When developing a web application that requires the interaction with a relational database, which method is the BEST for manipulating and retrieving database information while adhering to good security practices?
Build SQL queries by directly concatenating user inputs to construct dynamic queries.
Create and exclusively use stored procedures for all interactions from the web application.
Utilize a database API with prepared statements and parameterized queries.
Employ command-line tools to execute database statements from within the application code.