MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / escape

Method escape

plugins/dbms/oracle/syntax.py:13–24  ·  view source on GitHub ↗

>>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT CHR(97)||CHR(98)||CHR(99)||CHR(100)||CHR(101)||CHR(102)||CHR(103)||CHR(104) FROM foobar" True >>> Syntax.escape(u"SELECT 'abcd\xebfgh' FROM foobar") == "SELECT CHR(97)||CHR(98)||CHR(99)||CHR(100)||NCHR(235)||CHR(1

(expression, quote=True)

Source from the content-addressed store, hash-verified

11class Syntax(GenericSyntax):
12 @staticmethod
13 def escape(expression, quote=True):
14 """
15 >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT CHR(97)||CHR(98)||CHR(99)||CHR(100)||CHR(101)||CHR(102)||CHR(103)||CHR(104) FROM foobar"
16 True
17 >>> Syntax.escape(u"SELECT 'abcd\xebfgh' FROM foobar") == "SELECT CHR(97)||CHR(98)||CHR(99)||CHR(100)||NCHR(235)||CHR(102)||CHR(103)||CHR(104) FROM foobar"
18 True
19 """
20
21 def escaper(value):
22 return "||".join("%s(%d)" % ("CHR" if _ < 128 else "NCHR", _) for _ in getOrds(value))
23
24 return Syntax._escape(expression, quote, escaper)

Callers

nothing calls this directly

Calls 1

_escapeMethod · 0.80

Tested by

no test coverage detected