minor update

2025-01-24 08:14:24 +03:00 · 2011-03-27 07:58:15 +00:00 · 2011-03-27 07:58:15 +00:00 · 76b7e3517d
commit 76b7e3517d
parent dba32306b0
3 changed files with 20 additions and 12 deletions
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -1096,15 +1096,6 @@ def __cleanupOptions():
    else:
        conf.testParameter = []

-    if conf.db:
-        conf.db = conf.db.replace(" ", "")
-
-    if conf.tbl:
-        conf.tbl = conf.tbl.replace(" ", "")
-
-    if conf.col:
-        conf.col = conf.col.replace(" ", "")
-
    if conf.user:
        conf.user = conf.user.replace(" ", "")

--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -278,3 +278,5 @@ URLENCODE_FAILSAFE_CHARS = '()|,'

 # maximum length of urlencoded value after which failsafe procedure takes away
 URLENCODE_CHAR_LIMIT = 4000
+
+DEFAULT_MSSQL_SCHEMA = 'dbo'
--- a/plugins/generic/enumeration.py
+++ b/plugins/generic/enumeration.py
@ -52,6 +52,7 @@ from lib.core.exception import sqlmapUserQuitException
 from lib.core.session import setOs
 from lib.core.settings import CONCAT_ROW_DELIMITER
 from lib.core.settings import CONCAT_VALUE_DELIMITER
+from lib.core.settings import DEFAULT_MSSQL_SCHEMA
 from lib.core.settings import SQL_STATEMENTS
 from lib.core.shell import autoCompletion
 from lib.core.unescaper import unescaper
@ -908,7 +909,7 @@ class Enumeration:
            if not conf.db:
                conf.db, conf.tbl = conf.tbl.split(".")
        elif Backend.getIdentifiedDbms() == DBMS.MSSQL:
-            conf.tbl = "dbo.%s" % conf.tbl
+            conf.tbl = "%s.%s" % (DEFAULT_MSSQL_SCHEMA, conf.tbl)

        self.forceDbmsEnum()

@ -1209,7 +1210,7 @@ class Enumeration:

    def __safeSQLIdentificatorNaming(self, value):
        """
-        Returns an safe representation of SQL identificator name
+        Returns a safe representation of SQL identificator name
        """
        retVal = value
        if isinstance(value, basestring):
@ -1223,6 +1224,20 @@ class Enumeration:
            retVal = ".".join(parts)
        return retVal

+    def __unsafeSQLIdentificatorNaming(self, value):
+        """
+        Extracts identificator's name from it's safe SQL representation
+        """
+        retVal = value
+        if isinstance(value, basestring):
+            if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.ACCESS):
+                retVal = value.replace("`", "")
+            elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.ORACLE, DBMS.PGSQL):
+                retVal = value.replace("\"", "")
+            if Backend.getIdentifiedDbms() == DBMS.MSSQL:
+                retVal = retVal.lstrip("%s." % DEFAULT_MSSQL_SCHEMA)
+        return retVal
+
    def dumpTable(self):
        if not conf.tbl and not conf.col:
            errMsg = "missing table parameter"
@ -1241,7 +1256,7 @@ class Enumeration:
            if not conf.db:
                conf.db, conf.tbl = conf.tbl.split(".")
        elif Backend.getIdentifiedDbms() == DBMS.MSSQL:
-            conf.tbl = "dbo.%s" % conf.tbl
+            conf.tbl = "%s.%s" % (DEFAULT_MSSQL_SCHEMA, conf.tbl)

        self.forceDbmsEnum()