Detecting SQL Injection Attacks In Umbraco

I had an Umbraco site that was being attacked by SQL injection. To find the source of the attack, I logged every URL and form submission that looked suspicious. I had the code email me when sql like commands were being used in URLs and from fields. This could probbly be written in a Razor Macro but the current implementation is in C#

 

public partial class LogActivity : System.Web.UI.UserControl
{
  protected void Page_Init(object sender, EventArgs e)
  {
    bool error;
    string path = Request.PhysicalApplicationPath + "logfiles\\siteattack.txt";

    StreamWriter log = File.AppendText(path);
    string line = Request.Url.ToString() + " " + GetForm();
    log.WriteLine(line);
    error = Notify(line);
    //would like to use the code below when I can find a regular expression that works rather than blocking ( and [ etc
    //if (error)
    //don't continue execution - this could be a SQL attack
    //Response.End();

    log.Close();
    log.Dispose();
  }

  private string GetForm()
  {
    string form = "";

    foreach (string key in Request.Form.Keys)
    {
      if (key != "__VIEWSTATE" && key != "__EVENTTARGET" && key != "__EVENTARGUMENT" && key != "__LASTFOCUS")
      form += key + "=" + Request.Form[key];
    }
    return form;
  }

  public bool Notify(string line)
  {
    bool error = false;

    if (line.ToLower().IndexOf("select") != -1 || line.ToLower().IndexOf("[") != -1 || line.ToLower().IndexOf("(") != -1 || line.ToLower().IndexOf("update") != -1 || line.ToLower().IndexOf("insert") != -1)
    {
      umbraco.library.SendMail("from_email_address", "to_email address", Request.ServerVariables["SERVER_NAME"], line, false);
      error = true;
    }
    return error;
  }
}