Which of the following statements are true ?
user input can be trusted as long as it is not anonymous
data protection is only done at the database level and not at the php level
well-written SQL requests protect against SQL injections
none of these statements