1 import pymysql
2
3 user = input("请输入用户名:")
4 passwd = input("请输入密码:")
5
6 conn = pymysql.connect(host="localhost",user="root",passwd="",database="db1")
7 cursor = conn.cursor()
8 #不要自己写sql拼接会SQL注入漏洞
9 #select * from userinfo where username = '%s' and passwd = '%s'
10 #输入:adfs' or 1=1 --
11 # select * from userinfo where username = 'adfs' or 1=1 -- and passwd = '%s' SQL注入成功
12 sql = "select * from userinfo where username = %s and passwd = %s"
13 cursor.execute(sql,[user,passwd])
14 '''
15 sql = "select * from userinfo where username = %(u)s and passwd = %(p)s"
16 cursor.execute(sql,{'u':user,'p':passwd})
17 '''
18 result = cursor.fetchone()
19 cursor.close()
20 conn.close()
21
22 if result:
23 print("登陆成功")
24 else:
25 print("登陆失败")
1 import pymysql
2 conn = pymysql.
3 cursor = conn.c
4 #sql = "insert
5 sql = "insert i
6 #r为受影响的行数
7 r = cursor.exec
8 print(r)
9 #update insert
10 conn.commit()
11 cursor.close()
12 conn.close()
1 import pymysql
2 conn = pymysql.connect(host="localhost",user="root",passwd="",database="db1")
3 cursor = conn.cursor()
4 sql = "select * from userinfo"
5 r = cursor.execute(sql)
6 print(r)
7 cursor.fetchmany(5)
8 #r = cursor.scroll(4,'relative') #相对当前位置移动光标
9 r = cursor.scroll(4,'absolute') #相对绝对位置移动光标
10 #取指定条数数据
11 r = cursor.fetchmany(2)
12 print(r)
13 #全部取完
14 r = cursor.fetchall()
15 print(r)
16 #取一条数据
17 r = cursor.fetchone()
18 print(r)
19 cursor.close()
20 conn.close()
1 import pymysql
2 conn = pymysql.connect(host="localhost",user="root",passwd="",database="db1")
3 cursor = conn.cursor(cursor=pymysql.cursors.DictCursor) #该参数表示以字典形式显示
4 sql = "select * from userinfo"
5 r = cursor.execute(sql)
6 r = cursor.fetchmany(5)
7 print(r)
8 cursor.close()
9 conn.close()
1 cursor.lastrowid #获取自增的最后一行id值
浙公网安备 33010602011771号