Home arrow MySQL arrow Page 2 - MySQL Table Prefix Changer Tool in PHP

Constructing the tool - MySQL

If you are a web developer, you are undoubtedly aware that there are constant threats to your site. SQL injections are one type of threat that you must be aware of and make every attempt to prevent.

TABLE OF CONTENTS:
  1. MySQL Table Prefix Changer Tool in PHP
  2. Constructing the tool
  3. Editing your current database tables
  4. Putting the database back together
By: Nilpo
Rating: starstarstarstarstar / 24
January 02, 2008

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

This tool should take a very simple approach. It should display a form where you can enter all of the required information for your database. When the form is submitted, it should connect to the database and make the necessary changes.

That seems simple enough, wouldn’t you say?

Please take into consideration that this is designed to be a single use tool. This file should not be left on your web server after use to prevent malicious behavior.  However, we’ll attempt to add a little security just in case it is.

<html>

<head>

<title>MySQL Table Prefix Changer</title>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

</head>

 

<body>

<?php

// Check for POST data

$action = isset($_REQUEST['action'])?$_REQUEST['action']:false;

 

if (!$action) {

?>

The code begins quite simply by creating a page. This is pretty standard for any PHP utility.  After setting up the HTML page, we do a quick check for POST data.  This lets us know whether we should display the form itself, or process its data.

Here we’re using a pretty standard POST data check. Then we move into a conditional statement. The first block of code should be displayed if no post data was found. That means that we should be displaying our HTML form.

<form name="form1" method="post" action="prefix.php">

   <table width="75%" border="0" cellspacing="2" cellpadding="2">

       <tr>

          <td>Enter database name:</td>

          <td><input name="d" type="text" id="d" size="50"></td>

       </tr>

       <tr>

          <td>Enter database user</td>

          <td><input name="u" type="text" id="u" size="50"</td>

       </tr>

       <tr>

          <td>Enter database password:</td>

          <td><input name="p" type="password" id="p" size="50"></td>

       </tr>

       <tr>

          <td>Enter New Prefix:</td>

          <td><input name="n" type="text" id="n" size="50" value="(Do not include
the trailing underscore)"></td>

       </tr>

       <tr>

          <td>&nbsp;</td>

          <td>&nbsp;</td>

       </tr>

       <tr>

          <td colspan="2" align="center"><input name="action" type="hidden"
id="action" value="data">

              <input type="submit" name="Submit" value="Change Table
Prefixes"></td>

       </tr>

   </table>

</form>

Here we have a simple form with a few input boxes for the necessary information.  There’s certainly nothing fancy here and I’ve even elected not to include any type of validation. Since this should only be used by you, the site administrator, it’s safe to assume the user would know what is going on, but you could certainly add some validation if you wished.

The important thing to note here is the addition of the hidden “action” field. This is used by our POST data check. If this field is omitted, the script will not function and will continually display this form no matter how many times you choose to submit it. You should also note that the form’s action is set back to this script.



 
 
>>> More MySQL Articles          >>> More By Nilpo
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

MYSQL ARTICLES

- Oracle Unveils MySQL 5.6
- MySQL Vulnerabilities Threaten Databases
- MySQL Cloud Options Expand with Google Cloud...
- MySQL 5.6 Prepped to Handle Demanding Web Use
- ScaleBase Service Virtualizes MySQL Databases
- Oracle Unveils MySQL Conversion Tools
- Akiban Opens Database Software for MySQL Use...
- Oracle Fixes MySQL Bug
- MySQL Databases Vulnerable to Password Hack
- MySQL: Overview of the ALTER TABLE Statement
- MySQL: How to Use the GRANT Statement
- MySQL: Creating, Listing, and Removing Datab...
- MySQL: Create, Show, and Describe Database T...
- MySQL Data and Table Types
- McAfee Releases Audit Plugin for MySQL Users

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: