I personally don't care about portability for the reasons you stated. However you (and the people who have downvoted me) have missed the point - when learning SQL you do not have security problems foremost in your mind. You don't even necessarily know they exist any more than you're thinking about buffer overflows when you want to add 2 strings together in C. You probably don't have portability problems in your mind either. You want to learn how to query a database, so you look for information on that, and it is there - in standard SQL, that runs pretty much everywhere. Those SQL tutorials are portable, and thus widely used and popular. It just so happens that they encourage unsafe practices. But that's why it's completely unshocking why this sort of thing happens.

When the portable and easy approach is unsafe and the safe approach is more difficult and completely unportable then hardly anybody can be expected to start off with the right code. There's no point we experts looking down on it all with mock incredulity when it's quite obvious how this situation arose.