diff --git a/index.php b/index.php
index 59cc2e8..f47c798 100644
--- a/index.php
+++ b/index.php
@@ -40,14 +40,14 @@
 	if ($x_hacks['smallbrowse'] == 1 and false) {
 		require 'mobile/index.php'; // alternate markup for mobile clients.
 	} else {
-		if($action=='markforumread' and $log) {
+		if (filter_string($_GET['action']) == 'markforumread' and $log) {
 			$sql->query("DELETE FROM forumread WHERE user=$loguserid AND forum='$forumid'");
 			$sql->query("DELETE FROM `threadsread` WHERE `uid` = '$loguserid' AND `tid` IN (SELECT `id` FROM `threads` WHERE `forum` = '$forumid')");
 			$sql->query("INSERT INTO forumread (user,forum,readdate) VALUES ($loguserid,$forumid,".ctime().')');
 			return header("Location: index.php");
 		}
 		
-		if($action=='markallforumsread' and $log) {
+		if (filter_string($_GET['action']) == 'markallforumsread' and $log) {
 			$sql->query("DELETE FROM forumread WHERE user=$loguserid");
 			$sql->query("DELETE FROM `threadsread` WHERE `uid` = '$loguserid'");
 			$sql->query("INSERT INTO forumread (user,forum,readdate) SELECT $loguserid,id,".ctime().' FROM forums');
@@ -57,6 +57,7 @@
 		$postread = readpostread($loguserid);
 
 		$users1 = $sql->query("SELECT id,name,birthday,sex,powerlevel,aka FROM users WHERE FROM_UNIXTIME(birthday,'%m-%d')='".date('m-d',ctime() + $tzoff)."' AND birthday ORDER BY name");
+		$blist	= "";
 		for ($numbd=0;$user=$sql->fetch($users1);$numbd++) {
 			if(!$numbd) $blist="<tr>$tccell2s colspan=5>Birthdays for ".date('F j',ctime() + $tzoff).': ';
 			else $blist.=', ';
@@ -67,19 +68,19 @@
 		}
 		
 		$onlinetime=ctime()-300;
-		$onusers=$sql->query("SELECT id,name,powerlevel,lastactivity,sex,minipic,aka FROM users WHERE lastactivity>$onlinetime OR lastposttime>$onlinetime ORDER BY name");
+		$onusers=$sql->query("SELECT id,name,powerlevel,lastactivity,sex,minipic,aka,birthday FROM users WHERE lastactivity>$onlinetime OR lastposttime>$onlinetime ORDER BY name");
 		$numonline=mysql_num_rows($onusers);
 
 		$numguests=$sql->resultq("SELECT count(*) FROM guests WHERE date>$onlinetime",0,0);
 		if ($numguests) $guestcount=" | <nobr>$numguests guest".($numguests>1?"s":"");
+		$onlineusersa	= array();
 		for ($numon=0; $onuser = $sql->fetch($onusers);$numon++) {
-			if($numon) { $onlineusers.=', '; }
 			
 			//$namecolor=explode("=", getnamecolor($onuser['sex'],$onuser['powerlevel']));
 			//$namecolor=$namecolor[1];
 			//$namelink="<a href=profile.php?id=$onuser[id] style='color: #$namecolor'>$onuser[name]</a>";
 
-      $namelink = getuserlink($onuser);
+			$namelink = getuserlink($onuser);
 
 			if($onuser['minipic']) {
 				$onuser['minipic']='<img width="16" height="16" src="'.str_replace('"','%22',$onuser[minipic]).'" align="absmiddle"> ';
@@ -89,11 +90,13 @@
 				$namelink="($namelink)";
 			}
 			
-			$onlineusers.="$onuser[minipic]$namelink";
+			$onlineusersa[]="$onuser[minipic]$namelink";
 		}
 
-		if($onlineusers) $onlineusers=': '.$onlineusers;
+		$onlineusers	= "";
+		if ($onlineusersa) $onlineusers = ': '. implode(", ", $onlineusersa);
 
+		$logmsg	= "";
 		if($log){
 			$headlinks.=' - <a href=index.php?action=markallforumsread>Mark all forums read</a>';
 			$header=makeheader($header1,$headlinks,$header2);
@@ -102,7 +105,7 @@
 			$logmsg = "You are logged in as $myurl.";
 		}
 
-		$lastuser = $sql->fetchq('SELECT id,name,sex,powerlevel,aka FROM users ORDER BY id DESC LIMIT 1');
+		$lastuser = $sql->fetchq('SELECT id,name,sex,powerlevel,aka,birthday FROM users ORDER BY id DESC LIMIT 1');
     $lastuserurl = getuserlink($lastuser);
 
 		$posts = $sql->fetchq('SELECT (SELECT COUNT( * ) FROM posts WHERE date>'.(ctime()-3600).') AS h, (SELECT COUNT( * ) FROM posts WHERE date>'.(ctime()-86400).') AS d');
@@ -124,7 +127,7 @@
 		// print_r($sprk);
 		$sprk = implode(",",$sprk); */
 
-		if ($_GET['oldcounter'])
+		if (filter_bool($_GET['oldcounter']))
 			$statsblip	= "$posts[d] posts during the last day, $posts[h] posts during the last hour.";
 		else {
 			$nthreads = $sql->resultq("SELECT COUNT(*) FROM `threads` WHERE `lastpostdate` > '". (ctime() - 86400) ."'");
diff --git a/lib/colors.php b/lib/colors.php
index 7762dec..b2e6f32 100644
--- a/lib/colors.php
+++ b/lib/colors.php
@@ -53,6 +53,8 @@
 
 	// $numfil='numnes';
 	$schemepre	= false;
+
+	$scheme		= filter_int($scheme);
 	if (isset($_GET['scheme']) && is_numeric($_GET['scheme'])) {
 		$scheme		= intval($_GET['scheme']);
 		$schemepre	= true;
@@ -95,12 +97,6 @@
 
 	$newpic					= $statusicons['new'];	# hack for compat
 
-	if (!$x_hacks['host'] && $_GET['test'] && $x_hacks['mmdeath'] > 0) {
-		$boardtitle	= "</a><center><table align=\"center\" cellspacing=1 style=\"border: 3px double #000; background: url('numgfx/red.gif');\"><td style=\"background: #000; padding: 8px;\" align='center'><span class='font' style='font-size: 20px;'><b>Say goodbye to Mega Mario and Rom Manic!</b></span>
-		<br><br><center class='stupiddoomtimerhack'><img src='numgfx.php?n=". $x_hacks['mmdeath'] ."&f=numdeath' height=32></center></td></table></center>";
-
-	}
-
 	if ($loguser['powerlevel'] < 3) {
 		$nmcol[0][1]	= $nmcol[0][0];
 		$nmcol[1][1]	= $nmcol[1][0];
diff --git a/lib/function.php b/lib/function.php
index 33e6aab..d476c69 100644
--- a/lib/function.php
+++ b/lib/function.php
@@ -88,7 +88,7 @@
 
 	// Just making sure.  Don't use this anymore.
 	// (This is backup code to auto update passwords from cookies.)
-	if ($_COOKIE['loguserid'] && $_COOKIE['logpassword']) {
+	if (filter_int($_COOKIE['loguserid']) && filter_string($_COOKIE['logpassword'])) {
 		$loguserid = intval($_COOKIE['loguserid']);
 
 		$passinfo = $sql->fetchq("SELECT name,password FROM `users` WHERE `id`='$loguserid'");
@@ -109,10 +109,10 @@
 		setcookie('logpassword','', time()-3600, "/", $_SERVER['SERVER_NAME'], false, true);
 		unset($passinfo);
 	}
-	$logpassword = NULL;
-	$logpwenc = NULL;
+	$logpassword = null;
+	$logpwenc = null;
 
-	if($_COOKIE['loguserid'] && $_COOKIE['logverify']) {
+	if(filter_int($_COOKIE['loguserid']) && filter_string($_COOKIE['logverify'])) {
 		$loguserid = intval($_COOKIE['loguserid']);
 		$loguser = $sql->fetchq("SELECT * FROM `users` WHERE `id`='$loguserid'");
 
@@ -127,6 +127,8 @@
 
 	}
 
+	$tzoff		= 0;
+
 	if ($loguser) {
 		$loguserid = $loguser['id'];
 		$tzoff = $loguser['timezone']*3600;
@@ -152,12 +154,13 @@
 			$loguser['powerlevel'] = max($loguser['powerlevel'], 3);
 	}
 	else {
-		$loguserid            = NULL;
-		$loguser              = NULL;
-		$loguser['viewsig']   = 1;
-		$loguser['powerlevel']= 0;
-		$loguser['signsep']   = 0;
-		$log                  = 0;
+		$loguserid				= NULL;
+		$loguser				= array();
+		$loguser['viewsig']		= 1;
+		$loguser['powerlevel']	= 0;
+		$loguser['signsep']		= 0;
+		$loguser['id']			= null;
+		$log					= 0;
 	}
 
 	if ($x_hacks['superadmin']) $loguser['powerlevel'] = 4;
@@ -170,7 +173,7 @@
 
 	$specialscheme = ""; 
 	$smallbrowsers	= array("Nintendo DS", "Android", "PSP", "Windows CE");
-	if ( (str_replace($smallbrowsers, "", $_SERVER['HTTP_USER_AGENT']) != $_SERVER['HTTP_USER_AGENT']) || $_GET['mobile'] == 1) {
+	if ( (str_replace($smallbrowsers, "", $_SERVER['HTTP_USER_AGENT']) != $_SERVER['HTTP_USER_AGENT']) || filter_int($_GET['mobile']) == 1) {
 		$loguser['layout']		= 2;
 		$loguser['viewsig']		= 0;
 		$boardtitle				= "<span style=\"font-size: 2em;\">$boardname</span>";
@@ -192,7 +195,7 @@
 	//$x_hacks['rainbownames'] = ($sql->resultq("SELECT MAX(`id`) % 100000 FROM `posts`")) <= 100;
 	$x_hacks['rainbownames'] = ($sql->resultq("SELECT `date` FROM `posts` WHERE (`id` % 100000) = 0 ORDER BY `id` DESC LIMIT 1") > ctime()-86400);
 
-	if (!$x_hacks['host'] && $_GET['namecolors']) {
+	if (!$x_hacks['host'] && filter_int($_GET['namecolors'])) {
 		//$sql->query("UPDATE `users` SET `sex` = '255' WHERE `id` = 1");
 		//$sql->query("UPDATE `users` SET `name` = 'Ninetales', `powerlevel` = '3' WHERE `id` = 24 and `powerlevel` < 3");
 		//$sql->query("UPDATE `users` SET `sex` = '9' WHERE `id` = 1");
@@ -248,6 +251,15 @@ function filter_int(&$v) {
 	}
 }
 
+function filter_bool(&$v) {
+	if (!isset($v)) {
+		return null;
+	} else {
+		$v	= (bool)$v;
+		return $v;
+	}
+}
+
 
 function filter_string(&$v) {
 	if (!isset($v)) {
diff --git a/lib/layout.php b/lib/layout.php
index 98c7f9d..09c9e35 100644
--- a/lib/layout.php
+++ b/lib/layout.php
@@ -13,14 +13,14 @@
 	// cache bad
 	header('Cache-Control: no-cache, max-age=0, must-revalidate');
 
-	$userip=$REMOTE_ADDR;
+	$userip = $_SERVER['REMOTE_ADDR'];
 	
 	if (!($clientip    = filter_var(getenv("HTTP_CLIENT_IP"),       FILTER_VALIDATE_IP))) $clientip =    "XXXXXXXXXXXXXXXXX";
 	if (!($forwardedip = filter_var(getenv("HTTP_X_FORWARDED_FOR"), FILTER_VALIDATE_IP))) $forwardedip = "XXXXXXXXXXXXXXXXX";
 //	$clientip=(getenv("HTTP_CLIENT_IP") == "" ? "XXXXXXXXXXXXXXXXX" : getenv("HTTP_CLIENT_IP"));
 //	$forwardedip=(getenv("HTTP_X_FORWARDED_FOR") == "" ? "XXXXXXXXXXXXXXXXX" : getenv("HTTP_X_FORWARDED_FOR"));
 
-	if(!$windowtitle) $windowtitle=$boardname;
+	if(!isset($windowtitle)) $windowtitle=$boardname;
 	require 'colors.php';
 	if($specialscheme) include "schemes/spec-$specialscheme.php";
 	$boardtitle	= "<a href='./'>$boardtitle</a>";
@@ -39,7 +39,7 @@
 	$smallfont='<font class="fonts">';
 	$tinyfont='<font class="fontt">';
 
-	foreach(array(1,2,c,h) as $celltype){
+	foreach(array('1','2','c','h') as $celltype){
 		$cell="<td class='tbl tdbg$celltype font";
 		$celln="tccell$celltype";
 		$$celln     =$cell." center'";
@@ -149,10 +149,10 @@
 			}
 			code br { display: none; }
 			input[type=radio] { color: black; background: white; }
-			". ($_GET['test'] ? "td:before, body:before {content: \"\\202E\";}" : "") ."
 		";
 	}
-	$numcols=(intval($numcols) ? intval($numcols) : 60);
+
+	$numcols=(filter_int($numcols) ? $numcols : 60);
 
 	if($formcss){
 		$numcols=80;
@@ -283,7 +283,7 @@
 
 	$views=$sql->resultq('SELECT views FROM misc')+1;
 	
-	if (!$ipbanned && !$torbanned && !IS_AJAX_REQUEST) {
+	if (!$ipbanned && !$torbanned && (!defined("IS_AJAX_REQUEST") || !IS_AJAX_REQUEST)) {
 		// Don't increment the view counter for bots
 		$sql->query("UPDATE misc SET views=$views");
 		
@@ -315,7 +315,7 @@
 	//updategb();
 
 	$new='&nbsp;';
-
+	$privatebox = "";
   // Note that we ignore this in private.php (obviously) and the index page (it handles PMs itself)
   // This box only shows up when a new PM is found, so it's optimized for that
 	if ($log && strpos($PHP_SELF, "private.php") == false && strpos($PHP_SELF, "index.php") == 0) {
@@ -329,7 +329,6 @@
 
 			$privatebox = "<tr><td colspan=3 class='tbl tdbg2 center fonts'>$newpic <a href=private.php>You have $numnew new private message$ssss</a> -- $lastmsg</td></tr>";
 		}
-		else $privatebox = "";
 	}
 
 	$jscripts = '';
@@ -367,15 +366,19 @@
 	// :shepicide:
 	$body="<body>";
 
+	if (!isset($meta)) {
+		$meta	= array();
+	}
+
   $metatag = '';
 
-	if ($meta['noindex'])
+	if (filter_bool($meta['noindex']))
 		$metatag .= "<meta name=\"robots\" content=\"noindex,follow\" />";
 
-	if ($meta['description'])
+	if (filter_bool($meta['description']))
 		$metatag .= "<meta name=\"description\" content=\"{$meta[description]}\" />";
 
-	if ($x_hacks['smallbrowse'] == 1 and false) {
+	if (filter_bool($x_hacks['smallbrowse']) and false) {
 		$css = "";
 		$css = "<link rel='stylesheet' href='/mobile.css'>";
 	}
@@ -417,7 +420,7 @@
 		return $header;
 	}
 
-	$ref=$HTTP_REFERER;
+	$ref=filter_string($_SERVER['HTTP_REFERER']);
 	$url=getenv('SCRIPT_URL');
 	
 	if(!$url) $url=str_replace('/etc/board','',getenv('SCRIPT_NAME'));
@@ -523,7 +526,7 @@ pageTracker._trackPageview();
 <br>
 	$smallfont
 	<br><br><a href=$siteurl>$sitename</a>
-	<br>$affiliatelinks	
+	<br>". filter_string($affiliatelinks) ."
 	<br>
 	<table cellpadding=0 border=0 cellspacing=2><tr>
 		<td>