sqlmap/plugins/dbms/h2/syntax.py

#!/usr/bin/env python2

"""
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

from plugins.generic.syntax import Syntax as GenericSyntax

class Syntax(GenericSyntax):
    def __init__(self):
        GenericSyntax.__init__(self)

    @staticmethod
    def escape(expression, quote=True):
        """
        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar")
        'SELECT CHAR(97)||CHAR(98)||CHAR(99)||CHAR(100)||CHAR(101)||CHAR(102)||CHAR(103)||CHAR(104) FROM foobar'
        """

        def escaper(value):
            return "||".join("CHAR(%d)" % ord(value[i]) for i in xrange(len(value)))

        return Syntax._escape(expression, quote, escaper)
Update regarding #2940 (PEP 394) 2019-03-21 16:00:09 +03:00			`#!/usr/bin/env python2`
Initial implementation for #3283 2018-10-16 13:23:07 +03:00
			`"""`
update_copyright_year() 2019-01-05 23:38:52 +03:00			`Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)`
Initial implementation for #3283 2018-10-16 13:23:07 +03:00			`See the file 'LICENSE' for copying permission`
			`"""`

			`from plugins.generic.syntax import Syntax as GenericSyntax`

			`class Syntax(GenericSyntax):`
			`def __init__(self):`
			`GenericSyntax.__init__(self)`

			`@staticmethod`
			`def escape(expression, quote=True):`
			`"""`
			`>>> Syntax.escape("SELECT 'abcdefgh' FROM foobar")`
			`'SELECT CHAR(97)\|\|CHAR(98)\|\|CHAR(99)\|\|CHAR(100)\|\|CHAR(101)\|\|CHAR(102)\|\|CHAR(103)\|\|CHAR(104) FROM foobar'`
			`"""`

			`def escaper(value):`
			`return "\|\|".join("CHAR(%d)" % ord(value[i]) for i in xrange(len(value)))`

			`return Syntax._escape(expression, quote, escaper)`