$badwords = array("+","--)","DEL ","--","'","del ","delete ","DELETE ","INSERT","insert","UPDATE","update","=","DROP","drop ","SELE ","sele ","$","WAREHOUSE","warehouse","DEXTERITY","Dexterity","WHERE ","where ",";",""","*","UNION ","union ","MEMB ","memb ","SET ","set ","RES3T","res3t","WAREH","wareh","%","=","ADD ","add ","/",",",":",""smile;
foreach($_POST as $value)
foreach($badwords as $word)
if(substr_count($value, $word) > 0)
die(header("Location: index.php?error=noaccess"smile);



//
Это такая защита от от sql inj..