Would the security risk for parameterized queries be much different than managing security with other forms accessing similar info?
What if, for example, parameterized queries were built using subsequent forms, the first chose the query, the second presented parameter options based on that query --where all parameters were then validated?
