Originally Posted by guelphdad
SQL injection attacks:
result from unsanitized user input. The article below details one example of how this could be used to gain access to your data by outside users.
Here is a good one too from wikipedia that shows how nasty SQL injections can be with complete examples.
It also explains how to protect your database against such things
I find programming articles on wikipedia good enough however a mysql book is of course preferable.