Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Documentation updates for the SQLITE_DIRECTONLY flag. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
5beb6dc9bc2d3d0003e33488df9c01aa |
User & Date: | drh 2019-09-16 14:42:07.286 |
Context
2019-09-16
| ||
15:15 | Add recent interesting cases from dbsqlfuzz. (check-in: f06ef3d75d user: drh tags: trunk) | |
14:42 | Documentation updates for the SQLITE_DIRECTONLY flag. (check-in: 5beb6dc9bc user: drh tags: trunk) | |
05:34 | Fix a problem with processing CTEs that use a WINDOW clause. (check-in: ca564d4b5b user: dan tags: trunk) | |
Changes
Changes to src/sqlite.h.in.
︙ | ︙ | |||
4856 4857 4858 4859 4860 4861 4862 4863 4864 | ** ^The fourth parameter may optionally be ORed with [SQLITE_DETERMINISTIC] ** to signal that the function will always return the same result given ** the same inputs within a single SQL statement. Most SQL functions are ** deterministic. The built-in [random()] SQL function is an example of a ** function that is not deterministic. The SQLite query planner is able to ** perform additional optimizations on deterministic functions, so use ** of the [SQLITE_DETERMINISTIC] flag is recommended where possible. ** ^The fourth parameter may also optionally include the [SQLITE_DIRECTONLY] ** flag, which if present prevents the function from being invoked from | > | > > | 4856 4857 4858 4859 4860 4861 4862 4863 4864 4865 4866 4867 4868 4869 4870 4871 4872 4873 4874 4875 | ** ^The fourth parameter may optionally be ORed with [SQLITE_DETERMINISTIC] ** to signal that the function will always return the same result given ** the same inputs within a single SQL statement. Most SQL functions are ** deterministic. The built-in [random()] SQL function is an example of a ** function that is not deterministic. The SQLite query planner is able to ** perform additional optimizations on deterministic functions, so use ** of the [SQLITE_DETERMINISTIC] flag is recommended where possible. ** ** ^The fourth parameter may also optionally include the [SQLITE_DIRECTONLY] ** flag, which if present prevents the function from being invoked from ** within VIEWs or TRIGGERs. For security reasons, the [SQLITE_DIRECTONLY] ** flag is recommended for any application-defined SQL function that has ** side-effects. ** ** ^(The fifth parameter is an arbitrary pointer. The implementation of the ** function can gain access to this pointer using [sqlite3_user_data()].)^ ** ** ^The sixth, seventh and eighth parameters passed to the three ** "sqlite3_create_function*" functions, xFunc, xStep and xFinal, are ** pointers to C-language functions that implement the SQL function or |
︙ | ︙ | |||
4982 4983 4984 4985 4986 4987 4988 | ** [sqlite3_create_function_v2()]. ** ** The SQLITE_DETERMINISTIC flag means that the new function will always ** maps the same inputs into the same output. The abs() function is ** deterministic, for example, but randomblob() is not. ** ** The SQLITE_DIRECTONLY flag means that the function may only be invoked | | > > > > > | 4985 4986 4987 4988 4989 4990 4991 4992 4993 4994 4995 4996 4997 4998 4999 5000 5001 5002 5003 5004 | ** [sqlite3_create_function_v2()]. ** ** The SQLITE_DETERMINISTIC flag means that the new function will always ** maps the same inputs into the same output. The abs() function is ** deterministic, for example, but randomblob() is not. ** ** The SQLITE_DIRECTONLY flag means that the function may only be invoked ** from top-level SQL, and cannot be used in VIEWs or TRIGGERs. This is ** a security feature which is recommended for all ** [application-defined SQL functions] that have side-effects. This flag ** prevents an attacker from adding triggers and views to a schema then ** tricking a high-privilege application into causing unintended side-effects ** while performing ordinary queries. ** ** The SQLITE_SUBTYPE flag indicates to SQLite that a function may call ** [sqlite3_value_subtype()] to inspect the sub-types of its arguments. ** Specifying this flag makes no difference for scalar or aggregate user ** functions. However, if it is not specified for a user-defined window ** function, then any sub-types belonging to arguments passed to the window ** function may be discarded before the window function is called (i.e. |
︙ | ︙ |