diff --git a/main.py b/main.py
index 1549519..364c707 100644
--- a/main.py
+++ b/main.py
@@ -128,7 +128,7 @@ def confirm_remove_user():
 @app.route("/removeuser", methods=['GET'])
 def remove_user():
     user_id = request.args.get("id")
-    c.execute(f"SELECT * FROM users WHERE id='{user_id}'")
+    c.execute(f"SELECT * FROM users WHERE id=?", [user_id])
     users = c.fetchall()
     if users != []:
         user_name = users[0][1]
@@ -275,7 +275,7 @@ def get_id():
     global finished
     global message
     tag_id = request.args.get("id")
-    c.execute(f"SELECT * FROM tags WHERE tagid ='{tag_id}'")
+    c.execute(f"SELECT * FROM tags WHERE tagid =?", [tag_id])
 
     tag_list = c.fetchall()
     if users.qsize() > 0: