From f909ecb369ac516a8f5be342ef5cecd2aa181032 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Wed, 20 Apr 2011 13:41:01 +0000
Subject: [PATCH] bug fix for mssqlserver escape

---
 plugins/dbms/mssqlserver/syntax.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/plugins/dbms/mssqlserver/syntax.py b/plugins/dbms/mssqlserver/syntax.py
index 3fc85ee2a..796462249 100644
--- a/plugins/dbms/mssqlserver/syntax.py
+++ b/plugins/dbms/mssqlserver/syntax.py
@@ -54,7 +54,7 @@ class Syntax(GenericSyntax):
                 break
 
             firstIndex = index
-            index = expression[firstIndex:].find("))")
+            index = expression[firstIndex:].find(")")
 
             if index == -1:
                 raise sqlmapSyntaxException("Unenclosed ) in '%s'" % expression)
@@ -63,9 +63,9 @@ class Syntax(GenericSyntax):
             old = expression[firstIndex:lastIndex]
             oldUpper = old.upper()
             oldUpper = oldUpper.replace("CHAR(", "").replace(")", "")
-            oldUpper = oldUpper.split("+")
 
-            escaped = "'%s'" % "".join([chr(int(char)) for char in oldUpper])
+            escaped = "'%s'" % chr(int(oldUpper))
             expression = expression.replace(old, escaped)
 
+        expression = expression.replace("'+'", "")
         return expression