I have tried to give client a power to query with a string parser as well, but I guess it is best to give least power to client. Still, perhaps allow full-text-search.
Otherwise, I am thinking about stateless, unbreakable server. But databases are usually not stateless.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Any good coder should never trust client input.
If you're developing an admin dashboard, querying in client-side would be OK. I like the idea.
But other than that... I cannot dare to imagine it
I have tried to give client a power to query with a string parser as well, but I guess it is best to give least power to client. Still, perhaps allow full-text-search.
Otherwise, I am thinking about stateless, unbreakable server. But databases are usually not stateless.