I am working on some ideas to help stop sql injection from happening.  Right now I am working on modifying the sanitize function to look for sql statements in the GET and POST data and thus filter them out and make them useless. 

The way I see it there should not be any conflicts with parameters passed in the data as there should be nothing that resembles a sql statement getting passed in this data.

Any thoughts?