From efe3f151d07179bf4c78c0dbcdf5070c331591e1 Mon Sep 17 00:00:00 2001
From: Crudelis <crudelis@gmail.com>
Date: Tue, 17 Oct 2023 21:59:00 +0900
Subject: [PATCH] =?UTF-8?q?addwithvalue=20=EC=8B=9C=EB=B2=94=20=EC=82=AC?=
 =?UTF-8?q?=EC=9A=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 HSUCO_Cargo_Garage_Operation_Program/Database.cs | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/HSUCO_Cargo_Garage_Operation_Program/Database.cs b/HSUCO_Cargo_Garage_Operation_Program/Database.cs
index 09b80b8..7e154c0 100644
--- a/HSUCO_Cargo_Garage_Operation_Program/Database.cs
+++ b/HSUCO_Cargo_Garage_Operation_Program/Database.cs
@@ -184,14 +184,16 @@ namespace HSUCO_Cargo_Garage_Operation_Program
         /// </summary>
         /// <param name="CargoVehicleNumber">화물차 번호</param>
         /// <returns>중복 여부</returns>
-        public static bool ApplicantCheckAlready(string CargoVehicleNumber)
+        public static bool ApplicantCheckAlready(string cargoVehicleNumber)
         {
             var count = 0;
-            var query = $"SELECT COUNT(*) FROM ViewApplicantList WHERE CargoVehicleNumber = '{CargoVehicleNumber}' AND RegistrationStatus={(int)ERegistrationStatus.Wait};";
+            var query = $"SELECT COUNT(*) FROM ViewApplicantList WHERE CargoVehicleNumber = '@cargoVehicleNumbe' AND RegistrationStatus=@registrationStatus;";
 
             using (var command = _sqLiteConnection.CreateCommand())
             {
                 command.CommandText = query;
+                command.Parameters.AddWithValue("@cargoVehicleNumber", cargoVehicleNumber);
+                command.Parameters.AddWithValue("@registrationStatus", (int)ERegistrationStatus.Wait);
 
                 using (var reader = command.ExecuteReader())
                 {