>
> It could be a good compromise indeed. My data could support this

approach

> reasonably well. I'll give it a try.

Hello Pepak,

Another possible approach. Have you considered using views? Your
concern seems to be for security, but in one sense allowing the user
to control arbitrary parts of your query opens you up to SQL injection
attacks.

You can create your base view that contains all of this information,
but not the other fields in the table you want to prevent your not so
knowledgable report writers from accidentally exposing. By hiding
these tables behind a view, you can control what the world can and can
not see.

When used in a query, the view is also prepared using any available
underlying table index, so you may well find it to be faster.

Adam