By now, I have a good understanding that angular.js is a client-side framework, which means any database communication involves sending requests to a server-side script on the server using methods like get/post (with node, php, asp.net, or other technologies)...
However, one question still remains unanswered: what is the best practice in terms of conventions and security – creating specialized pages for each query, or having a few general purpose pages that handle various queries based on parameters passed in? The latter option seems risky from a security standpoint, while the former could result in an overwhelming number of pages.
To sum up and bring this discussion back to a focal point, there seems to be a missing concept here. How should database calls be structured in an angular.js application?