[SQL Map] SQLMAP

[SQL Map] SQLMAP

  
Forge Component
(18)
Published on 2014-10-20 by Paulo Ramos
18 votes
Published on 2014-10-20 by Paulo Ramos
I have a wee litle problem with this tool that otherwise has some potential:

I send in this SQL statement:

SELECT {Payrollee}.* FROM {Payrollee}

and it dutifully returns:

SELECT OSUSR_s1l_Payroll1.* FROM OSUSR_s1l_Payroll1

Unfortuantely, it does not qualify this with the database name, so the statement is effectively unusable unless it's issued from its parent applciation. To be useful, the statement ould need to take this form:

SELECT OSADMIN_DEV1.OSUSR_s1l_Payroll1.* FROM OSADMIN_DEV1.OSUSR_Payroll1

Also, should entity names be enclosed in double-quotes as they are when you see in the "Executed SQL" tab in the "Advanced SQL Query" command.

Is this going to be a major issue to address? Also, BTW, how do you get OS to return the name of the host schema, ie, the "OSADMIN_DEV1" bit referenced above.


Hi Leo,

The generated sql assume you've selected the correct database. Should be fairly easy to add these changes. Not sure how to get the host schema, but even a manual setting would work. Did you try changing the component?

As i recall, I barely got the component to build because of its reliance on a sorting component. All I'm suggesting is that the resuntant string be in the same form as the "Advanced SQL Query" action. It's odd that OS does not expose this functionality to you directly, at least at the API level.


Paulo Ramos wrote:
Hi Leo,

The generated sql assume you've selected the correct database. Should be fairly easy to add these changes. Not sure how to get the host schema, but even a manual setting would work. Did you try changing the component?