This is great idea, i like it very much, but i think that is impossible to cover all variants of injection...
I managed to log in using simple
password: password') OR ('1'='1
creating the following query:
SELECT * FROM user WHERE name='admin' and pwd=SHA('password') OR ('1'='1')