The logic of nulls in databases has been subject of investigation since their introduction in Codd’s Relational Model, which is the foundation of the SQL standard. In the logic based approaches to modelling relational databases proposed so far, nulls are considered as representing unknown values. Such existential semantics fails to capture the behaviour of the SQL standard. We show that, accord...

We present an extension of the declarative programming language Curry to support the access to data stored in relational databases via SQL. Since Curry is statically typed, our emphasis on this SQL integration is on type safety. Our extension respects the type system of Curry so that run-time errors due to ill-typed data are avoided. This is obtained by preprocessing SQL statements at compile t...

SQL statements control the bi-directional data flow between application programs and a database through a high-level, declarative and semantically rich data manipulation language. Analyzing these statements brings invaluable information that can be used in such applications as program understanding, database reverse engineering, intrusion detection, program behaviour analysis, program refactori...

The relational model is the basis for most modern databases, while SQL is the most commonly used query language. However, there are data structures and computational problems that cannot be expressed using SQL-92 queries. Among them are those concerned with the bill-of-material and corporate hierarchies. A newer standard, called the SQL-99, introduced recursive queries which can be used to solv...

SQL technology has evolved during last years, and systems are being more powerful and scalable. However, there exist yet some expressiveness limitations that can be otherwise overcome with inputs from deductive databases. This paper focuses on both practical and theoretical expressiveness issues in current SQL implementations that are overcome in the Datalog Educational System (DES), a deductiv...

A wide range of database applications manage timevarying data, and it is well-known that querying and correctly updating time-varying data is dificult and error-prone when using standard SQL. Temporal extensions of SQL ofSeer substantial benefits over SQL when managing time-varying data. The topic of this paper is the effective implementation of temporally extended SQL’s. Traditionally, it has ...

sql injection attacks involve the construction of application input data that will result in the execution of malicious sql statements. Many web applications are prone to sql injection attacks. This paper proposes a novel method for preventing this kind of attacks by placing a database driver proxy between the application and its underlying relational database management system. To detect an at...

SQL injection is a type of attack which the attacker adds Structured Query Language code to a web form input box to gain access or make changes to data. SQL injection vulnerability allows an attacker to flow commands directly to a web application's underlying database and destroy functionality or confidentiality. Researchers have proposed different tools to detect and prevent this vulnerability...

SQL injection is a type of attack which the attacker adds Structured Query Language code to a web form input box to gain access or make changes to data. SQL injection vulnerability allows an attacker to flow commands directly to a web application's underlying database and destroy functionality or confidentiality. Researchers have proposed different tools to detect and prevent this vulnerability...

This article describes how the performance of certain Prolog programs can be improved by storing large lists of facts in an SQL database rather than as Prolog facts. In experiments that will be described, the speed improvements ranged from negligible to a factor of over 200. This improvement comes about because SQL servers are strongly optimized for searching large, flat tables. However, modern...