*/ echo "\n\n"; $DB_NAME = *****; $connect = @mysql_pconnect("*****", "*****", "*****"); // Connects to the database server $select = @mysql_select_db($DB_NAME); // Selects and opens the correct database // If the connection to the database fails, print failure XML if ((!$connect) || (!$select)) { echo ''; } else // If the database connects successfully continue { if ( (isset($_GET['projectName'])) && (isset($_GET['variableName'])) ) // Checks to see if both GET variables are set. { // Sanitizes input and intializes the GET variables $tableName = mysql_real_escape_string($_GET['projectName']); $metricName = mysql_real_escape_string($_GET['variableName']); $queryCheckTable = "SHOW tables like \"$tableName\""; $resultCheckTable = mysql_query($queryCheckTable); $queryCheckField = "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema = '$DB_NAME' AND table_name = '$tableName' AND column_name = '$metricName'"; $resultCheckField = mysql_query($queryCheckField); if (mysql_num_rows($resultCheckTable) <= 0) // if the project does not exist print an XML failure { echo ''; } elseif (mysql_num_rows($resultCheckField) <= 0) // if the variable name does not exist, print XML failure { echo ''; } // Gets the variable from the database and prints the value to XML else // If all is successful, print success XML and remove variable from database. { mysql_query("ALTER TABLE $tableName DROP COLUMN $metricName"); echo ''; } } else // If the incorrect number of GET parameters are passed in, then it fails and prints an XML failure { echo ''; } // @mysql_close(); // Closes all database connections } ?>