Unescaping is renamed to escaping

2025-12-07 05:01:30 +00:00 · 2013-01-18 15:40:37 +01:00
parent c717de9c9d
commit 601eb1e49a
37 changed files with 51 additions and 287 deletions
--- a/plugins/dbms/mysql/init.py
+++ b/plugins/dbms/mysql/init.py
@@ -36,4 +36,4 @@ class MySQLMap(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Take
        Miscellaneous.__init__(self)
        Takeover.__init__(self)

-    unescaper[DBMS.MYSQL] = Syntax.unescape
+    unescaper[DBMS.MYSQL] = Syntax.escape
--- a/plugins/dbms/mysql/syntax.py
+++ b/plugins/dbms/mysql/syntax.py
@@ -17,7 +17,7 @@ class Syntax(GenericSyntax):
        GenericSyntax.__init__(self)

    @staticmethod
-    def unescape(expression, quote=True):
+    def escape(expression, quote=True):
        if quote:
            unescaped = expression
            for item in re.findall(r"'[^']+'", expression, re.S):
@@ -29,31 +29,3 @@ class Syntax(GenericSyntax):
            unescaped = "0x%s" % binascii.hexlify(expression)

        return unescaped
-
-    @staticmethod
-    def escape(expression):
-        while True:
-            index = expression.find("CHAR(")
-            if index == -1:
-                break
-
-            firstIndex = index
-            index = expression[firstIndex:].find(")")
-
-            if index == -1:
-                raise SqlmapSyntaxException("Unenclosed ) in '%s'" % expression)
-
-            lastIndex = firstIndex + index + 1
-            old = expression[firstIndex:lastIndex]
-            oldUpper = old.upper()
-            oldUpper = oldUpper.lstrip("CHAR(").rstrip(")")
-            oldUpper = oldUpper.split(",")
-
-            escaped = "'%s'" % "".join(chr(int(char)) for char in oldUpper)
-            expression = expression.replace(old, escaped)
-
-        original = expression
-        for item in re.findall(r"0x[0-9a-fA-F]+", original, re.S):
-            expression = expression.replace(item, "'%s'" % binascii.unhexlify(item[2:]))
-
-        return expression