pymysql
import pymysql user= input('用戶名:>>').strip() pwd= input('密碼:>>').strip() #先連接,拿到遊標 conn=pymysql.connect(host='localhost',user='root',password='123456', database='day47',charset='utf8') cursor=conn.cursor() #拿到遊標,即mysql > #執行sql sql='select * from user where user="%s" and password="%s";'%(user,pwd) print(sql) #注意%s須要加雙引號 rows = cursor.execute(sql) #拿到受影響的行數 cursor.close() conn.close() if rows: print('登陸成功') else: print('登陸失敗')
一、防注入mysql
如上咱們採用字符串拼接的形式生成sql語句。可是當存在 -- 時有可能對後面的語句造成干擾。sql
當面臨這種狀況時,用execute作字符串拼接ide
import pymysql user="egon1" pwd= 123 #先連接,拿到遊標 conn=pymysql.connect(host='localhost',user='root',password='1234',
database='ls',charset='utf8') cursor=conn.cursor() #拿到遊標,即mysql > sql="select * from std where name=%s and password=%s;" row_count=cursor.execute(sql,[user,pwd]) print(row_count) conn.commit() cursor.close() conn.close() ..............其中()【】均可以使用
- 增
- 刪
- 改 須要commit纔會完成
- 查
- 與sql語句基本一致
當我查找數據時,會返回不少內容,咱們須要經過fetchone,fetchmany,fetchall來得到消息fetch
import pymysql user="egon16" pwd= 123 #先連接,拿到遊標 conn=pymysql.connect(host='localhost',user='root',password='1234', database='ls',charset='utf8') cursor=conn.cursor() sql='select * from stu;' rows = cursor.execute(sql)
默認是元組類型, ((1, 'ssss', 123), (2, 'xixi', 123), (3, 'aaa', 456), (4, 'ttt', 147), (5, 'xix;i', 123), (6, 'aa;a', 456), (7, 't;tt', 147), (8, 'xigx;i', 123), (9, 'aa;a', 456), (10, 't;tgt', 147), (11, '的', 123)) 若是想得到字典類型 cursor = conn.cursor(cursor=pymysql.cursors.DictCursor) 結果: [{'password': 123, 'id': 1, 'name': 'ssss'}, {'password': 123, 'id': 2, 'name': 'xixi'}, {'password': 456, 'id': 3, 'name': 'aaa'}, {'password': 147, 'id': 4, 'name': 'ttt'}, {'password': 123, 'id': 5, 'name': 'xix;i'}, {'password': 456, 'id': 6, 'name': 'aa;a'}, {'password': 147, 'id': 7, 'name': 't;tt'}, {'password': 123, 'id': 8, 'name': 'xigx;i'}, {'password': 456, 'id': 9, 'name': 'aa;a'}, {'password': 147, 'id': 10, 'name': 't;tgt'}, {'password': 123, 'id': 11, 'name': '的'}]
#查單條fetchone # res1=cursor.fetchone() # res2=cursor.fetchone() # res3=cursor.fetchone() # print(res1) # print(res2) # print(res3) # print(res3[0]) #查多條fetchmany # print(cursor.fetchmany(3)) # print(cursor.fetchone()) #查全部fetchall # print(cursor.fetchall()) # print(cursor.fetchone()) #-------光標的移動-------- #1.絕對路徑:從文件的開頭位置算起 # print(cursor.fetchall()) # cursor.scroll(1,mode='absolute') # print(cursor.fetchone()) # cursor.scroll(3,mode='absolute') # print(cursor.fetchone()) #2.相對路徑: print(cursor.fetchone()) print(cursor.fetchone()) cursor.scroll(2,mode='relative') #相對於上面的兩條向後移兩條 print(cursor.fetchone()) print('%s row in set (0.00 sec)' %rows) cursor.close() conn.close()
------查看錶中最後一行的iD import pymysql conn=pymysql.connect(host='localhost',user='root',password='123456', database='day47',charset='utf8') cursor=conn.cursor() sql='insert into user1(user,password) values(%s,%s);' rows=cursor.execute(sql,('alex','123')) # rows=cursor.executemany(sql,[('yuanhao','123'),('laowu','123'),('kgf','12323')]) conn.commit() print(cursor.lastrowid) #查看錶中最後一行的iD cursor.close() conn.close()
存儲過程:
import pymysql # 建立鏈接 conn = pymysql.connect(host='127.0.0.1',port=3306,user='root',passwd='1234',db='ls',charset='utf8') # 建立遊標 cursor = conn.cursor(cursor=pymysql.cursors.DictCursor) # cursor = conn.cursor() # 無參數存儲過程 cursor.callproc('p2') # 等價於cursor.execute("call p2()") # 獲取執行完存儲的參數,參數@開頭 cursor.callproc('p1',args=(1,22,)) cursor.execute("select @p1,@_p1_1,") # {u'@_p1_1': 22, u'@p1': 1, } # 執行SQL,並返回收影響行數 effect_row = cursor.execute("select * from stu") res1 = cursor.fetchall() print(res1) # 提交,否則沒法保存新建或者修改的數據 conn.commit() # 關閉遊標 cursor.close() # 關閉鏈接 conn.close()
使用with簡化鏈接過程spa
import pymysql import contextlib # 定義上下文管理器,鏈接後自動關閉鏈接 @contextlib.contextmanager def mysql(host='127.0.0.1',port=3306,user='root',passwd='1234',db='ls',charset='utf8'): conn = pymysql.connect(host=host,port=port,user=user,passwd=passwd,db=db,charset=charset) cursor = conn.cursor(cursor=pymysql.cursors.DictCursor) try: yield cursor finally: conn.commit() cursor.close() conn.close() # 執行sql with mysql() as cursor: print(cursor) row_count = cursor.execute("select * from stu") row_1 = cursor.fetchone() print(row_count,row_1)
import pymysql conn = pymysql.connect(host = 'localhost',user = 'root',password='123456',database = 'lianxi',charset = 'utf8') cursor = conn.cursor(pymysql.cursors.DictCursor) #以字典的形式輸出 # rows = cursor.callproc('p1') #1.調用存儲過程的方法 ,沒參數時 # rows = cursor.callproc('p2',args=(3,7)) #有參數時 rows = cursor.callproc('p3', args=(3,7,123)) #@_p3_0=3,@_p3_1=7 ,@_p3_2=123 #有參數時 conn.commit() #執行 print(cursor.fetchall()) cursor.execute('select @_p3_0,@_p3_1,@_p3_2') print(cursor.fetchall()) cursor.close() conn.close()
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。