增删改
from pymysql import connect
# 创建Connection连接
conn = connect(host='localhost',port=3306,database='tsgf',user='root',password='123456',charset='utf8')
# 获得Cursor对象
cursor = conn.cursor()
#print(cursor.execute("""insert into goods_cates (name) values ("硬盘")"""))
#print(cursor.execute("""insert into goods_cates (name) values ("硬盘2")"""))
#print(cursor.execute("""insert into goods_cates (name) values ("硬盘3")"""))
#conn.commit()
print(cursor.execute("""insert into goods_cates (name) values ("硬盘3")"""))
print(cursor.execute("""insert into goods_cates (name) values ("硬盘4")"""))
conn.rollback()#如果反悔时用
print(cursor.execute("""insert into goods_cates (name) values ("硬盘4")"""))
conn.commit()
添加分类
from pymysql import connect
class TSGF(object):
def __init__(self):
# 创建Connection连接
self.conn = connect(host='localhost',port=3306,user='root',password='123456',database='tsgf',charset='utf8')
# 获得Cursor对象
self.cursor = self.conn.cursor()
def __del__(self):
#关闭Cursor对象
cursor.close()
conn.close()
def execute_sql(self, sql):
self.cursor.execute(sql)
for temp in self.cursor.fetchall():
print(temp)
def show_all_items(self):
"""显示所有的商品"""
sql = "select * form goods;"
self.execute_sql(sql)
def show_cates(self):
sql = "select name form goods_cates;"
self.execute_sql(sql)
def show_brands(self):
sql = "select name form goods_brands;"
self.execute_sql(sql)
def add_cates(self):
item_name = input("请输入新商品分类的名称:")
sql = """insert into goods_cates (name) values("%s");""" % item_name
self.cursor.execute(sql)
self.conn.commit()
@staticmethod
def print_menu():
print('------天使工房------')
print('1:所有的商品')
print('2:所有的商品分类')
print('3:所有的商品品牌分类')
print('4:添加商品分类')
return input('请输入功能对应的序号:')
def run(self):
while True:
num = self.print_menu()
if num == '1':
#查询所有商品
self.show_all_items()
elif num == '2':
#查询分类
self.show_cates()
elif num =='3':
#查询品牌分类
self.show_brands()
elif num == '4':
self.add_cates()
else:
print('请重新输入----')
def main():
#1,创建一个天使工房商城对象
tsgf = TSGF()
#2,调用这个对象run方法。让其运行
tsgf.run()
if __name__=='__main__':
main()
SQL注入
from pymysql import connect
class TSGF(object):
def __init__(self):
# 创建Connection连接
self.conn = connect(host='localhost',port=3306,user='root',password='123456',database='tsgf',charset='utf8')
# 获得Cursor对象
self.cursor = self.conn.cursor()
def __del__(self):
#关闭Cursor对象
cursor.close()
conn.close()
def execute_sql(self, sql):
self.cursor.execute(sql)
for temp in self.cursor.fetchall():
print(temp)
def show_all_items(self):
"""显示所有的商品"""
sql = "select * form goods;"
self.execute_sql(sql)
def show_cates(self):
sql = "select name form goods_cates;"
self.execute_sql(sql)
def show_brands(self):
sql = "select name form goods_brands;"
self.execute_sql(sql)
def add_cates(self):
item_name = input("请输入新商品分类的名称:")
sql = """insert into goods_cates (name) values("%s");""" % item_name
self.cursor.execute(sql)
self.conn.commit()
def get_info_by_name(self):
find_name = input('请输入要查询的商品名字:')
# sql = """select * from goods where name="%s";""" % find_name
# print("-->%s<--" % sql)
# self.execute_sql(sql)
sql = 'select * from goods where name=%s'#防止SQL注入
self.cursor.execute(sql,[find_name])
print(self.cursor.fetchall())
@staticmethod
def print_menu():
print('------天使工房------')
print('1:所有的商品')
print('2:所有的商品分类')
print('3:所有的商品品牌分类')
print('4:添加商品分类')
print('5:删除商品分类')
print('6:修改商品分类')
print('7:根据名字查询商品')
return input('请输入功能对应的序号:')
def run(self):
while True:
num = self.print_menu()
if num == '1':
#查询所有商品
self.show_all_items()
elif num == '2':
#查询分类
self.show_cates()
elif num =='3':
#查询品牌分类
self.show_brands()
elif num == '4':
self.add_cates()
elif num == '5':
#删除商品分类
elif num == '6':
#修改商品分类
elif num == '7':
#根据名字查询商品
else:
print('请重新输入----')
def main():
#1,创建一个天使工房商城对象
tsgf = TSGF()
#2,调用这个对象run方法。让其运行
tsgf.run()
if __name__=='__main__':
main()