SQLite Nineth Lesson Sqlite3_set_authorizer case

A my_authorizer function, such as the following format, can be registered in the interpretation execution statement of the SQLite statement and executed first, like a hook, which controls some access to the SQL statement, similar to the netfilter of a network packet.

#include <iostream>

#include "Sqlite/sqlite3.h"

using namespace std;

/*

The registered callback function prohibits the user from deleting any table, in fact, the third parameter

The name of the table that will pass in the current operation, which can be matched with the value, whether

The table needs to be manipulated, of course, since pszstring is an unsigned integer, if

There are multiple parameters you want to pass in, you can set the third Sqlite3_set_authorizer

parameter is a struct, and then, by casting the pszstring type, returns

SQLITE_OK, means to continue execution, return Sqlite_deny to deny execution

*/

int My_authorizer (void* pszstring,

int ncode,/* The operation code that the current SQL parsing module is executing * /

Const char* psz1,/* a database table that is passed in the current operation by the SQL parsing module and is determined by the opcode to be empty * /

Const char* psz2,

Const char* psz3,

Const char* psz4)

{

int nnotpermitcode = * (int*) pszstring;

if (Nnotpermitcode = = one)

{

printf ("Can not execute drop\n");

return Sqlite_deny;

}

return Sqlite_ok;

}

int Main ()

{

int rc = 0;

sqlite3* db = NULL;

char* pdbname = "test0.db";

char* pszerrmsg = NULL;

rc = SQLITE3_OPEN_V2 (pdbname,&db,sqlite_open_readwrite| Sqlite_open_create,null);

   

char* PSZCREATETB1 = "Create virtual table Geo_test1 using RTREE_I32 (ID, Minx, Maxx)";

rc = sqlite3_exec (db,pszcreatetb1, 0, 0, &pszerrmsg);

char* PSZINSERTSQL1 = "INSERT into geo_test1 values (1, 400, 400)";

rc = sqlite3_exec (DB,PSZINSERTSQL1, 0, 0, &pszerrmsg);

char* pszdroptable = "drop table Geo_test1";

/*

Authorization Action Code (authorizer action Codes)

excerpt from: https://www.sqlite.org/c3ref/c_alter_table.html

each authorization opcode passes different parameters to the authorization registration function, with detailed reference

URL. 11 is to delete the authorization opcode for the database table, when invoking the authorization registration function

The third string gets the name of the table that is currently being manipulated.

*/

int nnotpermitcode = one;

/*

The third parameter is a parameter value passed to the authorization registration function

*/

Sqlite3_set_authorizer (db, My_authorizer, &nnotpermitcode);

sqlite3_stmt* statement;

rc = SQLITE3_PREPARE_V2 (db, Pszdroptable,-1, &statement, NULL);

/*

Single-step debugging to PERR error message: No authored, indicates no permission to operate

*/

Const char* pszerr = sqlite3_errmsg (db);

Sqlite3_close (DB);

   

return 0;

}

SQLite Nineth Lesson Sqlite3_set_authorizer case