Fossil

Check-in [138177c3]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:correction to the 'warning' text in admin_sql_page()
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 138177c30e92cf7a01b3d145c46ac28b4c2c654f
User & Date: stephan 2008-02-08 16:27:25
Context
2008-02-08
19:54
added a link (for admin users only) to the admin page check-in: c4d6b89e user: stephan tags: trunk
17:27
Merge two branches that were created within one second of one another. There is a race condition in the anti-forking logic that allowed this fork to occur. check-in: 373e42de user: drh tags: trunk
16:27
correction to the 'warning' text in admin_sql_page() check-in: 138177c3 user: stephan tags: trunk
16:24
minor efficiency hack in tagview_page_list_tags() check-in: 6d67f3c7 user: stephan tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/admin.c.

61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
  login_check_credentials();
  if( !g.okAdmin ){
    login_needed();
    return;
  }
  style_header("Admin SQL");
  @ <hr/><h2>SQL:</h2>
  @ <span class='achtung'>You can enter arbitrary SQL here, to execute
  @ against the repo database.
  @ With great power comes great responsibility...</span><br/>
  @ <form action='' method='post'>
  @ <textarea style='border:2px solid black' name='sql'
  @  cols='80' rows='5'>%h(zSql)</textarea>
  @ <br/><input type='submit' name='sql_submit'/> <input type='reset'/>
  @ </form>
  if( zSql[0] ){
    sqlite3_set_authorizer(g.db, selectOnly, 0);
    db_generic_query_view(zSql, 0);
    sqlite3_set_authorizer(g.db, 0, 0);
  }
  style_footer();
}







|
|
<












61
62
63
64
65
66
67
68
69

70
71
72
73
74
75
76
77
78
79
80
81
  login_check_credentials();
  if( !g.okAdmin ){
    login_needed();
    return;
  }
  style_header("Admin SQL");
  @ <hr/><h2>SQL:</h2>
  @ You can enter only SELECT statements here, and some SQL-side functions
  @ are also restricted.<br/>

  @ <form action='' method='post'>
  @ <textarea style='border:2px solid black' name='sql'
  @  cols='80' rows='5'>%h(zSql)</textarea>
  @ <br/><input type='submit' name='sql_submit'/> <input type='reset'/>
  @ </form>
  if( zSql[0] ){
    sqlite3_set_authorizer(g.db, selectOnly, 0);
    db_generic_query_view(zSql, 0);
    sqlite3_set_authorizer(g.db, 0, 0);
  }
  style_footer();
}