The page parameters cannot be placed directly into the SQL statement to be executed, and must be filtered and checked.
