From 801bd1dfb2532eb3ab6ca0c4c71b4bdd7a067034 Mon Sep 17 00:00:00 2001
From: xnought <bertuccd@oregonstate.edu>
Date: Fri, 1 Dec 2023 12:32:25 -0800
Subject: [PATCH] fix: search uses literal string

---
 backend/src/server.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/backend/src/server.py b/backend/src/server.py
index 02c29f6a..f9f198ba 100644
--- a/backend/src/server.py
+++ b/backend/src/server.py
@@ -44,9 +44,9 @@ def search_entries(query: str):
         try:
             entries_sql = db.execute_return(
                 """SELECT name, length, mass FROM proteins
-                WHERE name ILIKE \'%{}%\'""".format(query)
+                WHERE name ILIKE %s""",
+                [f"%{query}%"],
             )
-            log.warn("log test")
             log.warn(entries_sql)
 
             # if we got a result back