You are reviewing a colleague's PHP code and notice they are using raw SQL statements with user input directly in the query. What potential issue does this introduce?

  • SQL Injection vulnerabilities
  • Improved query performance
  • Better code readability
  • Enhanced database compatibility
Using raw SQL statements with user input directly in the query introduces SQL Injection vulnerabilities, a major security risk.
Add your answer
Loading...

Leave a comment

Your email address will not be published. Required fields are marked *