Whitelisting the five queries would prevent SQL injection, but also prevent it from being useful.