I've been trying to start a posse on Stack Overflow to stamp out the use of PHP's `mysql_query`, something that floods the MySQL tagged questions constantly. Use of this dangerous, deprecated feature is completely rampant in both questions and answers. It often shows up with zero SQL escaping, people just presume that an email address couldn't possibly have anything irregular in it.
Contests like this are a great idea to help promote safe coding practices.
Good news is, the old MySQL extension for PHP is being depreciated. Developers will have to move to MySQLi or PDO (which offer prepared statements as standard) to continue using MySQL.
Contests like this are a great idea to help promote safe coding practices.