Structure Query Language, Injections Attack (SQLIA) is a burning issue now a days in static applications and web applications databases. SQL Injection ignores the authentication checks and affects the confidentiality of the database. SQLIA helps the invader to get the illegal access of the whole database and operate it. Through injection attacks, malfunctioning code can be entered in a site.The existing tools and techniques like SQLRand, CANID, AMNESIA and SQL DOM mainly focus on providing access to the database only to the authenticated users. These tools do not provide complete prevention measures against the SQLIA. In this research, Intrusion Detection and Prevention Model for SQL Injection Attacks will be introduced. The proposed IDPMIA will detect the malicious queries before execution and reconstruct these malicious queries. Whenever attackers will try to inject a suspicious query, it would by immediately recognized by IDPMIA and protective actions will be taken. The proposed approach will be justified through case studies where multiple SQL Injection attacks will simulate and results will be analyzed using the proposed model and existing state of the art techniques from literature.