Tuesday , March 19 2024
Python MySQL Where

Python MySQL Where

6 Python MySQL Where

Python MySQL Where

In [14]:
import mysql.connector
mydb = mysql.connector.connect(
  host="localhost",
  user="root",
  passwd="",
  database="itronix"
)
mycursor = mydb.cursor()
sql = "SELECT * FROM customers WHERE address ='Ludhiana'"
mycursor.execute(sql)
myresult = mycursor.fetchall()
for x in myresult:
    print(x)
(1, 'Karan', 'Ludhiana')

Wildcard Characters

You can also select the records that starts, includes, or ends with a given letter or phrase.

  • Use the % to represent wildcard characters:
In [15]:
import mysql.connector
mydb = mysql.connector.connect(
  host="localhost",
  user="root",
  passwd="",
  database="itronix"
)
mycursor = mydb.cursor()
sql = "SELECT * FROM customers WHERE address LIKE '%lud%'"
mycursor.execute(sql)
myresult = mycursor.fetchall()
for x in myresult:
    print(x)
(1, 'Karan', 'Ludhiana')

Prevent SQL Injection

  • When query values are provided by the user, you should escape the values.
  • This is to prevent SQL injections, which is a common web hacking technique to destroy or misuse your database.
  • The mysql.connector module has methods to escape query values:
In [16]:
import mysql.connector
mydb = mysql.connector.connect(
  host="localhost",
  user="root",
  passwd="",
  database="itronix"
)
mycursor = mydb.cursor()
sql = "SELECT * FROM customers WHERE address = %s"
adr = ("Otawa 4", )
mycursor.execute(sql, adr)
myresult = mycursor.fetchall()
for x in myresult:
    print(x)
(3, 'Keisha', 'Otawa 4')

About Machine Learning

Check Also

Python MySQL Insert Into Table

Python MySQL Insert Into Table

4 Python MySQL Insert Into Table Python MySQL Insert Into Table¶To fill a table in …

Leave a Reply

Your email address will not be published. Required fields are marked *