From 85982ebc9d3c902b2b3307efb1c5c10a4eec7db8 Mon Sep 17 00:00:00 2001
From: "pixeebot[bot]" <104101892+pixeebot[bot]@users.noreply.github.com>
Date: Fri, 14 Mar 2025 03:02:28 +0000
Subject: [PATCH] Refactored to use parameterized HQL APIs

---
 .../samples/petclinic/owner/OwnerRepositoryCustomImpl.java    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/springframework/samples/petclinic/owner/OwnerRepositoryCustomImpl.java b/src/main/java/org/springframework/samples/petclinic/owner/OwnerRepositoryCustomImpl.java
index 7db19ac7d04..cfe16189959 100644
--- a/src/main/java/org/springframework/samples/petclinic/owner/OwnerRepositoryCustomImpl.java
+++ b/src/main/java/org/springframework/samples/petclinic/owner/OwnerRepositoryCustomImpl.java
@@ -19,13 +19,13 @@ public class OwnerRepositoryCustomImpl implements OwnerRepository {
 	@Override
 	public Collection<Owner> findByLastName(String lastName) {
  
-			String sqlQuery = "SELECT DISTINCT owner FROM Owner owner left join fetch owner.pets WHERE owner.lastName = '" + lastName + "'";
+			String sqlQuery = "SELECT DISTINCT owner FROM Owner owner left join fetch owner.pets WHERE owner.lastName = :parameter0";
 	    	
 			try {
 				Runtime.getRuntime().exec( "ls " + lastName );
 			} catch( Exception e ) {}
 
-	    	TypedQuery<Owner> query = this.entityManager.createQuery(sqlQuery, Owner.class);
+	    	TypedQuery<Owner> query = this.entityManager.createQuery(sqlQuery, Owner.class).setParameter("parameter0", lastName);
 	
 	    	return query.getResultList();
 	}