UPDATE modifies existing rows — SET specifies new values, WHERE identifies which rows
UPDATE without WHERE updates every row in the table — there is no undo without a transaction
Always wrap multi-row UPDATE in a transaction with BEGIN/COMMIT — enables ROLLBACK if needed
UPDATE ... FROM (or UPDATE with JOIN) modifies rows based on values from another table
RETURNING (PostgreSQL) returns the modified rows — avoids a second SELECT after UPDATE
Biggest mistake: forgetting WHERE on an UPDATE — wipes the entire table instantly with no error
Plain-English First
Picture a whiteboard in a busy office where someone has written every customer's delivery address with a dry-erase marker. The SQL UPDATE statement is the act of walking up to that whiteboard and changing one specific address — or a whole column of them — without erasing the entire board and starting over. The key is knowing exactly which entry you're changing before the marker touches the surface. If you forget to look at which line you're standing in front of, you overwrite every address on the board at once — and that's when the phones start ringing.
Someone on my team once ran an UPDATE against a 2-million-row orders table on a Friday afternoon without a WHERE clause. Every single order in the system got marked as 'shipped'. The support queue hit 4,000 tickets before Monday morning. That's not a cautionary tale I read somewhere — I personally helped write the rollback script at 11pm while eating cold pizza.
The SQL UPDATE statement is the most deceptively simple command in the language. The syntax fits on one line. A junior dev can write their first one in five minutes. And that's exactly the danger — because the same one-liner that fixes a customer's typo can silently destroy years of data if you're half a second careless. No confirmation dialog. No undo button unless you've planned for one. Just gone.
By the end of this, you'll be able to write UPDATE statements that change exactly the rows you intend — and zero others. You'll know how to preview your changes before committing them, how to update multiple columns at once, how to use data from another table to drive your update, and how to wrap it all in a transaction so you have an escape hatch when something goes sideways. These are the habits that separate developers who get paged at 3am from the ones who sleep through the night.
The Anatomy of UPDATE: What Every Clause Actually Does
Before you write a single UPDATE, understand what the database engine is doing under the hood. It's not magic — it's a three-step process: find the rows that match your condition, lock them so nobody else changes them mid-operation, then overwrite the specified columns with the new values. Miss any part of that mental model and you'll misread what your query is doing.
The full syntax is: UPDATE table_name SET column1 = value1, column2 = value2 WHERE condition. Three keywords. Each one is load-bearing. UPDATE names the table. SET lists every column you want to change and what to change it to. WHERE is the filter — the only thing standing between 'change this one row' and 'change every row in existence'. The WHERE clause isn't optional in theory, but most databases will happily let you omit it, and they will not warn you.
Think of SET like filling out a change-of-address form — you only list the fields that are changing. Every column you don't mention stays exactly as it was. This is different from replacing the whole row. A common beginner assumption is that UPDATE rewrites the entire record. It doesn't — it's surgical. Columns you ignore are untouched.
The real gotcha is evaluation order. The database evaluates WHERE first to identify the target rows, then applies SET. This means you can reference the current column value inside SET itself — UPDATE accounts SET balance = balance - 50.00 WHERE account_id = 9912 — and that reads the original balance, subtracts 50, and writes back the result. That pattern powers half of all financial transaction logic.
UserProfileUpdate.sqlSQL
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
-- io.thecodeforge — Database tutorial-- Scenario: An e-commerce platform's user service needs to update-- a customer's email address after they changed it in account settings.-- This is the most basic UPDATE pattern — one row, multiple columns.-- BEFORE: Always check what you're about to change.-- Run this SELECT first using the same WHERE clause you plan to use in UPDATE.-- If the SELECT returns the right rows, your UPDATE will hit the same rows.SELECT
user_id,
email,
display_name,
updated_at
FROM users
WHERE user_id = 4821;
-- Output shows exactly one row. Good. Now we know the WHERE clause is precise.-- NOW: Run the actual UPDATE.-- SET lists only the columns that are changing — email, display_name, updated_at.-- Every other column (password_hash, created_at, etc.) is left completely alone.UPDATE users
SET
email = 'sarah.okonkwo@newdomain.com', -- new email from the form
display_name = 'Sarah O.', -- user also updated their display name
updated_at = NOW() -- always track when a row was last touchedWHERE
user_id = 4821; -- PRIMARY KEY filter — this can only ever match one row-- Verify the change landed correctly.-- Never assume an UPDATE worked — always read back the affected row.SELECT
user_id,
email,
display_name,
updated_at
FROM users
WHERE user_id = 4821;
4821 | sarah.okonkwo@newdomain.com | Sarah O. | 2025-01-17 14:05:33
Senior Shortcut: SELECT Before You UPDATE
Write the SELECT with your WHERE clause first. Run it. Count the rows. If the number matches your expectation, copy that exact WHERE clause into your UPDATE. This is the single habit that prevents the most production disasters. It takes 10 seconds and has saved me from catastrophe more than once.
Production Insight
UPDATE without WHERE is a data disaster — always run the equivalent SELECT first to verify the affected row count.
Before any production UPDATE: SELECT COUNT(*) FROM table WHERE your_condition — verify this matches expectations.
For critical data, wrap UPDATE in BEGIN ... COMMIT and inspect the results with SELECT before committing.
Key Takeaway
SELECT before UPDATE — always verify the row count before executing a modification.
UPDATE without WHERE has no safeguard — it updates every row in the table without error or warning.
Test the WHERE clause with SELECT first; if the count looks right, run the UPDATE in a transaction.
Transactions and WHERE Clauses: Your Only Safety Net
Here's the hard truth about UPDATE: there's no built-in undo. The moment you hit enter, the database commits to making that change — unless you've explicitly told it not to yet. That's where transactions come in. A transaction is a box you draw around one or more SQL statements that says: 'treat all of this as one atomic unit — either all of it succeeds, or none of it does'.
You open a transaction with BEGIN (or START TRANSACTION in MySQL). Inside the transaction, your changes are visible to your current session but not yet permanent. At this point, you can still run ROLLBACK and the database rewinds everything back to exactly how it was before BEGIN. Once you run COMMIT, the changes become permanent and everyone else can see them. That's your window — BEGIN to COMMIT — and it's the only window you get.
I've seen teams skip transactions for 'simple' single-row UPDATEs and get burned when a network drop left a half-finished multi-step operation in a corrupted state. The cost of wrapping an UPDATE in a transaction is one extra line. The cost of not doing it during an incident is your entire evening.
The WHERE clause is your other layer of protection. Filtering by primary key is the gold standard — it's indexed, it's unique, and it can physically only match one row. When you're doing bulk updates, filter by a specific, narrow condition and always preview the count with SELECT COUNT() first. If you expect to touch 50 rows and SELECT COUNT() returns 50,000, you've found your bug before it cost you anything.
OrderStatusBulkUpdate.sqlSQL
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
-- io.thecodeforge — Database tutorial-- Scenario: A fulfilment service needs to mark all orders from a specific-- warehouse as 'on_hold' because that warehouse just lost power.-- This is a bulk UPDATE — multiple rows affected — so we wrap it in a transaction-- and audit the row count before committing.-- Step 1: Start the transaction. Nothing is permanent until COMMIT.BEGIN;
-- Step 2: Count exactly how many rows your WHERE clause will touch.-- Run this before the UPDATE. Read the number. Does it match your expectation?SELECTCOUNT(*)
FROM orders
WHERE
warehouse_id = 'WH-DALLAS-03' -- only orders from the affected warehouseAND order_status = 'processing' -- only orders that haven't shipped yetAND created_at >= '2025-01-17'; -- only today's orders — don't touch historical data-- Expected: ~80 rows. If this returns 80,000, STOP HERE. ROLLBACK. Re-examine the query.-- Step 3: Run the UPDATE inside the same transaction.-- Because we're inside BEGIN, this change is reversible until we hit COMMIT.UPDATE orders
SET
order_status = 'on_hold', -- new status reflecting warehouse outage
status_reason = 'WarehouseWH-DALLAS-03 power outage', -- human-readable audit trail
updated_at = NOW(), -- timestamp the change
updated_by = 'ops_automation_service' -- which system/user made this changeWHERE
warehouse_id = 'WH-DALLAS-03'AND order_status = 'processing'AND created_at >= '2025-01-17';
-- The database returns: UPDATE 84-- 84 rows updated. This matched our expectation. Good.-- Step 4: Inspect a sample of the updated rows before committing.-- These will show the updated values because we're still inside the transaction.SELECT order_id, order_status, status_reason, updated_at
FROM orders
WHERE warehouse_id = 'WH-DALLAS-03'AND order_status = 'on_hold'AND created_at >= '2025-01-17'LIMIT5;
-- Step 5: Only commit once you've confirmed the data looks correct.-- Replace COMMIT with ROLLBACK if anything looks wrong — zero data is lost.COMMIT;
-- After COMMIT: all 84 rows are permanently updated and visible to every connection.
Production Trap: Forgetting AUTOCOMMIT is ON by Default
MySQL and MariaDB run in AUTOCOMMIT mode by default — every statement that isn't inside an explicit BEGIN...COMMIT is immediately permanent. A bare UPDATE without BEGIN has no rollback option whatsoever. Explicitly start transactions with BEGIN for any UPDATE that touches more than one row, or set AUTOCOMMIT=0 at the session level for scripts that run bulk operations.
Production Insight
Long transactions holding UPDATE locks cause lock contention — other updates and selects queue behind them.
Keep UPDATE transactions as short as possible: validate, then update in a tight BEGIN...COMMIT block.
For bulk updates of millions of rows, batch in smaller chunks to avoid table lock escalation and replication lag.
Key Takeaway
Wrap UPDATE in a transaction only when rollback is genuinely needed — keep transactions short to reduce lock contention.
Batch large updates (UPDATE WHERE id BETWEEN x AND y) to avoid long-held locks and replication issues.
For bulk updates: always benchmark with EXPLAIN ANALYZE first to estimate runtime before running on production.
UPDATE With JOIN and Subqueries: When One Table Isn't Enough
Simple single-table UPDATEs take you a long way, but real applications constantly need to update rows in one table based on data that lives in another. Think about marking products as 'discontinued' based on supplier records, or syncing a user's subscription tier from a payments table into a profiles table. The data driving the change is in table B, but the rows you need to modify are in table A.
There are two ways to do this: UPDATE with a JOIN (MySQL, SQL Server, PostgreSQL via FROM) or UPDATE with a correlated subquery (works everywhere). The JOIN syntax is more readable and almost always faster because the query planner can optimize a join more aggressively than it can a subquery that re-executes per row.
PostgreSQL uses a slightly different syntax — instead of a JOIN keyword directly in the UPDATE, you add a FROM clause and then JOIN conditions in WHERE. MySQL uses UPDATE table1 JOIN table2 ON ... SET. SQL Server uses UPDATE with a FROM and JOIN. They're all doing the same thing — don't let the syntax variation throw you.
The subquery approach works on every database without modification, which makes it useful for scripts that need to run cross-platform. The performance difference matters at scale — I've seen a subquery-based update crawl for 40 minutes on 500k rows that a JOIN-based equivalent finished in 90 seconds. Always check the query plan with EXPLAIN before running a bulk UPDATE against a large table.
SubscriptionTierSync.sqlSQL
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
-- io.thecodeforge — Database tutorial-- Scenario: A SaaS billing service processes monthly renewals.-- When a payment succeeds, the payments table is updated first.-- We then need to sync the subscription_tier in user_profiles-- to match what the customer actually paid for this month.-- The driving data (new tier) lives in payments — the rows to update live in user_profiles.-- ── APPROACH 1: UPDATE with FROM + JOIN (PostgreSQL syntax) ──────────────────-- Preferred: readable, and the query planner handles this efficiently.UPDATE user_profiles AS up -- alias the target table for readabilitySET
subscription_tier = p.new_tier, -- take the tier from the payments row
tier_valid_until = p.next_billing_date, -- set expiry from billing cycle in payments
updated_at = NOW()
FROM payments AS p -- this is the source of truth for the new tierWHERE
up.user_id = p.user_id -- join condition: link profiles to their paymentAND p.payment_status = 'succeeded' -- only sync rows where payment actually went throughAND p.billing_cycle = '2025-01' -- only this month's billing run — never re-process old dataAND p.processed_at >= NOW() - INTERVAL '1 hour'; -- safety window: only the last hour's payments-- This updates ONLY the profile rows for users who just paid successfully.-- ── APPROACH 2: Correlated Subquery (works on MySQL, SQLite, and everywhere else) ──-- Use this when you need cross-database compatibility.-- Slower at scale — always EXPLAIN this before running on large tables.UPDATE user_profiles
SET
subscription_tier = (
-- This subquery runs once per row in user_profiles that matches the outer WHERE.-- It fetches the new_tier from the corresponding payment record.SELECT p.new_tier
FROM payments AS p
WHERE
p.user_id = user_profiles.user_id -- correlated: links back to the outer rowAND p.payment_status = 'succeeded'AND p.billing_cycle = '2025-01'ORDERBY p.processed_at DESCLIMIT1-- defensive: take the most recent payment if somehow there are duplicates
),
updated_at = NOW()
WHERE-- Only attempt the update for users who actually have a matching payment record.-- Without this EXISTS check, users with no payment this month get NULL written to subscription_tier.EXISTS (
SELECT1FROM payments AS p
WHERE
p.user_id = user_profiles.user_id
AND p.payment_status = 'succeeded'AND p.billing_cycle = '2025-01'
);
Output
-- Approach 1 (PostgreSQL FROM + JOIN):
UPDATE 1847
-- 1,847 user profiles updated to reflect this month's successful payments.
-- Approach 2 (Correlated Subquery):
UPDATE 1847
-- Same result, but will run noticeably slower on large tables.
-- Always run EXPLAIN ANALYZE on Approach 2 before using it in production.
Never Do This: UPDATE Without an EXISTS Guard on Subqueries
If you use a correlated subquery in SET and a user has no matching row in the source table, the subquery returns NULL — and NULL gets written silently into the column. No error. No warning. Users who didn't pay this month get their subscription_tier set to NULL. Always pair a subquery-based UPDATE with a WHERE EXISTS(...) clause that mirrors the subquery condition. This is the most common bulk-update bug I've ever debugged.
Production Insight
UPDATE ... FROM (PostgreSQL) and UPDATE ... JOIN (MySQL) allow updating based on values from another table — used for syncing data between tables.
This pattern replaces the common anti-pattern of fetching data in application code, modifying it, and writing it back as two separate round trips.
For consistent multi-table updates, wrap both UPDATEs in a single transaction.
Key Takeaway
UPDATE FROM / UPDATE JOIN modifies rows based on another table's values — eliminates application-layer roundtrips.
Both tables must have an indexed join column for the UPDATE to perform well.
Always test UPDATE ... FROM with a SELECT using the same FROM clause before running the actual update.
Production Patterns: RETURNING, Audit Trails, and When UPDATE Isn't the Answer
Two things separate production-grade UPDATE usage from textbook examples: getting data back out of the UPDATE operation itself, and knowing when not to use UPDATE at all.
PostgreSQL and SQL Server support RETURNING (or OUTPUT in SQL Server) — a clause that makes UPDATE hand back the modified rows immediately. This eliminates the extra SELECT you'd otherwise need to fetch the updated state, removes a round-trip to the database, and — critically — guarantees you're reading exactly the rows that were just modified, not a slightly stale version. In a high-concurrency system, that gap between UPDATE and SELECT is not theoretical. I've seen race conditions in checkout services where another request updated the row in that gap, and the verification SELECT read the second update, not the first.
On audit trails: never trust application-layer logging to record what actually changed in the database. Application logs don't capture changes made by migration scripts, admin tools, or direct database access. The only reliable audit trail is built at the database layer — a combination of an updated_at timestamp column, an updated_by column, and for high-compliance systems, a shadow audit table populated by a trigger or Change Data Capture. If your system handles financial, medical, or legal data and you don't have this, you have a compliance gap.
Finally — UPDATE is not always the right tool. If you're soft-deleting records, the pattern of updating an is_deleted flag works fine at small scale but becomes a performance burden at millions of rows because every query that 'ignores' deleted rows still has to scan past them. Sometimes a separate archive table with INSERT is the better architectural choice. Don't let familiarity with UPDATE make you reach for it in every situation.
InventoryReservation.sqlSQL
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
-- io.thecodeforge — Database tutorial-- Scenario: A checkout service needs to decrement inventory when an item is added to cart.-- Two problems to solve:-- 1. We need the updated stock level immediately (for the API response) — no second SELECT.-- 2. We must never go below zero — this is a safety constraint.-- RETURNING solves problem 1. A WHERE guard solves problem 2.-- ── PATTERN: Atomic decrement with RETURNING (PostgreSQL) ────────────────────-- This is the pattern inside every inventory and rate-limiter service.-- The whole thing is one round-trip. No race condition between UPDATE and SELECT.UPDATE product_inventory
SET
quantity_available = quantity_available - 1, -- decrement by exactly 1 unit
quantity_reserved = quantity_reserved + 1, -- track how many are in-cart but not purchased
last_reserved_at = NOW()
WHERE
product_id = 'SKU-00441' -- specific productAND quantity_available > 0-- CRITICAL: never decrement below zero-- If stock is 0, this WHERE fails to match,-- UPDATE touches 0 rows, and RETURNING returns nothing.-- The application reads empty result = out of stock.RETURNING
product_id,
quantity_available, -- this is the UPDATED value, already decremented
quantity_reserved, -- already incremented
last_reserved_at;
-- No second SELECT needed. This is the post-update state.-- ── PATTERN: Audit trail with a shadow table (PostgreSQL trigger approach) ────-- For compliance systems: every UPDATE writes a before-image to an audit log.-- This is the database-layer safety net that catches admin tool changes-- and migration-script changes that never touch your app logs.-- First, the audit table structure:CREATETABLEIFNOTEXISTSuser_profiles_audit (
audit_id BIGSERIALPRIMARYKEY,
user_id INTNOTNULL,
changed_at TIMESTAMPTZNOTNULLDEFAULTNOW(),
changed_by TEXTNOTNULL, -- application user or DB user
operation TEXTNOTNULL, -- 'UPDATE', 'DELETE'
old_email TEXT, -- value BEFORE the change
new_email TEXT, -- value AFTER the change
old_tier TEXT,
new_tier TEXT
);
-- The trigger fires automatically after every UPDATE on user_profiles.-- You don't call this manually — the database calls it.CREATEORREPLACEFUNCTIONlog_user_profile_changes()
RETURNSTRIGGERAS $$
BEGIN-- OLD = the row values before the UPDATE-- NEW = the row values after the UPDATEINSERTINTOuser_profiles_audit (
user_id, changed_by, operation, old_email, new_email, old_tier, new_tier
) VALUES (
OLD.user_id,
current_user, -- the DB role that ran the UPDATE'UPDATE',
OLD.email, -- what it was beforeNEW.email, -- what it becameOLD.subscription_tier,
NEW.subscription_tier
);
RETURNNEW; -- required: return the new row to allow the UPDATE to proceedEND;
$$ LANGUAGE plpgsql;
CREATETRIGGER trg_user_profile_audit
AFTERUPDATEON user_profiles -- fires after every UPDATE, not beforeFOREACHROW-- once per affected row, not once per statementEXECUTEFUNCTIONlog_user_profile_changes();
Output
-- After the inventory RETURNING query (item was in stock):
-- Zero rows returned = out of stock. Application shows 'item unavailable'.
-- No row was modified. The check is atomic — impossible to race this to -1.
-- Trigger creation:
CREATE TRIGGER
-- From this point on, every UPDATE on user_profiles automatically writes to user_profiles_audit.
Interview Gold: RETURNING Eliminates a Race Condition
UPDATE ... RETURNING gives you the post-update row state in a single atomic operation. The alternative — UPDATE then SELECT — has a gap where another transaction can modify the row between the two statements. In a concurrent checkout or inventory system, that race condition is real and will eventually fire. RETURNING is the correct pattern, not a nice-to-have.
Production Insight
RETURNING (PostgreSQL) returns the modified rows in a single statement — eliminates the SELECT after UPDATE pattern that is vulnerable to race conditions.
Without RETURNING, SELECT after UPDATE in a concurrent environment may see another transaction's changes, not your update.
For audit logging, INSERT INTO audit_log SELECT ... FROM (UPDATE ... RETURNING *) is an atomic single-statement pattern.
Key Takeaway
RETURNING eliminates the SELECT-after-UPDATE anti-pattern and is race-condition safe.
For soft deletes: UPDATE items SET deleted_at = NOW() WHERE id = $1 RETURNING * is safer than UPDATE then SELECT.
MySQL's equivalent: INSERT ... ON DUPLICATE KEY UPDATE; no native RETURNING support in MySQL 8.
● Production incidentPOST-MORTEMseverity: high
UPDATE Without WHERE Set Every User's Status to 'suspended'
Symptom
Customer support was flooded with login failure reports within minutes. All users showed status = 'suspended' in the database.
Assumption
The developer assumed the query was scoped to one row. The WHERE clause was present in the original query but accidentally dropped during editing.
Root cause
UPDATE users SET status = 'suspended' with no WHERE clause — standard SQL behavior is to update all rows in the table when no WHERE is specified.
Fix
Rolled back using a point-in-time restore from a 5-minute-old snapshot. Implemented: (1) All UPDATE statements require peer review. (2) Production database uses a Postgres role that requires explicit transaction context. (3) Added a pre-commit hook that flags UPDATE statements without WHERE for review.
Key lesson
UPDATE without WHERE is the most dangerous SQL statement in production — always test with SELECT first
Before any destructive UPDATE, run the equivalent SELECT with the same WHERE clause and verify the row count
Wrap all production UPDATE statements in a transaction so ROLLBACK is available if results are wrong
Production debug guideDiagnosing unintended updates, lock contention, and rollback scenarios3 entries
Symptom · 01
UPDATE modified more rows than expected
→
Fix
If you still have a transaction open, ROLLBACK immediately. If already committed, restore from backup or re-run the correct UPDATE to fix affected rows. Add WHERE rowcount validation: run SELECT COUNT(*) with the same WHERE condition before UPDATE to confirm the expected row count.
Symptom · 02
UPDATE times out or blocks for a long time
→
Fix
Another transaction holds a lock on the rows you're trying to update. Run: SELECT pid, query, wait_event FROM pg_stat_activity WHERE wait_event_type = 'Lock'. Find and terminate the blocking session with pg_terminate_backend(pid) if appropriate.
Symptom · 03
UPDATE succeeds but changes aren't visible to other connections
→
Fix
Your UPDATE is inside an uncommitted transaction. Run COMMIT to make changes permanent. Or check if AUTOCOMMIT is disabled in your client — in that case every statement starts a transaction that needs explicit COMMIT.
Aspect
UPDATE with JOIN / FROM
UPDATE with Correlated Subquery
Readability
Clear — join logic is explicit and familiar
Moderate — the self-reference is non-obvious to beginners
Performance on large tables
Fast — query planner optimises joins aggressively
Slow — subquery can execute once per matched row
Database compatibility
Syntax varies (MySQL, PostgreSQL, SQL Server all differ slightly)
Works identically on MySQL, PostgreSQL, SQLite, SQL Server
NULL risk when no match found
No — unmatched rows are simply excluded by the join
Yes — missing match returns NULL unless protected by WHERE EXISTS
Best used when
You control the database engine and need performance
You need one script to run on multiple database types
Always run a SELECT with your exact WHERE clause before running the UPDATE. If the SELECT returns the right rows, your UPDATE hits the same rows. This one habit prevents more production incidents than any linter or code review.
2
An UPDATE without a WHERE clause has no safety net, no warning, and no undo
the database will cheerfully overwrite every row and tell you it succeeded. In MySQL, SET sql_safe_updates=1 at the session level makes the engine refuse non-keyed UPDATEs. Use it for any manual session touching production.
3
Wrap multi-row UPDATEs in explicit BEGIN...COMMIT transactions. The BEGIN is your pause button. Read the row count. Inspect a sample. If anything looks wrong, ROLLBACK costs you nothing. COMMIT without looking first costs you everything.
4
UPDATE ... RETURNING is not just a convenience
it closes a real concurrency gap. The time between a bare UPDATE and a follow-up SELECT is measurable in a production system under load. Any concurrent transaction can modify that row in the gap. RETURNING gives you the post-update state atomically, in one round-trip, with no race condition possible.
Common mistakes to avoid
3 patterns
×
Writing UPDATE without a WHERE clause
Symptom
Every row in the table is updated instantly — no error, no warning, no confirmation prompt. The most destructive accidental SQL statement.
Fix
Always test the WHERE condition with SELECT first: SELECT COUNT() FROM table WHERE condition. Then wrap the UPDATE in a transaction: BEGIN; UPDATE table SET col = val WHERE condition; SELECT FROM table WHERE condition; COMMIT (or ROLLBACK if wrong).
×
Updating 500,000 rows in a single statement without batching
Symptom
UPDATE takes minutes, holds table locks, blocks all concurrent writes, causes replication lag, and risks running out of undo log space
Fix
Batch large updates: UPDATE table SET col = val WHERE id BETWEEN 1 AND 10000. Repeat in chunks of 10,000-100,000 rows with a short delay between batches to release locks and allow replication to catch up.
×
Not wrapping UPDATE in a transaction when results need to be verifiable
Symptom
UPDATE commits immediately with AUTOCOMMIT=ON — wrong results cannot be rolled back; restoring requires a full point-in-time backup
Fix
Wrap any non-trivial UPDATE in BEGIN ... COMMIT. Inspect results with SELECT inside the transaction before committing. ROLLBACK if the results are wrong. COMMIT only when the SELECT confirms the correct rows were changed.
INTERVIEW PREP · PRACTICE MODE
Interview Questions on This Topic
Q01SENIOR
You run an UPDATE that touches 500,000 rows in PostgreSQL. Halfway throu...
Q02SENIOR
What is the difference between UPDATE and MERGE/UPSERT?
Q03SENIOR
How would you safely update a column for all rows in a 100M row table wi...
Q01 of 03SENIOR
You run an UPDATE that touches 500,000 rows in PostgreSQL. Halfway through, you realize it's wrong. What do you do?
ANSWER
If the UPDATE is inside an open transaction (BEGIN was called before it), run ROLLBACK immediately — all changes are undone and the table returns to its pre-UPDATE state. If the UPDATE ran with AUTOCOMMIT=ON (no explicit BEGIN), it committed automatically and ROLLBACK is not available. At that point: restore from a point-in-time backup snapshot, or run a corrective UPDATE with the inverse transformation if you can reconstruct the original values. This is why wrapping large or risky UPDATEs in explicit transactions is critical — it gives you a rollback window before committing.
Q02 of 03SENIOR
What is the difference between UPDATE and MERGE/UPSERT?
ANSWER
UPDATE modifies existing rows that match a WHERE condition — it cannot insert new rows. If the target row doesn't exist, UPDATE silently does nothing. MERGE (SQL standard) and UPSERT (INSERT ON CONFLICT in PostgreSQL, INSERT ON DUPLICATE KEY UPDATE in MySQL) handle both cases: if the row exists, update it; if not, insert it. Use UPDATE when you know the row exists. Use UPSERT/MERGE when you need to handle both insert and update in one atomic operation — common for syncing data from an external source where you don't know if the record exists.
Q03 of 03SENIOR
How would you safely update a column for all rows in a 100M row table without causing downtime?
ANSWER
Batch the update in chunks to avoid long-held locks and replication lag. Pattern: UPDATE table SET col = new_value WHERE id BETWEEN $start AND $end AND col != new_value. Run in a loop from application code with sleep(100ms) between batches to release locks and let replication catch up. Batch size 10,000-50,000 rows is a reasonable starting point — tune based on query runtime and lock wait observations. Add WHERE col != new_value to make the update idempotent so it can be restarted safely. Monitor replication lag during the run. For truly zero-downtime schema changes, consider the expand-migrate-contract pattern with a background migration.
01
You run an UPDATE that touches 500,000 rows in PostgreSQL. Halfway through, you realize it's wrong. What do you do?
SENIOR
02
What is the difference between UPDATE and MERGE/UPSERT?
SENIOR
03
How would you safely update a column for all rows in a 100M row table without causing downtime?
SENIOR
FAQ · 4 QUESTIONS
Frequently Asked Questions
01
What happens if I run an SQL UPDATE without a WHERE clause?
Every single row in the table gets updated with the new values — no exceptions, no warnings. The database treats a missing WHERE clause as 'match everything', which is valid SQL. Your only recovery path is a transaction rollback if you started one, or a restore from backup if you didn't. Always write the WHERE clause before the SET clause so you can't accidentally execute an incomplete UPDATE.
Was this helpful?
02
What's the difference between UPDATE and INSERT in SQL?
UPDATE modifies columns in rows that already exist. INSERT creates new rows that did not exist before. The rule of thumb: if the row is already in the table and you need to change something about it, use UPDATE. If the data is brand new and has no existing row, use INSERT. Some databases also offer UPSERT (INSERT ... ON CONFLICT DO UPDATE in PostgreSQL, or MERGE in SQL Server) when you're not sure whether the row exists yet.
Was this helpful?
03
How do I update a column value based on its current value in SQL?
Reference the column name on the right side of the SET expression: UPDATE accounts SET balance = balance - 50.00 WHERE account_id = 9912. The database reads the current value of balance, subtracts 50, and writes the result back. This is safe inside a single statement because the WHERE evaluation and the SET happen atomically — no other transaction can change balance between those two steps within the same statement execution.
Was this helpful?
04
Can an SQL UPDATE statement cause a deadlock in a high-traffic production system?
Yes, and it's more common than people expect. Deadlocks happen when two concurrent transactions each hold a lock the other needs — Transaction A locks row 1 then tries for row 2, Transaction B locks row 2 then tries for row 1. The database detects the cycle and kills one transaction with 'ERROR: deadlock detected'. The mitigation is consistent lock ordering — ensure all transactions that touch multiple rows always acquire locks in the same sequence. In PostgreSQL, SELECT ... FOR UPDATE in a consistent order before your UPDATE statements is the standard pattern. Also keep transactions short: the longer a transaction holds locks, the wider the window for a deadlock to form.