An SQL query is a written request that tells a database exactly what data you want to read or change. You describe the result you are after, and the database works out how to deliver it. SQL stands for Structured Query Language, and it is the standard way to talk to relational databases, the kind that store data in tables of rows and columns. Most apps you use in 2026 run countless SQL queries behind the scenes every second.
How an SQL query works
A query is declarative, which means you state what you want rather than spelling out the steps to fetch it. You ask for all customers in a city, and the database engine decides the fastest way to find them. This is why the same query can run quickly on a small table and still work on a huge one; the engine plans the work.
The most common query is a read. It picks columns, names a table, and optionally filters.
-- Read names and emails of active users from one city
SELECT name, email
FROM users
WHERE city = 'Lagos' AND active = true;
The core commands
| Command |
Purpose |
Changes data? |
| SELECT |
Read rows |
No |
| INSERT |
Add new rows |
Yes |
| UPDATE |
Change existing rows |
Yes |
| DELETE |
Remove rows |
Yes |
SELECT is the one you will write most. The other three modify data and deserve care, because an UPDATE or DELETE without a WHERE clause changes every row in the table.
Reading a query piece by piece
Each clause has a job, and they tend to appear in a fixed order:
- SELECT lists which columns you want back.
- FROM names the table to read from.
- WHERE filters to only matching rows.
- ORDER BY sorts the results.
- LIMIT caps how many rows come back.
Once you recognize these, most everyday queries become readable even if you have never written one. To understand the structure those rows live in, see what a database schema is in 2026.
How to write a safe query
- Start with SELECT before you DELETE. Run a SELECT with the same WHERE first to confirm which rows you will touch.
- Always include a WHERE on updates. A missing filter rewrites the whole table.
- Never glue user input into the string. Use parameters or prepared statements instead.
- Use a primary key to target one row. This is the reliable way to find exactly one record; see what a primary key is in 2026.
- Read the row count it reports. It tells you how many rows the query affected.
What to skip
- String-concatenating user input. This is the classic SQL injection mistake; let the database driver handle values as parameters.
- SELECT star in production code. Pulling every column wastes work and breaks when the table changes.
- Massive deletes without a backup. Confirm with a SELECT and have a recovery plan first.
- Memorizing exotic syntax. Learn SELECT, WHERE, and JOIN well before chasing rare features.
FAQ
Is SQL a programming language?
It is a query language, more limited than a general programming language. You use it to ask a database for data rather than to build full applications, though it is genuinely powerful within that role.
What is the difference between SQL and MySQL?
SQL is the language. MySQL is one specific database product that speaks SQL. Others include PostgreSQL and SQLite.
Does a query change data?
Only if it is an INSERT, UPDATE, or DELETE. A SELECT only reads and leaves the data untouched.
Why did my UPDATE change every row?
Almost certainly a missing WHERE clause. Without it, the change applies to the entire table, so always filter first.
Where to go next
See what a database schema is in 2026, what a primary key is in 2026, and MySQL vs PostgreSQL in 2026.