Application DBA, SQL, T-SQL Programming, Stored Procedures
What is the solution for implementing truly dynamic search queries? Not just a stored procedure with optional parameters, but something even more dynamic than that? Let the end-user choose the exact fields and, more importantly, the operator types to use on them, in order to get the results that they need. And how do you achieve this level of dynamic interactivity without risking SQL injection? This presentation will answer these questions and give you the solution.
Why I Want to Present This Session:
This solution was inspired by a real-world use case that I encountered a few years back, and still, find myself encountering every once in a while till this day. Especially with the data era slamming down hard upon us, it becomes imperative to be able to provide the exact search results that the user wants. This use case, therefore, is relevant to the SQL community today more than ever.