一.python 操作mysql
import pymysql
'''
# 1.基本语法
# (1) 连接数据库
# conn = pymysql.connect(host = "ip地址",user = "用户",password = "密码",database = "数据库",charset = "字符集",port = "端口号")
# 至少填写前4个参数
conn = pymysql.connect(host = "127.0.0.1",user = "root",password="123456",database = "db5",charset="utf8",port=3306)
# (2).创建游标对象,该对象执行sql相关方法
cursor = conn.cursor()
# (3).执行sql语句
sql = "select * from employee"
# (如果是查询,返回查到的所有条数)
res = cursor.execute(sql)
print(res)
# (4) 获取查询出来的数据 fetchone 只获取一条数据
res = cursor.fetchone()
print(res)
#获取当前数据版版本号
res = cursor.execute("select version()")
print(res)
data = cursor.fetchone()
print("版本号",data)
# (5) 释放游标对象
# cursor.close()
# (6) 关闭数据库连接
conn.close()
'''
# 2.创建/删除 数据表
'''
conn = pymysql.connect(host = "127.0.0.1",user = "root",password="123456",database="db5")
# 创建游标对象 通过这个对象操作数据库
cursor = conn.cursor()
sql1 = """
create table myt10(
id int unsigned primary key auto_increment,
first_name char(10) not null,
last_name char(10) not null,
age int unsigned,
sex tinyint,
money float
)
"""
# 准备sql语句
sql2 = "desc myt9"
# 执行sql语句
# cursor.execute(sql1)
cursor.execute(sql2)
# 获取一条数据
# data = cursor.fetchone()
# 获取所有数据
data = cursor.fetchall()
print(data) #('id', 'int(10) unsigned', 'NO', 'PRI', None, 'auto_increment')
try:
# sql3 = "drop table myt1011111"
sql3 = "drop table myt10"
res = cursor.execute(sql3)
print(res)
except:
pass
print(33344)
# 释放游标对象
cursor.close()
# 关闭远程数据库连接
conn.close()
"""
(
('id', 'int(10) unsigned', 'NO', 'PRI', None, 'auto_increment'),
('first_name', 'char(10)', 'NO', '', None, ''),
('last_name', 'char(10)', 'NO', '', None, ''),
('age', 'int(10) unsigned', 'YES', '', None, ''),
('sex', 'tinyint(4)', 'YES', '', None, ''),
('money', 'float', 'YES', '', None, '')
)
"""
'''
# (3)事务处理
# 1.基本语法
# 连接数据库
conn = pymysql.connect(host = "127.0.0.1",user = "root",password="123456",database = "db5",charset="utf8",port=3306)
# 创建游标对象,该对象执行sql相关方法
cursor = conn.cursor()
# 1 .开启事务 通过pymysql 操作数据库,默认开启事务,需要最后通过commit进行提交数据;
sql1 = "begin"
sql2 = "select * from employee limit 3"
sql3 = "update employee set age = 39 where id = 3"
sql4 = "commit"
cursor.execute(sql1)
cursor.execute(sql2)
cursor.execute(sql3)
# 最终需要通过commit提交事务,提交数据
cursor.execute(sql4)
# 释放游标对象
cursor.close()
# 关闭数据库连接
conn.close()
二.sql注入相关
import pymysql
""""""
# 1.sql 注入的问题
user = input("user>>:").strip()
pwd = input("password>>:").strip()
# sdfsd' or 1=1 -- sfdksjk
conn= pymysql.connect(host="127.0.0.1",user="root",password="123456",database="db5",charset="utf8",port=3306)
cursor = conn.cursor()
sql = "select * from usr_pwd where username = '%s' and password = '%s' " % (user,pwd)
print(sql) #select * from usr_pwd where username = 'iuiuuyuy' or 1=1 -- sdfsdfs' and password = ''
res = cursor.execute(sql)
print(res)
if res:
print("登录成功!")
else:
print("登录失败~")
# 释放游标对象
cursor.close()
# 关闭数据库连接
conn.close()
''''''
# 2.解决办法:
# 如果想用execute 的预处理功能 %s 不要在套一层引号了,但是如果是字符串的格式化,必须加引号.
user = input("user>>:").strip()
pwd = input("password>>:").strip()
conn= pymysql.connect(host="127.0.0.1",user="root",password="123456",database="db5",charset="utf8",port=3306)
cursor = conn.cursor()
sql = 'select * from usr_pwd where username = %s and password = %s '
# execute可以提前过滤sql语句,做一下预处理.方式sql注入.
print(sql)
res = cursor.execute(sql,(user,pwd))
if res:
print("登录成功")
else:
print("登录失败")
# 释放游标对象
cursor.close()
# 关闭数据库连接
conn.close()
三.python 操作mysql 增删改
import pymysql
"""
通过pymysql这个模块提交给mysql 服务器,默认开启事务
事务处理,必须要依赖commit来进行提交数据,也可以用rollback回滚到开始时候 的数据
不提交数据,默认回滚
提交数据 conn.commit()
回滚数据 conn.rollback()
execute executemany 如果执行的是增删改,返回的是受影响的行数
execute 如果执行的是查,返回的是查询到的数量;
"""
# 连接数据库
conn = pymysql.connect(host="127.0.0.1",user="root",password="123456",database="db5")
# cursor=pymysql.cursors.DictCursor 把返回的数据变成字典,默认是元组;
cursor = conn.cursor(cursor=pymysql.cursors.DictCursor)
# 1.增
# 执行sql语句
sql = """insert into myt9(first_name,last_name,age,sex,money) values(%s,%s,%s,%s,%s)"""
# execute只执行一条数据
res = cursor.execute( sql,( "马","巨强",74,1,8) )
# print(res)
# executemany执行多条数据 返回第一次插入的那条数据的id
# res = cursor.executemany( sql, [("张","过程",88,0,2),("意","四",13,1,90),("罗","婷",18,1,100000),("黄","胸大",20,0,900)] )
# print(res)
# 获取最后一条插入数据的id(一般常用订单号上)
print(cursor.lastrowid)
# 2.删
"""
sql = "delete from myt9 where id = %s "
res = cursor.execute(sql,(5))
if res:
print("删除成功")
else:
print("删除失败")
"""
# 3.改
"""
sql = "update myt9 set first_name = %s where id = %s"
res = cursor.execute(sql,("王",9))
if res:
print("修改成功")
else:
print("修改失败")
"""
# 4.查 返回搜索的条数
sql2 = "select * from myt9"
res = cursor.execute(sql2)
print(res)
# 查询一条 fetchone()
data = cursor.fetchone()
print(data)
# 查询多条 fetchmany(查询的条数) 默认查一条,基于上一条查询,往下在查查2条
data = cursor.fetchmany(2)
print(data)
# 查询所有数据
data = cursor.fetchall()
print(data)
#[{'id': 9, 'first_name': '王', 'last_name': '巨强', 'age': 74, 'sex': 1, 'money': 8.0}]
for row in data:
first_name = row['first_name']
last_name = row['last_name']
age = row['age']
if row['sex'] == 0:
sex = "男"
else:
sex = "女"
money = row['money']
print("姓:{},名字:{},性别:{},年龄:{},收入:{}".format(first_name,last_name,sex,age,money))
# 可以选择查询的位置
sql3 = "select * from myt9 where id >= 20"
res = cursor.execute(sql3)
print(res)
data = cursor.fetchone()
print(data)
# 相对当前位置进行移动
cursor.scroll(7,mode="relative") # 向后移动
print(cursor.fetchone())
cursor.scroll(-5,mode="relative") # 向前移动
print(cursor.fetchone())
# 绝对位置移动
cursor.scroll(0,mode="absolute")
print(cursor.fetchone())
conn.commit()
cursor.close()
conn.close()