Python--sql注入

最新推荐文章于 2024-05-23 16:17:43 发布

weixin_34236497

最新推荐文章于 2024-05-23 16:17:43 发布

阅读量92

点赞数

文章标签： python

原文链接：http://www.cnblogs.com/wangsilei/p/8407282.html

版权

import pymysql

conn = pymysql.connect(host='211.149.218.16', user='jxz', password='123456', db='jxz', port=3306, charset='utf8')
cur = conn.cursor(cursor=pymysql.cursors.DictCursor)
name = 'zdq'
sex = 0
cur.execute('select * from bt_stu where real_name=%s and sex=%s', (name, sex))  # 可以防止sql注入
print(cur.fetchall())


def test(a, b):
    print(a, b)


li = [1, 2]
test(*li)
d = {'a': '123', 'b': '456'}
test(**d)


def op_mysql_new(sql1, *data):
    # 利用*data可变参数，就能防止sql注入
    print(sql1)
    print(data)
    cur.execute(sql1, data)
    print(cur.fetchall())


sql = 'select * from user where username=%s and id=%s'
name = 'haha'
id1 = 140
op_mysql_new(sql, name, id1)

# 同时执行多个sql  executemany
sql = 'insert into seq (blue,red,date) values (%s,%s,%s)'
all_res = [
    ['16', '01,02,03,05,09,06', '2018-01-28'],
    ['15', '01,02,03,05,09,06', '2018-01-28'],
    ['14', '01,02,03,05,09,06', '2018-01-28'],
    ['13', '01,02,03,05,09,06', '2018-01-28'],
    ['13', '01,02,03,05,09,06', '2018-01-28'],
    ['13', '01,02,03,05,09,06', '2018-01-28'],
    ['13', '01,02,03,05,09,06', '2018-01-28'],
    ['13', '01,02,03,05,09,06', '2018-01-28'],
    ['13', '01,02,03,05,09,06', '2018-01-28'],
    ['13', '01,02,03,05,09,06', '2018-01-28'],
    ['13', '01,02,03,05,09,06', '2018-01-28'],
    ['13', '01,02,03,05,09,06', '2018-01-28'],
]
cur.executemany(sql, all_res)
conn.commit()

转载于:https://www.cnblogs.com/wangsilei/p/8407282.html

weixin_34236497

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
Python--sql注入

import pymysqlconn = pymysql.connect(host='211.149.218.16', user='jxz', password='123456', db='jxz', port=3306, charset='utf8')cur = conn.cursor(cursor=pymysql.cursors.DictCursor)name = 'zdq'sex = 0cu...
复制链接

扫一扫