diff options
Diffstat (limited to 'src/update.c')
| -rw-r--r-- | src/update.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/src/update.c b/src/update.c index 29a4197f9..7ddecaca1 100644 --- a/src/update.c +++ b/src/update.c @@ -12,7 +12,7 @@ ** This file contains C code routines that are called by the parser ** to handle UPDATE statements. ** -** $Id: update.c,v 1.51 2003/01/11 13:30:58 drh Exp $ +** $Id: update.c,v 1.52 2003/01/12 18:02:19 drh Exp $ */ #include "sqliteInt.h" @@ -53,6 +53,7 @@ void sqliteUpdate( int oldIdx = -1; /* index of trigger "old" temp table */ if( pParse->nErr || sqlite_malloc_failed ) goto update_cleanup; + if( sqliteAuthCommand(pParse, "UPDATE", 0) ) goto update_cleanup; db = pParse->db; /* Check for the special case of a VIEW with one or more ON UPDATE triggers @@ -110,7 +111,9 @@ void sqliteUpdate( /* Resolve the column names in all the expressions in both the ** WHERE clause and in the new values. Also find the column index - ** for each column to be updated in the pChanges array. + ** for each column to be updated in the pChanges array. For each + ** column to be updated, make sure we have authorization to change + ** that column. */ if( pWhere ){ if( sqliteExprResolveIds(pParse, base, pTabList, 0, pWhere) ){ @@ -144,6 +147,11 @@ void sqliteUpdate( pParse->nErr++; goto update_cleanup; } +#ifndef SQLITE_OMIT_AUTHORIZATION + if( sqliteAuthWrite(pParse, pTab, j)==SQLITE_IGNORE ){ + aXRef[j] = -1; + } +#endif } /* Allocate memory for the array apIdx[] and fill it with pointers to every |