Index: /trunk/EventBenchConsole/src/de/ugoe/cs/eventbench/web/WeblogParser.java
===================================================================
--- /trunk/EventBenchConsole/src/de/ugoe/cs/eventbench/web/WeblogParser.java	(revision 409)
+++ /trunk/EventBenchConsole/src/de/ugoe/cs/eventbench/web/WeblogParser.java	(revision 410)
@@ -297,5 +297,5 @@
 					String path = uri.getPath();
 					List<String> getVars = extractGetVarsFromUri(uri);
-
+					
 					WebEvent event = new WebEvent(url, path, timestamp,
 							postedVars, getVars);
@@ -446,6 +446,10 @@
 	 *            URI that is parsed
 	 * @return a list with all GET variables
-	 */
-	private List<String> extractGetVarsFromUri(URI uri) {
+	 * @throws URISyntaxException
+	 *             thrown if one of the variables seems to indicate that the
+	 *             request is a malicious attack on the web application
+	 */
+	private List<String> extractGetVarsFromUri(URI uri)
+			throws URISyntaxException {
 		List<String> getVars = new ArrayList<String>();
 		String query = uri.getQuery();
@@ -455,4 +459,7 @@
 				String[] paramSplit = paramPair.split("=");
 				if (!isBrokenVariable(paramSplit[0])) {
+					for (int i = 1; i < paramSplit.length; i++) {
+						checkForAttack(paramSplit[i]);
+					}
 					getVars.add(paramSplit[0]);
 				}
@@ -473,6 +480,18 @@
 	 */
 	private boolean isBrokenVariable(String var) {
-		// TODO improve filtering of broken variables
 		return var.contains("and");
 	}
+
+	/**
+	 * <p>
+	 * Checks if the variable name send with a request seems like an attack on the server.
+	 * </p>
+	 * @param value
+	 * @throws URISyntaxException
+	 */
+	private void checkForAttack(String value) throws URISyntaxException {
+		if (value.contains("UNION+") || value.contains("SELECT+")) {
+			throw new URISyntaxException(value, "possible injection attack");
+		}
+	}
 }