diff --git a/admin/award_awardcreatedivisional.php b/admin/award_awardcreatedivisional.php
index 7810d166..4e5faf60 100644
--- a/admin/award_awardcreatedivisional.php
+++ b/admin/award_awardcreatedivisional.php
@@ -109,15 +109,11 @@ if ($r->num) {
 
 			echo i18n('Creating %1 - %2', array($c_category, $d_division)) . '<br />';
 
-			$q = $pdo->prepare("INSERT INTO award_awards (sponsors_id,award_types_id,name,criteria,`order`,year) VALUES (
-						?,
-						'1',
-						?-?,
-						?,
-						?,
-						?
-					)");
-			$q->execute([$_GET['sponsors_id'],$c_category,$d_division,i18n('Best %1 projects in the %2 division', array($c_category, $d_division)),$ord, $config['FAIRYEAR']]);
+			$q = $pdo->prepare("INSERT INTO award_awards (sponsors_id, award_types_id, name, criteria, `order`, year) 
+                    VALUES (?, '1', ?, ?, ?, ?)");
+			$q->execute([$_GET['sponsors_id'], i18n('Best %1 projects in the %2 division', [$c_category, $d_division]), 
+            		 $c_category, $ord, $config['FAIRYEAR']]);
+
 			show_pdo_errors_if_any($pdo);
 			$award_awards_id = $pdo->lastInsertId();
 
diff --git a/admin/communication.php b/admin/communication.php
index f4d9e77a..51d56c35 100644
--- a/admin/communication.php
+++ b/admin/communication.php
@@ -668,8 +668,8 @@ case 'dialog_sender':
 
 	case 'loadaddresses':
 		if ($_GET['query'] && array_key_exists($_GET['query'], $mailqueries)) {
-			$q = $pdo->prepare('?');
-			$q->execute([$mailqueries[$_GET['query']]['query']]);
+			$q = $pdo->prepare($mailqueries[$_GET['query']]['query']);
+			$q->execute();
 			while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 				if ($r->organization)
 					$s = "($r->organization) ";
diff --git a/admin/reports_acscript.php b/admin/reports_acscript.php
index f12e46e4..5ab33ea2 100644
--- a/admin/reports_acscript.php
+++ b/admin/reports_acscript.php
@@ -81,10 +81,10 @@ $q = $pdo->prepare("SELECT
 				sponsors
 			WHERE 
 					award_awards.year=?
-				AND\taward_types.year=?
-				AND\taward_awards.award_types_id=award_types.id
-				AND\taward_awards.sponsors_id=sponsors.id
-				AND\taward_awards.excludefromac='0'
+				AND award_types.year=?
+				AND award_awards.award_types_id=award_types.id
+				AND award_awards.sponsors_id=sponsors.id
+				AND award_awards.excludefromac='0',
 				?
 			ORDER BY awards_order");
 $q->execute([$foryear,$foryear,$awardtype]);
diff --git a/admin/schools.php b/admin/schools.php
index b95755b4..c537d939 100644
--- a/admin/schools.php
+++ b/admin/schools.php
@@ -154,37 +154,54 @@ if (get_value_from_array($_POST, 'save') == 'edit' || get_value_from_array($_POS
 		user_save($sh);
 	}
 
-	$exec = 'UPDATE schools SET '
-		. "school=?, "
-		. "schoollang=?, "
-		. "designate=?, "
-		. "schoollevel=?, "
-		. "school=?, "
-		. "board=?, "
-		. "district=?, "
-		. "address=?, "
-		. "city=?, "
-		. "province_code=?, "
-		. "postalcode=?, "
-		. "schoolemail=?, "
-		. "phone=?, "
-		. "fax=?, "
-		. "registration_password=?, "
-		. "projectlimit=?, "
-		. "projectlimitper=?, "
-		. "accesscode=?, "
-		. "?  ?"
-		. "atrisk=?"
-		. "WHERE id=?";
-	$stmt = $pdo->prepare($exec);
-	$stmt->execute([get_value_from_array($_POST, 'school'),get_value_from_array($_POST, 'schoollang'),get_value_from_array($_POST, 'schooldesignate'),get_value_from_array($_POST, 'schoollevel'),
-	get_value_from_array($_POST, 'school'),get_value_from_array($_POST, 'board'),get_value_from_array($_POST, 'district'),
-	get_value_from_array($_POST, 'address'),get_value_from_array($_POST, 'city'),get_value_from_array($_POST, 'province_code'),
-	get_value_from_array($_POST, 'postalcode'),get_value_from_array($_POST, 'schoolemail'),get_value_from_array($_POST, 'phone'),
-	get_value_from_array($_POST, 'fax'),get_value_from_array($_POST, 'registration_password'),get_value_from_array($_POST, 'projectlimit'),
-	get_value_from_array($_POST, 'projectlimitper'),get_value_from_array($_POST, 'accesscode'),$sciencehead_update,$principal_update,
-	$atrisk,$id]);
-	show_pdo_errors_if_any($pdo);
+	$exec = 'UPDATE schools SET 
+    school=?, 
+    schoollang=?, 
+    designate=?, 
+    schoollevel=?, 
+    board=?, 
+    district=?, 
+    address=?, 
+    city=?, 
+    province_code=?, 
+    postalcode=?, 
+    schoolemail=?, 
+    phone=?, 
+    fax=?, 
+    registration_password=?, 
+    projectlimit=?, 
+    projectlimitper=?, 
+    accesscode=?, 
+    sciencehead=?, 
+    principal=?, 
+    atrisk=? 
+    WHERE id=?';
+
+$stmt = $pdo->prepare($exec);
+$stmt->execute([
+    get_value_from_array($_POST, 'school'),
+    get_value_from_array($_POST, 'schoollang'),
+    get_value_from_array($_POST, 'designate'), // FIXED: Corrected key name
+    get_value_from_array($_POST, 'schoollevel'),
+    get_value_from_array($_POST, 'board'),
+    get_value_from_array($_POST, 'district'),
+    get_value_from_array($_POST, 'address'),
+    get_value_from_array($_POST, 'city'),
+    get_value_from_array($_POST, 'province_code'),
+    get_value_from_array($_POST, 'postalcode'),
+    get_value_from_array($_POST, 'schoolemail'),
+    get_value_from_array($_POST, 'phone'),
+    get_value_from_array($_POST, 'fax'),
+    get_value_from_array($_POST, 'registration_password'),
+    get_value_from_array($_POST, 'projectlimit'),
+    get_value_from_array($_POST, 'projectlimitper'),
+    get_value_from_array($_POST, 'accesscode'),
+    get_value_from_array($_POST, 'sciencehead'), // FIXED: Using function for consistency
+    get_value_from_array($_POST, 'principal'),
+    get_value_from_array($_POST, 'atrisk'),
+    get_value_from_array($_POST, 'id')
+]);
+
 
 	if (get_value_from_array($_POST, 'save') == 'add')
 		$notice = 'added';
diff --git a/admin/schoolsimport.php b/admin/schoolsimport.php
index 394c6055..918d4c56 100644
--- a/admin/schoolsimport.php
+++ b/admin/schoolsimport.php
@@ -87,25 +87,25 @@ if (get_value_from_array($_POST, 'action') == 'import') {
 					user_save($principal);
 				}
 				$stmt = $pdo->prepare("INSERT INTO schools (school,schoollang,schoollevel,board,district,phone,fax,address,city,province_code,postalcode,schoolemail,accesscode,registration_password,projectlimit,projectlimitper,year,principal_uid,sciencehead_uid) VALUES (
-						'?,
-						'?,
-						'?,
-						'?',
-						'?',
-						'?',
-						'?',
-						'?',
-						'?',
-						'?',
-						'?',
-						'?',
-						'?',
-						'?',
-						'?',
-						'?',
-						'?,
-						'?,
-						'?)");
+						?,
+						?,
+						?,
+						?,
+						?,
+						?,
+						?,
+						?,
+						?,
+						?,
+						?,
+						?,
+						?,
+						?,
+						?,
+						?,
+						?,
+						?,
+						?)");
 				$stmt->execute([stripslashes($row[0]),stripslashes($row[1],stripslashes($row[2]),stripslashes($row[3])),
 				stripslashes($row[4]),stripslashes($row[5]),stripslashes($row[6]),stripslashes($row[7]),stripslashes($row[8]),
 				stripslashes($row[9]),stripslashes($row[10]),stripslashes($row[14]),stripslashes($row[18]),stripslashes($row[19]),