SQL truncate is a data definition language (DDL) command used to delete all rows from a table. It removes the rows by unassigning the pages, unlike the DROP TABLE statement which deletes the table definition in addition to its data. The TRUNCATE TABLE command removes data from a table, but not the table itself. It performs the same function as a DELETE statement without a WHERE clause. In SQL, the TRUNCATE TABLE statement is a data definition language (DDL) operation that marks the extents of a table for deallocation (empty for reuse).
This quickly deletes all the records in a table by de-allocating the data pages used by the table. However, SQL Server will not allow silent truncation of data just because the column is too small to accept the data. The sql_truncation vulnerability can be exploited to truncate user input into databases using the “select” and “insert” functions. This attack works by truncating user input into databases using the “select” and “insert” functions. If the database contains this vulnerability, then two “natas28” usernames will be created.
The user_name entry will then be truncated and “admin” (“admin” with space) will be entered into the database, resulting in two duplicate admin users. The CUSTOMERS table can be truncated using the TRUNCATE TABLE statement. This statement is used to completely remove data from the table. It can also be done using the DELETE statement, however, there are certain differences as the two are executed. Tables with more than 128 extensions can be deleted or truncated in Microsoft SQL Server without needing concurrent locks on all extensions required for deletion. The EXEC TRUNCATE TABLE statement can be used to include the TRUNCATE TABLE statement within a module, such as a stored procedure, and grant it sufficient permissions. The TRUNCATE TABLE statement is logically (though not physically) equivalent to the DELETE FROM mytable statement (without a WHERE clause).
Some of the events attributed to truncation are actually due to implicit T-SQL conversions that are implemented for developers' convenience.