diff --git a/webservice/webservice.py b/webservice/webservice.py
index 0f2d28a23e913be85089d9e9e174315d9f0f06f3..340b58abc3b61955d34ffd42eb0dad8a0ebc9c2f 100644
--- a/webservice/webservice.py
+++ b/webservice/webservice.py
@@ -48,7 +48,7 @@ async def init_job_db(config):
         c.execute("SELECT * FROM jobs")
     except Exception:  # TODO: is it sqlite3.OperationalError?
         logging.info("Creating initial job database")
-        c.execute("CREATE TABLE jobs(rid, jobid, proposal, run, status, time, det, act)") # noqa
+        c.execute("CREATE TABLE jobs(rid, jobid, proposal, run, status, time, det, act)")
     return conn
 
 
@@ -251,7 +251,7 @@ async def slurm_job_status(jobid):
 
 async def query_rid(conn, socket, rid):
     c = conn.cursor()
-    c.execute("SELECT * FROM jobs WHERE rid LIKE '{}'".format(rid))
+    c.execute("SELECT * FROM jobs WHERE rid LIKE ?", rid)
     combined = {}
     for r in c.fetchall():
         rid, jobid, proposal, run, status, time_, _ = r
@@ -340,17 +340,15 @@ async def update_job_db(config):
                 cflg, cstatus = combined.get(rid, ([], []))
                 if jobid in statii:
                     slstatus, runtime = statii[jobid]
-                    query = "UPDATE jobs SET status='{status}', time='{runtime}' WHERE jobid LIKE '{jobid}'"  # noqa
-                    c.execute(query.format(status=slstatus,
-                                           runtime=runtime,
-                                           jobid=jobid))
+                    query = "UPDATE jobs SET status=?, time=? WHERE jobid LIKE ?"
+                    c.execute(query, (slstatus, runtime, jobid))
 
                     cflg.append('R')
                     cstatus.append("{}-{}".format(slstatus, runtime))
                 else:
                     _, sltime, slstatus = await slurm_job_status(jobid)
-                    query = "UPDATE jobs SET status='{slstatus}' WHERE jobid LIKE '{jobid}'"  # noqa
-                    c.execute(query.format(jobid=jobid, slstatus=slstatus))
+                    query = "UPDATE jobs SET status=? WHERE jobid LIKE ?"
+                    c.execute(query, (jobid, slstatus))
 
                     if slstatus == 'COMPLETED':
                         cflg.append("A")
@@ -436,10 +434,11 @@ async def run_action(job_db, cmd, mode, proposal, run, rid):
             for r in rstr.split("\n"):
                 if "Submitted job:" in r:
                     _, jobid = r.split(":")
-                    c.execute(query.format(rid=rid, jobid=jobid.strip(),
-                                           proposal=proposal, run=run,
-                                           now=datetime.now().isoformat(),
-                                           det=cmd[3], act=cmd[4]))
+                    c.execute(
+                        "INSERT INTO jobs VALUES (?, ?, ?, ?, ?, ?, ?, ?)",
+                        (rid, jobid.strip(), proposal, run,
+                         datetime.now().isoformat(), cmd[3], cmd[4])
+                    )
             job_db.commit()
             logging.debug((" ".join(cmd)).replace(',', '').replace("'", ""))
             if "DARK" in cmd: