sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-03-03 19:55:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix for a bug reported by Bugtrace (--string "pengcheng_cui" and "Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource" on False pages)

Browse Source
This commit is contained in:
Miroslav Stampar 2010-11-12 22:29:33 +00:00
parent a777d59870
commit 0d66f101da
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/controller/checks.py
View File

@ -81,7 +81,7 @@ def checkSqlInjection(place, parameter, value, parenthesis):
payload = agent.payload(place, parameter, value, positive.format % eval(positive.params)) payload = agent.payload(place, parameter, value, positive.format % eval(positive.params))
trueResult = Request.queryPage(payload, place) trueResult = Request.queryPage(payload, place)
if trueResult is True: if trueResult:
infoMsg = "confirming %s (%s) injection " % (case.desc, logic) infoMsg = "confirming %s (%s) injection " % (case.desc, logic)
infoMsg += "on %s parameter '%s'" % (place, parameter) infoMsg += "on %s parameter '%s'" % (place, parameter)
logger.info(infoMsg) logger.info(infoMsg)
@ -93,7 +93,7 @@ def checkSqlInjection(place, parameter, value, parenthesis):
falseResult = Request.queryPage(payload, place) falseResult = Request.queryPage(payload, place)
if falseResult is False: if not falseResult:
infoMsg = "%s parameter '%s' is %s (%s) injectable " % (place, parameter, case.desc, logic) infoMsg = "%s parameter '%s' is %s (%s) injectable " % (place, parameter, case.desc, logic)
infoMsg += "with %d parenthesis" % parenthesis infoMsg += "with %d parenthesis" % parenthesis
logger.info(infoMsg) logger.info(infoMsg)