From 8a00ca83af29b12fd1a7d858b4e584577ab5672d Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Thu, 21 Jul 2011 10:18:11 +0000
Subject: [PATCH] refactoring. nothing special changed

---
 lib/core/common.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/core/common.py b/lib/core/common.py
index 2c2a04c3f..69c6381c8 100644
--- a/lib/core/common.py
+++ b/lib/core/common.py
@@ -561,7 +561,8 @@ def paramToDict(place, parameters=None):
                 condition |= parameter in conf.testParameter
 
                 if condition:
-                    if elem[1].strip(DUMMY_SQL_INJECTION_CHARS) != elem[1]:
+                    testableParameters[parameter] = "=".join(elem[1:])
+                    if testableParameters[parameter].strip(DUMMY_SQL_INJECTION_CHARS) != testableParameters[parameter]:
                         errMsg = "you have provided tainted parameter values "
                         errMsg += "(%s) with most probably leftover " % element
                         errMsg += "chars from manual sql injection "
@@ -569,7 +570,6 @@ def paramToDict(place, parameters=None):
                         errMsg += "please, always use only valid parameter values "
                         errMsg += "so sqlmap could be able to do a valid run."
                         raise sqlmapSyntaxException, errMsg
-                    testableParameters[parameter] = "=".join(elem[1:])
     else:
         root = ET.XML(parameters)
         iterator = root.getiterator()