Check your input always! Make sure the input is not garbage and it is what is expected. Remember <b>GIGO</b>! See these articles:
If you have never heard of <a href=”http://www.4guysfromrolla.com/webtech/061902-1.shtml”>4GuysFromRolla</a>… then be sure to spend some time on their site.
Here is an article on securing your system from<a href=”http://searchsqlserver.techtarget.com/tip/0,289483,sid87_gci1318837,00.html”> SQL injection</a>.
The basic jist of all these articles will be that you need to verify the input prior to the data getting into the database. Once the values are into the database the SQL Server can’t do much to make sure that the data is valid. It needs to be validated before the data gets into the database. The article above on SearchSQLServer.com shows some sample .NET code on how to prevent the bad code from getting into your database.