1--TEST--
2SQLite3 user authorizer callback
3--EXTENSIONS--
4sqlite3
5--FILE--
6<?php
7
8$db = new SQLite3(':memory:');
9$db->enableExceptions(true);
10
11$db->setAuthorizer(function (int $action) {
12    if ($action == SQLite3::SELECT) {
13        return SQLite3::OK;
14    }
15
16    return SQLite3::DENY;
17});
18
19// This query should be accepted
20var_dump($db->querySingle('SELECT 1;'));
21
22try {
23    // This one should fail
24    var_dump($db->querySingle('CREATE TABLE test (a, b);'));
25} catch (\Exception $e) {
26    echo $e->getMessage() . "\n";
27}
28
29// Test disabling the authorizer
30$db->setAuthorizer(null);
31
32// This should now succeed
33var_dump($db->exec('CREATE TABLE test (a); INSERT INTO test VALUES (42);'));
34var_dump($db->querySingle('SELECT a FROM test;'));
35
36// Test if we are getting the correct arguments
37$db->setAuthorizer(function (int $action) {
38    $constants = (new ReflectionClass('SQLite3'))->getConstants();
39    $constants = array_flip($constants);
40
41    var_dump($constants[$action], implode(',', array_slice(func_get_args(), 1)));
42    return SQLITE3::OK;
43});
44
45var_dump($db->exec('SELECT * FROM test WHERE a = 42;'));
46var_dump($db->exec('DROP TABLE test;'));
47
48// Try to return something invalid from the authorizer
49$db->setAuthorizer(function () {
50    return 'FAIL';
51});
52
53try {
54    var_dump($db->querySingle('SELECT 1;'));
55} catch (\Exception $e) {
56    echo $e->getMessage() . "\n";
57    echo $e->getPrevious()->getMessage() . "\n";
58}
59
60$db->setAuthorizer(function () {
61    return 4200;
62});
63
64try {
65    var_dump($db->querySingle('SELECT 1;'));
66} catch (\Exception $e) {
67    echo $e->getMessage() . "\n";
68    echo $e->getPrevious()->getMessage() . "\n";
69}
70
71?>
72--EXPECT--
73int(1)
74Unable to prepare statement: 23, not authorized
75bool(true)
76int(42)
77string(6) "SELECT"
78string(3) ",,,"
79string(4) "READ"
80string(12) "test,a,main,"
81string(4) "READ"
82string(12) "test,a,main,"
83bool(true)
84string(6) "DELETE"
85string(20) "sqlite_master,,main,"
86string(10) "DROP_TABLE"
87string(11) "test,,main,"
88string(6) "DELETE"
89string(11) "test,,main,"
90string(6) "DELETE"
91string(20) "sqlite_master,,main,"
92string(4) "READ"
93string(28) "sqlite_master,tbl_name,main,"
94string(4) "READ"
95string(24) "sqlite_master,type,main,"
96string(6) "UPDATE"
97string(28) "sqlite_master,rootpage,main,"
98string(4) "READ"
99string(28) "sqlite_master,rootpage,main,"
100bool(true)
101Unable to prepare statement: 23, not authorized
102The authorizer callback returned an invalid type: expected int
103Unable to prepare statement: 23, not authorized
104The authorizer callback returned an invalid value
105