SQL injection detection (Score 1)

I've thought about such a tool for detecting SQL injection. Essentially, you have a whitelist of SELECT statement "diagrams" stored somewhere. Before running a query, you generate a diagram of the current statement and check it against the diagram.

Of course a better investment would be to write your code the right way first...