1.修改main.py文件中的verify_user函数 2.在UseSqlite.py文件中的Sqlite3Template类下添加了三个函数instructions_with_parameters do_with_parameters operate_with_parameters

Lanhui-add-articles
张小飞 2021-05-29 21:39:28 +08:00
parent 6bbc5839b7
commit aa182609ae
2 changed files with 16 additions and 2 deletions

View File

@ -31,6 +31,20 @@ class Sqlite3Template:
self.connect(self.db_fname) self.connect(self.db_fname)
self.instructions(self.query) self.instructions(self.query)
self.operate() self.operate()
def instructions_with_parameters(self, query_statement, parameters):
self.query = query_statement
self.parameters = parameters
def do_with_parameters(self):
self.connect(self.db_fname)
self.instructions_with_parameters(self.query, self.parameters)
self.operate_with_parameters()
def operate_with_parameters(self):
self.conn.row_factory = sqlite3.Row
self.results = self.conn.execute(self.query, self.parameters) # self.query is to be given in the child classes
self.conn.commit()
class InsertQuery(Sqlite3Template): class InsertQuery(Sqlite3Template):

View File

@ -38,8 +38,8 @@ def load_freq_history(path):
def verify_user(username, password): def verify_user(username, password):
rq = RecordQuery(path_prefix + 'static/wordfreqapp.db') rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
rq.instructions("SELECT * FROM user WHERE name='%s' AND password='%s'" % (username, password)) rq.instructions_with_parameters("SELECT * FROM user WHERE name=? AND password=?", (username, password))
rq.do() rq.do_with_parameters()
result = rq.get_results() result = rq.get_results()
return result != [] return result != []