mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-29 04:53:48 +03:00
Proper escaping for SQL identificators in Oracle (also, revert for 9b5f33560b
)
This commit is contained in:
parent
f817105db3
commit
7f293afe74
|
@ -2820,6 +2820,8 @@ def safeSQLIdentificatorNaming(name, isTable=False):
|
||||||
retVal = "`%s`" % retVal.strip("`")
|
retVal = "`%s`" % retVal.strip("`")
|
||||||
elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.DB2):
|
elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.DB2):
|
||||||
retVal = "\"%s\"" % retVal.strip("\"")
|
retVal = "\"%s\"" % retVal.strip("\"")
|
||||||
|
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE,):
|
||||||
|
retVal = "\"%s\"" % retVal.strip("\"").upper()
|
||||||
elif Backend.getIdentifiedDbms() in (DBMS.MSSQL,):
|
elif Backend.getIdentifiedDbms() in (DBMS.MSSQL,):
|
||||||
retVal = "[%s]" % retVal.strip("[]")
|
retVal = "[%s]" % retVal.strip("[]")
|
||||||
|
|
||||||
|
@ -2838,8 +2840,10 @@ def unsafeSQLIdentificatorNaming(name):
|
||||||
if isinstance(name, basestring):
|
if isinstance(name, basestring):
|
||||||
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.ACCESS):
|
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.ACCESS):
|
||||||
retVal = name.replace("`", "")
|
retVal = name.replace("`", "")
|
||||||
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.PGSQL, DBMS.DB2):
|
elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.DB2):
|
||||||
retVal = name.replace("\"", "")
|
retVal = name.replace("\"", "")
|
||||||
|
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE,):
|
||||||
|
retVal = name.replace("\"", "").upper()
|
||||||
elif Backend.getIdentifiedDbms() in (DBMS.MSSQL,):
|
elif Backend.getIdentifiedDbms() in (DBMS.MSSQL,):
|
||||||
retVal = name.replace("[", "").replace("]", "")
|
retVal = name.replace("[", "").replace("]", "")
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user