Execution of arbitrary SQL queries from the administrator's cabinet

It is possible to execute any SQL queries directly from the administrator's office. Add the sp parameter to GetLayout: 

-- in SELECT 3
...
 union
     select 'sp' type, 'RunSQL' Title, 'query' Code,'' itemID,  'fa-cube' Icon, ''
        btnText, 1 bigModal,  1 slideout,7 Ord
  

You can also place similar markup somewhere on the page: 

<a href="#" class="as-sp-link btn btn-warning btn-sm" data-type="query">Run SQL</a>

As a result, a window with the SQL editor will appear

When executing an operation (Ctrl + Shift+S): 

The result appears: 

On the left are placed up to 10 SELECT with the results. On the right, execution statistics.

If you click the arrow at the top , you will immediately go back to the editor.

In the parameters window, you can set parameters like @code= 'exception' and then use these parameters in the SQL query.

Working with hints on DB objects

The search is based on tables, stored procedures, and functions. When clicked, the found object is inserted into the SQL editor.

To search for database objects and then insert them into the editor, you must additionally write in falcon_search: 

if(@typeID=1001 and exists(select role from #roles where [role]='admin')) begin
      -- search for database objects for the sql editor-tables, stores, functions
        insert into #result
       select top 10 0,
       		  ' Table '+Table_name+'',
              '',
              '',
              getdate()
       from INFORMATION_SCHEMA.TABLES
	   WHERE TABLE_NAME LIKE '%'+@q+'%'
       order by Table_name

        insert into #result
       select top 10 0,
       		  ' SP '+name+'',
              '',
              '',
              getdate()
       from sys.procedures sp
	   where name like  '%'+@q+'%'
       order by name

        insert into #result
       select top 10 0,
       		  ' FN '+name+'',
              '',
              '',
              getdate()
	  	FROM sys.sql_modules m
		INNER JOIN sys.objects o ON m.object_id=o.object_id
		WHERE type_desc<>'SQL_STORED_PROCEDURE' and name like '%'+@q+'%'
       	order by name

       select * from #result
	   drop table #result
       return
    end

    
Falcon Space is a functional web development platform on a narrow stack MS SQL/Bootstrap. Falcon Space Gettting started
Note