Differences From:

File src/report.c part of check-in [0be54823ba] - Add defenses against cross-site request forgery attacks. by drh on 2008-10-18 12:55:44. [view]

To:

File src/report.c part of check-in [58f15e92ae] - Disable SQL restrictions as soon as the user-supplied report-generator SQL has been parsed, so that other queries that run during report rendering and run unimpeded. Ticket c666e737cb028bcec2d55659d79ce8521355d2bf by drh on 2009-01-08 14:05:50. [view]

@@ -678,8 +678,13 @@
 
   /* Do initialization
   */
   if( pState->nCount==0 ){
+    /* Turn off the authorizer.  It is no longer doing anything since the
+    ** query has already been prepared.
+    */
+    sqlite3_set_authorizer(g.db, 0, 0);
+
     /* Figure out the number of columns, the column that determines background
     ** color, and whether or not this row of data is represented by multiple
     ** rows in the table.
     */