zoukankan      html  css  js  c++  java
  • python-day11 pymysql

    python 操作 mysql

    #######select

    import pymysql

    # 获取数据
    conn = pymysql.Connect(host='192.168.12.89',port=3306,user='root',password="123",database="s17day11db",charset='utf8')
    cursor = conn.cursor()
    # 受影响的行数
    v = cursor.execute('select * from student')
    result = cursor.fetchall()
    # result = cursor.fetchone()
    # result = cursor.fetchmany(2)
    print(result)

    cursor.close()
    conn.close()



    ###########other

    # 获取数据
    conn = pymysql.Connect(host='192.168.12.89',port=3306,user='root',password="123",database="s17day11db",charset='utf8')
    cursor = conn.cursor()
    # 受影响的行数
    v = cursor.execute('insert into userinfo(username,password) values(%s,%s)',['eric','99999'])
    conn.commit()
    v = cursor.execute('delete from userinfo where username=%s',['eric'])
    conn.commit()
    v = cursor.execute('update userinfo set password=%s where username=%s',['999999','alex'])
    conn.commit()

    cursor.close()
    conn.close()

    #################需求
    新创建一个班级,并且 创建一个学生 加入这个班级
    import pymysql

    # 获取数据
    conn = pymysql.Connect(host='192.168.12.89',port=3306,user='root',password="123",database="s17day11db",charset='utf8')
    cursor = conn.cursor()

    cursor.execute('insert into class(caption) values(%s)',['新班级'])
    conn.commit()
    new_class_id = cursor.lastrowid # 获取新增数据自增ID

    cursor.execute('insert into student(sname,gender,class_id) values(%s,%s,%s)',['李杰','男',new_class_id])
    conn.commit()

    cursor.close()
    conn.close()

    解释:可以通过cursor.lastrowid 获取到 本脚本中执行的 自增ID
    然后放入吓一条sql中


    #####################################被sql注入的写法, 以及 sql注入
    import pymysql

    user = input('请输入用户名:')
    pwd = input('请输入密码:')

    # 获取数据
    conn = pymysql.Connect(host='192.168.12.89',port=3306,user='root',password="123",database="s17day11db",charset='utf8')
    cursor = conn.cursor()
    sql = 'select * from userinfo where username="%s" and password="%s" ' %(user,pwd,)
    # user = alex" --
    # pwd= asdf
    'select * from userinfo where username="alex" -- " and password="sdfsdf"'
    # user = asdfasdf" or 1=1 --
    # pwd= asdf
    'select * from userinfo where username="asdfasdf" or 1=1 -- " and password="asdfasdf"'
    v = cursor.execute(sql)
    result = cursor.fetchone()
    cursor.close()
    conn.close()

    print(result)


    ###################防止sql注入
    import pymysql

    user = input('请输入用户名:')
    pwd = input('请输入密码:')

    # 获取数据
    conn = pymysql.Connect(host='192.168.12.89',port=3306,user='root',password="123",database="s17day11db",charset='utf8')
    cursor = conn.cursor()
    sql = 'select * from userinfo where username="%s" and password="%s" ' %(user,pwd,)
    # user = alex" --
    # pwd= asdf
    'select * from userinfo where username="alex" -- " and password="sdfsdf"'
    # user = asdfasdf" or 1=1 --
    # pwd= asdf
    'select * from userinfo where username="asdfasdf" or 1=1 -- " and password="asdfasdf"'
    v = cursor.execute(sql)
    result = cursor.fetchone()
    cursor.close()
    conn.close()

    print(result)
















  • 相关阅读:
    贺铿:中国多年来楼市调控不合理又不合法
    Ubuntu12.04下arm交叉编译环境的建立
    Android2.3.7源码结构分析
    【开源推荐】AllJoyn:打造全球物联网的通用开源框架
    Ubuntu12.04安装JDK6
    ubuntu12.04升级后找不到共享目录
    Windows Embedded Compact 7新特性
    Windows Embedded Compact 2013 安装体验
    巴登的故事
    h5调用底层接口的一些知识
  • 原文地址:https://www.cnblogs.com/onda/p/7147026.html
Copyright © 2011-2022 走看看