使用gino提供的方法，避免构建sql字符串时出现非法查询语句

plugins/word_bank/_model.py

@@ -234,16 +234,27 @@ class WordBank(db.Model):
                 query = query.where(cls.word_scope == word_type)
                 sql_text += f" and word_scope = {word_scope}"
         # 完全匹配
-        if await query.where(((cls.word_type == 0) | (cls.word_type == 3)) & (cls.problem == problem)).gino.first():
+        if await query.where(
+            ((cls.word_type == 0) | (cls.word_type == 3)) & (cls.problem == problem)
+        ).gino.first():
             return query.where(cls.problem == problem)
         # 模糊匹配
-        if await query.where((cls.word_type == 1) & (cls.problem.contains(problem))).gino.first():
+        if await query.where(
+            (cls.word_type == 1) & (cls.problem.contains(problem))
+        ).gino.first():
             return query.where(cls.problem.contains(problem))
         # 正则匹配
         if await db.first(
-            db.text(sql_text + f" and word_type = 2 and word_scope != 999 and '{problem}' ~ problem;")
+            db.text(
+                sql_text
+                + f" and word_type = 2 and word_scope != 999 and :problem ~ problem;"
+            ),
+            problem=problem,
         ):
-            return sql_text + f" and word_type = 2 and word_scope != 999 and '{problem}' ~ problem;"
+            return (
+                sql_text
+                + f" and word_type = 2 and word_scope != 999 and '{problem}' ~ problem;"
+            )
         # if await db.first(
         #     db.text(sql_text + f" and word_type = 1 and word_scope != 999 and '{problem}' ~ problem;")
         # ):
@@ -458,4 +469,4 @@ class WordBank(db.Model):
                 )
                 problem_list.append(problem)
                 _tmp.append(q.problem)
-        return problem_list
+        return problem_list