From 373bbef2290440ad68dd0ed7d1ca604474db67f4 Mon Sep 17 00:00:00 2001 From: Mobb autofixer Date: Tue, 30 Apr 2024 17:41:47 +0000 Subject: [PATCH 1/2] mobb fix commit: 9f9b099c-3c93-4055-aa7f-c7d2144deeef --- src/main/java/com/appsecco/dvja/services/UserService.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/appsecco/dvja/services/UserService.java b/src/main/java/com/appsecco/dvja/services/UserService.java index d629da9..09376a4 100644 --- a/src/main/java/com/appsecco/dvja/services/UserService.java +++ b/src/main/java/com/appsecco/dvja/services/UserService.java @@ -72,7 +72,8 @@ public User findByLogin(String login) { } public User findByLoginUnsafe(String login) { - Query query = entityManager.createQuery("SELECT u FROM User u WHERE u.login = '" + login + "'"); + Query query = entityManager.createQuery("SELECT u FROM User u WHERE u.login = :login"); + query.setParameter("login", login); List resultList = query.getResultList(); if(resultList.size() > 0) From cecda60542045404dfa8ed03141194eab87187e1 Mon Sep 17 00:00:00 2001 From: Mobb autofixer Date: Tue, 30 Apr 2024 17:41:48 +0000 Subject: [PATCH 2/2] mobb fix commit: c96bff6d-9de3-4fc5-af16-58fe5c78c9ea --- src/main/java/com/appsecco/dvja/services/ProductService.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/appsecco/dvja/services/ProductService.java b/src/main/java/com/appsecco/dvja/services/ProductService.java index 8d1af61..49d926e 100644 --- a/src/main/java/com/appsecco/dvja/services/ProductService.java +++ b/src/main/java/com/appsecco/dvja/services/ProductService.java @@ -45,7 +45,8 @@ public List findAll() { } public List findContainingName(String name) { - Query query = entityManager.createQuery("SELECT p FROM Product p WHERE p.name LIKE '%" + name + "%'"); + Query query = entityManager.createQuery("SELECT p FROM Product p WHERE p.name LIKE :name"); + query.setParameter("name", "%" + name + "%"); List resultList = query.getResultList(); return resultList;