Php Objective Questions with Answers for written test exams 59

Question 59
How can the following line of code be improved?

$db->query(“insert into foo values($id,$bar)”);

A. Use addslashes and sprintf to avoid security holes and make the code

cleaner

B. Split the query over several lines

C. Use mysql_query() instead of $db->query()

D. Define the table fields that will be affected by the INSERT statement

E. Use mysql_query()instead of $db->query() and addslashes to avoid

security holes
Answers 59


Answers A, B, and D are correct. First of all, you need to ensure that the query is

secure; this is done by executing addslashes (or the equivalent function for your

DBMS of choice) to prevent scripting attacks. If your query is long, it’s not a bad

idea to split it over several lines to get a better overview of your code. Use

sprintf() where possible to make the code cleaner. Finally it’s always a good idea

to define the table fields that will be filled by an INSERT statement to prevent

unexpected errors if the table changes.

  







Disclimer: PCDS.CO.IN not responsible for any content, information, data or any feature of website. If you are using this website then its your own responsibility to understand the content of the website

--------- Tutorials ---