You (or future readers) may also wish to peruse some of the information here:

• SQL Injection
• sqlmap: automatic SQL injection tool
• SQL Injection Cheat Sheet
• SQL Injection Attacks by Example
• SQL injection - Wikipedia

Update 12/03/2010: See also bobby-tables.com: A guide to preventing SQL injection, courtesy of Anonymous Monk