Potential SQL injection detected: and ( chapter_id=28)) or  (book_id=40 and ( chapter_id=28)) or  (book_id=