zoukankan      html  css  js  c++  java

  • pymysql模块

    pymysql注入

      用户在输入的时候带有恶意的sql语句,而后端没有检测就直接拼接,获得的语句和期望的语句不一致 (带有’--)

    1,查

     1 import pymysql
 2 conn = pymysql.connect(
 3     host="192.168.16.90",
 4     port=3306,
 5     user="zc",
 6     password="123",
 7     database = 'user',
 8     charset = "utf8"
 9 )
10 cursor=conn.cursor(cursor=pymysql.cursors.DictCursor)
11 sql="select * from userinfo;"
12 cursor.execute(sql)
13 ret=cursor.fetchall()
14 print(ret)
15 ret1=cursor.fetchmany(1)
16 print(ret1)
17 ret2=cursor.fetchone()
18 print(ret2)
19 cursor.close()
20 conn.close()
    View Code

    2,增

     1 import pymysql
 2 conn = pymysql.connect(
 3     host="192.168.16.90",
 4     port=3306,
 5     user="zc",
 6     password="123",
 7     database = 'user',
 8     charset = "utf8"
 9 )
10 cursor=conn.cursor()
11 sql="insert into userinfo (username,password) values(%s,%s);"
12 cursor.execute(sql,['fei',"234"])
13 conn.commit()
14 cursor.close()
15 conn.close()
    View Code

    3,改

     1 import pymysql
 2 conn = pymysql.connect(
 3     host="192.168.16.90",
 4     port=3306,
 5     user="zc",
 6     password="123",
 7     database = 'user',
 8     charset = "utf8"
 9 )
10 cursor=conn.cursor()
11 sql="update userinfo set password=%s where username=%s;"
12 cursor.execute(sql,['abc',"fei"])
13 conn.commit()
14 cursor.close()
15 conn.close()
    View Code

    4,删

     1 import pymysql
 2 conn = pymysql.connect(
 3     host="192.168.16.90",
 4     port=3306,
 5     user="zc",
 6     password="123",
 7     database = 'user',
 8     charset = "utf8"
 9 )
10 cursor=conn.cursor()
11 sql="delete from userinfo where username=%s;"
12 cursor.execute(sql,["fei"])
13 conn.commit()
14 cursor.close()
15 conn.close()
    View Code

    移动光标

     1 import pymysql
 2 conn = pymysql.connect(
 3     host="192.168.16.90",
 4     port=3306,
 5     user="zc",
 6     password="123",
 7     database = 'user',
 8     charset = "utf8"
 9 )
10 cursor=conn.cursor(cursor = pymysql.cursors.DictCursor)
11 sql="select * from userinfo;"
12 cursor.execute(sql)
13 cursor.scroll(1,mode="relative")
14 #cursor.scroll(1,mode="absolute")
15 ret = cursor.fetchmany(1)
16 print(ret)
17 cursor.close()
18 conn.close()
    View Code

    回滚

     1 import pymysql
 2 conn = pymysql.connect(
 3     host="192.168.16.90",
 4     port=3306,
 5     user="zc",
 6     password="123",
 7     database = 'user',
 8     charset = "utf8"
 9 )
10 cursor=conn.cursor()
11 sql="insert into userinfo (username,password) values(%s,%s)"
12 cursor.execute(sql,['fei',"123"])
13 conn.rollback()
14 conn.commit()
15 cursor.close()
16 conn.close()
    View Code
  • 相关阅读:
    序列化实现 深拷贝
    为边框应用图片 border-image
    阴影 box-shadow(二)
    阴影 box-shadow(一)
    css3之圆角效果 border-radius
    文档对象模型(DOM)
    Cookie/Session机制详解
    PHP错误The server encountered an internal error or misconfiguration and was unable to complete your re
    关于js with语句的一些理解
    使用JavaScript+Html创建win8应用(二)
  • 原文地址:https://www.cnblogs.com/ruoxiruoxi/p/9754852.html
Copyright © 2011-2022 走看看