Dynamic SQL Best Practices (or "How to Avoid Both SQL Injection Vulnerabilities and Spaghetti Code")
Post by Timothy Leavitt