Jump to content
Sign in to follow this  
BrainPill

change column names without changing the type

Recommended Posts

If I use the following commands:

     ALTER TABLE yourtab CHANGE `$colname1` `$colname2` VARCHAR(20) NOT NULL;

     ALTER TABLE yourtab MODIFY `$colname1` `$colname2` VARCHAR(20) NOT NULL;

     ALTER TABLE yourtab CHANGE COLUMN `$colname1` `$colname2` VARCHAR(20) NOT NULL;

 

And because I  use a variable inside a loop I can change an array of column names. The challenge I'm facing is that VARCHAR or other type formats are obviously  obliged. 

is that true?

Is there a possibility to change a column name and keep the type set as the original table create settings?

 

 

 

Share this post


Link to post
Share on other sites

I don't know.  I do know that the only time I've seen an application try to dynamically change the database structure, the problems stacked up quickly.  Your database design shouldn't need to be changed ideally.

Share this post


Link to post
Share on other sites
1 hour ago, justsomeguy said:

I don't know.  I do know that the only time I've seen an application try to dynamically change the database structure, the problems stacked up quickly.  Your database design shouldn't need to be changed ideally.

My goal is to make column names, tablenames and database names variable. 

I use escape functions and I created filters myself to avoid wrong input in the database.

As an extra security measure I would like to have a few scripts to change column, table and database names , making it easier to mitigate sql attacks.

 

You say the problems stack up quickly. But what do you try to say with that? What problems do you mean?

 

 

Share this post


Link to post
Share on other sites

My goal is to make column names, tablenames and database names variable. 

Why is that a goal?  Specifically, what problem are you trying to solve by making those things variable?

As an extra security measure I would like to have a few scripts to change column, table and database names , making it easier to mitigate sql attacks.

Why do you think that would mitigate SQL attacks?  We already have well-known and easy ways to protect against things like SQL injection attacks, what does changing identifier names add to that?  If someone is able to attack your database and the only thing stopping them is identifier names (which are relatively easy to figure out if they can already attack your database), the solution is to make it impossible to attack the database in the first place instead of trying to hide the names.

You say the problems stack up quickly. But what do you try to say with that? What problems do you mean?

I've worked with an application which added tables as needed.  When you have several thousand tables all holding similar data then database maintenance becomes a nightmare.  That application was poorly designed.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×