Right now we're constructing the full query string, it'd be nicer to use parameters.
Right now we're constructing the full query string, it'd be nicer to use parameters.