sqlmap/plugins/dbms/h2/syntax.py

#!/usr/bin/env python

"""
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

from lib.core.convert import getOrds
from plugins.generic.syntax import Syntax as GenericSyntax

class Syntax(GenericSyntax):
    @staticmethod
    def escape(expression, quote=True):
        """
        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT CHAR(97)||CHAR(98)||CHAR(99)||CHAR(100)||CHAR(101)||CHAR(102)||CHAR(103)||CHAR(104) FROM foobar"
        True
        """

        def escaper(value):
            return "||".join("CHAR(%d)" % _ for _ in getOrds(value))

        return Syntax._escape(expression, quote, escaper)
Last preparations for DREI 2019-05-08 13:47:52 +03:00			`#!/usr/bin/env python`
Initial implementation for #3283 2018-10-16 13:23:07 +03:00
			`"""`
Copyright year bump 2022-01-03 13:30:34 +03:00			`Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)`
Initial implementation for #3283 2018-10-16 13:23:07 +03:00			`See the file 'LICENSE' for copying permission`
			`"""`

Stabilizing DREI 2019-05-03 14:20:15 +03:00			`from lib.core.convert import getOrds`
Initial implementation for #3283 2018-10-16 13:23:07 +03:00			`from plugins.generic.syntax import Syntax as GenericSyntax`

			`class Syntax(GenericSyntax):`
			`@staticmethod`
			`def escape(expression, quote=True):`
			`"""`
Minor drei update 2019-05-02 13:39:16 +03:00			`>>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT CHAR(97)\|\|CHAR(98)\|\|CHAR(99)\|\|CHAR(100)\|\|CHAR(101)\|\|CHAR(102)\|\|CHAR(103)\|\|CHAR(104) FROM foobar"`
			`True`
Initial implementation for #3283 2018-10-16 13:23:07 +03:00			`"""`

			`def escaper(value):`
Minor drei update 2019-05-02 13:39:16 +03:00			`return "\|\|".join("CHAR(%d)" % _ for _ in getOrds(value))`
Initial implementation for #3283 2018-10-16 13:23:07 +03:00
			`return Syntax._escape(expression, quote, escaper)`