Probably the most effective (and in most cases easiest) guards against SQL injection and regrettably not mentioned here is parameterisation of inputs. Just google it.
If you want a more in depth overview on this check out Troy Hunts course on SQL injection on PluralSight.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.