2013-02-14 15:32:17 +04:00
|
|
|
#!/usr/bin/env python
|
2008-10-15 19:38:22 +04:00
|
|
|
|
|
|
|
"""
|
2018-01-02 02:48:10 +03:00
|
|
|
Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
|
2017-10-11 15:50:46 +03:00
|
|
|
See the file 'LICENSE' for copying permission
|
2008-10-15 19:38:22 +04:00
|
|
|
"""
|
|
|
|
|
2011-01-28 19:36:09 +03:00
|
|
|
from lib.core.common import Backend
|
2012-07-16 13:07:47 +04:00
|
|
|
from lib.core.data import conf
|
2011-07-08 10:02:31 +04:00
|
|
|
from lib.core.datatype import AttribDict
|
2011-02-07 01:32:44 +03:00
|
|
|
from lib.core.settings import EXCLUDE_UNESCAPE
|
2010-12-09 19:49:02 +03:00
|
|
|
|
2011-07-08 10:02:31 +04:00
|
|
|
class Unescaper(AttribDict):
|
2013-01-18 18:40:37 +04:00
|
|
|
def escape(self, expression, quote=True, dbms=None):
|
|
|
|
if conf.noEscape:
|
2012-07-10 04:37:53 +04:00
|
|
|
return expression
|
|
|
|
|
2011-02-07 01:32:44 +03:00
|
|
|
if expression is None:
|
|
|
|
return expression
|
|
|
|
|
|
|
|
for exclude in EXCLUDE_UNESCAPE:
|
|
|
|
if exclude in expression:
|
|
|
|
return expression
|
|
|
|
|
2011-01-28 19:36:09 +03:00
|
|
|
identifiedDbms = Backend.getIdentifiedDbms()
|
2011-01-13 20:36:54 +03:00
|
|
|
|
2011-02-07 01:32:44 +03:00
|
|
|
if dbms is not None:
|
2011-01-12 02:56:04 +03:00
|
|
|
return self[dbms](expression, quote=quote)
|
2011-01-21 00:55:13 +03:00
|
|
|
elif identifiedDbms is not None:
|
|
|
|
return self[identifiedDbms](expression, quote=quote)
|
2011-01-07 18:41:09 +03:00
|
|
|
else:
|
|
|
|
return expression
|
2008-10-15 19:38:22 +04:00
|
|
|
|
|
|
|
unescaper = Unescaper()
|