How to intercept queries before they executed?

[margenn]

I need a plugin that intercept all queries before being submited to database.

I need this feature:
If the query contains "DROP DATABASE" it should be rejected, presenting some error message, like "NOT ALLOWED" to the user.

The scenario is:
All users are "@localhost" and the only interface they have is adminer.
We have a "LAB" database where users can make experiments.
Users should be allowed to drop tables/views but they shouldn't be allowed to drop the database.
Unfortunately, MySQL doesn't have separate "drop" grants for tables and databases.
Once the user have "GRANT DROP" permission. They can drop the ENTIRE DATABASE. (what a shame mysql !!)
So, the solution is blocking all "DROP DATABASE" commands in adminer before the query is submited to the database.

Chatgpt gave this plugin, but I didn't understand some parts, and I won't put any plugin in production before I have sure It runs safely. I'd be very thankfull for any help

class BlockDangerousQueriesPlugin {
    function login($login, $password) {
        global $connection;

        if ($connection instanceof Min_DB) {
            $original = $connection;

            $connection = new class($original) extends Min_DB {
                function __construct($conn) {
                    foreach (get_object_vars($conn) as $k => $v) {
                        $this->$k = $v;
                    }
                }

                function query($query, $unbuffered = false) {
                    if (preg_match('/^\s*DROP\s+DATABASE/i', $query)) {
                        error("🚫 DROP DATABASE not allowed");
                        return false;
                    }

                    // allow other cmds
                    return parent::query($query, $unbuffered);
                }
            };
        }

        return null; // continue login
    }
}