pymysql 套接字客户端软件
先建立连接到数据库,然后执行sql语句
user = input('user>>: ').strip()
pwd = input('password>>: ').strip()
conn = pymysql.connect(
host='192.168.xx.xxx',
port=3306,
user='root',
password='123',
db='db2',
charset='utf8' # 不是utf-8
)
# 拿到游标
cursor = conn.cursor()
# 执行sql语句认证,不能写成第一种形式
# sql = 'select * from userinfo where name= "%s" and password = "%s"'%(name,password)
# rows = cursor.execute(sql)
sql='select * from userinfo where user = %s and pwd=%s'
rows=cursor.execute(sql,[user,pwd]) # 受影响的行数
# 关闭连接
cursor.close()
conn.close()
# 进行判断
if rows:
print('登录成功')
else:
print('登录失败')
sql语句注释:引号拼接,绕过密码验证
# sql = &#