You want to safely insert multiple user records into a database using Flask and prevent SQL injection. Which approach correctly combines parameterized queries with batch insertion?

hard📝 Application Q15 of 15

Flask - Security Best Practices

users = [("alice", 25), ("bob", 30)]
cursor.executemany(??? , users)

What should replace ????

A"INSERT INTO users (name, age) VALUES (%s, %s)"

B"INSERT INTO users (name, age) VALUES ('%s', '%s')"

C"INSERT INTO users (name, age) VALUES (?, ?)"

D"INSERT INTO users (name, age) VALUES (:name, :age)"

Step-by-Step Solution

Solution:

Step 1: Identify correct placeholder syntax for batch insert
For executemany with psycopg2 or similar, %s placeholders are used without quotes.
Step 2: Check placeholder usage in options
"INSERT INTO users (name, age) VALUES (%s, %s)" uses %s placeholders correctly; "INSERT INTO users (name, age) VALUES ('%s', '%s')" wrongly adds quotes, "INSERT INTO users (name, age) VALUES (?, ?)" uses ? (SQLite style), "INSERT INTO users (name, age) VALUES (:name, :age)" uses named placeholders which need dicts.
Final Answer:
"INSERT INTO users (name, age) VALUES (%s, %s)" -> Option A
Quick Check:
Use %s placeholders without quotes for executemany [OK]

Quick Trick: Use %s placeholders without quotes for batch inserts [OK]

Common Mistakes:

MISTAKES

Adding quotes around %s placeholders
Using ? placeholders with psycopg2
Using named placeholders without dict parameters

Master "Security Best Practices" in Flask

9 interactive learning modes - each teaches the same concept differently

Learn Why Deep Visual Try Challenge Project Recall Perf

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions

More Flask Quizzes

You want to safely insert multiple user records into a database using Flask and prevent SQL injection. Which approach correctly combines parameterized queries with batch insertion?

Step 1: Identify correct placeholder syntax for batch insert

Step 2: Check placeholder usage in options

Final Answer:

Quick Check:

Want More Practice?