diff --git a/content/rallysystem.php b/content/rallysystem.php
index 5eef6a3bca9e78480263d6691a14805a97f5d041..f446fdd411993ffd4e4ab23ebfd0ef06a7bfb149 100644
--- a/content/rallysystem.php
+++ b/content/rallysystem.php
@@ -101,13 +101,17 @@ if (in_array($_SESSION['uid'], $gesperrt)) {
 }
 
 if ($_SESSION['login'] == 'true') {
-    $sql = sql::$db->query("SELECT punkte FROM "._VMS_."_rallyuser WHERE uid=" . $_SESSION['uid'] . " and  rally = '" . $rallyname . "' LIMIT 1");
+    $sql = sql::$db->prepare("SELECT punkte FROM "._VMS_."_rallyuser WHERE uid=:session_uid AND rally = :rallyname LIMIT 1");
+    $sql -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_INT);
+    $sql -> bindParam(':rallyname', $rallyname, PDO::PARAM_STR);
+    $sql -> execute();
+
     $rallystand = $sql->fetch();
     echo'<h2><font color="#010101">Du hast in der ' . $rallyname . '-Rally bereits ' . number_format($rallystand['punkte'], 0, ",", ".") . ' ' . $rally['ende_formulierung'] . '. (Danke)</font></h2><br>';
 }
 
 if ($rally['ende_art'] == 'punkt') {
-    echo'Diese ' . $rallyname . '-Rally endet soball alle gemeinsam ' . $rally['ende_punkte'] . ' ' . $rally['ende_formulierung'] . ' haben.<br> ';
+    echo'Diese ' . $rallyname . '-Rally endet sobald alle gemeinsam ' . $rally['ende_punkte'] . ' ' . $rally['ende_formulierung'] . ' haben.<br> ';
 } elseif ($rally['ende_fortschritt'] == 'datum') {
     echo'Diese ' . $rallyname . '-Rally endet am ' . date('j F Y  G:i', $rally['ende_zeit']) . '<br>';
 } else {
@@ -143,7 +147,10 @@ echo '
 </thead>
 <tbody>';
 
-$platz = sql::$db->query ('SELECT k.punkte,u.nickname,u.uid FROM '._VMS_.'_rallyuser k LEFT JOIN '._VMS_.'_userdaten u ON u.uid = k.uid WHERE k.rally = "' . $rallyname . '" AND k.ausgezahlt = "0" ORDER BY k.punkte DESC');
+$platz = sql::$db->prepare('SELECT k.punkte,u.nickname,u.uid FROM '._VMS_.'_rallyuser k LEFT JOIN '._VMS_.'_userdaten u ON u.uid = k.uid WHERE k.rally = :rallyname AND k.ausgezahlt = "0" ORDER BY k.punkte DESC');
+$platz -> bindParam(':rallyname', $rallyname, PDO::PARAM_STR);
+$platz -> execute();
+
 $rp = 1;
 $gesperrt = explode(',', $rally['sperruser']);
 while ($pa = $platz->fetch() ) {