Apply the wildcards to the parameter, not the SQL:
cursor.execute("SELECT * FROM posts WHERE tags LIKE ?", (f'%{tag}%',))
The ?
SQL parameter interpolation adds quoting for you, so your query ends up as '%'value'%'
, which is not valid SQL.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…