##Sa_SQL=sql_statement##where sql_statement is any valid SQL statement.
There are some other requirements for doing this:
By default, the ability to execute HTML templates is disabled. If a hacker got into your Template HTML files and changed:
SELECT * FROM my_valuable_data
DELETE FROM my_valuable_data
More capabilities will be added to this type of data manipulation to further secure it and make it more powerful; but it is strongly recommended not to use it in external World Wide Web applications before these security measures are in place.