A while back, I put up bobby-tables.com as a repository for showing people the right way to handle external data in their SQL calls. Whenever someone pops up on a mailing list or IRC and they're building SQL statements using external tainted data, you can just refer them to the site.
In the past few days, I've spiffed up the site (with design help from Jeana Clark) and added pages on Perl and PHP. I need more examples, though. It's 2010, and there's no reason anyone shouldn't know about parameterized SQL calls.
The site source is hosted on github, so if you have any contributions, please fork it and let me know about your applied changes, or you can email me directly.
P.S. In the next few days, I hope to fire up some redesign on perl101.org, too.