bsale interview question

how to stop sql injection?