• or, "Why, for the Love of All That Is Holy, Input Validation and Sanitation Are Not Optional"
• SQL Injection
• http://demo.testfire.net/bank/login.aspx
• What is SQL?
• How SQL Injections work
• More details on how to create SQL injection attacks
• How to Prevent SQL Injection Attacks
• Cross-Site Scripting
• http://google-gruyere.appspot.com/start
• How to Prevent XSS Attacks
• XSS (Cross-Site Scripting) Prevention Cheat Sheet - OWASP