>Dim SQL As String = "SELECT [tipid], [rtaid], [projectname], [location], [shortdesc], [sponsor] FROM [projects] WHERE (archived = @aFilter) ORDER BY [sponsor], [projectname]" >Dim oCommand As New SqlCommand(SQL, oConn) >oCommand.Parameters.AddWithValue("aFilter", somevalue)but what do we do when we need WHERE (@acomplicatedstring) which may not involve the archived field but may or may not involve others? Is it appropriate to build the string by concatenation and not use parameters in this case? I am trying to allow the user to build a query that allows any number of variables.