Nice article. Everything included. 4.5/5 from me! Kudos.

@mayjune:
SQL Injection is the second mostly used method for web attacks after xss. It might be that you are looking at wrong sites or wrong stuffs.