pymysql模塊

#pip3 install pymysql
import pymysql

user=input('user>>: ').strip()
pwd=input('password>>: ').strip()

# 創建連接
conn=pymysql.connect(
    host='192.168.1.16',
    port=3306,
    user='root',
    password='123',
    db='db1',
    charset='utf8'
)

# 拿到遊標
cursor=conn.cursor() #執行完畢返回的結果集默認以元組顯示
#cursor=conn.cursor(cursor=pymysql.cursors.DictCursor)  #

# sql注入之：用戶不存在，繞過用戶與密碼 aaa' or 1=1 -- 任意字符
# sql='select * from userinfo where user = "%s" and pwd="%s"' %(user,pwd)
# print(sql)

#改寫爲（execute幫咱們作字符串拼接，咱們無需且必定不能再爲%s加引號了）由於pymysql會自動爲咱們加上,pymysql模塊自動幫咱們解決sql注入的問題
sql='select * from userinfo where user = %s and pwd=%s'
rows=cursor.execute(sql,(user,pwd)) #執行sql語句，返回sql查詢成功的記錄數目

# print(cursor.fetchone())
# print(cursor.fetchall())
# print(cursor.fetchmany(2))   #通常不用直接用limit控制數量

# cursor.scroll(3,mode='absolute') # 相對絕對位置移動
# print(cursor.fetchone())
# cursor.scroll(2,mode='relative') # 相對當前位置移動
# print(cursor.fetchone())

# 增、刪、改 須要提交：conn.commit()  #提交後表中記錄纔會變更
sql99='insert into userinfo(user,pwd) values(%s,%s)'

rows99=cursor.execute(sql99,('tom','123'))#單條
print(rows99)

rows99=cursor.executemany(sql99,[('jack','123'),('rose','111'),('tony','2222')])#多條
print(rows99)

print(cursor.lastrowid)# 獲取插入的最後一條數據的自增ID

conn.commit()# 增、刪、改 須要提交：conn.commit()  #提交後表中記錄纔會變更

cursor.close()
conn.close()

# 進行判斷
if rows:
    print('登陸成功')
else:
    print('登陸失敗')

"""
按年月分組查詢
select  date_format(sub_time,'%Y-%m'),count(id) from blog group by date_format(sub_time,'%Y-%m')
"""