We start writing a test suite for our database library to keep ourselves honest, then use it to fix our SQL injection vulnerability. Tests open up easier refactoring, so we make the first of a few API improvements for usability.