import mysql.connector
config = {
"host":"localhost","port":"3307","user":"root","password":"jinhua911love","database":"demo"
}
con = mysql.connector.connect(**config)
游标(Cursor)
MySQL Connector里面的游标用来执行SQL语句,而且查询的结果集也会保存在游标之中 cursor = con.cursor() cursor.execute( sql语句)
执行sql语句
cursor=con.cursor()
sql ="SELECT empno,ename,hiredate FROM t_emp;"
cursor.execute(sql)for one in cursor:print(one[0], one[1], one[2])
7369 SMITH 1980-12-17
7499 ALLEN 1981-02-20
7521 WARD 1981-02-22
7566 JONES 1981-04-02
7654 MARTIN 1981-09-28
7698 BLAKE 1981-05-01
7782 CLARK 1981-06-09
7788 SCOTT 1982-12-09
7839 KING 1981-11-17
7844 TURNER 1981-09-08
7876 ADAMS 1983-01-12
7900 JAMES 1981-12-03
7902 FORD 1981-12-03
7934 MILLER 1982-01-23
Process finished with exit code 0
SQL注入攻击案例
username="1 OR 1=1";
password="1 OR 1=1";
sql="SELECT COUNT(*) FROM t_user WHERE
username="+username+" AND
AES_DECRYPT(UNHEX(password) , 'HelloWorld' ) ="+password;
cursor.execute(sql);
print( cursor.fetchone()[0]);
SQL注入攻击的危害
由于SQL语句是解释型语言,所以在拼接SQL语句的时候,容易被注入恶意的SQL语句 id = "1 OR 1=1" sql = "DELETE FROM t_news WHERE id=" + id;
SQL预编译机制
预编译SQL就是数据库提前把SQL语句编译成二进制,这样反复执行同一条SQL语句的效率就会提升
sql="INSERT INTO
t_emp(empno,ename,job,mgr,hiredate,sal,comm,deptno)
VALUES(%s,%s,%s,%s,%s,%s,%s,%s)";
SQL预编译机制抵御注入攻击
SQL语句编译的过程中,关键字已经被解析过了,所以向编译后的SQL语句传入参数,都被当做字符串处理,数据库不会解析其中注入的SQL语句 id = "1 OR 1=1" sql = "DELETE FROM t_news WHERE id=%s";
预防SQL注入攻击
username="1 OR 1=1"
password="1 OR 1=1"
sql ="SELECT COUNT(*) FROM t_user WHERE username=%s " \
"AND AES_DECRYPT(UNHEX(password)),'HelloWorld')=%s;"
cursor=con.cursor()
cursor.execute(sql,(username,password))print(cursor.fetchone()[0])