[smokeyj]

I would bet more SQL injections occur due to lazyness than inexperience.

[adrianmsmith]

I think one would need data to confirm that.

I mean I am lazy, but not so much that I would knowingly write insecure code for my customers; I'm can't imagine that many developers are different in that respect?

[abahgat]

Plus, many database libraries make it significantly easier to write vulnerable code than it is to write secure code.