利用原生SQL查询数据
Django ORM功能强大,但在一些不明确映射至模型的查询语句时,代码编辑困难
利用原生SQL,跳过模型层,直接执行SQL语句,有时候会更方便一点,但也会存在注入SQL的风险;
Django有两种执行原生SQL的方式:
1、Manager.row()
#模型类
class Person(models.Model):
first_name = models.CharField(...)
last_name = models.CharField(...)
birth_date = models.DateField(...)
#执行方法
#Manager.raw(raw_query, params=(), translations=None)
for p in Person.objects.raw("SELECT * FROM myapp_person"):
print(p)
2、自定义方法直接执行SQL
def query_all_dict(sql, params=None):
'''
查询所有结果返回字典类型数据
:param sql:
:param params:
:return:
'''
with connections['connect_name'].cursor() as cursor:
if params:
cursor.execute(sql, params=params)
else:
cursor.execute(sql)
col_names = [desc[0] for desc in cursor.description]
row = cursor.fetchall()
rowList = []
for list in row:
tMap = dict(zip(col_names, list))
rowList.append(tMap)
cursor.close()
return rowList