Q1) When you say "allow the creator to modify the SQL statement directly", do you mean the whole SQL statement (including the FROM clause etc.), just the SELECT clause, or some subset (like the SELECT and GROUP BY clauses, but not the FROM or WHERE)?
Q2) When you say "in order to segregate data, I have to inject a where clause of my own in to the mix", how is your data segregated? I.e. all data for all users in the same view and then add "AND USER_ID = xyz" to make sure a user only sees "their" data, or something different? Q3) How many users does your system have now, how fast does that number grow, and how are they created? Where i'm heading is: do you think it would be possible to create one database user (ie one oracle user) per web app user? /t >Hello, >I've been working on a auto report generator for a bunch of views we >have in our Oracle 9i database. I have the simple builder done and >working but the problem I'm having is that once the simple sql query >is built I then allow the creator to modify the SQL statement >directly. I normally would not have a problem with this but in order >to segregate data, I have to inject a where clause of my own in to >the mix. I can't allow the users to modify the our WHERE clause or >they could gain access to all of the data, which we don't want. > >I guess what I'm asking for is a better solution or answer to >injecting a WHERE clause in to a SQL statement so that I don't have >to parse every little piece of it just to know where to put my part in. > > >I hope this makes sense I've been at this for a while. > >Thanks, >- Charles ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:224346 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
