diff --git a/BancaDati/BancaDati.php b/BancaDati/BancaDati.php
index eb0c5ab..2021338 100644
--- a/BancaDati/BancaDati.php
+++ b/BancaDati/BancaDati.php
@@ -44,7 +44,7 @@ class BancaDati {
         $value = "";
         $column = "";
         foreach ($values as $col => $v){
-            $value .=  $v . ",";
+            $value .=  "'" . $v . "',";
             $column .= $col . ",";
         }
         $value = trim($value, ",");
@@ -70,7 +70,7 @@ class BancaDati {
     public function update(string $table, string $id, array $values){
         $value = "";
         foreach ($values as $col => $v){
-            $value .= $col . "=" . $v . ",";
+            $value .= $col . "='" . $v . "',";
         }
         $value = trim($value, ",");
 
@@ -91,7 +91,7 @@ class BancaDati {
      * @author Malte Schulze Hobeling
      */
     public function delete(string $table, string $id){
-        $sql = "DELETE FROM " . $table . " WHERE `id` = " . $id . ";";
+        $sql = "DELETE FROM " . $table . " WHERE `id` = '" . $id . "';";
         try {
             $sth = $this->pdo->prepare($sql);
             $sth->execute();
@@ -114,9 +114,9 @@ class BancaDati {
             if($whereString != ""){
                 $whereString .= " AND ";
             }
-            $whereString .= $col . " LIKE " . $v;
+            $whereString .= "`" . $col . "` = '" . $v . "'";
         }
-        $sql = "SELECT * FROM ".$table." WHERE ".$whereString;
+        $sql = "SELECT * FROM ".$table." WHERE ".$whereString.";";
         if(isset($order["by"])){
             $sql .= " ORDER BY ".$order["by"];
         }
@@ -124,6 +124,7 @@ class BancaDati {
             $sql .= $order["order"];
         }
         try {
+            var_dump($sql);
             return $this->pdo->query($sql);
         }catch (PDOException $e){
             die;