 2000-01-01 |
| 2 | xiaohong | 2000-01-02 |
| 3 | xiaolan | 2000-01-03 |
| 4 | xiaohei | 2000-01-04 |
| 5 | xiaolv | 2000-01-05 |
| 6 | xiaobai | NULL |
| 7 | xiaozi | NULL |
| 8 | xiaoqing | 2001-01-01 |
| 9 | zhouyi | 2001-01-02 |
| 10 | zhouer | 2001-01-02 |
+----+----------+------------+
10 rows in set (0.00 sec)
mysql8.0 [chap04]>update t1 set birthday=20010101 where id=6;
Query OK, 1 row affected (0.01 sec)
Rows matched: 1 Changed: 1 Warnings: 0
四、delete和TRUNCATE语句
DELETE FROM table_name [where 条件];
TRUNCATE TABLE table_name
事物处理
beign;
delete from t1;
select * from t1;
rollback;
DROP、TRUNCATE、DELETE的区别:
-
delete:删除数据,保留表结构,可以回滚,如果数据量大,很慢。
-
truncate: 删除所有数据,保留表结构,不可以回滚,一次全部删除所有数据,速度相对很快。
-
drop: 删除数据和表结构,删除速度最快。
mysql8.0 [chap04]>delete from t1 where id=7;
Query OK, 1 row affected (0.00 sec)
mysql8.0 [chap04]>create table t2 select * from t1;
mysql8.0 [chap04]>truncate table t2;
五、MySQL用户授权
1、密码策略
#mysql8.0会生成临时密码,查看临时密码
[root@mysql8-0-30 ~]# awk '/temporary password/ {print $NF}' /var/log/mysqld.log
[root@mysql8-0-30 ~]# grep 'password' /var/log/mysqld.log
#查看数据库当前密码策略:
mysql8.0 [chap03]>show VARIABLES like "%password%";
2、用户授权和撤销授权
MySql8有新的安全要求,不能像之前的版本那样一次性创建用户并授权。需要先创建用户,再进行授权操作。
mysql8.0 [chap03]>grant all privileges on *.* to 'xiaoming'@'%';
ERROR 1410 (42000): You are not allowed to create a user with GRANT
1、创建用户
#创建新用户,语法:create user 'username'@'host' identified by 'password';
说明:username为自定义的用户名,host为客户端的域名或者IP,如果host为'%'时表示为任意IP,password为密码。
mysql8.0 [mysql]>create user xiaoming@'%' identified by '123';
mysql8.0 [mysql]>select user,host,authentication_string from mysql.user;
#删除用户
mysql8.0 [mysql]>drop user xiaoming@'%';
#注意,如果删除用户时显示如下提示,需要执行该语句【mysql8.0 [(none)]>grant system_user on *.* to root@'%';】
mysql8.0 [mysql]>drop user xiaoming;
ERROR 1227 (42000): Access denied; you need (at least one of) the SYSTEM_USER privilege(s) for this operation
2、授权和回收权限
授予权限的原则:
- (1)只授予能满足需要的最小权限 ,防止用户干坏事。比如用户只是需要查询,那就只给 select 权限就可以了,不要给用户赋予update 、 insert 或者 delete 权限
- (2)创建用户的时候限制用户的登录主机 ,一般是限制成指定 IP 或者内网 IP 段。
- (3)为每个用户设置满足密码复杂度的密码 。
- (4)定期清理不需要的用户 ,回收权限或者删除用户。
#查看授予用户的权限
mysql8.0 [mysql]>show grants;
mysql8.0 [mysql]>show grants for root@'%';
mysql8.0 [mysql]>select * from mysql.user;
#查看某个用户从哪个服务器ip地址连接对某个数据库的操作权限,这三个字段的组合构成了db表的主键。
mysql8.0 [mysql]>select * from mysql.db;
#查看用户对单个表的权限
mysql8.0 [mysql]>select * from mysql.tables_priv;
授权语法:grant 权限列表 on 库名.表名 to 用户名@'主机' [with GRANT option];
| mysql用户常用权限列表 | 说明 |
|---|---|
| all 或者all privileges | 授予用户所有权限 |
| create | 授予用户创建新数据库和表的权限 |
| drop | 授予用户删除数据库和表的权限 |
| delete | 授予用户删除表中的行的权限 |
| alter | 授予用户修改表结构的权限 |
| insert | 授予用户在表中插入行(add)的权限 |
| select | 授予用户运行select命令以从表中读取数据的权限 |
| update | 授予用户更新表中的数据的权限 |
mysql8.0 [mysql]>grant all privileges on *.* to 'xiaoming'@'%' with grant option;
mysql8.0 [mysql]>flush privileges;
#说明:*.*中第一个*表示所有数据库,第二个*表示所有数据表;with grant option表示授予xiaoming用户grant命令(该命令可以给别的用户授权)的权限
mysql8.0 [mysql]>select user,grant_priv from mysql.user;
+------------------+------------+
| user | grant_priv |
+------------------+------------+
| root | Y |
| xiaoming | Y |
| mysql.infoschema | N |
| mysql.session | N |
| mysql.sys | N |
+------------------+------------+
mysql8.0 [mysql]>create user xiaohong@'%' identified by '123';
Query OK, 0 rows affected (0.01 sec)
mysql8.0 [mysql]>select select_priv,user from mysql.user;
+-------------+------------------+
| select_priv | user |
+-------------+------------------+
| Y | root |
| N | xiaohong |
| Y | xiaoming |
| Y | mysql.infoschema |
| N | mysql.session |
| N | mysql.sys |
+-------------+------------------+
6 rows in set (0.00 sec)
mysql8.0 [mysql]>grant select on mysql.user to xiaohong@'%';
mysql8.0 [mysql]>select * from tables_priv;
+-----------+-------+---------------+------------+--------------------+---------------------+------------+-------------+
| Host | Db | User | Table_name | Grantor | Timestamp | Table_priv | Column_priv |
+-----------+-------+---------------+------------+--------------------+---------------------+------------+-------------+
| % | mysql | xiaohong | user | xiaoming@localhost | 2023-02-08 00:56:32 | Select | |
| localhost | mysql | mysql.session | user | boot@ | 2023-02-05 18:30:53 | Select | |
| localhost | sys | mysql.sys | sys_config | root@localhost | 2023-02-05 18:30:53 | Select | |
+-----------+-------+---------------+------------+--------------------+---------------------+------------+-------------+
mysql8.0 [mysql]>select * from db where user='xiaohong';
+------+--------+----------+-------------+-------------+-------------+-------------+-------------+-----------+------------+-----------------+------------+------------+-----------------------+------------------+------------------+----------------+---------------------+--------------------+--------------+------------+--------------+
| Host | Db | User | Select_priv | Insert_priv | Update_priv | Delete_priv | Create_priv | Drop_priv | Grant_priv | References_priv | Index_priv | Alter_priv | Create_tmp_table_priv | Lock_tables_priv | Create_view_priv | Show_view_priv | Create_routine_priv | Alter_routine_priv | Execute_priv | Event_priv | Trigger_priv |
+------+--------+----------+-------------+-------------+-------------+-------------+-------------+-----------+------------+-----------------+------------+------------+-----------------------+------------------+------------------+----------------+---------------------+--------------------+--------------+------------+--------------+
| % | chap03 | xiaohong | Y | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N |
+------+--------+----------+-------------+-------------+-------------+-------------+-------------+-----------+------------+-----------------+------------+------------+-----------------------+------------------+------------------+----------------+---------------------+--------------------+--------------+------------+--------------+
mysql8.0 [mysql]>show grants for xiaohong@'%';
+--------------------------------------------------+
| Grants for xiaohong@% |
+--------------------------------------------------+
| GRANT USAGE ON *.* TO `xiaohong`@`%` |
| GRANT SELECT ON `chap03`.* TO `xiaohong`@`%` |
| GRANT SELECT ON `mysql`.`user` TO `xiaohong`@`%` |
+--------------------------------------------------+
#usage:连接(登录)权限,建立一个用户,就会自动授予usage权限(默认授予)。该usage权限并不能被revoke(回收)。
#收回权限(不包含赋权权限)
REVOKE ALL PRIVILEGES ON *.* FROM username;
#收回赋权权限
REVOKE GRANT OPTION ON *.* FROM username;
mysql8.0 [(none)]>revoke grant option on *.* from xiaoming@'%';
Query OK, 0 rows affected (0.00 sec)
mysql8.0 [(none)]>select grant_priv,user from mysql.user;
+------------+------------------+
| grant_priv | user |
+------------+------------------+
| Y | root |
| N | xiaohong |
| N | xiaoming |
| N | mysql.infoschema |
| N | mysql.session |
| N | mysql.sys |
+------------+------------------+
mysql8.0 [(none)]>revoke all on *.* from xiaoming;
#操作完后重新刷新权限
mysql8.0 [(none)]>flush privileges;
mysql8.0 [(none)]>revoke select on mysql.user from xiaohong;