3. Avoiding Dynamic SQL

Because SQL injection is a feature of SQL statements dynamically constructed via user inputs, it follows that designing your application to be based on static SQL reduces the chances of attack.

In this lesson, you will learn how to:

	Rewrite dynamic SQL into static SQL
	Describe situations where dynamic SQL statements are unavoidable
	List techniques to minimize SQL injection risks when using dynamic SQL

Estimated time to complete this lesson: 30 minutes