diff --git a/admin/tours_sa.php b/admin/tours_sa.php
index c3fc9c33..1a0a4afa 100644
--- a/admin/tours_sa.php
+++ b/admin/tours_sa.php
@@ -303,10 +303,7 @@ foreach ($tours as $x => $t) {
 		$stmt = $pdo->prepare("INSERT INTO tours_choice 
 				(`students_id`,`registrations_id`,
 						`tour_id`,`year`,`rank`)
-				VALUES (
-				'?', '?', 
-				'?', '?',
-				'0')");
+				VALUES (?,?,?,?,0)");
 		$stmt->execute([$sid,$s['registrations_id'],$t['id'],$config['FAIRYEAR']]);
 	}
 }
diff --git a/admin/translations.php b/admin/translations.php
index d0f74b71..7add4c5d 100644
--- a/admin/translations.php
+++ b/admin/translations.php
@@ -114,8 +114,8 @@ if ($show == 'missing')
 else
     $showquery = '';
 
-$q = $pdo->prepare("SELECT * FROM translations WHERE lang=? ? ORDER BY str");
-$q->execute([get_value_from_array($_SESSION, 'translang'),$showquery]);
+$q = $pdo->prepare("SELECT * FROM translations WHERE lang=? $showquery ORDER BY str");
+$q->execute([get_value_from_array($_SESSION, 'translang')]);
 $num = $q->rowCount();
 echo i18n('Showing %1 translation strings', array($num), array('number of strings'));
 
diff --git a/config_editor.inc.php b/config_editor.inc.php
index 898fc400..f5087022 100644
--- a/config_editor.inc.php
+++ b/config_editor.inc.php
@@ -123,16 +123,7 @@ function config_update_variables($fairyear = NULL, $lastfairyear = NULL)
 
 		$v = $r2->fetch(PDO::FETCH_ASSOC);
 
-		$r3 = $pdo->prepare('INSERT INTO config (var,val,category,type,type_values,ord,description,year) VALUES (
-			?,
-			?,
-			?,
-			?,
-			?,
-			?,
-			?,
-			?)');
-
+		$r3 = $pdo->prepare('INSERT INTO config (var,val,category,type,type_values,ord,description,year) VALUES (?,?,?,?,?,?,?,?)');
 		$r3->execute([$pdo->quote($v['var']),$pdo->quote($v['val']),$pdo->quote($v['category']),$pdo->quote($v['type']),$pdo->quote($v['type_values']),$pdo->quote($v['ord']),$pdo->quote($v['description']),$fairyear]);
 		show_pdo_errors_if_any($pdo);
 	}
diff --git a/db/db.update.118.php b/db/db.update.118.php
index e652b8f4..66c616bf 100644
--- a/db/db.update.118.php
+++ b/db/db.update.118.php
@@ -58,7 +58,7 @@ function db_update_118_post()
 				$password .= $available[rand(0, $availlen)];
 
 			// set passwordset to 0000-00-00 to force it to expire on next login
-			$sql = 'INSERT INTO users (`types`,`username`,`created`,`password`,`passwordset`,`' . implode('`,`','?') . '`,`year`) VALUES (';
+			$sql = 'INSERT INTO users (`types`,`username`,`created`,`password`,`passwordset`,`' . implode('`,`,?') . '`,`year`) VALUES (';
 			$sql .= "'sponsor',?,NOW(),?,'0000-00-00'";
 			foreach ($userfields AS $f) {
 				$sql .= ",'" . $r->$f . "'";