It looks like you are testing for vulnerabilities.
Only allow expected characters. If a field should only be alphanumeric, reject special characters like ' , ) , and # . {KEYWORD}') ORDER BY 1#
Use placeholders (like ? or :name ) instead of inserting variables directly into the string. It looks like you are testing for vulnerabilities