Just showed an interviewee a SQL injection for a production code sample he showed us. View the discussion thread.
