diff --git a/lib/function.php b/lib/function.php
index b08e838..c027fbb 100644
--- a/lib/function.php
+++ b/lib/function.php
@@ -394,83 +394,77 @@ function generatenumbergfx($num,$minlen=0,$double=false){
 	return $gfxcode;
 }
 
-function dotag($in,$str){
-	global $tagval,$v,$tzoff,$dateformat, $hacks, $sql;
-	if(stristr($str,$in)){
-		if($in=='/me ')		$out="*<b>$v[username]</b> ";
-		elseif($in=='&numposts&')	$out=$v[posts];
-		elseif($in=='&numdays&')	$out=floor($v[days]);
-		elseif($in=='&exp&')		$out=$v[exp];
-		elseif($in=='&postrank&')	$out=$sql->resultq("SELECT count(*) FROM users WHERE posts>$v[posts]",0,0)+1;
-		elseif($in=='&postrank10k&')	$out=$sql->resultq("SELECT count(*) FROM users WHERE posts+10000>$v[posts]",0,0)+1;
-		elseif($in=='&postrank20k&')	$out=$sql->resultq("SELECT count(*) FROM users WHERE posts+20000>$v[posts]",0,0)+1;
-		elseif($in=='&postrank30k&')	$out=$sql->resultq("SELECT count(*) FROM users WHERE posts+30000>$v[posts]",0,0)+1;
-		elseif($in=='&5000&')		$out=5000-$v[posts];
-		elseif($in=='&20000&')		$out=20000-$v[posts];
-		elseif($in=='&30000&')		$out=30000-$v[posts];
-		elseif($in=='&expdone&')	$out=$v[expdone];
-		elseif($in=='&expnext&')	$out=$v[expnext];
-		elseif($in=='&expdone1k&')	$out=floor($v[expdone]/1000);
-		elseif($in=='&expnext1k&')	$out=floor($v[expnext]/1000);
-		elseif($in=='&expdone10k&')	$out=floor($v[expdone]/10000);
-		elseif($in=='&expnext10k&')	$out=floor($v[expnext]/10000);
-		elseif($in=='&exppct&')		$out=sprintf('%01.1f',@(1-$v[expnext]/$v[lvllen])*100);
-		elseif($in=='&exppct2&')	$out=sprintf('%01.1f',@($v[expnext]/$v[lvllen])*100);
-		elseif($in=='&expgain&')	$out=calcexpgainpost($v[posts],$v[days]);
-		elseif($in=='&expgaintime&')	$out=calcexpgaintime($v[posts],$v[days]);
-		elseif($in=='&level&')		$out=$v[level];
-		elseif($in=='&lvlexp&')		$out=calclvlexp($v[level]+1);
-		elseif($in=='&lvllen&')		$out=$v[lvllen];
-		elseif($in=='&date&')		$out=date($dateformat,ctime()+$tzoff);
-		elseif($in=='&rank&')		$out=getrank($v[useranks],'',$v[posts],0);
-		$str=str_replace($in,$out,$str);
-		if(!stristr($tagval,$in)) $tagval.="\xB0\xBB$in"."\xAB\xB0$out";
+
+
+function dotags($msg, &$tags) {
+	if (is_string($tags)) {
+		$tags	= json_decode($tags, true);
 	}
-	return $str;
+
+	if (empty($tags)) {
+		$tags	= array(
+			'/me '			=> "*<b>". $user['username'] ."</b> ",
+			'&date&'		=> date($dateformat, ctime() + $tzoff),
+			'&numdays&'		=> floor($user['days']),
+			
+			'&numposts&'	=> $user['posts'],
+			'&rank&'		=> getrank($user['useranks'], '', $user['posts'], 0),
+			'&postrank&'	=> $sql->resultq("SELECT count(*) FROM `users` WHERE posts>$user[posts]")+1,
+			'&5000&'		=>  5000 - $user['posts'],
+			'&10000&'		=> 10000 - $user['posts'],
+			'&20000&'		=> 20000 - $user['posts'],
+			'&30000&'		=> 30000 - $user['posts'],
+			
+			'&exp&'			=> $user['exp'],
+			'&expgain&'		=> calcexpgainpost($user['posts'], $user['days']),
+			'&expgaintime&'	=> calcexpgaintime($user['posts'], $user['days']),
+
+			'&expdone&'		=> $user['expdone'],
+			'&expdone1k&'	=> floor($user['expdone'] /  1000),
+			'&expdone10k&'	=> floor($user['expdone'] / 10000),
+
+			'&expnext&'		=> $user['expnext'],
+			'&expnext1k&'	=> floor($user['expnext'] /  1000),
+			'&expnext10k&'	=> floor($user['expnext'] / 10000),
+
+			'&exppct&'		=> sprintf('%01.1f', ($user['lvllen'] ? (1 - $user['expnext'] / $user['lvllen']) : 0) * 100),
+			'&exppct2&'		=> sprintf('%01.1f', ($user['lvllen'] ? (    $user['expnext'] / $user['lvllen']) : 0) * 100),
+			
+			'&level&'		=> $user['level'],
+			'&lvlexp&'		=> calclvlexp($user['level'] + 1),
+			'&lvllen&'		=> $user['lvllen'],
+			);
+	}
+
+	$msg	= strtr($msg, $tags);
+	return $msg;
 }
-function doreplace($msg,$posts,$days,$username,$min=0){
-  global $tagval,$v,$sql;
-  $user=$sql->fetchq("SELECT * FROM users WHERE name='".addslashes($username)."'", MYSQL_BOTH, true);
-  $v[useranks]=$user[useranks];
-  $v[username]=$username;
-  $msg=dotag('/me ',$msg);
-  if(!stristr($msg,'&')) return $msg;
-  $v[posts]=$posts;
-  $v[days]=$days;
-  $v[exp]=calcexp($posts,$days);
-  $v[level]=calclvl($v[exp]);
-  $v[lvllen]=totallvlexp($v[level]);
-  $v[expdone]=$v[exp]-calclvlexp($v[level]);
-  $v[expnext]=calcexpleft($v[exp]);
-  $v[id] = $user[id];
-  $msg=dotag('&numposts&',$msg);
-  $msg=dotag('&numdays&',$msg);
-  $msg=dotag('&exp&',$msg);
-  $msg=dotag('&5000&',$msg);
-  $msg=dotag('&20000&',$msg);
-  $msg=dotag('&30000&',$msg);
-  $msg=dotag('&expdone&',$msg);
-  $msg=dotag('&expnext&',$msg);
-  $msg=dotag('&expdone1k&',$msg);
-  $msg=dotag('&expnext1k&',$msg);
-  $msg=dotag('&expdone10k&',$msg);
-  $msg=dotag('&expnext10k&',$msg);
-  $msg=dotag('&exppct&',$msg);
-  $msg=dotag('&exppct2&',$msg);
-  $msg=dotag('&expgain&',$msg);
-  $msg=dotag('&expgaintime&',$msg);
-  $msg=dotag('&level&',$msg);
-  $msg=dotag('&lvlexp&',$msg);
-  $msg=dotag('&lvllen&',$msg);
-  $msg=dotag('&date&',$msg);
-  $msg=dotag('&rank&',$msg);
-  if(!$min){
-    $msg=dotag('&postrank&',$msg);
-    $msg=dotag('&postrank10k&',$msg);
-    $msg=dotag('&postrank20k&',$msg);
-    $msg=dotag('&postrank30k&',$msg);
-  }
-  return $msg;
+
+
+function doreplace($msg, $posts, $days, $username, &$tags = null) {
+	global $tagval, $sql;
+	
+	// This should probably go off of user ID but welp
+	$user			= $sql->fetchq("SELECT * FROM `users` WHERE `name` = '".addslashes($username)."'", MYSQL_BOTH, true);
+	$userdata		= array(
+		'id'		=> $user['id'],
+		'username'	=> $username,
+		'posts'		=> $posts,
+		'days'		=> $days,
+		'useranks'	=> $user['useranks'],
+		'exp'		=> calcexp($posts,$days),
+		'expdone'	=> $v['exp']-calclvlexp($v['level']),
+		'expnext'	=> calcexpleft($v['exp']),
+		'level'		=> calclvl($v['exp']),
+		'lvllen'	=> totallvlexp($v['level']),
+		);
+
+	if (!$tags) {
+		$tags	= array();
+	}
+	$msg	= dotags($msg, $tags);
+
+	return $msg;
 }
 function doreplace2($msg, $options='0|0'){
 	// options will contain smiliesoff|htmloff
@@ -534,32 +528,20 @@ function doreplace2($msg, $options='0|0'){
 
 	return $msg;
 }
-function settags($text,$tags){
 
-	// @TODO: FIX THIS SHIT
-	return $text;
 
-	global $hacks;
-	if (filter_bool($hacks['noposts'])) {
-		$badtags	= array("&5000&", "&20000&", "&30000&", "&numposts&", );
+function settags($text, $tags) {
+
+	if (!$tags) {
+		return $text;
+	} else {
+		$text	= dotags($text, $tags);	
 	}
 
-	$p1	= 0;
-	for($i=0;$p1<strlen($tags) and $i<100;$i++){
-		$p1+=2;
-		$p2=@strpos($tags,"\xAB\xB0",$p1) or $p2=strlen($tags);
-		$tag=substr($tags,$p1,$p2-$p1);
-		$p2+=2;
-		$p1=@strpos($tags,"\xB0\xBB",$p2) or $p1=strlen($tags);
-		$val=substr($tags,$p2,$p1-$p2);
-		if ($hacks['noposts'] && in_array($tag, $badtags)) {
-			$val	= "";
-		}
-
-		$text=str_replace($tag,$val,$text);
-	}
 	return $text;
 }
+
+
 function doforumlist($id){
 	global $fonttag,$loguser,$power,$sql;
 	$forumlinks="
diff --git a/lib/threadpost.php b/lib/threadpost.php
index fc0db51..b2aae9f 100644
--- a/lib/threadpost.php
+++ b/lib/threadpost.php
@@ -79,8 +79,6 @@
 			return $post;
 		}
 
-		$post['tagval'].="\xB0\xBB";
-
 		if($loguser['viewsig']!=2){
 			if($headid=$post['headid']) {
 				// just in case
@@ -98,8 +96,8 @@
 		$post['signtext']=settags($post['signtext'],$post['tagval']);
 
 		if($loguser['viewsig']==2){
-			$post['headtext']=doreplace($post['headtext'],$post['num'],($post['date']-$post['regdate'])/86400,$post['name'],1);
-			$post['signtext']=doreplace($post['signtext'],$post['num'],($post['date']-$post['regdate'])/86400,$post['name'],1);
+			$post['headtext']=doreplace($post['headtext'],$post['num'],($post['date']-$post['regdate'])/86400,$post['name']);
+			$post['signtext']=doreplace($post['signtext'],$post['num'],($post['date']-$post['regdate'])/86400,$post['name']);
 		}
 		$post['headtext']=doreplace2($post['headtext']);
 		$post['signtext']=doreplace2($post['signtext']);
diff --git a/newreply.php b/newreply.php
index 5b64f7d..e86b786 100644
--- a/newreply.php
+++ b/newreply.php
@@ -180,7 +180,9 @@
 	$numposts=$user[posts]+ 1;
 
 	$numdays=(ctime()-$user[regdate])/86400;
-	$message=doreplace($message,$numposts,$numdays,$username);
+	$tags	= array();
+	$message=doreplace($message,$numposts,$numdays,$username, $tags);
+	$tagval	= $sql->escape(json_encode($tags));
 	$rsign=doreplace($sign,$numposts,$numdays,$username);
 	$rhead=doreplace($head,$numposts,$numdays,$username);
 	$currenttime=ctime();
diff --git a/newthread.php b/newthread.php
index b01eccd..ff8427d 100644
--- a/newthread.php
+++ b/newthread.php
@@ -200,9 +200,11 @@
 
 			$numposts = $user[posts] + 1;
 			$numdays = (ctime()-$user[regdate])/86400;
-			$msg = doreplace($msg, $numposts, $numdays, $username);
+			$tags	= array();
+			$msg = doreplace($msg, $numposts, $numdays, $username, $tags);
 			$rsign = doreplace($sign, $numposts, $numdays, $username);
 			$rhead = doreplace($head, $numposts, $numdays, $username);
+			$tagval	= $sql->escape(json_encode($tags));
 			$posticons = file('posticons.dat');
 			$posticon = $posticons[$iconid];
 			$currenttime = ctime();
diff --git a/thread.php b/thread.php
index ca2b202..b504814 100644
--- a/thread.php
+++ b/thread.php
@@ -392,7 +392,8 @@
 			$pthread = $sql->fetchq("SELECT id,title,forum FROM threads WHERE id=$post[thread]", MYSQL_BOTH, true);
 			$pforum  = $sql->fetchq("SELECT minpower FROM forums WHERE id=".intval($pthread[forum]), MYSQL_BOTH, true);
 		}
-		$post['act'] = $act[$post['user']];
+		
+		$post['act'] = filter_int($act[$post['user']]);
 
 		if (!$pforum || $pforum['minpower'] <= $power)
 			$postlist .= threadpost($post, $bg, $pthread);