Damn the suck-o filter. You can view the tutorial here:
http://code.suck-o.com/204
Oh, i wanted to add that you can protect against most sql injection by simply filtering input through the PHP function mysql_escape_string.
Basic Website Defacement - Reloaded
Basic Website Defacement - Reloaded
¯\_(ツ)_/¯ It works on my machine...