I couldn't see any SQL Injection holes in these files. Can I see your copy of:
I'll make sure it is up to date and doesn't have any security holes in it.
Did you get information with a sample url or something that exposes the SQL Injection hole? Your files seem to have a lot of hand code. A single line of code on a single page can open a security hole, so it could just be on another page in the site.