Beginner Web & Software Development

Q20 / 100

What is SQL injection prevention?

Correct! Well done.

Incorrect.

The correct answer is B) Using parameterized queries/prepared statements so user input is treated as data, never as executable SQL

B

Correct Answer

Using parameterized queries/prepared statements so user input is treated as data, never as executable SQL

Explanation

Parameterized queries: query = "SELECT * FROM users WHERE id = ?" with parameter ID. The DB driver escapes it. Never concatenate user input into SQL strings. ORM frameworks use parameterization by default.

Previous All Questions Next

Progress

20/100

Browse All Web & Software Development Questions

100 questions · beginner to advanced