In a SQL injection, a malicious user is able to execute queries against your database through form fields on your web site.  In some cases, they are even able to append them as POST data directly in the address bar.

This is especially a risk when you are running publicly available software packages such as phpBB.  Most users do not change the default settings, so once a vulnerability is exposed, malicious users are able to target sites running the software much more effectively.

I’ve used phpBB as an example because it is well-known for its security vulnerabilities.  Sites running phpBB often become the target of SQL injection attacks.  Of the many ways to secure a phpBB installation, one of the most effective is to change the MySQL table prefixes away from the defaults set by the phpBB installer.

This makes it that much harder for malicious users to effectively target your database.  While this in and of itself does not prevent SQL injections or increase your site’s security, it does make these attacks far less effective.

While I designed this tool with this purpose in mind, it doesn’t stop there.  Perhaps you are migrating a site from one host to another and you need to change table prefixes as a result.  Or maybe you are restoring data from an old backup into a new installation that uses different settings from the previous.

In any case, changing these prefixes can be a tedious job if you had to do it manually. Even tools like phpMyAdmin don’t provide a clean, quick method of doing this. But with a little help from PHP, we are able to create our own tool very quickly.