Working with SQL injection and cross-site scripting conditions