Checked the remaining code. Didn't find possibilities for SQL injections anymore.