Only allow expected characters. If a field should only be alphanumeric, reject special characters like ' , ) , and # .
If you are a developer looking to secure your code against this specific type of attack, follow these steps: {KEYWORD}') ORDER BY 1#
and want to see a "before and after" security example? Performing a security audit and Only allow expected characters
It looks like you are testing for vulnerabilities. reject special characters like '