Overview
In Python, the “WHERE” statement is used to get filtered data from a MySQL table.
import mysql.connector
mydb = mysql.connector.connect(
host="localhost",
user="myusername",
password="mypassword",
database="mydatabase"
)
mycursor = mydb.cursor()
sql = "SELECT * FROM customers WHERE age = 12"
mycursor.execute(sql)
myresult = mycursor.fetchall()
for x in myresult:
print(x)Output:
(2, 'Johnny', 12)Filtering with Wildcard Characters
The % to represent wildcard characters, allowing the selection of records that start, includes, or ends with a specified letter or phrase.
import mysql.connector
mydb = mysql.connector.connect(
host="localhost",
user="myusername",
password="mypassword",
database="mydatabase"
)
mycursor = mydb.cursor()
sql = "SELECT * FROM customers WHERE name Like '%nny%'"
mycursor.execute(sql)
myresult = mycursor.fetchall()
for x in myresult:
print(x)Output:
(2, 'Johnny', 12)Preventing SQL Injection
To prevent SQL injections, which is a common web hacking technique to destroy or misuse your database, certain values should be escaped using the mysql.connector module.
import mysql.connector
mydb = mysql.connector.connect(
host="localhost",
user="myusername",
password="mypassword",
database="mydatabase"
)
mycursor = mydb.cursor()
sql = "SELECT * FROM customers WHERE name = %s"
name = ("Johnny", )
mycursor.execute(sql, name)
myresult = mycursor.fetchall()
for x in myresult:
print(x)Output:
(2, 'Johnny', 12)Python Notes:
- The most recent major version of Python is Python 3; however, Python 2 is still in use and quite popular, although not being updated with anything other than security updates
- Python uses new lines to complete a command, as opposed to other programming languages which often use semicolons or parentheses
- Python relies on indentation, using whitespace to define scope, such as the scope of loops, functions, and classes; other programming languages often use curly-brackets for this purpose
- Python string methods return new values, and DO NOT change the original string
- Python tuples are unchangeable after created (their items CANNOT be changed or re-ordered at a later point)
- Python sets are unordered (may appear in random orders when called), unchangeable (the value of individual items cannot be changed after creation), unindexed (items cannot be referred to by index or key), and duplicates are NOT ALLOWED
- As of v3.7, Python dictionaries are ordered and duplicates ARE ALLOWED; in v3.6 and earlier, dictionaries were unordered (did not have a defined order and could not be referred to using an index)
- Python does not have built-in support for arrays, but Python lists can be used as pseudo “arrays”; therefore, all Python list methods will work with these pseudo “arrays”
We’d like to acknowledge that we learned a great deal of our coding from W3Schools and TutorialsPoint, borrowing heavily from their teaching process and excellent code examples. We highly recommend both sites to deepen your experience, and further your coding journey. We’re just hitting the basics here at 1SMARTchicken.