Armin Winkler 
Has successfully completed the online course Introduction
Has successfully completed the online course Intermediate (200)
Has successfully completed the online course Advanced (300)
Has successfully completed the online course Basics (100)Hi Ishant,
first off thank you very much for your feedback concerning the SQL connector, it is much appreciated.
So, to summarize the status quo and the upcoming changes regarding this topic:
As you mentioned, we have to keep in mind that possible SQL injections are a critical aspect regarding the security of the SQL connector. Therefore the decision was made that the request parameter cannot be set via a server-side business object function anymore and this change was first introduced with the release of Simplifier version 6.0. After hearing feedback from some customers concerning some applications critical to their production environment which would not work anymore after updating due to these changes, we decided to patch it and revert back the changes for version 6.0 until 6.5 will be released in the beginning of September 2021. At the same time however, we implemented two new features to mitigate the issue you’re facing while still allowing some flexibility in regard to SQL statements that are passed from server-side BOs: repeatable statements and dynamic WHERE clauses. Both of them are documented in this new knowledge base article: https://community.simplifier.io/knowledge/dynamic-where-clause-and-repeatable-statements/
We recommend to start refactoring your SQL connector calls and server-side BO functions as soon as possible as to make them work the way it is intended as soon as Simplifier 6.5 will be released and dynamic requests passed by the server-side BO will only work by utilizing the aforementioned two features. This is in order to safe time and pressure later on in the year when you decide to update your systems to the newest version. Please let us know if it should not be possible to adapt all your dynamic queries you have implemented using dynamic WHERE clauses and repeatable statements without losing functionality so we can look for a possible solution for your case.
Regarding your second question if existing applications will stop working after an update, I want to stress out that YES, this will be the case as soon as your system is running on version 6.5 and you try to execute one of these dynamic SQL connector calls that you’ve implemented. You definitely have to rework your queries but in the long term you will benefit from higher security in your applications and less possible manipulations from the client side which is of highest importance in this case.
Hope this answers your questions.
Regards,
Armin