Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 6b6e36b

Browse files
stamparmstamparm
committed
Continuation of work on fixing DISTINCT/--search issues (Oracle)
1 parent 838e981 commit 6b6e36b

2 files changed

Lines changed: 10 additions & 8 deletions

File tree

plugins/generic/search.py

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616
from lib.core.common import isTechniqueAvailable
1717
from lib.core.common import readInput
1818
from lib.core.common import safeSQLIdentificatorNaming
19+
from lib.core.common import safeStringFormat
1920
from lib.core.common import unArrayizeValue
2021
from lib.core.common import unsafeSQLIdentificatorNaming
2122
from lib.core.data import conf
@@ -157,8 +158,6 @@ def searchTable(self):
157158

158159
foundTbls = {}
159160
tblList = conf.tbl.split(",")
160-
import pdb
161-
pdb.set_trace()
162161
rootQuery = queries[Backend.getIdentifiedDbms()].search_table
163162
tblCond = rootQuery.inband.condition
164163
dbCond = rootQuery.inband.condition2
@@ -300,13 +299,16 @@ def searchTable(self):
300299
for index in indexRange:
301300
query = rootQuery.blind.query2
302301

302+
if query.endswith("'%s')"):
303+
query = query[:-1] + " AND %s)" % tblQuery
304+
else:
305+
query += " AND %s" % tblQuery
306+
303307
if Backend.isDbms(DBMS.FIREBIRD):
304-
query = query % index
308+
query = safeStringFormat(query, index)
305309

306310
if Backend.getIdentifiedDbms() not in (DBMS.SQLITE, DBMS.FIREBIRD):
307-
query = query % unsafeSQLIdentificatorNaming(db)
308-
309-
query += " AND %s" % tblQuery
311+
query = safeStringFormat(query, unsafeSQLIdentificatorNaming(db))
310312

311313
if not Backend.isDbms(DBMS.FIREBIRD):
312314
query = agent.limitQuery(index, query)

xml/queries.xml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -283,11 +283,11 @@
283283
</search_db>
284284
<search_table>
285285
<inband query="SELECT OWNER,TABLE_NAME FROM SYS.ALL_TABLES WHERE %s" condition="TABLE_NAME" condition2="OWNER"/>
286-
<blind query="SELECT OWNER FROM SYS.ALL_TABLES WHERE %s" query2="SELECT TABLE_NAME FROM SYS.ALL_TABLES WHERE OWNER='%s'" count="SELECT COUNT(OWNER) FROM SYS.ALL_TABLES WHERE %s" count2="SELECT COUNT(TABLE_NAME) FROM SYS.ALL_TABLES WHERE OWNER='%s'" condition="TABLE_NAME" condition2="OWNER"/>
286+
<blind query="SELECT OWNER FROM (SELECT DISTINCT(OWNER) FROM SYS.ALL_TABLES WHERE %s)" query2="SELECT TABLE_NAME FROM (SELECT DISTINCT(TABLE_NAME) FROM SYS.ALL_TABLES WHERE OWNER='%s')" count="SELECT COUNT(DISTINCT(OWNER)) FROM SYS.ALL_TABLES WHERE %s" count2="SELECT COUNT(DISTINCT(TABLE_NAME)) FROM SYS.ALL_TABLES WHERE OWNER='%s'" condition="TABLE_NAME" condition2="OWNER"/>
287287
</search_table>
288288
<search_column>
289289
<inband query="SELECT OWNER,TABLE_NAME FROM SYS.ALL_TAB_COLUMNS WHERE %s" condition="COLUMN_NAME" condition2="OWNER" condition3="TABLE_NAME"/>
290-
<blind query="SELECT OWNER FROM SYS.ALL_TAB_COLUMNS WHERE %s" query2="SELECT TABLE_NAME FROM SYS.ALL_TAB_COLUMNS WHERE OWNER='%s'" count="SELECT COUNT(OWNER) FROM SYS.ALL_TAB_COLUMNS WHERE %s" count2="SELECT COUNT(TABLE_NAME) FROM SYS.ALL_TAB_COLUMNS WHERE OWNER='%s'" condition="COLUMN_NAME" condition2="OWNER" condition3="TABLE_NAME"/>
290+
<blind query="SELECT OWNER FROM (SELECT DISTINCT(OWNER) FROM SYS.ALL_TAB_COLUMNS WHERE %s)" query2="SELECT TABLE_NAME FROM (SELECT DISTINCT(TABLE_NAME) FROM SYS.ALL_TAB_COLUMNS WHERE OWNER='%s')" count="SELECT COUNT(DISTINCT(OWNER)) FROM SYS.ALL_TAB_COLUMNS WHERE %s" count2="SELECT COUNT(DISTINCT(TABLE_NAME)) FROM SYS.ALL_TAB_COLUMNS WHERE OWNER='%s'" condition="COLUMN_NAME" condition2="OWNER" condition3="TABLE_NAME"/>
291291
</search_column>
292292
</dbms>
293293

0 commit comments

Comments
 (0)