Expose ASC/DESC, LIMIT, OFFSET, etc in the query API

[lngarrett]

Is your feature request related to a problem? Please describe.
When sanitizing inputs it would be helpful to be able to pass all possible things that might be user input without exposing them to the SQL interpreter. I can use parameters in WHERE, but it's not so easy to do so for ASC/DESC, LIMIT, and OFFSET. My code would be simplified if I could pass these into the API as arguments and avoid building them into my query string directly.

Describe the solution you'd like
Arguments for ASC/DESC, LIMIT, and OFFSET.

Describe alternatives you've considered
Complex SQL statements to get around this, or sanitizing inputs with express-validator.