Check your input always! Make sure the input is not garbage and it is what is expected. Remember GIGO! See these articles:
Here is an article on securing your system from SQL injection.
The basic jist of all these articles will be that you need to verify the input prior to the data getting into the database. Once the values are into the database the SQL Server can’t do much to make sure that the data is valid. It needs to be validated before the data gets into the database. The article above on SearchSQLServer.com shows some sample .NET code on how to prevent the bad code from getting into your database.