Given 1000s mysql queries in string format, could there be a way to analyze and remove any SQL injections from these strings before running the query?
one idea i had was to check the string for common words/phrases that are used in an sql injection which are never used in the application running the queries. If found, don't run the query and alert the admins.