text after id in URL (security issue?)

I'm a bit of a newbie, so I hope this isn't an already-answered
question...

A URL of the form
   http://(item)/show/25
shows the 25th "item", but I've just noticed that
   http://(item)/show/25hello
also displays this same item.

Q: is this a security concern, e.g. for SQL injection? Also, in the
spirit of decreasing the temptation of hackers, is there a way to
cause an error to be generated for such URLs, throughout a site?

IIRC, when you do a Model.find(param[:id]), the string is converted to an
int via to_i. When ruby does the conversion, it grabs the 2, then the 5 and
then sees garbage and returns a 25. If you passed a string of just letters,
the conversion would fail and you would get an exception.

Stephen Gerstacker