$veri = $_SERVER['QUERY_STRING'];

if (preg_match('/(select|insert|update|delete)/', $veri) && !ctype_digit($veri)) die("SQL INJECTION");