Books, articles, and forum examples are chock full of extremely insecure practices. Add comments warning about bad practices and point the readers to where they can find good examples to work from.

I'm a regular participant on http://www.asp.net and a huge percentage of the programmers who ask questions (and not a few who answer them) show that they have absolutely no awareness of sql injection attacks. Not what they are, not how they work, and most certainly how not to code to avoid them.

Much of this is due to the bad security practices in the sample code they learn from.