- String query = "from PolicyVersion where POLICY_NAME like'" +scopeName+"%'";
- String scopeNamequery = "from PolicyEditorScopes where SCOPENAME like'" +scopeName+"%'";
- List<Object> activePolicies = controller.getDataByQuery(query);
- List<Object> scopesList = controller.getDataByQuery(scopeNamequery);
+ String query = "from PolicyVersion where POLICY_NAME like :scopeName";
+ String scopeNamequery = "from PolicyEditorScopes where SCOPENAME like :scopeName";
+ SimpleBindings pvParams = new SimpleBindings();
+ pvParams.put("scopeName", scopeName + "%");
+ List<Object> activePolicies = controller.getDataByQuery(query, pvParams);
+ List<Object> scopesList = controller.getDataByQuery(scopeNamequery, pvParams);