We didn't use a direct textarea interface. But we did provide criteria based sql commands on a variety of tables. Which included joins, and other conditionals which made things even worse.
We had people running queries that ran for upwards of six hours. All the web connections/app session management stuff would time out, but the database server still churned away on the query until someone went into Oracle Enterprise Manager and killed it. This site was also internal. It was meant to cut down on the amount of independent Crystal Report apps we had to generate. In the end we went to a Microsoft reporting services product. > -----Original Message----- > From: Rob Harrington [mailto:[EMAIL PROTECTED] > Sent: Monday, September 25, 2006 2:46 PM > To: CF-Newbie > Subject: Re: Executing a user input query > > Hi Matthew, > This is an internal website just for a small group of people to use. Also, > I plan to code in protection from data manipulation. If this weren't an > internal website with a small circle of users, I would be much more > cautious. Thanks for the heads up... > > >Are you ABSOLUTELY sure you want your users this type of access to your > >data? > > > >I have worked on projects where this type of functionality has been > present. > >The results ranged from slightly annoying to, completely having to > restore > >the tables from a back up. > > > >Please remember that not many average users are adept at formulating well > >qualified SQL statements. > > > > > > > >> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Newbie/message.cfm/messageid:2101 Subscription: http://www.houseoffusion.com/groups/CF-Newbie/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.15
