Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I want to find all Users whose email contain the string middle somewhere inside.
The following code fails – it seems JPA doesn’t recognize the ? as a parameter because its enclosed by quotation marks.
List<User> users = User.findAll("email like '%?%'", middle);
The following code works, but is open to SQL injections:
List<User> users = User.findAll("email like '%" + middle + "%'");
What would you suggest?
Try moving your string manipulation to the Java side, and keep the SQL parameter: