BuyLog In
Reporting
V 20.1
20.2 (EAP/Beta)
20.1
19.2
19.1
18.2
18.1
17.2
All docs
Docs > Web Reporting > Report Designer UI > Interface Elements > Custom SQL Editor
All docs
V20.1
20.2 (EAP/Beta)
20.1
19.2
19.1
18.2
18.1
17.2
Full-text search
Reporting
Product Information
Get Started with DevExpress Reporting
Create Popular Reports
Detailed Guide to DevExpress Reporting
Visual Studio Report Designer
WinForms Reporting
WPF Reporting
Web Reporting
General Information
Document Viewer UI
Report Designer UI
Interface Elements
Design Surface
Field List
Main Menu
Main Toolbar
Properties Panel
Query Builder
Report Explorer
Toolbox
Custom SQL Editor
Expression Editor
Filter Editor
Format String Editor
Master-Detail Relation Editor
Script Editor
Chart Designer
Localization Editor
Document Preview
Wizards
ASP.NET Web Forms Reporting
ASP.NET MVC Reporting
ASP.NET Core Reporting
JavaScript Reporting
Blazor Reporting
Client-Side API
Application Security
End-User Documentation
WCF Report Service
Discontinued Platforms
Localize Reporting Applications
Redistribution and Deployment
Reporting in .NET Core 3
API Reference
ASP.NET Core API Reference
Blazor API Reference
Client API Reference
Client API Reference (Web Forms & MVC)
Download CHM

Custom SQL Editor

Users can type an SQL query in the Custom SQL Editor if you enable custom SQL queries. This editor is invoked from the Data Source Wizard.

The Custom SQL Editor highlights the SQL syntax to help users write and read queries.

web-designer-custom-sql-editor

The query validation mechanism only allows custom queries that contain SELECT statements (except for SELECT INTO clauses). You can also implement custom validation.

IMPORTANT

Custom SQL queries in your web applications expose your databases to possible SQL injections. Make sure you use secure SQL validation to prevent the execution of harmful requests before you enable this option. See General Security Considerations for more information.

See Also