Fossil

Diff
Login
Home Timeline Docs Branches Tickets Wiki DownloadMore...
Annotate Patch Side-by-side Diff

Differences From Artifact [49433f9694]:

To Artifact [1e4e598fdc]:

197
198
199
200
201
202
203
204

205
206
207
208
209
210
211





212

213
214
215


216
217

218
219
220
221
222
223

224
225
226

227
228
229
230
231
232
233

197
198
199
200
201
202
203

204
205
206
207
208
209
210
211
212
213
214
215
216

217
218


219
220
221

222
223
224
225
226
227

228
229
230

231
232
233
234
235
236
237
238








-
+







+
+
+
+
+
-
+

-
-
+
+

-
+





-
+


-
+








         "tagxref",
         "ticket",
         "ticketchng",
         "unversioned",
      };
      int lwr = 0;
      int upr = count(azAllowed) - 1;
      int rc = 0;
      int cmp = 0;
      if( zArg1==0 ){
        /* Some legacy versions of SQLite will sometimes send spurious
        ** READ authorizations that have no table name.  These can be
        ** ignored. */
        rc = SQLITE_IGNORE;
        break;
      }
      if( sqlite3_strnicmp(zArg1, "fx_", 3)==0 ){
        /* Ok to read any table whose name begins with "fx_" */
        rc = SQLITE_OK;
        break;
      }
      while( lwr<upr ){
      while( lwr<=upr ){
        int i = (lwr+upr)/2;
        int rc = fossil_stricmp(zArg1, azAllowed[i]);
        if( rc<0 ){
        cmp = fossil_stricmp(zArg1, azAllowed[i]);
        if( cmp<0 ){
          upr = i - 1;
        }else if( rc>0 ){
        }else if( cmp>0 ){
          lwr = i + 1;
        }else{
          break;
        }
      }
      if( rc ){
      if( cmp ){
        *(char**)pError = mprintf("access to table \"%s\" is restricted",zArg1);
        rc = SQLITE_DENY;
      }else if( !g.perm.RdAddr && strncmp(zArg2, "private_", 8)==0 ){
      }else if( !g.perm.RdAddr && sqlite3_strnicmp(zArg2, "private_", 8)==0 ){
        rc = SQLITE_IGNORE;
      }
      break;
    }
    default: {
      *(char**)pError = mprintf("only SELECT statements are allowed");
      rc = SQLITE_DENY;

1037
1038
1039
1040
1041
1042
1043
1044

1045
1046
1047
1048
1049
1050
1051

1042
1043
1044
1045
1046
1047
1048

1049
1050
1051
1052
1053
1054
1055
1056








-
+








    struct GenerateHTML sState = { 0, 0, 0, 0, 0, 0, 0, 0, 0 };
    const char *zQS = PD("QUERY_STRING","");

    db_multi_exec("PRAGMA empty_result_callbacks=ON");
    style_set_current_feature("report");
    /*
    ** Lets use a funcy button for /reportlist since that page may be
    ** heavily customized by the user. Some variants: ⊚ ⦾  ❊ ⊛ ⚛ ⸎  💠
    ** heavily customized by the user. Some variants: ⊚ ⦾  ❊ ⊛ ⚛ ⸎  ð’’ 
    ** Enclosing it inside of square brackets makes its  position
    ** determenistic and clearly distincts regular submenu links from
    ** those that are induced by the query string parameters.
    */
    if( zQS[0] ){
      style_submenu_element("Raw","%R/%s?tablist=1&%s",g.zPath,zQS);
      style_submenu_element("[⊚]","%R/reportlist?%s",zQS);
This page was generated in about 0.014s by Fossil 2.26 [1205ec86cb] 2025-04-30 16:57:32