MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / escape

Method escape

plugins/dbms/sybase/syntax.py:13–24  ·  view source on GitHub ↗

>>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT CHAR(97)+CHAR(98)+CHAR(99)+CHAR(100)+CHAR(101)+CHAR(102)+CHAR(103)+CHAR(104) FROM foobar" True >>> Syntax.escape(u"SELECT 'abcd\xebfgh' FROM foobar") == "SELECT CHAR(97)+CHAR(98)+CHAR(99)+CHAR(100)+TO_UNICHAR(235)

(expression, quote=True)

Source from the content-addressed store, hash-verified

11class Syntax(GenericSyntax):
12 @staticmethod
13 def escape(expression, quote=True):
14 """
15 >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT CHAR(97)+CHAR(98)+CHAR(99)+CHAR(100)+CHAR(101)+CHAR(102)+CHAR(103)+CHAR(104) FROM foobar"
16 True
17 >>> Syntax.escape(u"SELECT 'abcd\xebfgh' FROM foobar") == "SELECT CHAR(97)+CHAR(98)+CHAR(99)+CHAR(100)+TO_UNICHAR(235)+CHAR(102)+CHAR(103)+CHAR(104) FROM foobar"
18 True
19 """
20
21 def escaper(value):
22 return "+".join("%s(%d)" % ("CHAR" if _ < 128 else "TO_UNICHAR", _) for _ in getOrds(value))
23
24 return Syntax._escape(expression, quote, escaper)

Callers

nothing calls this directly

Calls 1

_escapeMethod · 0.80

Tested by

no test coverage detected