Overview
| SHA1 Hash: | 373e42de1d8eea8d95a1b41e106ae8bfab7a1926 |
|---|---|
| Date: | 2008-02-08 17:27:16 |
| User: | drh |
| Comment: | Merge two branches that were created within one second of one another. There is a race condition in the anti-forking logic that allowed this fork to occur. |
| Timelines: | ancestors | descendants | both | trunk |
| Other Links: | files | ZIP archive | manifest |
Tags And Properties
- branch=trunk inherited from [a28c83647d]
- sym-trunk inherited from [a28c83647d]
Changes
[hide diffs]Modified src/admin.c from [ca95dba485] to [83d1c6c6c3].
@@ -63,13 +63,12 @@
login_needed();
return;
}
style_header("Admin SQL");
@ <hr/><h2>SQL:</h2>
- @ <span class='achtung'>You can enter arbitrary SQL here, to execute
- @ against the repo database.
- @ With great power comes great responsibility...</span><br/>
+ @ You can enter only SELECT statements here, and some SQL-side functions
+ @ are also restricted.<br/>
@ <form action='' method='post'>
@ <textarea style='border:2px solid black' name='sql'
@ cols='80' rows='5'>%h(zSql)</textarea>
@ <br/><input type='submit' name='sql_submit'/> <input type='reset'/>
@ </form>
Modified src/tagview.c from [13bdab07f0] to [f0893454d5].
@@ -68,12 +68,12 @@
" ORDER BY tx.mtime DESC %s",
zLikeClause, zLimit
);
db_generic_query_view(zSql, 1);
free(zSql);
- if( strlen(zLikeClause) ) free(zLikeClause);
- if( strlen(zLimit) ) free(zLimit);
+ if( zLikeClause[0] ) free(zLikeClause);
+ if( zLimit[0] ) free(zLimit);
}
/*
** A small search form which forwards to ?like=SEARCH_STRING
*/