diff --git a/lib/core/agent.py b/lib/core/agent.py
index 6d87fc857..ca85a9a31 100644
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@@ -146,19 +146,18 @@ class Agent:
query = str()
case = getInjectionCase(kb.injType)
+ if kb.parenthesis is not None:
+ parenthesis = kb.parenthesis
+ else:
+ raise sqlmapNoneDataException, "unable to get the number of parenthesis"
+
if case is None:
raise sqlmapNoneDataException, "unsupported injection type"
if conf.prefix:
query = conf.prefix
else:
- if case.usage.prefix._has_key('value'):
- query = case.usage.prefix.value
- elif case.usage.prefix._has_key('format'):
- query = case.usage.prefix.format % eval(case.usage.prefix.params)
-
- if kb.parenthesis not in ( None, 0 ):
- query += "%s " % (")" * kb.parenthesis)
+ query = case.usage.prefix.format % eval(case.usage.prefix.params)
query += string
@@ -181,21 +180,18 @@ class Agent:
randInt = randomInt()
randStr = randomStr()
+ if kb.parenthesis is not None:
+ parenthesis = kb.parenthesis
+ else:
+ raise sqlmapNoneDataException, "unable to get the number of parenthesis"
+
if comment:
string += comment
if conf.postfix:
string += " %s" % conf.postfix
else:
- if kb.parenthesis is not None:
- string += " AND %s" % ("(" * kb.parenthesis)
- else:
- raise sqlmapNoneDataException, "unable to get the number of parenthesis"
-
- if case.usage.postfix._has_key('value'):
- string += case.usage.postfix.value
- elif case.usage.postfix._has_key('format'):
- string += case.usage.postfix.format % eval(case.usage.postfix.params)
+ string += case.usage.postfix.format % eval(case.usage.postfix.params)
return replaceSpaces(string)
diff --git a/lib/utils/parenthesis.py b/lib/utils/parenthesis.py
index c884e2671..570b28bf6 100644
--- a/lib/utils/parenthesis.py
+++ b/lib/utils/parenthesis.py
@@ -56,16 +56,11 @@ def checkForParenthesis():
return
for parenthesis in range(1, 4):
- query = agent.prefixQuery("%s " % (")" * parenthesis))
- query += "AND %s" % ("(" * parenthesis)
-
randInt = randomInt()
randStr = randomStr()
- if case.usage.postfix._has_key('value'):
- query += case.usage.postfix.value
- elif case.usage.postfix._has_key('format'):
- query += case.usage.postfix.format % eval(case.usage.postfix.params)
+ query = case.usage.prefix.format % eval(case.usage.prefix.params) +\
+ case.usage.postfix.format % eval(case.usage.postfix.params)
payload = agent.payload(newValue=query)
result = Request.queryPage(payload)
diff --git a/xml/injections.xml b/xml/injections.xml
index 742db8d0c..0ddff3b54 100644
--- a/xml/injections.xml
+++ b/xml/injections.xml
@@ -7,8 +7,8 @@
-
-
+
+
@@ -17,8 +17,8 @@
-
-
+
+
@@ -27,8 +27,8 @@
-
-
+
+
@@ -37,8 +37,8 @@
-
-
+
+
@@ -47,8 +47,8 @@
-
-
+
+
@@ -57,8 +57,8 @@
-
-
+
+