> As that means that SQLite extensions can only be loaded through C code
> (not through SQL), and if someone can upload and execute code to your
> server, your server is compromised anyway, having to edit ini files to
> enable extension loading, seems like a bad tradeoff.
I'm sorry to disagree, bu
On Tue, June 27, 2023, 6:33 Rowan Tommins wrote:
> On 27/06/2023 02:25, Theodore Brown wrote:
> > Currently the following code returns only the array keys that loosely equal
> > null:
> >
> > array_keys($array, null)
> >
> > If the function is changed to a single signature with $filter_value
On Thu, 29 Jun 2023 at 11:40, BohwaZ wrote:
>
> I'm sorry to disagree, but changing this would be a bad idea for
> security.
>
> I'm quite sure that I never want users to be able to load any
> extension through SQL, or it would mean trouble :(
>
> So just like in the SQLite3 extension, extension l
> Yes?
>
> I think you possibly misread my email.
Ah! sorry I understood the opposite, that you were wondering about
letting people load extensions from SQL. Great that we are on the same
note :)
> Sorry, I am in too much pain to look at those before the deadline.
> There is always 8.4 https://w
