# import pymysql #pip3 install pymysql
#
# conn=pymysql.connect(
# host='127.0.0.1',
# port=3306,
# user='root',
# password='123',
# database='db42',
# charset='utf8'
# )
# cursor=conn.cursor(pymysql.cursors.DictCursor)
#
#
# inp_user=input('用户名>>:').strip() #inp_user=""
# inp_pwd=input('密码>>:').strip() #inp_pwd=""
# sql="select * from user where username='%s' and password='%s'" %(inp_user,inp_pwd)
# print(sql)
#
#
# rows=cursor.execute(sql)
# if rows:
# print('登录成功')
# else:
# print('登录失败')
#
# cursor.close()
# conn.close()
#
# 在服务端防止sql注入问题:不要自己拼接字符串,让pymysql模块去拼接
import pymysql #pip3 install pymysql
conn=pymysql.connect(
host='127.0.0.1',
port=3306,
user='root',
password='123',
database='db42',
charset='utf8'
)
cursor=conn.cursor(pymysql.cursors.DictCursor)
inp_user=input('用户名>>:').strip() #inp_user=""
inp_pwd=input('密码>>:').strip() #inp_pwd=""
sql="select * from user where username=%s and password=%s"
print(sql)
rows=cursor.execute(sql,(inp_user,inp_pwd))
if rows:
print('登录成功')
else:
print('登录失败')
cursor.close()
conn.close()