SQL injections are something you have to worry about with every web application you build. As I am right now building a now website (going to be my first Ruby on Rails project) this article on unixwiz came up at just the right time: SQL Injection Attacks by Example