Zend Exam 200-710 Topic 4 Question 49 Discussion

Actual exam question for Zend's 200-710 exam

Question #: 49
Topic #: 4

What is the preferred method for preventing SQL injection?

AAlways using prepared statements for all SQL queries.

BAlways using the available database-specific escaping functionality on all variables prior to building the SQL query.

CUsing addslashes() to escape variables to be used in a query.

DUsing htmlspecialchars() and the available database-specific escaping functionality to escape variables to be used in a query.

Show Suggested Answer

Suggested Answer: B

by Matthew at Jul 05, 2023, 11:14 AM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

5 hours ago

I was about to say option C, but then I remembered that addslashes() is not actually a secure method. Gotta go with option A!

upvoted 0 times

...

1 days ago

I think the preferred method for preventing SQL injection is always using prepared statements for all SQL queries.

upvoted 0 times

...

9 days ago

I'm not sure, but I think using addslashes() to escape variables is also a valid method. It adds an extra layer of security.

upvoted 0 times

...

9 days ago

Option A is definitely the way to go! Prepared statements are the gold standard for preventing SQL injection.

upvoted 0 times

...

10 days ago

I agree with Chantay. Prepared statements are the best way to prevent SQL injection attacks.

upvoted 0 times

...

11 days ago

I think the preferred method for preventing SQL injection is always using prepared statements for all SQL queries.

upvoted 0 times

...