Sanitization and input control
We saw that all SQL (and other) databases are inherently vulnerable to SQL injection on their own as the only thing a database does is accept instructions. Therefore, we need to act at the early stages of the data flow, before a query actually reaches our database to prevent an injection from happening.
This is where sanitization comes in. Input, coming from the outside, is cleaned up from any possible malicious element that could result in dangerous commands. You can imagine this process like introducing a compulsory shower for people before they enter a public pool—you can assume that people have a good hygiene level, but since there is no guarantee of it, it's a wise choice to make up for people who don't by leveling out the field and making everyone do it. In most cases, this might not be necessary, but it ensures that cases in which a shower may be needed are covered.
Obviously, there is no single way in which sanitization...