Although a web enabled application appears to only allow letters in the comment field of a web
form, malicious user was able to carry a SQL injection attack by sending special characters
through the web comment field. Which of the following has the application programmer failed to

implement?

A.
Revision control system

B.
Client side exception handling

C.
Server side validation

D.
Server hardening