This one is very very simple code. It should has more enhancements.
Loc:Result=Level:Benign
IF (INSTRING('DELETE ',UPPER(Par:SQLString),1,1)>0 OR INSTRING('EXEC ',UPPER(Par:SQLString),1,1)>0 OR INSTRING('ALTER ',UPPER(Par:SQLString),1,1)>0) THEN
vzDebug(15,'SQLCheck: Very dangerous query! '&Par:SQLString)
Loc:Result=Level:Notify
END
IF INSTRING('DROP ',UPPER(Par:SQLString),1,1)>0 AND ( |
INSTRING('TABLE ',UPPER(Par:SQLString),1,1)>0 OR |
INSTRING('DATABASE ',UPPER(Par:SQLString),1,1)>0 OR |
INSTRING('LOGIN ',UPPER(Par:SQLString),1,1)>0 OR |
INSTRING('SCHEMA ',UPPER(Par:SQLString),1,1)>0 OR |
INSTRING('INDEX ',UPPER(Par:SQLString),1,1)>0 OR |
INSTRING('VIEW ',UPPER(Par:SQLString),1,1)>0 OR |
INSTRING('TRIGGER ',UPPER(Par:SQLString),1,1)>0 OR |
INSTRING('PROCEDURE ',UPPER(Par:SQLString),1,1)>0 OR |
INSTRING('FUNCTION ',UPPER(Par:SQLString),1,1)>0) THEN
vzDebug(15,'SQLCheck: Drop - Command rejected! '&Par:SQLString)
Loc:Result=Level:Fatal
END
IF (INSTRING('TRUNCATE ',UPPER(Par:SQLString),1,1)>0) THEN
vzDebug(14,'SQLCheck: Command rejected! '&Par:SQLString)
Loc:Result=Level:Fatal
END
IF INSTRING('SYS.',UPPER(Par:SQLString),1,1)>0 THEN
vzDebug(15,'SQLCheck: Very dangerous query! '&Par:SQLString)
END
RETURN(Loc:Result)