diff --git a/post_sql.php b/post_sql.php
index 83b758c..e889604 100644
--- a/post_sql.php
+++ b/post_sql.php
@@ -4,6 +4,26 @@
 {
   foreach($_POST as $par)
   {
-     
+    //echo $val;
+    $restrict=array("'", '"', 'order', '*', 'union');
+    
+    /*Comparing each character by char*/
+    for($i=0; $i<strlen($par); $i++)
+    {
+       if($par[$i] in $restrict)
+       {
+           stopit();
+       }
+    }
+    
+    /*Compare words separated by space*/
+    $wd=explode(' ', $par);
+    for($i=0; $i<sizeof($wd); $i++)
+    {
+      if($wd[$i] in $restrict)
+      {
+        stopit();
+      }
+    }
   }
 }