diff --git a/src/controllers/UserController.ts b/src/controllers/UserController.ts index 2120dcff..4902ce0f 100644 --- a/src/controllers/UserController.ts +++ b/src/controllers/UserController.ts @@ -580,18 +580,27 @@ export class KeycloakController extends Controller { new Brackets((qb) => { qb.orWhere( body.keyword != null && body.keyword != "" - ? `profile.citizenId like '%${body.keyword}%'` + ? `profile.citizenId LIKE :keyword` : "1=1", + { + keyword: `%${body.keyword}%`, + } ) .orWhere( body.keyword != null && body.keyword != "" - ? `profile.email like '%${body.keyword}%'` + ? `profile.email LIKE :keyword` : "1=1", + { + keyword: `%${body.keyword}%`, + } ) .orWhere( body.keyword != null && body.keyword != "" - ? `CONCAT(profile.prefix, profile.firstName," ",profile.lastName) like '%${body.keyword}%'` + ? `CONCAT(profile.prefix, profile.firstName," ",profile.lastName) LIKE :keyword` : "1=1", + { + keyword: `%${body.keyword}%`, + } ); }), ) @@ -625,18 +634,27 @@ export class KeycloakController extends Controller { new Brackets((qb) => { qb.orWhere( body.keyword != null && body.keyword != "" - ? `profileEmployee.citizenId like '%${body.keyword}%'` + ? `profileEmployee.citizenId LIKE :keyword` : "1=1", + { + keyword: `%${body.keyword}%`, + } ) .orWhere( body.keyword != null && body.keyword != "" - ? `profileEmployee.email like '%${body.keyword}%'` + ? `profileEmployee.email LIKE :keyword` : "1=1", + { + keyword: `%${body.keyword}%`, + } ) .orWhere( body.keyword != null && body.keyword != "" - ? `CONCAT(profileEmployee.prefix, profileEmployee.firstName," ",profileEmployee.lastName) like '%${body.keyword}%'` + ? `CONCAT(profileEmployee.prefix, profileEmployee.firstName," ",profileEmployee.lastName) LIKE :keyword` : "1=1", + { + keyword: `%${body.keyword}%`, + } ); }), )