Bird
0
0

A Flask app uses user input directly in a database query string without sanitizing. What is the main problem?

medium📝 Debug Q7 of 15
Flask - Security Best Practices
A Flask app uses user input directly in a database query string without sanitizing. What is the main problem?
AIt allows SQL injection attacks
BThe database will reject the query
CThe app will run slower
DThe app will automatically sanitize input
Step-by-Step Solution
Solution:

  1. Step 1: Understand unsanitized input risks

    Using raw user input in queries can let attackers insert malicious SQL commands.

  2. Step 2: Result of SQL injection

    This can lead to data theft, deletion, or unauthorized access to the database.

  3. Final Answer:

    It allows SQL injection attacks -> Option A

  4. Quick Check:

    Sanitize input to prevent SQL injection [OK]
Quick Trick: Never trust user input in database queries [OK]
Common Mistakes:
MISTAKES
  • Assuming database auto-sanitizes input
  • Confusing SQL injection with app crashes
  • Ignoring input validation

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Flask Quizzes
Deployment - CI/CD pipeline for Flask - Quiz 8hard Deployment - CI/CD pipeline for Flask - Quiz 2easy Deployment - Health check endpoints - Quiz 4medium Flask Ecosystem and Patterns - Application factory pattern deep dive - Quiz 1easy Flask Ecosystem and Patterns - Repository pattern for data access - Quiz 2easy Flask Ecosystem and Patterns - Repository pattern for data access - Quiz 5medium Middleware and Extensions - Flask-Caching for response caching - Quiz 14medium Middleware and Extensions - Flask-Compress for compression - Quiz 7medium Performance Optimization - Static file optimization - Quiz 5medium Testing Flask Applications - Testing forms and POST data - Quiz 11easy