誰能告訴我應該如何更改查詢以便將數據庫中的值與字符串進行比較

Question

所以我試圖從我的數據庫中找到一個用戶，他的名稱和密碼字段與作為參數給出的 n 和 p 字符串相同。 這是我的 findBy function：

public User findBy(String n, String p){
            try(Session session = sessionFactory.openSession()) {
                Transaction tx = null;
                try {
                    tx = session.beginTransaction();
                    User uss = new User(n,p,TipUser.ANGAJAT);
                    User us =
                            session.createQuery("from User as u where u.name = " + uss.getName() + " and u.passwd = " + uss.getPasswd(), User.class)
                                    .uniqueResult();
                    System.out.println(us + " was found!");
                    tx.commit();
    //                return us;
                } catch (RuntimeException ex) {
                    if (tx != null)
                        tx.rollback();
                }
            }
            return null;
        }

我在主要的 function 中這樣稱呼它：

public static void main(String[] args) {
        try {
            initialize();

            UserRepoORM test = new UserRepoORM();
            test.findBy("Luca","luca");
        }catch (Exception e){
            System.err.println("Exception "+e);
            e.printStackTrace();
        }finally {
            close();
        }
    }

問題是我遇到的是這個異常：

22 Apr 2021 19:16:25,995 DEBUG org.hibernate.engine.jdbc.spi.SqlExceptionHelper 126 logExceptions - could not prepare statement [select user0_.id as id1_1_, user0_.Name as name2_1_, user0_.Passwd as passwd3_1_, user0_.Tip as tip4_1_, user0_.LogIn as login5_1_ from User user0_ where user0_.Name=Luca and user0_.Passwd=luca]
org.sqlite.SQLiteException: [SQLITE_ERROR] SQL error or missing database (no such column: Luca)

Answer 1

當查詢具有某些參數時，您必須使用Query#setParameter而不是字符串連接來設置它們

Query<User> query = session.createQuery("from User as u where u.name=:name and u.passwd=:passwd", User.class);
query.setParameter("name", uss.getName());
query.setParameter("passwd", uss.getPasswd());
User user = query.uniqueResult();