Skip to main content
BuyLog In
.NET Reporting Tools
Search in…
Docs > Reporting for Web > End-User Report Designer for Web > Interface Elements > Custom SQL Editor
All docs
V23.2
Reporting
Product Information
.NET / .NET Core Support
Get Started with DevExpress Reporting
Create Different Report Types (Walkthroughs)
Detailed Guide to DevExpress Reporting
Localize Reporting Applications
Security Considerations
Visual Studio Report Designer
VS Code Report Designer
Reporting for Desktop
Reporting for .NET MAUI
Reporting for Web
Common Features
Document Viewer for Web
End-User Report Designer for Web
Interface Elements
Design Surface
Field List
Parameter Editor
Main Menu
Main Toolbar
Properties Panel
Query Builder
Report Explorer
Toolbox
Custom SQL Editor
Expression Editor
Filter Editor
Format String Editor
Master-Detail Relation Editor
Script Editor
Chart Designer
Localization Editor
Report Design Analyzer
Document Preview
Wizards
Web UI Development Bundles that Include Reports
Reporting for Blazor
Reporting for ASP.NET Core
Reporting for Angular
Reporting for Knockout-based Applications
Reporting for React
Reporting for Vue
Reporting for ASP.NET MVC
Reporting for ASP.NET Web Forms
Version Upgrade Guide
Troubleshooting
Cloud Integration
Cross-Platform .NET App UI
Backend Web API Service / REST API for Reporting
WCF Report Service
End-User Documentation
Redistribution and Deployment
API Reference
ASP.NET Core API Reference
Blazor API Reference
Client API Reference
Client API Reference (Web Forms & MVC)
Download CHM

Custom SQL Editor

Users can type an SQL query in the Custom SQL Editor if you enable custom SQL queries. This editor is invoked from the Data Source Wizard.

The Custom SQL Editor highlights the SQL syntax to help users write and read queries.

web-designer-custom-sql-editor

The query validation mechanism only allows custom queries that contain SELECT statements (except for SELECT INTO clauses). You can also implement custom validation.

Important

Custom SQL queries in your web applications expose your databases to possible SQL injections. Make sure you use secure SQL validation to prevent the execution of harmful requests before you enable this option. See General Security Considerations for more information.

See Also