LET OP: Deze klasse is nog niet beveiligd tegen SQL injection. Dat moet dus toegevoegd worden alvorens in gebruik te nemen. 1 %RegisteredObject 0 %Boolean 1 listSQLParams:DataIndexSQLParamList %String 1 { set JOINS = JOINS _" "_..BuildJoins(ctrTable,Kenmerk,Waarden) } else { set SQL = "SELECT DISTINCT T1.UnId FROM Prod_Kenmerk.DataIndex AS T1" set WHERE = " "_"WHERE T1.Kenmerk = "_$select(..DynamicSQL:"?",1:"'"_Kenmerk_"'")_" AND "_..BuildStatement(1,Waarden) } } set SQL = SQL _ JOINS _ WHERE quit SQL ]]> listSQLParams:DataIndexSQLParamList %List Counter:%String,Kenmerk:%String,Waarden:%List 1 %String Counter:%String,Waarden:%List 1 1 { set Statement = Statement _ " OR ( " } set Statement = Statement _ "T"_Counter_".Waarde = "_$select(..DynamicSQL:"?",1:"'"_$listget(Waarden,ctrWaarden)_"'")_"" set Statement = Statement _ " )" } quit Statement ]]>