Looks cool, definitey useful in many report scenarios.
I just 1 question...
Is this approach SQL injection safe?
I did not see any issues with your specific query at first sight, but I get a little worried when I see untyped parameters being passed, or dynamic queries being generated. I did not have enough time to make a thorough analysis here, I assume you could answer that, so it is easier for me to ask than spend the time
If not, a little warning might be good to accompany the article.
Thank you.
Duray AKAR