diff --git a/lib/function.php b/lib/function.php
index 4ce857c..5696e7c 100644
--- a/lib/function.php
+++ b/lib/function.php
@@ -396,7 +396,8 @@ function generatenumbergfx($num,$minlen=0,$double=false){
 
 
 
-function dotags($msg, &$tags) {
+function dotags($msg, $user, &$tags = array()) {
+	global $sql, $dateformat, $tzoff;
 	if (is_string($tags)) {
 		$tags	= json_decode($tags, true);
 	}
@@ -446,23 +447,26 @@ function doreplace($msg, $posts, $days, $username, &$tags = null) {
 	
 	// This should probably go off of user ID but welp
 	$user			= $sql->fetchq("SELECT * FROM `users` WHERE `name` = '".addslashes($username)."'", MYSQL_BOTH, true);
+
 	$userdata		= array(
 		'id'		=> $user['id'],
 		'username'	=> $username,
 		'posts'		=> $posts,
 		'days'		=> $days,
 		'useranks'	=> $user['useranks'],
-		'exp'		=> calcexp($posts,$days),
-		'expdone'	=> $v['exp']-calclvlexp($v['level']),
-		'expnext'	=> calcexpleft($v['exp']),
-		'level'		=> calclvl($v['exp']),
-		'lvllen'	=> totallvlexp($v['level']),
+		'exp'		=> calcexp($posts,$days)
 		);
 
+	$userdata['level']		= calclvl($userdata['exp']);
+	$userdata['expdone']	= $userdata['exp'] - calclvlexp($userdata['level']);
+	$userdata['expnext']	= calcexpleft($userdata['exp']);
+	$userdata['lvllen']		= totallvlexp($userdata['level']);
+
+
 	if (!$tags) {
 		$tags	= array();
 	}
-	$msg	= dotags($msg, $tags);
+	$msg	= dotags($msg, $userdata, $tags);
 
 	return $msg;
 }
@@ -541,7 +545,7 @@ function settags($text, $tags) {
 	if (!$tags) {
 		return $text;
 	} else {
-		$text	= dotags($text, $tags);	
+		$text	= dotags($text, array(), $tags);	
 	}
 
 	return $text;
@@ -623,7 +627,7 @@ function getrank($rankset,$title,$posts,$powl){
 	if($title)
 		$rank .= $title;
 	elseif (in_array($powl, $powerranks))
-		$rank .= $powerranks[$powl];
+		$rank .= filter_string($powerranks[$powl]);
 
 	return $rank;
 }
diff --git a/lib/threadpost.php b/lib/threadpost.php
index b2aae9f..052e0ec 100644
--- a/lib/threadpost.php
+++ b/lib/threadpost.php
@@ -92,8 +92,8 @@
 			}
 		}
 
-		$post['headtext']=settags($post['headtext'],$post['tagval']);
-		$post['signtext']=settags($post['signtext'],$post['tagval']);
+		$post['headtext']=settags($post['headtext'],filter_string($post['tagval']));
+		$post['signtext']=settags($post['signtext'],filter_string($post['tagval']));
 
 		if($loguser['viewsig']==2){
 			$post['headtext']=doreplace($post['headtext'],$post['num'],($post['date']-$post['regdate'])/86400,$post['name']);