Bird
0
0

Which of the following is the correct way to safely filter users by username using Django ORM?

easy📝 Syntax Q3 of 15
Django - Security Best Practices
Which of the following is the correct way to safely filter users by username using Django ORM?
AUser.objects.filter(f"username = '{user_input}'")
BUser.objects.raw(f"SELECT * FROM users WHERE username = '{user_input}'")
CUser.objects.filter(username=user_input)
DUser.objects.raw("SELECT * FROM users")
Step-by-Step Solution
Solution:

  1. Step 1: Identify safe ORM filtering syntax

    filter() with keyword arguments safely handles user_input.

  2. Step 2: Analyze unsafe options

    Raw queries with string interpolation risk injection; filter() with string is invalid syntax.

  3. Final Answer:

    User.objects.filter(username=user_input) -> Option C

  4. Quick Check:

    Safe filtering syntax = User.objects.filter(username=user_input) [OK]
Quick Trick: Use keyword args in filter() for safety [OK]
Common Mistakes:
MISTAKES
  • Using raw SQL with string interpolation
  • Passing raw SQL string to filter()

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Django Quizzes
Async Django - Async middleware - Quiz 12easy Caching - Cache framework configuration - Quiz 13medium Caching - Why caching matters for performance - Quiz 11easy DRF Advanced Features - Throttling for rate limiting - Quiz 14medium DRF Advanced Features - Filtering with django-filter - Quiz 11easy Deployment and Production - Gunicorn as WSGI server - Quiz 10hard Django REST Framework Basics - ModelSerializer for model-backed APIs - Quiz 8hard Django REST Framework Basics - ViewSets and routers - Quiz 5medium Django REST Framework Basics - DRF installation and setup - Quiz 15hard Testing Django Applications - Testing views with Client - Quiz 11easy