1st, you should limit the permissions that you have for the user doing
the update.
This user should not be able to do things like ALTER / DROP / CREATE
etc...
If you don't have a need for the DELETE command you can remove the
permissions for it to, however this does not solve all of your
A quick suggestion would be to build your query normally and then don't run
the query if it has a semicolon that isn't inside quotes. Also, use single
quotes in the update to make your checks easier:
UPDATE table_name SET field1='value1'
-Original Message-
From: Ronald Wiplinger
To:
