热门标签
热门文章
- 1推荐系统(二):协同过滤_sklearn 协同过滤
- 2python学习之美多商城(一):web项目的常见商业模式、开发流程_python b2b
- 3使用Anaconda3的jupyter进行import cv2(解决ModuleNotFoundError: NO module named 'cv2'问题)_jupyterno module named cv2
- 407—《动手学深度学习——Pytorch版》—多层感知机_动手学深度学习pytorch
- 5原深感摄像头与face id实现人脸3D扫描和建模(转)_faceid 3d建模
- 6用计算机计算麦克斯韦方程,有哪些美(牛)到不行的理科公式?
- 7Gitee + Typora,搭建你的免费高速图床_typora+gitee
- 8【uniapp小程序】打印列表UI模板_u-popup safeareainsetbottom
- 9探索OAuth2:现代应用的安全访问控制
- 102024年最新单链表C语言实现附加力扣题_c语言单链单题 力扣(1),面试杀手锏
当前位置: article > 正文
Python操作mysql_python mysql
作者:花生_TL007 | 2024-05-28 00:26:16
赞
踩
python mysql
Python操作mysql
一、python对MySQL的基本操作
1.连接数据
import pymysql
conn = pymysql.connect(host='127.0.0.1', port=3306, user='root', password='root123', charset='utf8')
cursor = conn.cursor()
- 1
- 2
- 3
- 4
2.创建数据库
cursor.execute('create database db01 default charset utf8 collate utf8_general_ci')
conn.commit()
- 1
- 2
3.进入数据库创建表
cursor.execute('use db01')
sql_create_table_l01= """
create table l01(
id int not null primary key auto_increment,
name varchar(32) not null
)default charset=utf8;
"""
cursor.execute(sql_create_table_l01)
conn.commit()
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
4. 查看数据库中的表
cursor.execute('show tables')
result = cursor.fetchall()
print(result)
- 1
- 2
- 3
5.新增数据
cursor.execute("insert into l01(id,name) values('1','流水')")
conn.commit()
- 1
- 2
6.删除
cursor.execute("delete from l01 where id=1")
conn.commit()
- 1
- 2
7.修改数据
cursor.execute("update tb1 set name='xx' where id=1")
conn.commit()
- 1
- 2
8.查询数据
cursor.execute("select * from tb where id>10")
data = cursor.fetchone() # cursor.fetchall()
print(data)
- 1
- 2
- 3
9.关闭数据库
cursor.close()
conn.close()
- 1
- 2
10.执行存储过程
import pymysql conn = pymysql.connect(host='', port=3306, user='', password='', charset=utf8) cursor = conn.cursor(cursor=pymysql.cursors.DictCursor) # 执行存储过程 cursor.callproc('存储过程名称') result = cursor.fetchall() # 得到执行存储过中的结果集 # 执行带参数存储过程 cursor.callproc('存储过程名称', args=('参数1','参数2', '参数3')) # 获取执行完存储的参数 cursor.execute('select @_名称_0') result = cursor.fetchall() # {@_名称_0: 参数} cursor.close() conn.close() print(result)
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
其他略
二、python操作MySQL的应用
1.登录注册
import pymysql def register(): print("用户注册") user = input("请输入用户名:") password = input("请输入密码:") # 连接指定数据 conn = pymysql.connect(host='127.0.0.1', port=3306, user='root', passwd='root123', charset="utf8", db="usersdb") cursor = conn.cursor() sql = 'insert into users(name,password) values("{}","{}")'.format(user, password) cursor.execute(sql) conn.commit() # 关闭数据库连接 cursor.close() conn.close() print("注册成功,用户名:{},密码:{}".format(user, password)) def login(): print("用户登录") user = input("请输入用户名:") password = input("请输入密码:") # 连接指定数据 conn = pymysql.connect(host='127.0.0.1', port=3306, user='root', passwd='root123', charset="utf8", db="usersdb") cursor = conn.cursor() sql = "select * from users where name='{}' and password='{}'".format(user, password) cursor.execute(sql) result = cursor.fetchone() # 去向mysql获取结果 # 关闭数据库连接 cursor.close() conn.close() if result: print("登录成功", result) else: print("登录失败") def run(): choice = input("1.注册;2.登录") if choice == '1': register() elif choice == '2': login() else: print("输入错误") if __name__ == '__main__': run()
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
2.防止sql注入
1.注入示例
import pymysql # 输入用户名和密码 user = input("请输入用户名:") # ' or 1=1 -- pwd = input("请输入密码:") # 123 conn = pymysql.connect(host='127.0.0.1', port=3306, user='root', passwd='root123', charset="utf8",db='usersdb') cursor = conn.cursor() # 基于字符串格式化来 拼接SQL语句 # sql = "select * from users where name='liu' and password='123'" # sql = "select * from users where name='' or 1=1 -- ' and password='123'" sql = "select * from users where name='{}' and password='{}'".format(user, pwd) cursor.execute(sql) result = cursor.fetchone() print(result) # None,不是None cursor.close() conn.close()
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
如果用户在输入user时,输入了: ’ or 1=1 – ,这样即使用户输入的密码不存在,也会可以通过验证。
原因:
在SQL拼接时,拼接后的结果是:
select * from users where name='' or 1=1 -- ' and password='123'
- 1
注意: 在mysql中 – 表示注释
切记, sql语句不要在使用Python的字符串格式化, 而是用pymysql的execute方法
2.防止sql注入示例
import pymysql # 输入用户名和密码 user_name = input('请输入用户名: ') user_pwd = input('请输入密码: ') conn = pymysql.connect(host='', password=3306, user='', passwd='', charset='utf8',db='userdb') cursor = conn.cursor() cursor.execute('select * from users name=s% and password=s%',[user_name, user_pwd]) # 或者 cursor.execute('select * from users where name=%(n1)s and password=%(n2)s',{'n1':user_name, 'n2':user_pwd}) result = cursor.fetchone() print(result) cursor.close() conn.close()
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
3.数据库连接池
在操作数控是需要使用数据库连接池
import pymysql import threading from dbutils.pooled_db import PooledDB MYSQL_DB_POOL = PooledDB( creator=pymysql, # 使用链接数据库的模块 maxconnections=5, # 连接池允许的最大连接数,0和None表示不限制连接数 mincached=2, # 初始化时,链接池中至少创建的空闲的链接,0表示不创建 maxcached=3, # 链接池中最多闲置的链接,0和None不限制 blocking=True, # 连接池中如果没有可用连接后,是否阻塞等待。True,等待;False,不等待然后报错 setsession=[], # 开始会话前执行的命令列表。如:["set datestyle to ...", "set time zone ..."] ping=0, # ping MySQL服务端,检查是否服务可用。 # 如:0 = None = never, 1 = default = whenever it is requested, # 2 = when a cursor is created, 4 = when a query is executed, 7 = always host='', port=3306, user='', password='', database='', charset='' ) def task(): # 去连接池获取一个连接 conn = MYSQL_DB_POOL() cursor = conn.cursor(pymysql.cursors.DictCursor) cursor.execut('select sleep(2)') result = cursor.fetchall() print(result) cursor.close() conn.close() def run(): for i in range(10): t = threading.Thread(target=task) t.start() if __name__ == '__main__': run()
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
4.sql工具类
基于数据库连接池开发一个功能sql操作类,方便以后操作数据库
- 单列和方法
import pymysql from dbutils.pooled_db import PooledDB class DBHelper(object): def __init__(self): # TODO 此处配置,可以去配置文件中读取。 self.pool = PooledDB( creator=pymysql, # 使用链接数据库的模块 maxconnections=5, # 连接池允许的最大连接数,0和None表示不限制连接数 mincached=2, # 初始化时,链接池中至少创建的空闲的链接,0表示不创建 maxcached=3, # 链接池中最多闲置的链接,0和None不限制 blocking=True, # 连接池中如果没有可用连接后,是否阻塞等待。True,等待;False,不等待然后报错 setsession=[], # 开始会话前执行的命令列表。如:["set datestyle to ...", "set time zone ..."] ping=0, # ping MySQL服务端,检查是否服务可用。# 如:0 = None = never, 1 = default = whenever it is requested, 2 = when a cursor is created, 4 = when a query is executed, 7 = always host='127.0.0.1', port=3306, user='root', password='root123', database='userdb', charset='utf8' ) def get_conn_cursor(self): conn = self.pool.connection() cursor = conn.cursor(pymysql.cursors.DictCursor) return conn, cursor def close_conn_cursor(self, *args): for item in args: item.close() def exec(self, sql, **kwargs): conn, cursor = self.get_conn_cursor() cursor.execute(sql, kwargs) conn.commit() self.close_conn_cursor(conn, cursor) def fetch_one(self, sql, **kwargs): conn, cursor = self.get_conn_cursor() cursor.execute(sql, kwargs) result = cursor.fetchone() self.close_conn_cursor(conn, cursor) return result def fetch_all(self, sql, **kwargs): conn, cursor = self.get_conn_cursor() cursor.execute(sql, kwargs) result = cursor.fetchall() self.close_conn_cursor(conn, cursor) return result db = DBHelper()
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
from db import db
db.exec("insert into d1(name) values(%(name)s)", name="Kevin")
ret = db.fetch_one("select * from d1")
print(ret)
ret = db.fetch_one("select * from d1 where id=%(nid)s", nid=3)
print(ret)
ret = db.fetch_all("select * from d1")
print(ret)
ret = db.fetch_all("select * from d1 where id>%(nid)s", nid=2)
print(ret)
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 上下文管理
import threading import pymysql from dbutils.pooled_db import PooledDB POOL = PooledDB( creator=pymysql, # 使用链接数据库的模块 maxconnections=5, # 连接池允许的最大连接数,0和None表示不限制连接数 mincached=2, # 初始化时,链接池中至少创建的空闲的链接,0表示不创建 maxcached=3, # 链接池中最多闲置的链接,0和None不限制 blocking=True, # 连接池中如果没有可用连接后,是否阻塞等待。True,等待;False,不等待然后报错 setsession=[], # 开始会话前执行的命令列表。如:["set datestyle to ...", "set time zone ..."] ping=0, host='127.0.0.1', port=3306, user='root', password='root123', database='userdb', charset='utf8' ) class Connect(object): def __init__(self): self.conn = conn = POOL.connection() self.cursor = conn.cursor(pymysql.cursors.DictCursor) def __enter__(self): return self def __exit__(self, exc_type, exc_val, exc_tb): self.cursor.close() self.conn.close() def exec(self, sql, **kwargs): self.cursor.execute(sql, kwargs) self.conn.commit() def fetch_one(self, sql, **kwargs): self.cursor.execute(sql, kwargs) result = self.cursor.fetchone() return result def fetch_all(self, sql, **kwargs): self.cursor.execute(sql, kwargs) result = self.cursor.fetchall() return result
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
from db_context import Connect
with Connect() as obj:
# print(obj.conn)
# print(obj.cursor)
ret = obj.fetch_one("select * from d1")
print(ret)
ret = obj.fetch_one("select * from d1 where id=%(id)s", id=3)
print(ret)
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/花生_TL007/article/detail/634794
推荐阅读
相关标签
