| ︙ | | | ︙ | |
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
|
}
/*
** Activate the query authorizer
*/
static void report_restrict_sql(char **pzErr){
(void)fossil_localtime(0);
sqlite3_set_authorizer(g.db, report_query_authorizer, (void*)pzErr);
}
static void report_unrestrict_sql(void){
sqlite3_set_authorizer(g.db, 0, 0);
}
/*
** Check the given SQL to see if is a valid query that does not
** attempt to do anything dangerous. Return 0 on success and a
** pointer to an error message string (obtained from malloc) if
** there is a problem.
*/
char *verify_sql_statement(char *zSql){
int i;
char *zErr = 0;
const char *zTail;
sqlite3_stmt *pStmt;
int rc;
/* First make sure the SQL is a single query command by verifying that
** the first token is "SELECT" and that there are no unquoted semicolons.
*/
for(i=0; fossil_isspace(zSql[i]); i++){}
if( fossil_strnicmp(&zSql[i],"select",6)!=0 ){
return mprintf("The SQL must be a SELECT statement");
}
for(i=0; zSql[i]; i++){
if( zSql[i]==';' ){
int bad;
int c = zSql[i+1];
zSql[i+1] = 0;
bad = sqlite3_complete(zSql);
zSql[i+1] = c;
if( bad ){
/* A complete statement basically means that an unquoted semi-colon
** was found. We don't actually check what's after that.
*/
return mprintf("Semi-colon detected! "
"Only a single SQL statement is allowed");
}
}
}
/* Compile the statement and check for illegal accesses or syntax errors. */
report_restrict_sql(&zErr);
rc = sqlite3_prepare(g.db, zSql, -1, &pStmt, &zTail);
if( rc!=SQLITE_OK ){
zErr = mprintf("Syntax error: %s", sqlite3_errmsg(g.db));
}
if( !sqlite3_stmt_readonly(pStmt) ){
zErr = mprintf("SQL must not modify the database");
}
if( pStmt ){
sqlite3_finalize(pStmt);
}
report_unrestrict_sql();
return zErr;
}
/*
** WEBPAGE: /rptsql
|
|
|
|
|
|
|
|
|
|
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
|
}
/*
** Activate the query authorizer
*/
static void report_restrict_sql(char **pzErr){
(void)fossil_localtime(0);
sqlite4_set_authorizer(g.db, report_query_authorizer, (void*)pzErr);
}
static void report_unrestrict_sql(void){
sqlite4_set_authorizer(g.db, 0, 0);
}
/*
** Check the given SQL to see if is a valid query that does not
** attempt to do anything dangerous. Return 0 on success and a
** pointer to an error message string (obtained from malloc) if
** there is a problem.
*/
char *verify_sql_statement(char *zSql){
int i;
char *zErr = 0;
const char *zTail;
sqlite4_stmt *pStmt;
int rc;
/* First make sure the SQL is a single query command by verifying that
** the first token is "SELECT" and that there are no unquoted semicolons.
*/
for(i=0; fossil_isspace(zSql[i]); i++){}
if( fossil_strnicmp(&zSql[i],"select",6)!=0 ){
return mprintf("The SQL must be a SELECT statement");
}
for(i=0; zSql[i]; i++){
if( zSql[i]==';' ){
int bad;
int c = zSql[i+1];
zSql[i+1] = 0;
bad = sqlite4_complete(zSql);
zSql[i+1] = c;
if( bad ){
/* A complete statement basically means that an unquoted semi-colon
** was found. We don't actually check what's after that.
*/
return mprintf("Semi-colon detected! "
"Only a single SQL statement is allowed");
}
}
}
/* Compile the statement and check for illegal accesses or syntax errors. */
report_restrict_sql(&zErr);
rc = sqlite4_prepare(g.db, zSql, -1, &pStmt, &zTail);
if( rc!=SQLITE_OK ){
zErr = mprintf("Syntax error: %s", sqlite4_errmsg(g.db));
}
if( !sqlite4_stmt_readonly(pStmt) ){
zErr = mprintf("SQL must not modify the database");
}
if( pStmt ){
sqlite4_finalize(pStmt);
}
report_unrestrict_sql();
return zErr;
}
/*
** WEBPAGE: /rptsql
|
| ︙ | | | ︙ | |
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
|
/* Do initialization
*/
if( pState->nCount==0 ){
/* Turn off the authorizer. It is no longer doing anything since the
** query has already been prepared.
*/
sqlite3_set_authorizer(g.db, 0, 0);
/* Figure out the number of columns, the column that determines background
** color, and whether or not this row of data is represented by multiple
** rows in the table.
*/
pState->nCol = 0;
pState->isMultirow = 0;
|
|
|
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
|
/* Do initialization
*/
if( pState->nCount==0 ){
/* Turn off the authorizer. It is no longer doing anything since the
** query has already been prepared.
*/
sqlite4_set_authorizer(g.db, 0, 0);
/* Figure out the number of columns, the column that determines background
** color, and whether or not this row of data is represented by multiple
** rows in the table.
*/
pState->nCol = 0;
pState->isMultirow = 0;
|
| ︙ | | | ︙ | |
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
|
@ </table>
}
/*
** Execute a single read-only SQL statement. Invoke xCallback() on each
** row.
*/
int sqlite3_exec_readonly(
sqlite3 *db, /* The database on which the SQL executes */
const char *zSql, /* The SQL to be executed */
sqlite3_callback xCallback, /* Invoke this callback routine */
void *pArg, /* First argument to xCallback() */
char **pzErrMsg /* Write error messages here */
){
int rc = SQLITE_OK; /* Return code */
const char *zLeftover; /* Tail of unprocessed SQL */
sqlite3_stmt *pStmt = 0; /* The current SQL statement */
char **azCols = 0; /* Names of result columns */
int nCol; /* Number of columns of output */
char **azVals = 0; /* Text of all output columns */
int i; /* Loop counter */
pStmt = 0;
rc = sqlite3_prepare_v2(db, zSql, -1, &pStmt, &zLeftover);
assert( rc==SQLITE_OK || pStmt==0 );
if( rc!=SQLITE_OK ){
return rc;
}
if( !pStmt ){
/* this happens for a comment or white-space */
return SQLITE_OK;
}
if( !sqlite3_stmt_readonly(pStmt) ){
sqlite3_finalize(pStmt);
return SQLITE_ERROR;
}
nCol = sqlite3_column_count(pStmt);
azVals = fossil_malloc(2*nCol*sizeof(const char*) + 1);
while( (rc = sqlite3_step(pStmt))==SQLITE_ROW ){
if( azCols==0 ){
azCols = &azVals[nCol];
for(i=0; i<nCol; i++){
azCols[i] = (char *)sqlite3_column_name(pStmt, i);
}
}
for(i=0; i<nCol; i++){
azVals[i] = (char *)sqlite3_column_text(pStmt, i);
}
if( xCallback(pArg, nCol, azVals, azCols) ){
break;
}
}
rc = sqlite3_finalize(pStmt);
fossil_free(azVals);
return rc;
}
/*
** WEBPAGE: /rptview
|
|
|
|
|
|
|
|
|
|
|
|
|
|
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
|
@ </table>
}
/*
** Execute a single read-only SQL statement. Invoke xCallback() on each
** row.
*/
int sqlite4_exec_readonly(
sqlite4 *db, /* The database on which the SQL executes */
const char *zSql, /* The SQL to be executed */
sqlite4_callback xCallback, /* Invoke this callback routine */
void *pArg, /* First argument to xCallback() */
char **pzErrMsg /* Write error messages here */
){
int rc = SQLITE_OK; /* Return code */
const char *zLeftover; /* Tail of unprocessed SQL */
sqlite4_stmt *pStmt = 0; /* The current SQL statement */
char **azCols = 0; /* Names of result columns */
int nCol; /* Number of columns of output */
char **azVals = 0; /* Text of all output columns */
int i; /* Loop counter */
pStmt = 0;
rc = sqlite4_prepare(db, zSql, -1, &pStmt, &zLeftover);
assert( rc==SQLITE_OK || pStmt==0 );
if( rc!=SQLITE_OK ){
return rc;
}
if( !pStmt ){
/* this happens for a comment or white-space */
return SQLITE_OK;
}
if( !sqlite4_stmt_readonly(pStmt) ){
sqlite4_finalize(pStmt);
return SQLITE_ERROR;
}
nCol = sqlite4_column_count(pStmt);
azVals = fossil_malloc(2*nCol*sizeof(const char*) + 1);
while( (rc = sqlite4_step(pStmt))==SQLITE_ROW ){
if( azCols==0 ){
azCols = &azVals[nCol];
for(i=0; i<nCol; i++){
azCols[i] = (char *)sqlite4_column_name(pStmt, i);
}
}
for(i=0; i<nCol; i++){
azVals[i] = (char *)sqlite4_column_text(pStmt, i);
}
if( xCallback(pArg, nCol, azVals, azCols) ){
break;
}
}
rc = sqlite4_finalize(pStmt);
fossil_free(azVals);
return rc;
}
/*
** WEBPAGE: /rptview
|
| ︙ | | | ︙ | |
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
|
style_header(zTitle);
output_color_key(zClrKey, 1,
"border=\"0\" cellpadding=\"3\" cellspacing=\"0\" class=\"report\"");
@ <table border="1" cellpadding="2" cellspacing="0" class="report">
sState.rn = rn;
sState.nCount = 0;
report_restrict_sql(&zErr1);
sqlite3_exec_readonly(g.db, zSql, generate_html, &sState, &zErr2);
report_unrestrict_sql();
@ </table>
if( zErr1 ){
@ <p class="reportError">Error: %h(zErr1)</p>
}else if( zErr2 ){
@ <p class="reportError">Error: %h(zErr2)</p>
}
style_footer();
}else{
report_restrict_sql(&zErr1);
sqlite3_exec_readonly(g.db, zSql, output_tab_separated, &count, &zErr2);
report_unrestrict_sql();
cgi_set_content_type("text/plain");
}
}
/*
** report number for full table ticket export
|
|
|
|
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
|
style_header(zTitle);
output_color_key(zClrKey, 1,
"border=\"0\" cellpadding=\"3\" cellspacing=\"0\" class=\"report\"");
@ <table border="1" cellpadding="2" cellspacing="0" class="report">
sState.rn = rn;
sState.nCount = 0;
report_restrict_sql(&zErr1);
sqlite4_exec_readonly(g.db, zSql, generate_html, &sState, &zErr2);
report_unrestrict_sql();
@ </table>
if( zErr1 ){
@ <p class="reportError">Error: %h(zErr1)</p>
}else if( zErr2 ){
@ <p class="reportError">Error: %h(zErr2)</p>
}
style_footer();
}else{
report_restrict_sql(&zErr1);
sqlite4_exec_readonly(g.db, zSql, output_tab_separated, &count, &zErr2);
report_unrestrict_sql();
cgi_set_content_type("text/plain");
}
}
/*
** report number for full table ticket export
|
| ︙ | | | ︙ | |
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
|
if( zFilter ){
zSql = mprintf("SELECT * FROM (%s) WHERE %s",zSql,zFilter);
}
count = 0;
tktEncode = enc;
zSep = zSepIn;
report_restrict_sql(&zErr1);
sqlite3_exec_readonly(g.db, zSql, output_separated_file, &count, &zErr2);
report_unrestrict_sql();
if( zFilter ){
free(zSql);
}
}
|
|
|
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
|
if( zFilter ){
zSql = mprintf("SELECT * FROM (%s) WHERE %s",zSql,zFilter);
}
count = 0;
tktEncode = enc;
zSep = zSepIn;
report_restrict_sql(&zErr1);
sqlite4_exec_readonly(g.db, zSql, output_separated_file, &count, &zErr2);
report_unrestrict_sql();
if( zFilter ){
free(zSql);
}
}
|