OCR J277 - SQL & Databases Revision

Query Points 0 / 27

DB Rank Table Searcher

Topic 2.2.8: SQL & Databases

Querying, Wildcards, and Security.

1 [2 Marks]

SELECT ProductID, ProductName ___________ Products WHERE Price > 10 ___________ Category = "Toys"

Fill the missing keywords.

✅ Mark Scheme

FROM
AND

Score:

2 [2 Marks]

(a) Wildcard for ALL fields?
(b) Wildcard for PART of a string?

✅ Mark Scheme

(a) * (Asterisk)

(b) % (Percentage) - Note: J277 uses %.

Score:

3 [2 Marks]

SELECT "FirstName", "LastName" FROM Students WHERE StudentID = "505"

StudentID is Integer. Identify 2 syntax errors.

✅ Mark Scheme

Integer 505 should NOT have quotes.
Field names in SELECT should NOT have quotes (usually).

Score:

4 [3 Marks]

WHERE (Class = "Warrior" OR Level > 90) AND IsActive = True

Characters:
1. Thor (Warrior, 50, True)
2. Loki (Mage, 45, False)
3. Hulk (Warrior, 48, True)
4. Odin (Mage, 100, True)

Who is output?

✅ Mark Scheme

Thor, Hulk, Odin

Score:

5 [2 Marks]

Write WHERE condition to find names ending with 'i'.

✅ Mark Scheme

WHERE CharName LIKE "%i"

Score:

6 [5 Marks]

Select Title and Author from Books where:

Published < 2000
Available is True
Author is "J.K. Rowling"

✅ Mark Scheme

SELECT Title, Author FROM Books
WHERE YearPublished < 2000
AND Available = True
AND Author = "J.K. Rowling"

Score:

7 [5 Marks]

(a) Write SQL equivalent for:

if row[1] >= 80: print(row[0])

(Table: Students, Fields: Name, Score)

(b) Advantage of DB over 2D Array for large data?

✅ Mark Scheme

(a) SELECT Name FROM Students WHERE Score >= 80

(b) Faster searching/filtering, concurrent access, data integrity/security.

Score:

8 [2 Marks]

Smith"; DROP TABLE Students; --

(a) Name of attack?
(b) Prevention method?

✅ Mark Scheme

(a) SQL Injection

(b) Input Sanitisation / Parameterised Queries

Score: