An interesting thread on SitePoint about SQL injection attacks. One of the points brought up is that PHP is by default virtually immune to injection attacks thanks to magic quotes (discussed here yesterday).
This is PHP immune to SQL injection attacks by Simon Willison, posted on 17th August 2002.
Next: Working on my blog
Previous: Tips for working from home
Previously hosted at http://simon.incutio.com/archive/2002/08/17/phpSqlInjectionAttacks