程序師世界是廣大編程愛好者互助、分享、學習的平台,程序師世界有你更精彩!
首頁
編程語言
C語言|JAVA編程
Python編程
網頁編程
ASP編程|PHP編程
JSP編程
數據庫知識
MYSQL數據庫|SqlServer數據庫
Oracle數據庫|DB2數據庫
您现在的位置: 程式師世界 >> 編程語言 >  >> 更多編程語言 >> Python

MySQL learning -- Python operation MySQL 1231

編輯:Python

Mysql Study ---Python operation Mysql 1231


install PyMysql

install PyMysql:​Py3 Default by oneself pip3 install ,Py2 The default is no pip command

cmd Get into PyCharm To complete the installation pip3 install pymysql

​​

Where the installation is complete :E:\PyCharm 2017.2.4\Python3.2.5\Lib\site-packages

​​

Fault handling : Update the default Python install

​​

Py Lower operation Mysql

PyMySQL   ​- Dedicated to the operation of MySQLpython modular , Py2 and Py3 Compatible with

                   ​- MySQLdb(py3 Temporarily not supported MySQLdb)

Basic operation : Add information ——Insert

# -*- coding:utf-8 -*-

import pymysql

# Create connection
conn = pymysql.connect(host='127.0.0.1', port=3306, user='root', passwd='', db='test_python', charset='utf8')
# Create cursors
cursor = conn.cursor() # Default is tuple , Can be changed to dictionary type
# The first one is : Directly inserted into the
# perform SQL, And return the number of affected rows
insert_effect_row = cursor.execute("insert into course(cname, teacher_id) VALUES ('hhhh43hhkkhh', '2')")
inp = input(' Please enter a name :')
inp2 = input(' Please enter the teacher ID:')
# The second kind : String splicing
# sql = 'insert into course(cname) VALUES ("%s")' %inp
# cursor.execute(sql) # String splicing can be used , But it's easy to cause sql Injection is not recommended
# The third kind of : Parameter passing , utilize %s Make a placeholder , Pass in parameters ,PyMysql Internal help us transform
insert_effect_row_sec = cursor.execute("insert into course(cname, teacher_id) VALUES (%s, %s)", (inp, inp2)) # Parameter passing
# A fourth : Insertion of multiple messages
li = [
(' WOW! 1', 1),
(' WOW! 2', 2),
(' WOW! 3', 3),
]
executmany = cursor.executemany("insert into course(cname, teacher_id) VALUES (%s, %s)", li) # Pass in an iteratable type
print('executmany:', executmany) # executmany: 3 , Modification successful 3 strip
# Submit , Otherwise, new or modified data cannot be saved
conn.commit()
# Close cursor
cursor.close()
# Close the connection
conn.close()
  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.

​​

Basic operation : find information ——Select

# -*- coding:utf-8 -*-

import pymysql
# Create connection
conn = pymysql.connect(host='127.0.0.1', port=3306, user='root', passwd='', db='test_python', charset='utf8')
# Create cursors
cursor = conn.cursor()
ret = cursor.execute('select * from student') # Only data is loaded into memory , need fetch Value
print(ret) # Number of results found
# The first one is : Print directly , When there is a large amount of data, it is easy to run out of memory ( There is a pointer index inside )
# r = cursor.fetchall()
# print(' Take out all the values \n', r) # Print the results , The result is a tuple
# The second kind : Take it out of memory 1 Data , At this point, the data has been loaded into memory
r1 = cursor.fetchone()
print(' Take out one \n:', r1)
# The third kind of : Take it out of memory 3 Data , At this point, the data has been loaded into memory
r3 = cursor.fetchmany(3)
print(' Take out three \n:', r3)
# A fourth : Operation pointer fetches data
# cursor.scroll(0, mode='relative') # The relative position , Pointer index regression 0, +1/-1 It means up / Down
# r4 = cursor.fetchmany(3)
# print(' The relative index takes out three \n:', r4) # From 5 Starting value : ((5, ' Woman ', 1, ' Zhang Er '), (6, ' male ', 1, ' Zhang Si '), (7, ' Woman ', 2, ' Hammer '))
cursor.scroll(0, mode='absolute') # Absolute position , Pointer index regression 0
r5 = cursor.fetchmany(3)
print(' The absolute index takes out three \n:', r5) # From 0 The first position starts to take values : ((1, ' male ', 1, ' understand '), (2, ' Woman ', 1, ' Steel egg '), (3, ' male ', 1, ' Zhang San '))
# Close cursor
cursor.close()
# Close the connection
conn.close()
  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.

​​

Basic operation : Change information ——Update

# -*- coding:utf-8 -*-

import pymysql

# Create connection
conn = pymysql.connect(host='127.0.0.1', port=3306, user='root', passwd='', db='test_python', charset='utf8')
# Create cursors
cursor = conn.cursor()
inp = input(' Please enter the updated information :')
ret = cursor.execute("update course set cname = %s where cname = ' WOW! 4'", inp)
ret2 = cursor.execute("update course set cname = %s where cname = ' WOW! 1'", inp)
# Submit , Otherwise, new or modified data cannot be saved
conn.commit()
print(' Does not exist and updates the result :', ret, '\r\n Exists and updates the result :', ret2)
# Close cursor
cursor.close()
# Close the connection
conn.close()
  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.

​​

Basic operation : Delete the information ——Delete

# -*- coding:utf-8 -*-

import pymysql

# Create connection
conn = pymysql.connect(host='127.0.0.1', port=3306, user='root', passwd='', db='test_python', charset='utf8')
# Create cursors
cursor = conn.cursor()
inp = input(' Please enter the updated information :')
ret = cursor.execute("update course set cname = %s where cname = ' WOW! 4'", inp)
ret2 = cursor.execute("update course set cname = %s where cname = ' WOW! 1'", inp)
# Submit , Otherwise, new or modified data cannot be saved
conn.commit()
print(' Does not exist and updates the result :', ret, '\r\n Exists and updates the result :', ret2)
# Close cursor
cursor.close()
# Close the connection
conn.close()
  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.

​​

Other operating : Change the return value of the cursor to dictionary

# -*- coding:utf-8 -*-

import pymysql

# Create connection
conn = pymysql.connect(host='127.0.0.1', port=3306, user='root', passwd='', db='test_python', charset='utf8')
# Create cursors
cursor = conn.cursor(cursor=pymysql.cursors.DictCursor)
cursor.execute('select cid as id , cname as name from course') # You can change the... Of the principle dictionary key[cname] by name
print(cursor.fetchall()) # You can take values according to the dictionary
# Close cursor
cursor.close()
# Close the connection
conn.close()
  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.

​​

Other operating : Gain self increase ID

#!/usr/bin/env python

# -*- coding:utf-8 -*-
import pymysql

conn = pymysql.connect(host='127.0.0.1', port=3306, user='root', passwd='', db='test_python', charset='utf8')
cursor = conn.cursor()
cursor.executemany("insert into course(cname, teacher_id)values(%s,%s)", [(" Pepsi Cola ", 1), (" Coca Cola ", 2)])
conn.commit()
# Get the latest self increment ID
new_id = cursor.lastrowid
print(new_id)
cursor.close()
conn.close()
  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.

prevent SQL Method of injection

prevent SQL Method of injection :


1. stored procedure   

2. Place holder stitching   Remember to use string concatenation


SQL Inject : Changed the original sql sentence , Splicing is not recommended , Recommended parameter transfer

# -*- coding:utf-8 -*-

import pymysql

# Create connection
conn = pymysql.connect(host='127.0.0.1', port=3306, user='root', passwd='', db='test_python', charset='utf8')
# Create cursors
cursor = conn.cursor()
sql = 'select * from course where cid = "%s" and cname = "%s"'
# sql = sql % ('24', ' WOW! 3') # normal
sql = sql % ('24"-- ', ' WOW! 3') # SQL Injection value , Comment out the following content
# sql = sql % ('24" or 1=1 -- ', ' WOW! 3') # SQL Injection value , The latter condition is always true , All results can be queried
print(sql)
ret = cursor.execute(sql);
r = cursor.fetchall()
print(' Execution results :', r)
# Close cursor
cursor.close()
# Close the connection
conn.close()
  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.

​​


author :​​ Small a ninety-seven ​​​​

-------------------------------------------

Individuality signature : Everything is good in the end , If it's not good , That means things haven't come to the end yet ~

The copyright of this article belongs to the author 【​​ Small a ninety-seven ​​​】, Welcome to reprint , However, this statement must be retained without the consent of the author , And in the article page obvious position gives the original link , Otherwise, the right to pursue legal responsibility is reserved !




  1. 上一篇文章:
  2. 下一篇文章:
Copyright © 程式師世界 All Rights Reserved