How can I check SQL statements?


I’m looking for the security of sql injection.

sql = select * from where field01 = '1' AND field = 'where' example01 ('sql', 'where') 
  • The above sentence is looking to check that ‘where’ goes in once and ‘and’ goes in twice.
  • Using the function, you can see that the reserved word ‘where’ has been entered once.
  • What I’m looking for is a library or concept built around it.

Do these libraries exist? ( Of course I know of regular expressions. )

Additional questions:

  • Does the prepared statement have the functionality I’m talking about?
  • Does the DBMS procedure have the functionality I’m talking about?