sqlmap/plugins/dbms/firebird/syntax.py

36 lines
1.1 KiB
Python
Raw Normal View History

2019-05-08 13:47:52 +03:00
#!/usr/bin/env python
"""
2019-01-05 23:38:52 +03:00
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
2017-10-11 15:50:46 +03:00
See the file 'LICENSE' for copying permission
"""
2010-12-10 13:54:17 +03:00
from lib.core.common import isDBMSVersionAtLeast
2019-05-03 14:20:15 +03:00
from lib.core.convert import getOrds
from plugins.generic.syntax import Syntax as GenericSyntax
class Syntax(GenericSyntax):
@staticmethod
2013-01-18 18:40:37 +04:00
def escape(expression, quote=True):
2013-03-11 17:58:05 +04:00
"""
2016-12-20 01:47:39 +03:00
>>> from lib.core.common import Backend
2013-03-11 17:58:05 +04:00
>>> Backend.setVersion('2.0')
['2.0']
2019-05-02 13:39:16 +03:00
>>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT 'abcdefgh' FROM foobar"
True
2013-03-11 17:58:05 +04:00
>>> Backend.setVersion('2.1')
['2.1']
2019-05-02 13:39:16 +03:00
>>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT ASCII_CHAR(97)||ASCII_CHAR(98)||ASCII_CHAR(99)||ASCII_CHAR(100)||ASCII_CHAR(101)||ASCII_CHAR(102)||ASCII_CHAR(103)||ASCII_CHAR(104) FROM foobar"
True
2013-03-11 17:58:05 +04:00
"""
def escaper(value):
2019-05-02 13:39:16 +03:00
return "||".join("ASCII_CHAR(%d)" %_ for _ in getOrds(value))
retVal = expression
2013-01-24 18:12:52 +04:00
if isDBMSVersionAtLeast("2.1"):
retVal = Syntax._escape(expression, quote, escaper)
2013-01-21 01:47:26 +04:00
return retVal