mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2026-07-10 10:33:09 +00:00
36 lines
1.1 KiB
Python
36 lines
1.1 KiB
Python
#!/usr/bin/env python
|
|
|
|
"""
|
|
Copyright (c) 2006-2026 sqlmap developers (https://sqlmap.org)
|
|
See the file 'LICENSE' for copying permission
|
|
"""
|
|
|
|
from lib.core.common import Backend
|
|
from lib.core.settings import EXCLUDE_UNESCAPE
|
|
|
|
# Note: a plain dict (DBMS -> escape function) with a helper method; it is a runtime registry, never
|
|
# serialized, so it deliberately does NOT use AttribDict (no attribute-style access is needed here)
|
|
class Unescaper(dict):
|
|
def escape(self, expression, quote=True, dbms=None):
|
|
if expression is None:
|
|
return expression
|
|
|
|
for exclude in EXCLUDE_UNESCAPE:
|
|
if exclude in expression:
|
|
return expression
|
|
|
|
identifiedDbms = Backend.getIdentifiedDbms()
|
|
|
|
if dbms is not None:
|
|
retVal = self[dbms](expression, quote=quote)
|
|
elif identifiedDbms is not None and identifiedDbms in self:
|
|
retVal = self[identifiedDbms](expression, quote=quote)
|
|
else:
|
|
retVal = expression
|
|
|
|
# e.g. inference comparison for '
|
|
retVal = retVal.replace("'''", "''''")
|
|
|
|
return retVal
|
|
|
|
unescaper = Unescaper()
|