¼ÓÈëÊÕ²Ø | ÉèΪÊ×Ò³ | »áÔ±ÖÐÐÄ | ÎÒҪͶ¸å ÍøÕ¾¿ª·¢Íø_°²ÑôÕ¾³¤Íø £¨https://www.0518zz.com/£©- ¿Æ¼¼¡¢½¨Õ¾¡¢¾­Ñé¡¢ÔƼÆËã¡¢5G¡¢´óÊý¾Ý,Õ¾³¤Íø!
µ±Ç°Î»Ö㺠Ê×Ò³ > Õ¾³¤°Ù¿Æ > ÕýÎÄ

9Pythonȫվ֮·ϵÁÐÖ®MySQL SLÊäÈë

·¢²¼Ê±¼ä£º2022-03-19 11:53:08 ËùÊôÀ¸Ä¿£ºÕ¾³¤°Ù¿Æ À´Ô´£º»¥ÁªÍø
µ¼¶Á£ºSQL×¢ÈëÊÇÒ»ÖÖ´úÂë×¢Èë¼¼Êõ£¬¹ýÈ¥³£³£ÓÃÓÚ***Êý¾ÝÇý¶¯ÐÔµÄÓ¦Ó㬱ÈÈ罫¶ñÒâµÄSQL´úÂë×¢Èëµ½Ìض¨×Ö¶ÎÓÃÓÚʵʩ******µÈ¡£ SQL×¢ÈëµÄ³É¹¦±ØÐë½èÖúÓ¦ÓóÌÐòµÄ°²È«Â©¶´£¬ÀýÈçÓû§ÊäÈëûÓо­¹ýÕýÈ·µØ¹ýÂË£¨Õë¶ÔijЩÌض¨×Ö·û´®£©»òÕßûÓÐÌرðÇ¿µ÷ÀàÐ͵Äʱºò£¬¶¼ÈÝ
      SQL×¢ÈëÊÇÒ»ÖÖ´úÂë×¢Èë¼¼Êõ£¬¹ýÈ¥³£³£ÓÃÓÚ***Êý¾ÝÇý¶¯ÐÔµÄÓ¦Ó㬱ÈÈ罫¶ñÒâµÄSQL´úÂë×¢Èëµ½Ìض¨×Ö¶ÎÓÃÓÚʵʩ******µÈ¡£
 
     SQL×¢ÈëµÄ³É¹¦±ØÐë½èÖúÓ¦ÓóÌÐòµÄ°²È«Â©¶´£¬ÀýÈçÓû§ÊäÈëûÓо­¹ýÕýÈ·µØ¹ýÂË£¨Õë¶ÔijЩÌض¨×Ö·û´®£©»òÕßûÓÐÌرðÇ¿µ÷ÀàÐ͵Äʱºò£¬¶¼ÈÝÒ×Ôì³ÉÒì³£µØÖ´ÐÐSQLÓï¾ä¡£
 
     SQL×¢ÈëÊÇÍøÕ¾***ÖÐ×î³£ÓõÄ***¼¼Êõ£¬µ«ÊÇÆäʵSQL×¢Èë¿ÉÒÔÓÃÀ´***ËùÓеÄSQLÊý¾Ý¿â¡£
 
SQL×¢ÈëµÄʵÏÖ
´´½¨SQLdbÊý¾Ý¿â
 
CREATE DATABASE SQLdb;
´´½¨user_info±í
 
CREATE TABLE `user_info` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `username` varchar(32) DEFAULT NULL,
  `password` varchar(32) DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
²åÈëÒ»ÌõÓû§Êý¾Ý
 
²âÊÔµÄÓû§ÃûÊÇansheng£¬ÃÜÂëas
 
insert into user_info(username,password) values("ansheng","as");
Python´úÂë
 
app.pyÎļþ
 
#!/usr/bin/env python
# -*- coding:utf-8 -*-
import tornado.ioloop
import tornado.web
import pymysql
 
class LoginHandler(tornado.web.RequestHandler):
    def get(self, *args, **kwargs):
        self.render('login.html')
    def post(self, *args, **kwargs):
        username = self.get_argument('username', None)
        pwd = self.get_argument('pwd', None)
        conn = pymysql.connect(host='127.0.0.1', port=3306, user='root', passwd='as', db='sqldb')
        cursor = conn.cursor()
        temp = "select username from user_info where username='%s' and password = '%s'" %(username, pwd,)
        effect_row = cursor.execute(temp)
        result = cursor.fetchone()
        conn.commit()
        cursor.close()
        conn.close()
        if result:
            self.write('µÇ¼³É¹¦')
        else:
            self.write('µÇ¼ʧ°Ü')
            
application = tornado.web.Application([
    (r"/login", LoginHandler),
])
 
 
if __name__ == "__main__":
    application.listen(8888)
    tornado.ioloop.IOLoop.instance().start()
HTML´úÂë
 
login.htmlÓëapp.pyÎļþÔÚͬ¼¶
 
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<form action="/login" method="post">
    <input type="text" name="username" placeholder="Óû§Ãû" />
    <input type="text" name="pwd" placeholder="ÃÜÂë" />
    <input type="submit" />
</form>
</body>
</html>
ÑÝʾЧ¹û
 
´ò¿ªä¯ÀÀÆ÷£¬ÊäÈëµØÖ·http://127.0.0.1:8888/login
 
ÌîдÄÚÈÝÈçÏ£º
 
Óû§Ãû£ºasas ' or 1 = 1-- asd
ÃÜÂ룺Ëæ±ãÌîдһ´®×Öĸ
 
Èçͼ£º
 
9Pythonȫվ֮·ϵÁÐÖ®MySQL SL×¢Èë
 
µ±µã»÷Ìá½»µÄʱºòÊÇ·ñ»áÌøתµ½µÇ½³É¹¦Ò³Ã棿Èç¹ûÄãµÄ´úÂëºÍÎÒÒ»Ñù£¬ÄÇô¾Í»áÌøתµ½µÇ½³ÉÒ³Ãæ¡£
 
Ϊʲô³öÏÖÕâÖÖÎÊÌ⣿
³öÏÖÕâ¸öÎÊÌâµÄÖ÷ÒªÔ­Òò¾ÍÊÇÒòΪÎÒÃÇʹÓÃÁË×Ö·û´®Æ´½ÓµÄ·½Ê½À´½øÐÐSQLÖ¸ÁîµÄÆ´½Ó¡£
 
SQLÖ¸ÁîÆ´½Ó´úÂë
 
temp = "select username from user_info where username='%s' and password = '%s'" %(username, pwd,)
ÕâÊÇÒ»¸öÕý³£µÄSQLÆ´½Ó³öÀ´µÄ½á¹û
 
select username from user_info where username='ansheng' and password = 'as'
ÕâÊÇÒ»¸ö·ÇÕý³£µÄSQLÆ´½Ó³öÀ´µÄ½á¹û
 
select username from user_info where username='asas' or 1 = 1  -- asd' and password = 's'
´ÏÃ÷µÄÄãÊÇ·ñÒѾ­¿´µ½ÆäÖеÄÐþ»úÁËÄØ£¿--
 
ÈçºÎ·ÀÖ¹£¿
ͨ¹ýPythonµÄpymysqlÄ£¿éÀ´½øÐÐSQLµÄÖ´ÐУ¬ÔÚpymysqlÄ£¿éÄÚ²¿»á×Ô¶¯°Ñ”'“(µ¥ÒýºÅ×öÒ»¸öÌØÊâµÄ´¦Àí£¬À´Ô¤·ÀÉÏÊöµÄ´íÎó
 
......
effect_row = cursor.execute("select username from user_info where username='%s' and password = '%s'", (username, pwd))
......
#Pythonȫջ֮· #Sql×¢Èë¡£

£¨±à¼­£ºÍøÕ¾¿ª·¢Íø_°²ÑôÕ¾³¤Íø£©

¡¾ÉùÃ÷¡¿±¾Õ¾ÄÚÈݾùÀ´×ÔÍøÂ磬ÆäÏà¹ØÑÔÂÛ½ö´ú±í×÷Õ߸öÈ˹۵㣬²»´ú±í±¾Õ¾Á¢³¡¡£ÈôÎÞÒâÇÖ·¸µ½ÄúµÄȨÀû£¬Ç뼰ʱÓëÁªÏµÕ¾³¤É¾³ýÏà¹ØÄÚÈÝ!
    Ïà¹ØÄÚÈÝ
      ÍƼöÎÄÕÂ
      Õ¾³¤ÍƼö
      ÈȵãÔĶÁ

      ¡¾ÃâÔðÉùÃ÷¡¿±¾Õ¾ÄÚÈÝתÔØ×Ô»¥ÁªÍø£¬Æä·¢²¼ÄÚÈÝÑÔÂÛ²»´ú±í±¾Õ¾¹Ûµã£¬Èç¹ûÆäÁ´½Ó¡¢ÄÚÈݵÄÇÖ·¸ÄúµÄȨÒ棬·³ÇëÌá½»Ïà¹ØÁ´½ÓÖÁÓÊÏäbqsm@foxmail.comÎÒÃǽ«¼°Ê±ÓèÒÔ´¦Àí¡£

      ½¨ÒéÄúʹÓÃ1920¡Á1080·Ö±æÂÊ¡¢¹È¸èä¯ÀÀÆ÷Google Chrome¡¢Microsoft EdgeÒÔ»ñµÃ±¾Õ¾µÄ×î¼Ñä¯ÀÀЧ¹û

      Copygight © 2008-2022 https://www.0518zz.com/ All Rights Reserved. ÍøÕ¾¿ª·¢Íø_°²ÑôÕ¾³¤Íø