SQL WHERE Builder

Build SQL WHERE clauses from line-by-line conditions using field|operator|value format with AND/OR connectors.

Back to all tools on ToolForge

More in Developer Tools



WHERE Clause

About SQL WHERE Builder

This SQL WHERE builder constructs valid SQL WHERE clauses from a simple line-by-line format. Each condition uses pipe-delimited syntax (field|operator|value) and the tool handles proper quoting, escaping, and operator formatting automatically.

It is useful for rapid query prototyping, generating admin panel filters, creating documentation examples, debugging complex conditions, teaching SQL syntax, and building dynamic query builders for applications.

Input Format Structure

Each condition occupies one line with pipe-separated fields:

Format: field|operator|value

Examples:
  id|=|123
  status|IN|'active','pending'
  name|LIKE|'%Smith%'
  deleted_at|IS NULL|
  price|>=|10.00
  category|NOT IN|'archived','draft'

Output (with AND connector):
  WHERE
    id = 123
    AND status IN ('active','pending')
    AND name LIKE '%Smith%'
    AND deleted_at IS NULL
    AND price >= 10.00
    AND category NOT IN ('archived','draft')

Supported SQL Operators

Operator Description Example Input Generated SQL
= Equals status|=|active status = 'active'
<> or != Not equals type|<>|admin type <> 'admin'
<, >, <=, >= Comparison age|>=|18 age >= 18
LIKE Pattern match name|LIKE|'%John%' name LIKE '%John%'
NOT LIKE Pattern exclude email|NOT LIKE|'%@spam.com' email NOT LIKE '%@spam.com'
IN Set membership role|IN|'admin','editor' role IN ('admin','editor')
NOT IN Set exclusion status|NOT IN|'deleted','archived' status NOT IN ('deleted','archived')
IS NULL Null check phone|IS NULL| phone IS NULL
IS NOT NULL Not null check email|IS NOT NULL| email IS NOT NULL
BETWEEN Range check price|BETWEEN|10 AND 50 price BETWEEN 10 AND 50

Value Formatting Rules

Automatic Value Handling:

1. Numeric values (integers, decimals):
   Input:  price|>=|100
   Output: price >= 100

2. String values (auto-quoted):
   Input:  name|=|John
   Output: name = 'John'

3. Already quoted values (preserved):
   Input:  status|IN|'active','pending'
   Output: status IN ('active','pending')

4. IN/NOT IN lists (wrapped in parentheses):
   Input:  role|IN|'admin','user','guest'
   Output: role IN ('admin','user','guest')

5. IS NULL / IS NOT NULL (no value needed):
   Input:  deleted_at|IS NULL|
   Output: deleted_at IS NULL

6. Single quote escaping:
   Input:  name|=|O'Brien
   Output: name = 'O''Brien'

Complete Query Examples

Example 1: User Filter Query
Input conditions (AND mode):
  status|=|active
  role|IN|'admin','moderator'
  created_at|>=|2024-01-01

Generated WHERE:
  WHERE
    status = 'active'
    AND role IN ('admin','moderator')
    AND created_at >= '2024-01-01'

Full query:
  SELECT id, username, email, role
  FROM users
  WHERE
    status = 'active'
    AND role IN ('admin','moderator')
    AND created_at >= '2024-01-01'
  ORDER BY created_at DESC;

Example 2: Product Search
Input conditions (AND mode):
  price|BETWEEN|10 AND 100
  category|NOT IN|'discontinued'
  stock|>|0
  name|LIKE|'%widget%'

Generated WHERE:
  WHERE
    price BETWEEN 10 AND 100
    AND category NOT IN ('discontinued')
    AND stock > 0
    AND name LIKE '%widget%'

Example 3: Soft Delete Pattern
Input conditions (AND mode):
  deleted_at|IS NULL|
  user_id|=|42

Generated WHERE:
  WHERE
    deleted_at IS NULL
    AND user_id = 42

SQL Operator Precedence

When combining AND and OR conditions, operator precedence affects evaluation:

Precedence Order (highest to lowest):
1. NOT
2. AND
3. OR

Example without parentheses:
  WHERE status = 'active' OR status = 'pending' AND role = 'admin'
  -- Evaluated as:
  WHERE status = 'active' OR (status = 'pending' AND role = 'admin')

Example with explicit grouping:
  WHERE (status = 'active' OR status = 'pending') AND role = 'admin'

Best Practice:
Always use parentheses when mixing AND and OR
to make the intended logic explicit and avoid
bugs from misunderstood precedence.

Common WHERE Clause Patterns

Use Case WHERE Clause Pattern
Soft delete filter WHERE deleted_at IS NULL
Active records only WHERE status = 'active'
Date range filter WHERE created_at BETWEEN '2024-01-01' AND '2024-12-31'
Multi-status filter WHERE status IN ('pending', 'processing', 'shipped')
Text search WHERE name LIKE '%search term%' OR description LIKE '%search term%'
Exclusion filter WHERE type NOT IN ('spam', 'draft', 'archived')
Numeric range WHERE price >= 10 AND price <= 100
Has related data WHERE parent_id IS NOT NULL

SQL Dialect Differences

Different SQL databases have variations in WHERE clause syntax:

String Concatenation:
  Standard SQL: 'Hello' || ' ' || 'World'
  SQL Server:    'Hello' + ' ' + 'World'
  MySQL:         CONCAT('Hello', ' ', 'World')

Case-Insensitive LIKE:
  PostgreSQL:    name ILIKE '%john%'
  MySQL:         name LIKE '%john%' (default case-insensitive)
  SQL Server:    name LIKE '%john%' COLLATE Latin1_General_CI_AS

Boolean Values:
  PostgreSQL:    is_active = TRUE
  MySQL:         is_active = 1
  Oracle:        is_active = 1

LIMIT/OFFSET:
  PostgreSQL:    LIMIT 10 OFFSET 20
  SQL Server:    OFFSET 20 ROWS FETCH NEXT 10 ROWS ONLY
  Oracle:        OFFSET 20 ROWS FETCH NEXT 10 ROWS ONLY
  MySQL:         LIMIT 20, 10

NULL Handling:
  All databases: IS NULL, IS NOT NULL (standard)
  Oracle:        NVL(column, default)
  SQL Server:    ISNULL(column, default)
  PostgreSQL:    COALESCE(column, default)

Performance Considerations

Security Best Practices

Frequently Asked Questions

What is the SQL WHERE clause syntax?
The WHERE clause follows the pattern: WHERE condition [AND|OR condition].... Conditions use comparison operators (=, <>, <, >, <=, >=), pattern matching (LIKE, NOT LIKE), set operators (IN, NOT IN), null checks (IS NULL, IS NOT NULL), and range operators (BETWEEN). String values require single quotes; numeric values do not.
How do I handle SQL injection in WHERE clauses?
Never concatenate user input directly into WHERE clauses. Use parameterized queries (prepared statements) with placeholders like ? or :name. In PHP use PDO::prepare(), in Node.js use mysql2 with arrays, in Python use cursor.execute() with parameter tuples. This tool escapes single quotes but should only be used for prototyping, not production queries.
What is the difference between AND and OR in SQL?
AND requires all conditions to be true; OR requires at least one condition to be true. AND has higher precedence than OR, so WHERE a OR b AND c is evaluated as WHERE a OR (b AND c). Use parentheses to override: WHERE (a OR b) AND c. When combining multiple conditions, consider operator precedence to avoid logic errors.
How do I check for NULL values in SQL?
Use IS NULL or IS NOT NULL operators, not = NULL. NULL represents unknown/missing data and cannot be compared with standard operators. Example: WHERE deleted_at IS NULL finds non-deleted records. WHERE column = NULL always returns false because NULL != NULL in SQL three-valued logic.
What is the IN operator and when should I use it?
IN checks if a value matches any value in a list. WHERE status IN ('active', 'pending') is equivalent to WHERE status = 'active' OR status = 'pending'. Use IN for cleaner code when checking against multiple discrete values. NOT IN excludes matching values. For large lists, consider using a temporary table or JOIN instead.
How do I escape special characters in SQL strings?
In SQL, escape single quotes by doubling them: O'Brien becomes O''Brian. Backslashes are not escape characters in standard SQL (unlike many programming languages). For LIKE patterns, escape % (wildcard for any characters) and _ (single character) using ESCAPE clause: WHERE name LIKE 'A\_%' ESCAPE '\\' matches literal underscore.