Section
4.2.7
Top Level
Sub Level
General
Use interfaces that validate input before using it.
Java
In Java, use PreparedStatement() to communicate with databases instead of the Statement interface that does not validate.