When reviewing the source code of a web application, you come across a function that interacts directly with the database using user-supplied input without proper sanitation. Which of the following practices is the BEST to recommend to the development team to mitigate the risk associated with this kind of vulnerability?
Encrypting user input before including it in database queries
Client-side input validation
Use parameterized queries for database access
Employ input length restrictions for all user-supplied input fields