What do you mean by "url and sql query entry", exactly?
I meant entry of any url/sql query must not be allowed in the form fields like Text Fields,Dropdown fields etc . Its as part of the security measures for a smart pdf designed.
You would need to write a regular expression that identifies such a value and then rejects it. However, this is a very un-secure way of doing it as someone could simply disable JS and enter it anyway...
You can filter out URLs using a regular expressions for example (assuming that you actually have a protocol identifier as part of the URL - e.g. "http"). But, you will have to do this yourself, there is nothing built into Acrobat's form fields that would do that for you.
You may be able to get away with just recognizing certain SQL statements (e.g. SELECT, DROP, INSERT, ...). In general, it would be much easier to implement if you don't try to find things that could potentially be harmful, but if you try to validate correct information in your field. Don't try to see if a field contain an SQL statement, but instead validate that it contains e.g. a correct date, or a correct number, ...