diff --git a/admanage.php b/admanage.php
index 563d3017..bdf0d514 100644
--- a/admanage.php
+++ b/admanage.php
@@ -68,6 +68,7 @@ function get_type_name($type)
 function print_ad_editor($position, $row = "")
 {
 	global $lang_admanage;
+	global $allowxhtmlclass;
 	switch ($position)
 	{
 		case 'header': 
@@ -136,11 +137,11 @@ tr($lang_admanage['row_type']."<font color=\"red\">*</font>", "<select name=\"ad
 <h2 align="left"><?php echo $lang_admanage['text_image']?></h2>
 <table border="1" cellspacing="0" cellpadding="10" width="100%">
 <?php
-tr($lang_admanage['row_image_url']."<font color=\"red\">*</font>", "<input type=\"text\" name=\"ad[image][url]\"".($type == 'image' ? " value=\"".$pararow['url']."\"" : "")." style=\"width: 300px\" /> ".$lang_admanage['text_image_url_note'], 1);
-tr($lang_admanage['row_image_link']."<font color=\"red\">*</font>", "<input type=\"text\" name=\"ad[image][link]\"".($type == 'image' ? " value=\"".$pararow['link']."\"" : "")." style=\"width: 300px\" /> ".$lang_admanage['text_image_link_note'], 1);
-tr($lang_admanage['row_image_width'], "<input type=\"text\" name=\"ad[image][width]\"".($type == 'image' ? " value=\"".$pararow['width']."\"" : "")." style=\"width: 100px\" /> ".$lang_admanage['text_image_width_note'], 1);
-tr($lang_admanage['row_image_height'], "<input type=\"text\" name=\"ad[image][height]\"".($type == 'image' ? " value=\"".$pararow['height']."\"" : "")." style=\"width: 100px\" /> ".$lang_admanage['text_image_height_note'], 1);
-tr($lang_admanage['row_image_tooltip'], "<input type=\"text\" name=\"ad[image][title]\"".($type == 'image' ? " value=\"".$pararow['title']."\"" : "")." style=\"width: 300px\" /> ".$lang_admanage['text_image_tooltip_note'], 1);
+tr($lang_admanage['row_image_url']."<font color=\"red\">*</font>", "<input type=\"text\" name=\"ad[image][url]\"".($type == 'image' ? " value=\"".($pararow['url'] ?? '')."\"" : "")." style=\"width: 300px\" /> ".$lang_admanage['text_image_url_note'], 1);
+tr($lang_admanage['row_image_link']."<font color=\"red\">*</font>", "<input type=\"text\" name=\"ad[image][link]\"".($type == 'image' ? " value=\"".($pararow['link'] ?? '')."\"" : "")." style=\"width: 300px\" /> ".$lang_admanage['text_image_link_note'], 1);
+tr($lang_admanage['row_image_width'], "<input type=\"text\" name=\"ad[image][width]\"".($type == 'image' ? " value=\"".($pararow['width'] ?? '')."\"" : "")." style=\"width: 100px\" /> ".$lang_admanage['text_image_width_note'], 1);
+tr($lang_admanage['row_image_height'], "<input type=\"text\" name=\"ad[image][height]\"".($type == 'image' ? " value=\"".($pararow['height'] ?? '')."\"" : "")." style=\"width: 100px\" /> ".$lang_admanage['text_image_height_note'], 1);
+tr($lang_admanage['row_image_tooltip'], "<input type=\"text\" name=\"ad[image][title]\"".($type == 'image' ? " value=\"".($pararow['title'] ?? '')."\"" : "")." style=\"width: 300px\" /> ".$lang_admanage['text_image_tooltip_note'], 1);
 ?>
 </table>
 </div>
@@ -187,7 +188,7 @@ tr($lang_admanage['row_flash_height']."<font color=\"red\">*</font>", "<input ty
 <?php
 }
 
-$action = $_GET['action'];
+$action = $_GET['action'] ?? '';
 if ($action == 'del')
 {
 	$id = intval($_GET['id'] ?? 0);
@@ -380,7 +381,7 @@ begin_main_frame();
 		print("<p align=\"center\">".$lang_admanage['text_no_ads_yet']."</p>");
 	else{
 		list($pagertop, $pagerbottom, $limit) = pager($perpage, $num, "?");
-		$res = sql_query("SELECT * FROM advertisements ORDER BY id DESC ".(int)$limit) or sqlerr(__FILE__, __LINE__);
+		$res = sql_query("SELECT * FROM advertisements ORDER BY id DESC ".$limit) or sqlerr(__FILE__, __LINE__);
 ?>
 <table border="1" cellspacing="0" cellpadding="5" width="940">
 <tr>
diff --git a/allowedemails.php b/allowedemails.php
index ac62a508..ffbdb388 100644
--- a/allowedemails.php
+++ b/allowedemails.php
@@ -18,14 +18,14 @@ if ($action == 'showlist') {
 <form method=post action=allowedemails.php>
 <input type=hidden name=action value=savelist>
 <tr><td>Enter a list of allowed email addresses (separated by spaces):<br />To allow a specific address enter "email@domain.com", to allow an entire domain enter "@domain.com"</td>
-<td><textarea name="value" rows="5" cols="40"><?php echo $list[value]?></textarea>
+<td><textarea name="value" rows="5" cols="40"><?php echo $list['value']?></textarea>
 <input type=submit value="save"></form></td>
 </tr></table>
 <?php
 stdfoot () ;
 }elseif ($action == 'savelist') {
 	stdhead ("Save List");
-	$value = trim ( htmlspecialchars ( $_POST[value] ) ) ;
+	$value = trim ( htmlspecialchars ( $_POST['value'] ) ) ;
 	sql_query("UPDATE allowedemails SET value = ".sqlesc($value)) or sqlerr(__FILE__, __LINE__);
 	Print ("Saved.");
 	stdfoot () ;
diff --git a/amountupload.php b/amountupload.php
index c0b06f7c..3d126282 100644
--- a/amountupload.php
+++ b/amountupload.php
@@ -12,7 +12,7 @@ stdhead("Add Upload", false);
 <form method=post action=takeamountupload.php>
 <?php
 
-if ($_GET["returnto"] || $_SERVER["HTTP_REFERER"])
+if (isset($_GET["returnto"]) || $_SERVER["HTTP_REFERER"])
 {
 ?>
 <input type=hidden name=returnto value="<?php echo htmlspecialchars($_GET["returnto"]) ? htmlspecialchars($_GET["returnto"]) : htmlspecialchars($_SERVER["HTTP_REFERER"])?>">
@@ -21,7 +21,7 @@ if ($_GET["returnto"] || $_SERVER["HTTP_REFERER"])
 ?>
 <table cellspacing=0 cellpadding=5>
 <?php
-if ($_GET["sent"] == 1) {
+if (isset($_GET["sent"]) && $_GET["sent"] == 1) {
 ?>
 <tr><td colspan=2 class="text" align="center"><font color=red><b>Upload amount has been added and inform message has been sent.</font></b></tr></td>
 <?php
@@ -108,7 +108,7 @@ if ($_GET["sent"] == 1) {
   </td>
 </tr>
 <tr><td class="rowhead" valign="top">Subject </td><td class="rowfollow"><input type=text name=subject size=82></td></tr>
-<tr><td class="rowhead" valign="top">Reason </td><td class="rowfollow"><textarea name=msg cols=80 rows=5><?php echo $body?></textarea></td></tr>
+<tr><td class="rowhead" valign="top">Reason </td><td class="rowfollow"><textarea name=msg cols=80 rows=5><?php echo $body ?? ''?></textarea></td></tr>
 <tr>
 <td class="rowfollow" colspan=2><div align="center"><b>Operator:&nbsp;&nbsp;</b>
 <?php echo $CURUSER['username']?>
@@ -118,7 +118,7 @@ if ($_GET["sent"] == 1) {
 </div></td></tr>
 <tr><td class="rowfollow" colspan=2 align=center><input type=submit value="Do It!" class=btn></td></tr>
 </table>
-<input type=hidden name=receiver value=<?php echo $receiver?>>
+<input type=hidden name=receiver value=<?php echo $receiver ?? ''?>>
 </form>
 
  </div></td></tr></table>
diff --git a/bannedemails.php b/bannedemails.php
index 0fe2e83a..084e3583 100644
--- a/bannedemails.php
+++ b/bannedemails.php
@@ -16,14 +16,14 @@ if ($action == 'showlist') {
 <form method=post action=bannedemails.php>
 <input type=hidden name=action value=savelist>
 <tr><td>Enter a list of banned email addresses (separated by spaces):<br />To ban a specific address enter "email@domain.com", to ban an entire domain enter "@domain.com"</td>
-<td><textarea name="value" rows="5" cols="40"><?php echo $list[value]?></textarea>
+<td><textarea name="value" rows="5" cols="40"><?php echo $list['value']?></textarea>
 <input type=submit value="save"></form></td>
 </tr></table>
 <?php
 stdfoot () ;
 }elseif ($action == 'savelist') {
 	stdhead (VERSION." - Save List");
-	$value = trim ( htmlspecialchars ( $_POST[value] ) ) ;
+	$value = trim ( htmlspecialchars ( $_POST['value'] ?? '' ) ) ;
 	sql_query("UPDATE bannedemails SET value = ".sqlesc($value)) or sqlerr(__FILE__, __LINE__);
 	Print ("Saved.");
 	stdfoot () ;
diff --git a/bans.php b/bans.php
index 9cab649b..23db38ad 100644
--- a/bans.php
+++ b/bans.php
@@ -5,11 +5,11 @@ loggedinorreturn();
 if (get_user_class() < UC_ADMINISTRATOR)
 stderr("Sorry", "Access denied.");
 
-$remove = (int)$_GET['remove'];
+$remove = intval($_GET['remove'] ?? 0);
 if (is_valid_id($remove))
 {
   sql_query("DELETE FROM bans WHERE id=".mysql_real_escape_string($remove)) or sqlerr();
-  write_log("Ban ".htmlspecialchars($remove)." was removed by $CURUSER[id] ($CURUSER[username])",'mod');
+  write_log("Ban ".htmlspecialchars($remove)." was removed by {$CURUSER['id']} ($CURUSER[username])",'mod');
 }
 
 if ($_SERVER["REQUEST_METHOD"] == "POST" && get_user_class() >= UC_ADMINISTRATOR)
@@ -25,8 +25,8 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && get_user_class() >= UC_ADMINISTRATOR
 		stderr("Error", "Bad IP address.");
 	$comment = sqlesc($comment);
 	$added = sqlesc(date("Y-m-d H:i:s"));
-	sql_query("INSERT INTO bans (added, addedby, first, last, comment) VALUES($added, ".mysql_real_escape_string($CURUSER[id]).", $firstlong, $lastlong, $comment)") or sqlerr(__FILE__, __LINE__);
-	header("Location: $_SERVER[REQUEST_URI]");
+	sql_query("INSERT INTO bans (added, addedby, first, last, comment) VALUES($added, ".mysql_real_escape_string($CURUSER['id']).", $firstlong, $lastlong, $comment)") or sqlerr(__FILE__, __LINE__);
+	header("Location: {$_SERVER['REQUEST_URI']}");
 	die;
 }
 
@@ -48,8 +48,8 @@ else
 
   while ($arr = mysql_fetch_assoc($res))
   {
- 	  print("<tr><td>".gettime($arr[added])."</td><td align=left>".long2ip($arr[first])."</td><td align=left>".long2ip($arr[last])."</td><td align=left>". get_username($arr['addedby']) .
- 	    "</td><td align=left>$arr[comment]</td><td><a href=bans.php?remove=$arr[id]>Remove</a></td></tr>\n");
+ 	  print("<tr><td>".gettime($arr['added'])."</td><td align=left>".long2ip($arr['first'])."</td><td align=left>".long2ip($arr['last'])."</td><td align=left>". get_username($arr['addedby']) .
+ 	    "</td><td align=left>{$arr['comment']}</td><td><a href=bans.php?remove={$arr['id']}>Remove</a></td></tr>\n");
   }
   print("</table>\n");
 }
diff --git a/bitbucketlog.php b/bitbucketlog.php
index 1bbc3717..ef3b2751 100644
--- a/bitbucketlog.php
+++ b/bitbucketlog.php
@@ -8,7 +8,7 @@ stderr("Sorry", "Access denied.");
 $bucketpath = "$bitbucket";
 if (get_user_class() >= UC_MODERATOR)
 {
-	 $delete = $_GET["delete"];
+	 $delete = intval($_GET["delete"] ?? 0);
 	 if (is_valid_id($delete)) {
 		 $r = sql_query("SELECT name,owner FROM bitbucket WHERE id=".mysql_real_escape_string($delete)) or sqlerr(__FILE__, __LINE__);			
 		 if (mysql_num_rows($r) == 1) {				
@@ -21,7 +21,7 @@ if (get_user_class() >= UC_MODERATOR)
 				 				stdhead("BitBucket Log");	
 				 				$res = sql_query("SELECT count(*) FROM bitbucket") or die(mysql_error());	$row = mysql_fetch_array($res);	$count = $row[0];	
 				 				$perpage = 10;		
-				 				list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, $_SERVER["PHP_SELF"] . "?out=" . $_GET["out"] . "&" );	
+				 				list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, $_SERVER["PHP_SELF"] . "?out=" . ($_GET["out"] ?? '') . "&" );
 				 				print("<h1>BitBucket Log</h1>\n");	
 				 				print("Total Images Stored: $count");	
 				 				echo $pagertop;	
@@ -38,8 +38,8 @@ if (get_user_class() >= UC_MODERATOR)
 						 				$url = str_replace(" ", "%20", htmlspecialchars("$bitbucket/$name"));
 						 				print("<tr>");
 						 				print("<td><center><a href=$url><img src=\"".$url."\" border=0 onLoad='SetSize(this, 400)'></a></center>");			
-						 				print("Uploaded by:  " . get_username($arr[owner]). "<br />");
-						 				print("(#$arr[id]) Filename: $name ($width&nbsp;x&nbsp;$height)");			
+						 				print("Uploaded by:  " . get_username($arr['owner']). "<br />");
+						 				print("(#{$arr['id']}) Filename: $name ($width&nbsp;x&nbsp;$height)");
 						 				if (get_user_class() >= UC_MODERATOR)				
 						 				print(" <b><a href=?delete=$arr[id]>[Delete]</a></b><br />");			
 						 				print("Added: $date $time");			
diff --git a/catmanage.php b/catmanage.php
index 4d620c4c..9bbabac1 100644
--- a/catmanage.php
+++ b/catmanage.php
@@ -356,12 +356,12 @@ tr($lang_catmanage['col_order'], "<input type=\"text\" name=\"sort_index\" value
 }
 
 $validsubcattype=array('source', 'medium', 'codec', 'standard', 'processing', 'team', 'audiocodec');
-$type = $_GET['type'];
+$type = $_GET['type'] ?? '';
 if ($type == '')
 	$type = 'searchbox';
 else
 	check_valid_type($type);
-$action = $_GET['action'];
+$action = $_GET['action'] ?? '';
 if ($action == '')
 	$action = 'view';
 if ($action == 'view')
@@ -725,7 +725,7 @@ elseif($action == 'submit')
 		$codec = intval($_POST['codec'] ?? 0);
 		$standard = intval($_POST['standard'] ?? 0);
 		$processing = intval($_POST['processing'] ?? 0);
-		$team = intval($_POST['team'] ?? 0;
+		$team = intval($_POST['team'] ?? 0);
 		$audiocodec = intval($_POST['audiocodec'] ?? 0);
 		if (!$name || !$image)
 			stderr($lang_catmanage['std_error'], $lang_catmanage['std_missing_form_data']);
diff --git a/docleanup.php b/docleanup.php
index dd553059..070f1968 100644
--- a/docleanup.php
+++ b/docleanup.php
@@ -11,7 +11,7 @@ echo "<p>";
 echo "clean-up in progress...please wait<br />";
 ob_flush();
 flush();
-if ($_GET['forceall']) {
+if (isset($_GET['forceall']) && $_GET['forceall']) {
 	$forceall = 1;
 } else {
 	$forceall = 0;
diff --git a/include/database/class_db.php b/include/database/class_db.php
index 10352b14..9cee849a 100644
--- a/include/database/class_db.php
+++ b/include/database/class_db.php
@@ -102,6 +102,11 @@ class DB
         return $this->driver->lastInsertId();
     }
 
+    public function freeResult($result)
+    {
+        return $this->driver->freeResult($result);
+    }
+
 
 
 
diff --git a/include/database/class_db_mysqli.php b/include/database/class_db_mysqli.php
index 3c165105..87847566 100644
--- a/include/database/class_db_mysqli.php
+++ b/include/database/class_db_mysqli.php
@@ -76,5 +76,9 @@ class DBMysqli implements DBInterface
         return $this->mysqli->insert_id;
     }
 
+    public function freeResult($mysqliResult)
+    {
+        return $mysqliResult->free_result();
+    }
 
 }
\ No newline at end of file
diff --git a/include/database/helpers.php b/include/database/helpers.php
index 91be5674..7f58f3db 100644
--- a/include/database/helpers.php
+++ b/include/database/helpers.php
@@ -59,3 +59,8 @@ function mysql_insert_id()
 {
     return DB::getInstance()->lastInsertId();
 }
+
+function mysql_free_result($result)
+{
+    return DB::getInstance()->freeResult($result);
+}
diff --git a/include/database/interface_db.php b/include/database/interface_db.php
index f5940776..1fed7776 100644
--- a/include/database/interface_db.php
+++ b/include/database/interface_db.php
@@ -26,4 +26,6 @@ interface DBInterface
 
     public function lastInsertId(): int;
 
+    public function freeResult($result);
+
 }
\ No newline at end of file
diff --git a/ipcheck.php b/ipcheck.php
index 4e0b2cd0..45e02166 100644
--- a/ipcheck.php
+++ b/ipcheck.php
@@ -22,6 +22,7 @@ if (get_user_class() >= UC_MODERATOR || $CURUSER["guard"] == "yes")
  <td class=colhead width=125>IP</td>
  <td class=colhead width=40>Peer</td></tr>\n");
  $uc = 0;
+ $ip = '';
   while($ras = mysql_fetch_assoc($res))
   {
 	if ($ras["dupl"] <= 1)
diff --git a/location.php b/location.php
index 1d0939e0..6c509dea 100644
--- a/location.php
+++ b/location.php
@@ -6,13 +6,13 @@ loggedinorreturn();
 if (get_user_class() < UC_SYSOP) {
 	die("access denied.");
 }
-mysql_connect($mysql_host,$mysql_user,$mysql_pass);
+mysql_connect($mysql_host,$mysql_user,$mysql_pass, $BASIC['mysql_db'], $BASIC['mysql_port']);
 mysql_select_db($mysql_db);
 stdhead("Manage Locations");
 begin_main_frame("",false,100);
 begin_frame("Manage Locations",true,10,"100%","center");
 
-$sure = $_GET['sure'];
+$sure = $_GET['sure'] ?? '';
 if($sure == "yes") {
 	$delid = $_GET['delid'];
 	$query = "DELETE FROM locations WHERE id=" .sqlesc($delid) . " LIMIT 1";
@@ -22,7 +22,7 @@ if($sure == "yes") {
 	stdfoot();
 	die();
 }
-$delid = $_GET['delid'];
+$delid = intval($_GET['delid'] ?? 0);
 if($delid > 0) {
 	echo("Are you sure you would like to delete this Location?( <strong><a href='". $_SERVER['PHP_SELF'] . "?delid=$delid&sure=yes'>Yes!</a></strong> / <strong><a href='". $_SERVER['PHP_SELF'] . "'>No</a></strong> )");
 	end_frame();
@@ -30,7 +30,7 @@ if($delid > 0) {
 	die();
 }
 
-$edited = $_GET['edited'];
+$edited = intval($_GET['edited'] ?? 0);
 if($edited == 1) {
 	$id = intval($_GET['id'] ?? 0);
 	$name = $_GET['name'];
@@ -103,7 +103,7 @@ if($editid > 0) {
 	die();
 }
 
-$add = $_GET['add'];
+$add = $_GET['add'] ?? '';
 $success = false;
 if($add == 'true') {
 	$name = $_GET['name'];
@@ -154,8 +154,8 @@ echo("<tr><td class=toolbox align=center colspan=2><input class=btn type='Submit
 echo("</table>");
 echo("</form>");
 
-$range_start_ip = $_GET['range_start_ip'];
-$range_end_ip = $_GET['range_end_ip'];
+$range_start_ip = $_GET['range_start_ip'] ?? '';
+$range_end_ip = $_GET['range_end_ip'] ?? '';
 
 echo("<form name='form2' method='get' action='" . $_SERVER['PHP_SELF'] . "'>");
 echo("<table class=main cellspacing=0 cellpadding=5 width=48% align=right>");
@@ -171,8 +171,8 @@ print("<br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><
 
 
 unset($wherea);
-
-$check_range = $_GET['check_range'];
+$wherea = '';
+$check_range = $_GET['check_range'] ?? '';
 if($check_range == 'true') {
 
 	//stderr("",$range_start_ip . $range_end_ip . validip_format($range_start_ip) . validip_format($range_end_ip));
diff --git a/massmail.php b/massmail.php
index 82338eab..c1b8cd11 100644
--- a/massmail.php
+++ b/massmail.php
@@ -7,7 +7,7 @@ stderr("Error", "Permission denied.");
 $class = intval($_POST["class"] ?? 0);
 	if ($class)
 		int_check($class,true);
-$or = $_POST["or"];
+$or = $_POST["or"] ?? '';
 
 if ($_SERVER["REQUEST_METHOD"] == "POST")
 {
@@ -55,6 +55,7 @@ if (get_user_class() == UC_MODERATOR && $CURUSER["class"] > UC_POWER_USER)
 printf("<input type=hidden name=class value=$CURUSER[class]\n");
 else
 {
+    $prefix = '';
 print("<tr><td class=rowhead>Classe</td><td colspan=2 align=left><select name=or><option value='<'><<option value='>'>><option value='='>=<option value='<='><=<option value='>='>>=</select><select name=class>\n");
 if (get_user_class() == UC_MODERATOR)
 $maxclass = UC_POWER_USER;
diff --git a/maxlogin.php b/maxlogin.php
index b8ff5fb4..7dba196c 100644
--- a/maxlogin.php
+++ b/maxlogin.php
@@ -35,7 +35,7 @@ function searchform () {
 $countrows = number_format(get_row_count("loginattempts")) + 1;
 $page = intval($_GET["page"] ?? 0);
 
-$order = $_GET['order'];
+$order = $_GET['order'] ?? '';
 if ($order == 'id')
 	$orderby = "id";
 elseif ($order == 'ip')
@@ -53,7 +53,7 @@ else
 			
 $perpage = 5;
 list($pagertop, $pagerbottom, $limit) = pager($perpage, $countrows, "maxlogin.php?order=$order&");
-
+$msg = '';
 if ($action == 'showlist') {
 stdhead ("Max. Login Attemps - Show List");
 print("<h1>Failed Login Attempts</h1>");
diff --git a/modrules.php b/modrules.php
index 7c9ebfda..f00a75ef 100644
--- a/modrules.php
+++ b/modrules.php
@@ -6,7 +6,7 @@ if (get_user_class() < UC_ADMINISTRATOR) {
 	stderr("Error","Only Administrators and above can modify the Rules, sorry.");
 }
 
-if ($_GET["act"] == "newsect")
+if (isset($_GET["act"]) && $_GET["act"] == "newsect")
 {
 	stdhead("Add section");
 	//print("<td valign=top style=\"padding: 10px;\" colspan=2 align=center>");
@@ -30,14 +30,14 @@ if ($_GET["act"] == "newsect")
 	print("</td></tr></table>");
 	stdfoot();
 }
-elseif ($_GET["act"]=="addsect"){
+elseif (isset($_GET["act"]) && $_GET["act"]=="addsect"){
 	$title = $_POST["title"];
 	$text = $_POST["text"];
 	$language = $_POST["language"];
 	sql_query("insert into rules (title, text, lang_id) values(".sqlesc($title).", ".sqlesc($text).", ".sqlesc($language).")") or sqlerr(__FILE__,__LINE__);
 	header("Refresh: 0; url=modrules.php");
 }
-elseif ($_GET["act"] == "edit"){
+elseif (isset($_GET["act"]) && $_GET["act"] == "edit"){
 	$id = $_GET["id"];
 	$res = @mysql_fetch_array(@sql_query("select * from rules where id='$id'"));
 	stdhead("Edit rules");
@@ -62,7 +62,7 @@ elseif ($_GET["act"] == "edit"){
 	print("</td></tr></table>");
 	stdfoot();
 }
-elseif ($_GET["act"]=="edited"){
+elseif (isset($_GET["act"]) && $_GET["act"]=="edited"){
 	$id = intval($_POST["id"] ?? 0);
 	$title = $_POST["title"];
 	$text = $_POST["text"];
@@ -70,7 +70,7 @@ elseif ($_GET["act"]=="edited"){
 	sql_query("update rules set title=".sqlesc($title).", text=".sqlesc($text).", lang_id = ".sqlesc($language)." where id=".sqlesc($id)) or sqlerr(__FILE__,__LINE__);
 	header("Refresh: 0; url=modrules.php");
 }
-elseif ($_GET["act"]=="del"){
+elseif (isset($_GET["act"]) && $_GET["act"]=="del"){
 	$id = (int)$_GET["id"];
 	$sure = intval($_GET["sure"] ?? 0);
 	if (!$sure)
diff --git a/stats.php b/stats.php
index 189816b4..e5d96a46 100644
--- a/stats.php
+++ b/stats.php
@@ -31,8 +31,8 @@ $res = sql_query("SELECT COUNT(*) FROM peers") or sqlerr(__FILE__, __LINE__);
 $n = mysql_fetch_row($res);
 $n_peers = $n[0];
 
-$uporder = $_GET['uporder'];
-$catorder = $_GET["catorder"];
+$uporder = $_GET['uporder'] ?? '';
+$catorder = $_GET["catorder"] ?? '';
 
 if ($uporder == "lastul")
 	$orderby = "last DESC, name";
diff --git a/testip.php b/testip.php
index db1b263f..2479a7be 100644
--- a/testip.php
+++ b/testip.php
@@ -8,7 +8,7 @@ if (get_user_class() < UC_MODERATOR) stderr("Error", "Permission denied");
 if ($_SERVER["REQUEST_METHOD"] == "POST")
 	$ip = $_POST["ip"];
 else
-	$ip = $_GET["ip"];
+	$ip = $_GET["ip"] ?? '';
 if ($ip)
 {
 	$nip = ip2long($ip);
diff --git a/uploaders.php b/uploaders.php
index 8bbf25d4..a3fac0b3 100644
--- a/uploaders.php
+++ b/uploaders.php
@@ -13,7 +13,7 @@ $year=date('Y');
 $month=intval($_GET['month'] ?? 0);
 if (!$month || $month<=0 || $month>12)
 $month=date('m');
-$order=$_GET['order'];
+$order=$_GET['order'] ?? '';
 if (!in_array($order, array('username', 'torrent_size', 'torrent_count')))
 	$order='username';
 if ($order=='username')
@@ -88,6 +88,7 @@ else{
 		unset($row2);
 	}
 	$res3=sql_query("SELECT users.id AS userid, users.username AS username, 0 AS torrent_count, 0 AS torrent_size FROM users WHERE class >= ".UC_UPLOADER.(count($hasupuserid) ? " AND users.id NOT IN (".implode(",",$hasupuserid).")" : "")." ORDER BY username ASC") or sqlerr(__FILE__, __LINE__);
+    $count = 0;
 	while($row = mysql_fetch_array($res3))
 	{
 		$res2 = sql_query("SELECT torrents.id, torrents.name, torrents.added FROM torrents WHERE owner=".$row['userid']." ORDER BY id DESC LIMIT 1");
diff --git a/warned.php b/warned.php
index 89a49f73..fd3ddc7b 100644
--- a/warned.php
+++ b/warned.php
@@ -61,7 +61,7 @@ if (get_user_class() >= UC_ADMINISTRATOR) {
 print("<tr><td colspan=10 align=right><input type=\"submit\" name=\"submit\" value=\"Apply Changes\"></td></tr>\n");
 print("<input type=\"hidden\" name=\"nowarned\" value=\"nowarned\"></form></table>\n");
 }
-print("<p>$pagemenu<br>$browsemenu</p>");
+print("<p>" . ($pagemenu ?? '') . "<br>" . ($browsemenu ?? '') . "</p>");
 
 die;