nerdexam
CompTIA

DS0-001 · Question #136

Which of the following code snippets would allow a SQL injection?

The correct answer is C. var name;. The question appears to be missing its actual code content - all four choices show only var name; with no distinguishing code. This is likely a formatting or copy-paste issue where the code snippets were stripped out before reaching me. To give you an accurate explanation, please

Data and Database Security

Question

Which of the following code snippets would allow a SQL injection?

Options

  • Avar name;
  • Bvar name;
  • Cvar name;
  • Dvar name;

How the community answered

(26 responses)
  • A
    12% (3)
  • B
    4% (1)
  • C
    62% (16)
  • D
    23% (6)

Explanation

The question appears to be missing its actual code content - all four choices show only var name; with no distinguishing code. This is likely a formatting or copy-paste issue where the code snippets were stripped out before reaching me.

To give you an accurate explanation, please re-paste the question with the full code for each option (A through D). SQL injection questions typically compare things like:

  • Raw string concatenation in queries (vulnerable)
  • Parameterized/prepared statements (safe)
  • ORM query builders (safe)
  • Input sanitization approaches (varies)

Share the complete snippets and I'll walk through exactly why C is correct and why the others aren't.

Topics

#SQL injection#Input validation#Code vulnerability#Parameterization

Community Discussion

No community discussion yet for this question.

Full DS0-001 Practice