我有“客户”表:
CREATE TABLE Customer
(
ID INTEGER NOT NULL DEFAULT 0,
Username CHAR(50) NOT NULL,
Password CHAR(100) NOT NULL,
LastName CHAR(20) NOT NULL,
PhoneNumber BIGINT NOT NULL,
MobileNumber BIGINT NOT NULL,
PRIMARY KEY (ID)
)
;
我用于char密码类型,对吗?而对于我使用的手机号码bigint,是这样吗?如果不是我该怎么办?它的 SQL 语句是什么?谢谢。
由于这些字段都是可变长度的,因此您绝对应该使用 VARCHAR 而不是 CHAR 来表示“用户名”、“密码”和“姓氏”。如果您对这些长度有限制,那么您始终可以将 VARCHAR 类型限制为该限制。
至于“PhoneNumber”和“MobileNumber”,您不会使用这些值执行任何计算,因此没有理由不将它们存储为 VARCHAR,更不用说电话号码通常包含 0 作为第一个字符,而不能存储为任何类型的 INT。
就像是:
CREATE TABLE `Customer` (
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`Username` varchar(255) NOT NULL DEFAULT '',
`Password` varchar(255) NOT NULL DEFAULT '',
`LastName` varchar(255) NOT NULL DEFAULT '',
`PhoneNumber` varchar(100) DEFAULT NULL,
`MobileNumber` varchar(100) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
All these questions matter on the requirements that you have...for example
You can use BIGINT for the MobileNumber if there are only going to be numbers in this field.
You will use VARCHAR if there can also be characters in it.
Both VARCHAR and CHAR have their own advantages and disadvantages.
Using VARCHAR gives you the freedom to have as many characters as you like in a single string,
For example VARCHAR(30) can store upto 30 characters, and if there are less characters in it, then the rest memory is dumped automatically. You can also use VARCHAR(max) for this purpose, it will use all the characters passed and then dump the rest of the memory
CHAR(30) will also store 30 characters but it will not take care of the memory.
Memory may not be the issue in a smaller programs, but it can make significant effect if the program is huge.
对于密码,使用字节1的数组并存储密码的单向哈希。当需要验证用户输入的密码时,对其进行散列并将其与存储的散列进行比较。
最重要的是,您还应该使用加盐和(理想情况下)将整个身份验证基础设施与防火墙和定义明确的 API 之外的自己的服务器分开。
相关答案:
1 RAW在 Oracle、byteaPostgreSQL、varbinaryMS SQL Server、BLOBMySQL 等中...