well, as noted before.. if youre letting responsible users write queries, then just let them write the query, submit it to the db and return any errors or successes that may happen. No need to parse the query yourself, just use DB securty to define accessible portions
|