DML
Data Manipulation Language (DML) is the subset of the SQL language that allows querying and updating of table content.
Specifically, it does not allow the editing of table structures; that task is reserved from DDL. The most common DML commands are:
| Command | Description |
|---|---|
SELECT * FROM <table> | Reads data from a table or multiple tables. |
INSERT INTO <table> | Inserts new data into a table. |
UPDATE <table> | Updates data in a table according to supplied criteria. |
DELETE FROM <table> | Deletes 0 or more rows from a table according to supplied criteria. |
At run time, most applications only need permissions to perform DML operations,
meaning application permissions can be restricted according to the
principle of least privilege. Some
classes of applications can be restricted to read-only DML operations (i.e.
SELECT statements), which further mitigates the damage an attacker can do
should they find a vulnerability in the application.