SQL/Script Injection w/ MySQL & PHP

["Paul" <paul () mnwebhost net>]

Hello.  I'm looking for a current in-depth papers on script injection and
SQL injection specifically on a MySQL/PHP combo (version 4.x of each).  I'm
looking for advanced techniques that would get around the normal
addslashes/stripslashes for SQL injection and  converting special chars to
html entities for script injection.

I've already read the popular BlinkSQLInjection pdf.  Any other good
resources would be appreciated.  Thanks!

Paul