What is SQL Injection, and how can we avoid them while developing database-centric web pages?

It is a security vulnerability while developing database centric web pages, where the intruder may rewrite the url request in such a way the queries the database and retrieve sensitive data.

Database providers have come up with programming model to avoid such vulnerability.

For example, with Oracle database centric web pages, you may use Oracle Bind Variables to avoud such security hole accordingly.