Fossil

Check-in [03e21b9cd5]
Login
Home Timeline Docs Branches Tickets Wiki DownloadMore...

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix another case where PROTECT_READONLY needs to be relaxed even though the request not from the same origin.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 03e21b9cd51d859b1812a35030084a618fa883809dc41388a347c21f03711bbf
User & Date: drh 2022-12-31 18:51:15.526
Context
2023-01-02
13:00
Show the value of g.zLocalRoot on the /test_env page. check-in: 3df5d40c2f user: drh tags: trunk
2022-12-31
18:51
Fix another case where PROTECT_READONLY needs to be relaxed even though the request not from the same origin. check-in: 03e21b9cd5 user: drh tags: trunk
12:21
Fix stray character in the change log. check-in: fbcd9a77b7 user: drh tags: trunk
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/db.c. 
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149

  const char *zStartFile;   /* File in which transaction was started */
  int iStartLine;           /* Line of zStartFile where transaction started */
  int (*xAuth)(void*,int,const char*,const char*,const char*,const char*);
  void *pAuthArg;           /* Argument to the authorizer */
  const char *zAuthName;    /* Name of the authorizer */
  int bProtectTriggers;     /* True if protection triggers already exist */
  int nProtect;             /* Slots of aProtect used */
  unsigned aProtect[10];    /* Saved values of protectMask */
} db = {
  PROTECT_USER|PROTECT_CONFIG|PROTECT_BASELINE,  /* protectMask */
  0, 0, 0, 0, 0, 0, };

/*
** Arrange for the given file to be deleted on a failure.
*/








|








135
136
137
138
139
140
141
142
143
144
145
146
147
148
149

  const char *zStartFile;   /* File in which transaction was started */
  int iStartLine;           /* Line of zStartFile where transaction started */
  int (*xAuth)(void*,int,const char*,const char*,const char*,const char*);
  void *pAuthArg;           /* Argument to the authorizer */
  const char *zAuthName;    /* Name of the authorizer */
  int bProtectTriggers;     /* True if protection triggers already exist */
  int nProtect;             /* Slots of aProtect used */
  unsigned aProtect[12];    /* Saved values of protectMask */
} db = {
  PROTECT_USER|PROTECT_CONFIG|PROTECT_BASELINE,  /* protectMask */
  0, 0, 0, 0, 0, 0, };

/*
** Arrange for the given file to be deleted on a failure.
*/
Changes to src/login.c. 
150
151
152
153
154
155
156


157
158
159
160
161
162
163
164


165
166
167
168
169
170
171

  return uid;
}

/*
** Make sure the accesslog table exists.  Create it if it does not
*/
void create_accesslog_table(void){


  db_multi_exec(
    "CREATE TABLE IF NOT EXISTS repository.accesslog("
    "  uname TEXT,"
    "  ipaddr TEXT,"
    "  success BOOLEAN,"
    "  mtime TIMESTAMP"
    ");"
  );


}

/*
** Make a record of a login attempt, if login record keeping is enabled.
*/
static void record_login_attempt(
  const char *zUsername,     /* Name of user logging in */








>
>
|
|
|
|
|
|
|
|
>
>








150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175

  return uid;
}

/*
** Make sure the accesslog table exists.  Create it if it does not
*/
void create_accesslog_table(void){
  if( !db_table_exists("repository","accesslog") ){
    db_unprotect(PROTECT_READONLY);
    db_multi_exec(
      "CREATE TABLE IF NOT EXISTS repository.accesslog("
      "  uname TEXT,"
      "  ipaddr TEXT,"
      "  success BOOLEAN,"
      "  mtime TIMESTAMP"
      ");"
    );
    db_protect_pop();
  }
}

/*
** Make a record of a login attempt, if login record keeping is enabled.
*/
static void record_login_attempt(
  const char *zUsername,     /* Name of user logging in */
This page was generated in about 0.022s by Fossil 2.26 [1205ec86cb] 2025-04-30 16:57:32