Test your form inputs and URL strings with sample sql injections. for example, ' or 1=1dreamhosting wrote:HOW DO I CLOSE OR FIND A SQL INJECTION I AM NEW TO SCRIPTING AND WOULD LIKE TO SECURE MY SITE CAN YOU PLEASE ASSIST MET
Make sure you write input validation in all you code forms/code that connects to your database. There are plenty of function for php etc that do this for you. The only way to really know if your still vuilnerable is to try it. If all is well you shouldn;t get any kind of SQL errors. If a user tried to enter an SQL injection in, say, a log in form, it should simply kick back invalid username and password. or if you want to have fun, scold them for trying to run malicious input on your page. This may entice them to try something else.
Google "SQL injection", and you'll find tons of info on exploiting and fixing these vulnerabilities.
