At least on Windows, the temporary directory may contain tilde signs,
which would result in an INI parse error.

The fix for feature request #53466 did not properly handle resetting of
the corresponding statement; the problem with this is that the
statement does not know about its result sets.  But even if we could
fix this, the `complete` handling still appears to be brittle, since
the `sqlite3_column_type()`docs[1] state:

| If the SQL statement does not currently point to a valid row, or if
| the column index is out of range, the result is undefined.

Fortunately, we can use `sqlite3_data_count()` instead, since[2]:

| If prepared statement P does not have results ready to return (via
| calls to the sqlite3_column() family of interfaces) then
| sqlite3_data_count(P) returns 0.

Thus, we guard `SQLite3::columnType()` with `sqlite3_data_count()`, and
completely drop updating the `php_sqlite3_result_object.complete`
field, but keep it for ABI BC purposes.

[1] <https://www.sqlite.org/c3ref/column_blob.html>
[2] <https://www.sqlite.org/c3ref/data_count.html>

* PHP-7.2:
  Upgrade to SQLite 3.28.0

* PHP-7.1:
  Upgrade to SQLite 3.28.0

Over the years, multiple security vulnerabilities[1] have been found
and fixed in SQLite3, so it makes sense to update our bundled libsqlite
to the latest available version.

[1] <https://www.cvedetails.com/vulnerability-list/vendor_id-9237/Sqlite.html>

* PHP-7.2:
  Fix bug #77967 - Bypassing open_basedir restrictions via file uris

* PHP-7.1:
  Fix bug #77967 - Bypassing open_basedir restrictions via file uris

* PHP-7.2:
  use {TMP} placeholder in phpt tests