public class MySQLCodec extends AbstractCharacterCodec
NUL (0x00) --> \0 [This is a zero, not the letter O] BS (0x08) --> \b TAB (0x09) --> \t LF (0x0a) --> \n CR (0x0d) --> \r SUB (0x1a) --> \Z " (0x22) --> \" % (0x25) --> \% ' (0x27) --> \' \ (0x5c) --> \\ _ (0x5f) --> \_
all other non-alphanumeric characters with ASCII values less than 256 --> \c where 'c' is the original non-alphanumeric character.
Modifier and Type | Class and Description |
---|---|
static class |
MySQLCodec.Mode
Specifies the SQL Mode the target MySQL Server is running with.
|
Modifier and Type | Field and Description |
---|---|
static int |
ANSI_MODE
Target MySQL Server is running in ANSI_QUOTES Mode
|
static int |
MYSQL_MODE
Target MySQL Server is running in Standard MySQL (Default) mode.
|
Constructor and Description |
---|
MySQLCodec(int mode)
Deprecated.
|
MySQLCodec(MySQLCodec.Mode mode)
Instantiate the MySQL Codec with the given SQL
MySQLCodec.Mode . |
Modifier and Type | Method and Description |
---|---|
Character |
decodeCharacter(PushbackSequence<Character> input)
Returns the decoded version of the next character from the input string and advances the
current character in the
PushbackSequence . |
String |
encodeCharacter(char[] immune,
Character c)
Default implementation that should be overridden in specific codecs.
|
decode
containsCharacter, encode, encodeCharacter, encodeCharacter, getHexForNonAlphanumeric, getHexForNonAlphanumeric, toHex, toHex, toOctal
public static final int MYSQL_MODE
public static final int ANSI_MODE
@Deprecated public MySQLCodec(int mode)
mode
- Mode has to be one of {MYSQL_MODE|ANSI_MODE} to allow correct encodingMySQLCodec(org.owasp.esapi.codecs.MySQLCodec.Mode)
public MySQLCodec(MySQLCodec.Mode mode)
MySQLCodec.Mode
.mode
- The mode the target server is running inpublic String encodeCharacter(char[] immune, Character c)
WARNING!!!! Passing a standard char
rather than Character
to this method will resolve to the
AbstractCodec.encodeCharacter( char[], char )
method, which will throw an IllegalArgumentException
instead.
YOU HAVE BEEN WARNED!!!!
encodeCharacter
in interface Codec<Character>
encodeCharacter
in class AbstractCodec<Character>
immune
- array of chars to NOT encode. Use with caution.c
- the Character to encodepublic Character decodeCharacter(PushbackSequence<Character> input)
PushbackSequence
. If the current character is not encoded, this
method MUST reset the PushbackString
.
Returns the decoded version of the character starting at index, or
null if no decoding is possible.
Formats all are legal (case sensitive)
In ANSI_MODE '' decodes to '
In MYSQL_MODE \x decodes to x (or a small list of specials)decodeCharacter
in interface Codec<Character>
decodeCharacter
in class AbstractCodec<Character>
input
- the Character to decodeCopyright © 2022 The Open Web Application Security Project (OWASP). All rights reserved.