Zend
200-550 · Question #94
200-550 Question #94: Real Exam Question with Answer & Explanation
Sign in or unlock 200-550 to reveal the answer and full explanation for question #94. The question stem and answer options stay visible for context.
Question
Is the following code vulnerable to SQL Injection ($mysqli is an instance of the MySQLi class)? $age = $mysqli->real_escape_string($_GET['age']); $name = $mysqli->real_escape_string($_GET['name']); $query = "SELECT * FROM
table WHERE name LIKE '$name' AND age = $age"; $results = $mysqli->query($query);Options
- ANo, the code is fully protected from SQL Injection.
- BYes, because the $name variable is improperly escaped.
- CYes, because the $name variable and the $age variable is improperly escaped.
- DYes, because the $age variable is improperly escaped.
- EYes, because you cannot prevent SQL Injection when using MySQLi
Unlock 200-550 to see the answer
You've previewed enough free 200-550 questions. Unlock 200-550 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.