So, users in the LAN people that must process the orders, people that must see the real-time data, have not connection to the DMZ1 database? That sure sounds like a static DB to me, and static is simple and easy to secure without any complications.
How do you handle where the LAN users must access the real-time database information to process orders, to do misc things with the data, to run custom reports (like developers) and still block complete access to the database server in DMZ1?
What makes you think that the Admin Interface using RDP from the LAN won't allow the compromised DMZ1 Dabase server to ride back into the LAN? What makes you think that the "file transfer" method won't allow a compromised file or other back into the LAN.....
Like it or not, if you want LAN systems to have real-time access to the database that also serves the web, you have exposure and you can't block it.