史上最實用mysql參數之一-----sql_safe_updates

mysql數據庫是能夠開啓安全模式，不過默認狀況下，安全模式不開啓的，下面就來講說什麼是mysql的安全模式

不知道小夥伴們是否有過維護的數據庫表業務數據被人或者由於程序bug致使全表更新，全表刪除的痛苦經歷，恢復業務數據真的是一個精細活，尤爲與交易和錢相關的數據，必須恢復成和原來如出一轍，那能不能在數據庫層面架起最後一道安全堡壘，拒絕全表更新，全表刪除的非法操做呢，答案是有的，在mysql中sql_safe_updates能夠完美解決這個問題，下面就來給你們演示一下實際效果

sql_safe_updates默認是不開啓的

mysql> show variables like 'sql_safe_updates';
+------------------+-------+
| Variable_name    | Value |
+------------------+-------+
| sql_safe_updates | OFF   |
+------------------+-------+
1 row in set (0.01 sec)
複製代碼

如今就開啓這個參數，若是要永久生效，須要將參數添加到數據庫配置文件（my.cnf）中

mysql> set global sql_safe_updates=1;
Query OK, 0 rows affected (0.00 sec)
複製代碼

須要從新鏈接一下數據庫，纔會生效

mysql> show variables like 'sql_safe_updates';
+------------------+-------+
| Variable_name    | Value |
+------------------+-------+
| sql_safe_updates | ON    |
+------------------+-------+
1 row in set (0.00 sec)
複製代碼

下面就開始用表進行測試

mysql> create table t_test10 (id char(10),name char(20), primary key(id));
Query OK, 0 rows affected (0.29 sec)

插入語句
insert into t_test10 values('1','test1');
insert into t_test10 values('2','test2');
insert into t_test10 values('3','test3');
insert into t_test10 values('4','test4');
insert into t_test10 values('5','test5');
insert into t_test10 values('6','test6');
insert into t_test10 values('7','test7');
insert into t_test10 values('8','test8');

mysql> select * from t_test10;
+----+-------+
| id | name  |
+----+-------+
| 1  | test1 |
| 2  | test2 |
| 3  | test3 |
| 4  | test4 |
| 5  | test5 |
| 6  | test6 |
| 7  | test7 |
| 8  | test8 |
+----+-------+
8 rows in set (0.00 sec)
複製代碼

測試一下全表刪除

mysql> delete from t_test10;
ERROR 1175 (HY000): You are using safe update mode and you tried to update a table without a WHERE that uses a KEY column. 
mysql> delete from t_test10 where 1=1;
ERROR 1175 (HY000): You are using safe update mode and you tried to update a table without a WHERE that uses a KEY column. 
複製代碼

從上面的結果看，所有被數據庫安全策略攔截了 再來測試一下更新

mysql> update t_test10 set name='test';
ERROR 1175 (HY000): You are using safe update mode and you tried to update a table without a WHERE that uses a KEY column. 
mysql> update t_test10 set name='test' where 1=1;
ERROR 1175 (HY000): You are using safe update mode and you tried to update a table without a WHERE that uses a KEY column.
複製代碼

不帶條件的更新也被攔截，那測試一下正常帶條件的更新和刪除看看效果

mysql> update t_test10 set name='test' where name='test1';
ERROR 1175 (HY000): You are using safe update mode and you tried to update a table without a WHERE that uses a KEY column.
mysql> delete from t_test10 where name='test2';
ERROR 1175 (HY000): You are using safe update mode and you tried to update a table without a WHERE that uses a KEY column. 
複製代碼

爲何會這樣呢，正常更新或者刪除一條記錄也會被mysql數據庫安全策略攔截了呢，這是由於name列沒有索引

mysql> show create table t_test10\G;
*************************** 1. row ***************************
       Table: t_test10
Create Table: CREATE TABLE `t_test10` (
  `id` char(10) NOT NULL,
  `name` char(20) DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8
1 row in set (0.00 sec)

ERROR: 
No query specified

在name列上加索引
mysql> alter table t_test10 add index idx_t_test10_name (name);
Query OK, 0 rows affected (0.44 sec)
Records: 0  Duplicates: 0  Warnings: 0

mysql> show create table t_test10\G;
*************************** 1. row ***************************
       Table: t_test10
Create Table: CREATE TABLE `t_test10` (
  `id` char(10) NOT NULL,
  `name` char(20) DEFAULT NULL,
  PRIMARY KEY (`id`),
  KEY `idx_t_test10_name` (`name`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8
1 row in set (0.00 sec)
複製代碼

從新測試一下正常刪除和更新語句

mysql> update t_test10 set name='test' where name='test1';
Query OK, 1 row affected (0.02 sec)
Rows matched: 1  Changed: 1  Warnings: 0

mysql> delete from t_test10 where name='test2';
Query OK, 1 row affected (0.01 sec)
複製代碼

所有成功了，開啓sql_safe_updates安全模式以後，要想正常刪除或者更新，須要知足2個條件

1. delete,update必須帶條件，或者加limit進行過濾
2. 所帶條件必須走索引

喜歡的同窗能夠關注個人公衆號（db_arch）（Mysql數據庫運維與架構設計）