Skip to main content
BuyLog In
.NET Reporting Tools
Search in…
Docs > Create End-User Reporting Applications > Web Reporting > ASP.NET WebForms Reporting > End-User Report Designer > GUI > Interface Elements > Custom SQL Editor
A newer version of this page is available. .
All docs
V19.1
Reporting
Product Information
Get Started with DevExpress Reporting
Create Popular Reports
Detailed Guide to DevExpress Reporting
Visual Studio Report Designer
Create End-User Reporting Applications
Cross-Platform Reporting
WinForms Reporting
WPF Reporting
Web Reporting
General Information
ASP.NET WebForms Reporting
Print and Export
Document Viewer
End-User Report Designer
Quick Start
GUI
Interface Elements
Design Surface
Field List
Main Menu
Main Toolbar
Properties Panel
Query Builder
Report Explorer
Toolbox
Custom SQL Editor
Expression Editor
Filter Editor
Format String Editor
Master-Detail Relation Editor
Script Editor
Chart Designer
Document Preview
Wizards
API and Customization
Localization
Application Deployment
ASP.NET MVC Reporting
ASP.NET Core Reporting
JavaScript Reporting
Application Security
End-User Documentation
WCF Report Service
Discontinued Platforms
Localization
Redistribution and Deployment
Reporting in .NET Core 3 (CTP)
API Reference
ASP.NET Core API Reference
Client API Reference
Client API Reference (WebForms & MVC)
Download CHM

Custom SQL Editor

You can manually input a SQL query string in the Custom SQL Editor if custom SQL editing is enabled. You can invoke this editor from the Create a Query or Select a Stored Procedure wizard page.

The Custom SQL Editor supports syntax highlighting to enable you to write and read SQL queries more efficiently.

web-designer-custom-sql-editor

Note that the default query validation mechanism only allows custom queries containing SELECT statements (except for SELECT INTO clauses).

Important

Enabling custom SQL in your web application exposes your databases to possible SQL injections. Before enabling this option, make sure to apply a secure SQL validation that prevents execution of harmful requests. See General Security Considerations for more information.

See Also