Unforgivable is the example code for „PHP MySQL Insert Into“ without even mentioning the risk of SQL injections. This should be among the first things to be explained in every tutorial, article or book on „How to connect to a database with PHP and do something.“ If there is something like Worst Practices, this is one of them.

There is also code diplaying unsanitized $_GET variables, opening up all possibilities for cross-site scripting attacks. No creativity is required for exploiting sites that use code from these examples, it's the low hanging fruit :-(