We do have protections against SQL-injection-like malicious requests, but with the existing SQL capabilities, we knew that even if we missed something in our protections, the worst that could happen would be read-only operations, possibly from other tenants tables. If this would happen it would...
Hint: always write a SQL query to select the lookup columns from the reference data set. Never use the drop down; it selects all columns and wastes memory. If you select only the columns you actually need, chances are good that you can fit everything in memory with the full ...