/ Check-in [47629b19]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Comment:Improvements to the sqlite3_set_authorizer() documentation.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 47629b1911e52445aad8ea969137bddf0019c55b4a4f0de8e77decb6a434c8a2
User & Date: drh 2017-05-11 12:27:21
New requirements marks and documentation for the authorizer. (check-in: 3980ea09 user: drh tags: trunk)
Improvements to the sqlite3_set_authorizer() documentation. (check-in: 47629b19 user: drh tags: trunk)
Change the SQLITE_READ authorization call for unreferenced tables to use an empty string for the column name, as this is less likely to impact legacy authorization callbacks that assume column names are always non-NULL. (check-in: 4139953a user: drh tags: trunk)
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/sqlite.h.in.

  2697   2697   ** authorizer will fail with an error message explaining that
  2698   2698   ** access is denied. 
  2699   2699   **
  2700   2700   ** ^The first parameter to the authorizer callback is a copy of the third
  2701   2701   ** parameter to the sqlite3_set_authorizer() interface. ^The second parameter
  2702   2702   ** to the callback is an integer [SQLITE_COPY | action code] that specifies
  2703   2703   ** the particular action to be authorized. ^The third through sixth parameters
  2704         -** to the callback are zero-terminated strings that contain additional
  2705         -** details about the action to be authorized.
         2704  +** to the callback are either NULL pointers or zero-terminated strings
         2705  +** that contain additional details about the action to be authorized.
         2706  +** Applications must always be prepared to encounter a NULL pointer in any
         2707  +** of the third through the sixth parameters of the authorization callback.
  2706   2708   **
  2707   2709   ** ^If the action code is [SQLITE_READ]
  2708   2710   ** and the callback returns [SQLITE_IGNORE] then the
  2709   2711   ** [prepared statement] statement is constructed to substitute
  2710   2712   ** a NULL value in place of the table column that would have
  2711   2713   ** been read if [SQLITE_OK] had been returned.  The [SQLITE_IGNORE]
  2712   2714   ** return can be used to deny an untrusted user access to individual