implemented first usable tamper module

tamper/ifnull2ifisnull.py

@@ -1,11 +1,34 @@
 import re
 
-#not finished (watch for number of parenthesis)
-#IFNULL(A,B) -> IF(ISNULL(A),B,A)
+from lib.core.convert import urldecode
+from lib.core.convert import urlencode
+
+"""
+Tampering IFNULL(A,B) -> IF(ISNULL(A),B,A)
+"""
 def tamper(place, value):
-    if value:
-        if value.find("IFNULL") > -1:
-            import pdb
-            pdb.set_trace()
-        value = re.sub(r"IFNULL(\(|%28)(?P<A>.+?)(,|%2C)(?P<B>.+?)(\)|%29)", lambda match: "IF%%28ISNULL%%28%s%%29%%2C%s%%2C%s%%29" % ("A="+match.group("A"), "B="+match.group("B"), "A="+match.group("A")), value)
+    if value and value.find("IFNULL") > -1:
+        if place != "URI":
+            value = urldecode(value)
+        #value = re.sub(r"IFNULL\(\({%d}(?P<A>.+?)\){%d},(?P<B>.+?)\)" % (num, num), lambda match: "IF(ISNULL(%s),%s,%s)" % (match.group("A"), match.group("B"), match.group("A")), value)
+        while value.find("IFNULL(") > -1:
+            index = value.find("IFNULL(")
+            deepness = 1
+            comma, end = None, None
+            for i in xrange(index + len("IFNULL("), len(value)):
+                if deepness == 1 and value[i] == ',':
+                    comma = i
+                elif deepness == 1 and value[i] == ')':
+                    end = i
+                    break
+                elif value[i] == '(':
+                    deepness += 1
+                elif value[i] == ')':
+                    deepness -= 1
+            A = value[index + len("IFNULL("):comma]
+            B = value[comma + 1:end]
+            newVal = "IF(ISNULL(%s),%s,%s)" % (A, B, A)
+            value = value[:index] + newVal + value[end+1:]
+        if place != "URI":
+            value = urlencode(value)
     return value