SQL file update via a browser using PHP

I have a website that I am working on and I am importing data via an .sql file and phpMyAdmin, sometimes a few a day.

How difficult would it be for a newbie to create a PHP page where I can paste the .sql file text and it updates via a browser?

Very simple and very insecure. Is it a public facing website? If it is then it’s horrendously insecure to allow to execute plain SQL.

no, area would have .htaccess and a PHP if statement that will only allow execution from my IP. Where would I start?

Here: http://php.net/manual/en/book.mysqli.php

The script structure will look like this:


// Validate IP here

// if submit button clicked do the following {
//   - prepare sql data by removing unwanted new lines and spaces
//   - connect to your sql database
//   - process your sql queries 
// }

// show your submit form with textarea here


You can prepare your sql data using this sample function:

	function prepare($string) 

		$strings = array();

		$string = str_replace("\\r\
", "\
", $string);
		$array = explode("\
", $string);

		foreach ($array as $key=>$value) {
			$value = trim($value);
			if ($value != '')
				$strings[] = $value;

		$sql = implode("\
", $strings);
		$sqlarray = explode(";", $sql);

		return $sqlarray;

and process your queries using this function:

	function process($array) 
		foreach ($array as $key=>$value) {
			if ($value != '') {
				mysql_query($value) or die (mysql_error());			

This is a very simple example just to give you an idea.