Allow user to change SQLITE_DEFENSIVE if needed

[bohwaz]

This allows the PHP developer to set the ini setting sqlite3.defensive to false to be able to manually modify the schema of a SQLite database if needed.

When I introduced this feature I didn't think of the need to manually change a schema (knowing that this may lead to database corruption).

This setting must in fact be available to app developers without having to change the server configuration for all database connections.

[cmb69]

Ah, good point! I'm not quite sure whether we should weaken security this way. Maybe an alternative would be to introduce a function which allows to change the setting (which could be added to disable_functions), but leave sqlite.defensive as PHP_INI_SYSTEM. Or perhaps changing to PHP_INI_PERDIR might be an option, too. It might be best to write to the internals mailing list regarding this change.

[bohwaz]

@cmd69 It's not really a security issue: if you can change this INI setting it means you can write PHP code on the server, and then you can corrupt the database by just writing to it using fopen for example.

defensive setting is just to disallow changing the database schema using SQL commands (as it might corrupt the DB), this should be on by default, but in some cases an application may need to change the schema manually, eg. rewriting constraints, in that case this process might be done through the app upgrade process. And in case of self-hosting, most large scale hosting services don't allow to set INI settings in .htaccess, so PERDIR would not be very useful.

[cmb69]

Well, you're right. If there are no objections, I'll merge this in a week.

[bohwaz]

Thank you @cmb69 :)