I have 16 years experience as a programmer. I have been a web developer for 10 years. I have developed systems for back and front office operations since 1998. I have served industries utilizing from standalone, to client-server and up to the latest browser based systems. I can teach you this within 2 hours.
I am writing today because I know the solution to your problem. I can teach you how. And it won't take much code to do it. It is a very simple solution that I have been using for over 10 years. And you can apply this to almost any RDBMS. You can remove blocking codes. And even when your user injects a query, and it goes through, it still won't get sql injected.
I have already provided solutions for inventory, sales, purchases, human resource, payroll, ROPOA (Real and Other Properties Owned and Acquired) Systems, fixed assets management, loans management, hotel management, vehicle management and even courier systems. It has served banks, retail outlets, distributors, manufacturers, restaurants, hotels, security agencies, car rentals, electric and water utility companies and farms.