Question: $($A$)$ Implement a solution using defensive programming techniques to lower the risks of SQL

injection in the below code. $($B$)$ What defensive programming technique did you chose to employ and

explain why you chose it$?($Full credit only given only when discussing the software mitigation designed

for this particular injection scenario.$)($C$)$ Please include any references in a standard reference format

such as APA, MLA, Chicago, or IEEE.

$...$

Class.forName$("$com$.$mysql$.$jdbc$.$Driver"$)$;

System.out.println$("$Driver loaded"$)$;

$....$

private void showGrade$()\{$

String sid $=$ tfSSID.getText$()$;

String courseId $=$ tfCourseId.getText$()$;

try $\{$

String queryString $=$ "select firstName, mi$,"+$ "lastName, title, grade from Student,

Enrollment, Course $"+$ "where Student.sid $=\text{'}"+$ sid $+"\text{'}$ and Enrollment.courseId $"$

$+"=\text{'}"+$ courseId $+"\text{'}$ and Enrollment.courseId $=$ Course.courseId $"+$

$"$ and Enrollment.sid $=$ Student.sid";

ResultSet rset $=$ stmt$.$executeQuery$($queryString$)$;

$...\}...$

Answer:

$($A$)($B$)($C$)$