Mysql database operations using python

Others 2019-09-28 03:42:26 views: null

A, pymysql use

1. First pymysql installation module (CMD command window) in python.

pip install pymsql
After installation is complete introduction
import pymysql

Necessary parameters 2.pyysql connection to the database: host, port, user name. Password, database

Note: pymysql not provide services to create the database, the database to be created in advance

3. Connect the steps of:

-1 establish a database connection object conn
-2. Mysql creation of the cursor (cursor object) by conn
-3. Sql statement written to the cursor execution
-4. If the query, but also by the cursor object, get results
-5 operation is completed, and the operation port is connected

-1 establish a database connection object conn

conn = pymysql.connect(user='用户名',passwd='密码',database='数据库名')
# 例 conn = pymysql.connect(user='root', passwd='root', database='oldboy')

-2. Mysql creation of the cursor (cursor object) by conn

Note: The cursor does not set parameters, the results of the query is the set of data elements, data does not identify the sex
settings pymysql.cursor.DictCursor, the result of the query is a dictionary, key table columns

cursor = conn.cursor(pymysql.cursors.DictCursor)

-3. Sql statement written to the cursor execution

Create a table

sql1='create table t1(id int,x int,y int)'
cursor,execute(sql1)

increase

sql2 = 'insert into t1 values(%s, %s, %s)'

# execute一次增加1条记录
cursor.execute(sql2,(1,10,100)).
cursor.execute(sql2,(1,10,100))

# 重点:在创建conn对象时,不设置autocommit,默认开启事务,增删改操作不会直接映射到数据库中
# 需要执行conn.commit() 动作
conn.commit()

# executemany一次增加多条记录
cursor.executemany(sql2,[(3,30,300),(4,40,400)])
conn.commit()

delete

sq3 = 'delete from t1 where id=%s'
cursor.execute(sql3,4)
conn.commit()

change

sql4 = 'update t1 set y=666 where id=%s'
cursor.execute(sql4,4)
conn.commit()

check

sql5 = 'select * from t1'
row = cursor.execute(sql5) # 返回值是受影响的行数
print(row)

# -4.如果是查询,通过 cursor对象、获取结果
# fetchone() 偏移一条取出,fetchmany(n) 偏移n条取出,fetchall(偏移全部取出)
r1 = cursor.fetchone()
print(r1)
r2 = cursor.fetchone()
print(r2)
r3 = cursor.fetchmany(1)
print(r3)
r4 = cursor.fetchcall()
print(r4)

# -5操作完毕后。端口操作与连接
cursor.close()
conn.close()

Second, the cursor operation

import pymysql
from pymysql.cursors import DictCursor

# 1 建立数据库连接
conn = pymysql.connect(user='tomjoy',passwd='123456',db='db1')
# 2 通过conn创建操作sql的游标对象
cursor = conn.cursor(DictCursor)
# 3.编写sql交给 cursor 执行
sql = 'select * from t1 '
# 4 如果是查询,通过cursor对象 获取结果
row = cursor.execute(sql)
if row:
    r1 = cursor.fetchmany(2)
    print(r1)

    # 操作游标
    # cursor.scroll(0,'absolute') # absolute绝对偏移,游标重置,从头开始偏移
    cursor.scroll(-2,'relative') # relative相对偏移,游标在当前位置进行左右偏移

    r2 = cursor.fetchone()
    print(r2)

# 5.操作完毕,端口操作与连接
cursor.close()
conn.close()

Three, pymysql affairs

import pymysql
from pymysql.cursors import DictCursor
conn = pymysql.connect(user='tomjoy',passwd='123456',db='db2')
cursor = conn.cursor(DictCursor)

try:
    sql = 'create table t3(id int, name char(4), money int )'
    row = cursor.execute(sql)
    print(row)
except:
    print('表已创建')
    pass

# 空表才插入
row = cursor.execute('select * from t3')
if not row:
    sql = 'insert into t3 values(%s,%s,%s)'
    row = cursor.executemany(sql,[(1,'tom',10),(2,'BOb',20)])
    conn.commit()

# 可能会出现异常的sql
'''
try:
    sql1 = 'update t3 set money=money-1 where name="tom"'
    cursor.execute(sql1)
    sql2 = 'update t3 set money=money+1 where name="Bob"'
    cursor.execute(sql2)
except:
    print('转账执行异常')
    conn.rollback()
else:
    print('转账成功')
    conn.commit()
'''

# 以上方法还是有漏洞的,如果对方账户不是在该表的,sql语句正确还是会执行,导致数据的丢失。如下例子可以解决这个问题
try:
    sql1 = 'update t3 set money=money-1 where name="tom"'
    r1 = cursor.execute(sql1)
    sql2 = 'update t3 set money=money+1 where name="Bob"'
    r2 = cursor.execute(sql2)
except:
    print('转账执行异常')
    conn.rollback()
else:
    print('转账没有异常')
    if r1 == 1 and r2 == 1:
        print('转账成功')
        conn.commit()
    else:
        print('对方账户有误')
        conn.rollback()

Four, sql injection

import pymysql
from pymysql.cursors import DictCursor
conn = pymysql.connect(user='tomjoy',passwd='123456',db='db2')
cursor = conn.cursor(DictCursor)

try:
    sql = 'create table user(id int, name char(4),password char(6))'
    row = cursor.execute(sql)
    print(row)
except:
    print('表已创建')
    pass

# 空表才插入
row = cursor.execute('select * from user')
if not row:
    sql = 'insert into user values(%s,%s,%s)'
    row = cursor.executemany(sql,[(1,'tom','123'),(2,'BOb','456')])
    conn.commit()


# 用户登陆
usr = input('usr: ')
pwd = input('pwd: ')

# 自己拼接参数一定有sql注入,将连接的占位填充交给pymysql

# 以下写法是 有漏洞的
'''
sql = 'select * from user where name="%s" and password=%s' %(usr,pwd)
row = cursor.execute(sql)
if row:
    print('登陆成功')
else:
    print('登陆失败')
'''
# 分析:
# 当我们知道用户名时:
# 输入用户时:
# tom => select * from user where name="tom" and password=%s
# 如果我们输入tom" #  相当于把后面的一串语句注释了,所以只需要判断用户是否存在就可以登陆进去了,不需要判断密码。
# tom" # => select * from user where name="tom" #" and password=%s

# 不自定义用户名时:
# 输入 " or 1=1 # 相当于判断一个空用户或者1=1是否成立就可以登陆进去,用户名密码都不需要判断直接登陆进去了
# " or 1=1 # =》 select * from user where name="" or 1=1 #" and password=%s

# 正确的写法:
sql= 'select * from user where name=%s and password=%s'
row = cursor.execute(sql,(usr,pwd))
if row:
    print('登陆成功')
else:
    print('登陆失败')

V. Index

# 索引就是 键 - key

'''
1.键是添加给数据库表的 字段的
2.给表创建 键 后,该表不仅会形成 表结构、表数据,还有键的 B+结构图
3.键的结构图是需要维护的,在数据完成增、删、改操作时,只要影响到
    有键的字段,结构图都要维护一次,所以创建后一定会降低 增、删、改的效率
4.键可以极大地加快查询速度(开发需求中,几乎业务都和查有关系)
5.建立键的方式: 主键、外键、唯一键、index
'''

import pymysql
from pymysql.cursors import DictCursor
conn = pymysql.connect(user='tomjoy',passwd='123456',db='db2')
cursor = conn.cursor(DictCursor)

# 创建两张表
# sql = 'create table a1(id int primary key auto_increment,x int,y int)'
# cursor.execute(sql)
#
sq2 = 'create table a2(id int primary key auto_increment,x int,y int,index(x))'
cursor.execute(sq2)
#
# # 每个表插入5000条数据
# import random
# for i in range(1,5001):
#     x = i
#     y = random.randint(1,5000)
#     cursor.execute('insert into a3(x,y) values(%s,%s)',(x,y))
#     cursor.execute('insert into a4(x,y) values(%s,%s)',(x,y))
# conn.commit()


import time
# a1的x、a1的id,a2的x
start = time.time()
sql = 'select * from a1 where id=4975'
cursor.execute(sql)
end = time.time()
print(end-start)

start = time.time()
sql = 'select * from a1 where x=4975'
cursor.execute(sql)
end = time.time()
print(end-start)


start = time.time()
sql = 'select * from a2 where x=4975'
cursor.execute(sql)
end = time.time()
print(end-start)


# 使用 列表推导式 插入数据
# [cursor.execute('insert into a8(x,y) values(%s,%s)',(x,y)) for x,y in enumerate(range(1,5001)) ]
# conn.commit()

Guess you like

Origin www.cnblogs.com/guapitomjoy/p/11599746.html
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com