Why is SELECT table name is considered harmful

0 votes
Sep 20, 2019 in Database by Manvith
• 120 points
781 views

2 answers to this question.

0 votes
SELECT * table_name;

returns all the data stored in that table. This leads to performance issues. Suppose you have a table with 10 rows and 10 columns and you want to get the data of one column (10 entries), in this case, you fetch only that particular column, you have to process only 10 entries but if you use select *, you have to process 10*10 = 100 columns. This drastically affects performance. 

Now think of a situation where you have a website and you are displaying the contents of a particular table on the website. Suppose there are confidential and non-confidential data and you only want to display the non-confidential data on the website. In this case, if you use select * and send all the data to the website and then filter what data to display, this might lead to vulnerabilities where a hacker can steal the confidential data. 

answered Sep 23, 2019 by Tina
0 votes

Hi. Adding to @Tina's answer, there is one more situation in which using select * can crash the system. Consider you have two tables and both these tables have a column of the exact same name. In this case, if you are using both the columns of the same name without using proper alias names, this might confuse the system and lead to a crash.

answered Sep 23, 2019 by Raghu

Related Questions In Database

0 votes
1 answer

Why is SELECT * considered harmful?

If you add fields to the table, ...READ MORE

answered Sep 27, 2019 in Database by Omaiz
• 560 points
519 views
0 votes
1 answer

Why is MongoDB preferred?

MongoDB is considered to be best NoSQL ...READ MORE

answered Jul 24, 2018 in Database by shams
• 3,670 points

edited Jun 1, 2023 by Srinath 553 views
0 votes
1 answer

Why is not preferable to use mysql_* functions in PHP?

The reasons are as follows: The MySQL extension: Does ...READ MORE

answered Sep 7, 2018 in Database by DataKing99
• 8,240 points
908 views
0 votes
1 answer

What is the syntax of SELECT statement?

This statement is used to select data ...READ MORE

answered Nov 27, 2018 in Database by Sahiti
• 6,370 points
899 views
0 votes
1 answer

How to connect Java program to the MySQL database?

You can connect your Java code with ...READ MORE

answered May 11, 2018 in Java by Parth
• 4,630 points
1,588 views
0 votes
1 answer

Difference between single and double quotes in SQL

Single quotes are used to indicate the ...READ MORE

answered Sep 11, 2018 in Database by CodingByHeart77
• 3,740 points
28,286 views
0 votes
1 answer

Can different databases use different name quotes?

This use of quotes is called delimited ...READ MORE

answered Sep 11, 2018 in Database by CodingByHeart77
• 3,740 points
461 views
0 votes
2 answers

Write a SQL query to find the names of employees that begin with ‘S’

Select ename From emp Where ename like"s%"; READ MORE

answered Oct 7, 2021 in Database by anonymous
25,168 views
0 votes
1 answer

Is SELECT * harmful in Database?

There are really three major reasons: Inefficiency in ...READ MORE

answered Sep 7, 2018 in Database by DataKing99
• 8,240 points
621 views
0 votes
1 answer

What is SELECT DISTINCT statement

This statement is used to return only ...READ MORE

answered Nov 21, 2018 in Database by Sahiti
• 6,370 points
709 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP