Abstract
SQL injection is the most common attack for web applications and widely used attacking method by hackers all over the world. This is an attacking method that aims the data stored in a database through the firewall that shield it. The poor input validation in code and website administration leads SQL injection to attack the web resource. This proposed system exhibit a dynamic method to detect and prevent tautology type SQL Injection from malicious web users who wants to access any resource in web related application. To detect malicious attack and prevent malicious users from accessing web resources, this system uses an effective SQL Query processing based on XML Schema validation. This proposed system can be used in web application logging and security. This work also concludes effectiveness and performance of the system using the resultant data of proposed system.