sqlmap/src/sqlmap-master/plugins/dbms/mysql/connector.py

#!/usr/bin/env python

"""
Copyright (c) 2006-2024 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

try:
    import pymysql
except:
    pass

import logging
import struct

from lib.core.common import getSafeExString # 用于安全获取异常字符串的函数
from lib.core.data import conf  # sqlmap的配置管理
from lib.core.data import logger # sqlmap的日志记录模块
from lib.core.exception import SqlmapConnectionException # 自定义的连接异常
from plugins.generic.connector import Connector as GenericConnector  # 基础连接类


class Connector(GenericConnector):
    """
    Homepage: https://github.com/PyMySQL/PyMySQL
    User guide: https://pymysql.readthedocs.io/en/latest/
    Debian package: python3-pymysql
    License: MIT

    Possible connectors: http://wiki.python.org/moin/MySQL
    """

    def connect(self):
        """
        初始化到MySQL数据库的连接。
        使用提供的凭据和配置设置建立连接。
        """
        self.initConnection()

        try:
            self.connector = pymysql.connect(host=self.hostname, user=self.user, passwd=self.password, db=self.db, port=self.port, connect_timeout=conf.timeout, use_unicode=True) # 确保使用Unicode进行字符编码
        except (pymysql.OperationalError, pymysql.InternalError, pymysql.ProgrammingError, struct.error) as ex:
            # 如果在连接期间发生错误，抛出连接异常
            raise SqlmapConnectionException(getSafeExString(ex))

        self.initCursor()  # 初始化用于执行查询的游标
        self.printConnected() # 记录连接成功的信息

    def fetchall(self):
        """
        从游标结果集中获取所有行。
        
        返回:
            从数据库获取的行列表，或者在发生错误时返回None。
        """
        try:
            return self.cursor.fetchall()
        except pymysql.ProgrammingError as ex:
            logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(ex))
            return None

    def execute(self, query):

        """
        在数据库上执行SQL查询。

        参数:
            query (str): 要执行的SQL查询。

        返回:
            bool: 如果查询成功执行,返回True;否则返回False。
        """

        retVal = False

        try:
            self.cursor.execute(query)
            retVal = True
        except (pymysql.OperationalError, pymysql.ProgrammingError) as ex:
            logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(ex))
        except pymysql.InternalError as ex:
            raise SqlmapConnectionException(getSafeExString(ex))

        self.connector.commit()

        return retVal

    def select(self, query):
        """
        执行SELECT SQL查询并返回结果。

        参数:
            query (str): 要执行的SELECT SQL查询。

        返回:
            从数据库获取的行列表，或者如果执行失败则返回None。
        """
        retVal = None

        if self.execute(query):
            retVal = self.fetchall()

        return retVal