How does PreparedStatement help in preventing SQL injection attacks?
- It automatically escapes special characters in the SQL query.
- It encrypts the entire SQL query.
- It relies on client-side validation.
- It uses parameterized queries.
PreparedStatement helps prevent SQL injection attacks by using parameterized queries, ensuring that user input is treated as data and not executable code.
Loading...
Related Quiz
- In servlets, what mechanism is commonly used for user authentication?
- The __________ API in Java EE is used for declarative security in web applications.
- Which method is used to get a reference to the ServletContext object?
- What is the impact of a filter throwing an unchecked exception during the execution of its doFilter method?
- How can filters dynamically modify the request and response in a servlet-based application?