diff --git a/checkin_notes b/checkin_notes
index c1c7d44fce..6c60a3b722 100755
--- a/checkin_notes
+++ b/checkin_notes
@@ -25041,3 +25041,9 @@ David  18 Feb 2005
 
 	client/
 		app_start.C
+
+David  19 Feb 2005
+    - user web cleanup (GET arg checking mostly)
+
+    html/user/
+        (various files)
diff --git a/html/user/host_delete.php b/html/user/host_delete.php
index 74385454f6..9bb4c0e78b 100644
--- a/html/user/host_delete.php
+++ b/html/user/host_delete.php
@@ -1,7 +1,8 @@
 <?php
-    require_once("../inc/db.inc");
-    require_once("../inc/util.inc");
-    require_once("../inc/host.inc");
+
+require_once("../inc/db.inc");
+require_once("../inc/util.inc");
+require_once("../inc/host.inc");
 
 function fail($msg) {
     echo "Error: $msg";
@@ -17,22 +18,22 @@ function get_host($hostid, $user) {
     return $host;
 }
 
-    db_init();
-    $user = get_logged_in_user();
+db_init();
+$user = get_logged_in_user();
 
-    page_head("Delete record of computer");
+page_head("Delete record of computer");
 
-    $hostid = $_GET["hostid"];
-    $host = get_host($hostid, $user);
-    if (host_nresults($host)==0) {
-        mysql_query("delete from host where id=$hostid");
-    } else {
-        fail("existing results");
-    }
-    echo "
-        Host deleted.
-        <p><a href=hosts_user.php>Return to list of your computers</a>
-    ";
-    page_tail();
+$hostid = get_int("hostid");
+$host = get_host($hostid, $user);
+if (host_nresults($host)==0) {
+    mysql_query("delete from host where id=$hostid");
+} else {
+    fail("existing results");
+}
+echo "
+    Host deleted.
+    <p><a href=hosts_user.php>Return to list of your computers</a>
+";
+page_tail();
 
 ?>
diff --git a/html/user/host_update_credit.php b/html/user/host_update_credit.php
index 38dd22b0ec..b46df9a63a 100644
--- a/html/user/host_update_credit.php
+++ b/html/user/host_update_credit.php
@@ -1,7 +1,8 @@
 <?php
-    require_once("../inc/db.inc");
-    require_once("../inc/util.inc");
-    require_once("../inc/host.inc");
+
+require_once("../inc/db.inc");
+require_once("../inc/util.inc");
+require_once("../inc/host.inc");
 
 function fail($msg) {
     echo "Error: $msg";
@@ -17,14 +18,14 @@ function get_host($hostid, $user) {
     return $host;
 }
 
-    db_init();
-    $user = get_logged_in_user();
+db_init();
+$user = get_logged_in_user();
 
-    page_head("Updating computer credit");
+page_head("Updating computer credit");
 
-    $hostid = $_GET["hostid"];
-    host_update_credit($hostid);
-    echo "<br>Host credit updated";
-    page_tail();
+$hostid = get_int("hostid");
+host_update_credit($hostid);
+echo "<br>Host credit updated";
+page_tail();
 
 ?>
diff --git a/html/user/results.php b/html/user/results.php
index f002301446..b506c4d586 100644
--- a/html/user/results.php
+++ b/html/user/results.php
@@ -1,57 +1,56 @@
 <?php
-    // show recent results for a host or user
+// show recent results for a host or user
 
-    require_once("../inc/db.inc");
-    require_once("../inc/util.inc");
-    require_once("../inc/result.inc");
-
-    $config = get_config();
-    if (!parse_bool($config, "show_results")) {
-        page_head("Temporarily disabled");
-        page_tail();
-        exit();
-    }
-
-    $results_per_page = 20;
-
-    db_init();
-    $hostid = $_GET["hostid"];
-    $userid = $_GET["userid"];
-    $offset = $_GET["offset"];
-    if (!$offset) $offset=0;
-
-    if ($hostid) {
-        $host = lookup_host($hostid);
-        $type = "computer";
-        $clause = "hostid=$hostid";
-    } else {
-        $user = get_logged_in_user();
-        if ($userid != $user->id) {
-            echo "No access";
-            exit();
-        }
-        $type = "user";
-        $clause = "userid=$userid";
-    }
-    page_head("Results for $type");
-    result_table_start(true, false, true);
-    $i = 0;
-    $query = "select * from result where $clause order by id desc limit $offset,".($results_per_page+1);
-    $result = mysql_query($query);
-    $number_of_results = mysql_affected_rows();
-    while ($res = mysql_fetch_object($result) and $i<$results_per_page) {
-        show_result_row($res, true, false, true);
-        $i++;
-    }
-    mysql_free_result($result);
-    echo "</table>\n";
-
-    if ($number_of_results > $results_per_page) {
-        $offset = $offset+$results_per_page;
-        echo "
-            <br><center><a href=\"results.php?$clause&offset=$offset\">Next $results_per_page results</a></center>
-        ";
-    }
+require_once("../inc/db.inc");
+require_once("../inc/util.inc");
+require_once("../inc/result.inc");
 
+$config = get_config();
+if (!parse_bool($config, "show_results")) {
+    page_head("Temporarily disabled");
     page_tail();
+    exit();
+}
+
+$results_per_page = 20;
+
+db_init();
+$hostid = get_int("hostid", true);
+$userid = get_int("userid", true);
+$offset = get_int("offset", true);
+if (!$offset) $offset=0;
+
+if ($hostid) {
+    $host = lookup_host($hostid);
+    $type = "computer";
+    $clause = "hostid=$hostid";
+} else {
+    $user = get_logged_in_user();
+    if ($userid != $user->id) {
+        error_page("No access");
+    }
+    $type = "user";
+    $clause = "userid=$userid";
+}
+page_head("Results for $type");
+result_table_start(true, false, true);
+$i = 0;
+$query = "select * from result where $clause order by id desc limit $offset,".($results_per_page+1);
+$result = mysql_query($query);
+$number_of_results = mysql_affected_rows();
+while ($res = mysql_fetch_object($result) and $i<$results_per_page) {
+    show_result_row($res, true, false, true);
+    $i++;
+}
+mysql_free_result($result);
+echo "</table>\n";
+
+if ($number_of_results > $results_per_page) {
+    $offset = $offset+$results_per_page;
+    echo "
+        <br><center><a href=\"results.php?$clause&offset=$offset\">Next $results_per_page results</a></center>
+    ";
+}
+
+page_tail();
 ?>
diff --git a/html/user/sample_robots.txt b/html/user/sample_robots.txt
index 16d036caa7..56e044d07d 100644
--- a/html/user/sample_robots.txt
+++ b/html/user/sample_robots.txt
@@ -1,8 +1,11 @@
 User-agent: *
-Allow: /download_network.php
-Allow: /index.php
-Allow: /info.php
-Allow: /intro.php
-Allow: /old_news.php
-Allow: /rss_main.php
-Disallow: /
+Disallow: /account
+Disallow: /add_venue
+Disallow: /am_
+Disallow: /bug_report
+Disallow: /edit_
+Disallow: /host_
+Disallow: /prefs_
+Disallow: /result
+Disallow: /team
+Disallow: /workunit
diff --git a/html/user/show_host_detail.php b/html/user/show_host_detail.php
index 7c9f236f0c..457d1e88ba 100644
--- a/html/user/show_host_detail.php
+++ b/html/user/show_host_detail.php
@@ -1,24 +1,26 @@
 <?php
-    require_once("../inc/db.inc");
-    require_once("../inc/util.inc");
-    require_once("../inc/user.inc");
-    require_once("../inc/host.inc");
 
-    db_init();
-    $hostid = $_GET["hostid"];
-    $ipprivate = $_GET["ipprivate"];
-    $host = lookup_host($hostid);
-    if (!$host) {
-        echo "Couldn't find computer";
-        exit();
-    }
-    $private = false;
-    $user = get_logged_in_user(false);
-    if ($user && $user->id == $host->userid) {
-        $private = true;
-    }
+require_once("../inc/db.inc");
+require_once("../inc/util.inc");
+require_once("../inc/user.inc");
+require_once("../inc/host.inc");
+
+db_init();
+$hostid = get_int("hostid");
+$ipprivate = $_GET["ipprivate"];
+$host = lookup_host($hostid);
+if (!$host) {
+    echo "Couldn't find computer";
+    exit();
+}
+$private = false;
+$user = get_logged_in_user(false);
+if ($user && $user->id == $host->userid) {
+    $private = true;
+}
+
+page_head("Computer summary");
+show_host($host, $private, $ipprivate);
+page_tail();
 
-    page_head("Computer summary");
-    show_host($host, $private, $ipprivate);
-    page_tail();
 ?>
diff --git a/html/user/team_edit_form.php b/html/user/team_edit_form.php
index c5f7012b18..778d772df8 100644
--- a/html/user/team_edit_form.php
+++ b/html/user/team_edit_form.php
@@ -4,19 +4,20 @@ require_once("../inc/db.inc");
 require_once("../inc/util.inc");
 require_once("../inc/team.inc");
 
-    db_init();
-    $user = get_logged_in_user();
+db_init();
+$user = get_logged_in_user();
 
-    $teamid = $_GET["teamid"];
-    $team = lookup_team($teamid);
-    require_founder_login($user, $team);
+$teamid get_int("teamid");
+$team = lookup_team($teamid);
+require_founder_login($user, $team);
+
+$team_name = ereg_replace("\"", "'", $team->name);
+$team_name_html = ereg_replace("\"", "'", $team->name_html);
+$team_url = ereg_replace("\"", "'", $team->url);
+$team_description = ereg_replace("\"", "'", $team->description);
+$team_type = $team->type;
+page_head("Edit $team_name");
+team_edit_form($team, "Update team info", "team_edit_action.php");
+page_tail();
 
-    $team_name = ereg_replace("\"", "'", $team->name);
-    $team_name_html = ereg_replace("\"", "'", $team->name_html);
-    $team_url = ereg_replace("\"", "'", $team->url);
-    $team_description = ereg_replace("\"", "'", $team->description);
-    $team_type = $team->type;
-    page_head("Edit $team_name");
-    team_edit_form($team, "Update team info", "team_edit_action.php");
-    page_tail();
 ?>
diff --git a/html/user/team_email_list.php b/html/user/team_email_list.php
index b5d61530b6..82585e100d 100644
--- a/html/user/team_email_list.php
+++ b/html/user/team_email_list.php
@@ -5,27 +5,27 @@ require_once("../inc/util.inc");
 require_once("../inc/email.inc");
 require_once("../inc/team.inc");
 
-    db_init();
+db_init();
 
-    $user = get_logged_in_user();
-    $teamid = $_GET["teamid"];
-    $team = lookup_team($teamid);
-    require_founder_login($user, $team);
+$user = get_logged_in_user();
+$teamid = get_int("teamid");
+$team = lookup_team($teamid);
+require_founder_login($user, $team);
 
-    page_head("$team->name Email List");
-    start_table();
-    row1("Member list of $team->name");
-    row2_plain("<b>Name</b>", "<b>Email address</b>");
-    $result = mysql_query("select * from user where teamid=$team->id");
-    while ($user = mysql_fetch_object($result)) {
-        if (!split_munged_email_addr($user->email_addr, null, $email)) {
-            $email = $user->email_addr;
-        }
-        row2_plain($user->name, $email);
-    } 
-    mysql_free_result($result);
-    end_table();
+page_head("$team->name Email List");
+start_table();
+row1("Member list of $team->name");
+row2_plain("<b>Name</b>", "<b>Email address</b>");
+$result = mysql_query("select * from user where teamid=$team->id");
+while ($user = mysql_fetch_object($result)) {
+    if (!split_munged_email_addr($user->email_addr, null, $email)) {
+        $email = $user->email_addr;
+    }
+    row2_plain($user->name, $email);
+} 
+mysql_free_result($result);
+end_table();
 
-    page_tail();
+page_tail();
 
 ?>
diff --git a/html/user/team_join_form.php b/html/user/team_join_form.php
index 3d972a8f71..dfd6bb7511 100644
--- a/html/user/team_join_form.php
+++ b/html/user/team_join_form.php
@@ -4,24 +4,24 @@ require_once("../inc/db.inc");
 require_once("../inc/util.inc");
 require_once("../inc/team.inc");
 
-    db_init();
-    $user = get_logged_in_user();
-    $teamid = $_GET["id"];
+db_init();
+$user = get_logged_in_user();
+$teamid = get_int("id");
 
-    $team = lookup_team($teamid);
-    $team_name = $team->name;
-    page_head("Join $team_name");
-    echo " <p><b>Please note:</b>
-        <ul>
-        <li> Joining a team gives its founder access to your email address.
-        <li> Joining a team does not affect your account's credit.
-        </ul>
-        <hr>
-        <form method=post action=team_join_action.php>
-        <input type=hidden name=teamid value=$teamid>
-        <input type=submit value='Join team'>
-        </form>
-    ";
-    page_tail();
+$team = lookup_team($teamid);
+$team_name = $team->name;
+page_head("Join $team_name");
+echo " <p><b>Please note:</b>
+    <ul>
+    <li> Joining a team gives its founder access to your email address.
+    <li> Joining a team does not affect your account's credit.
+    </ul>
+    <hr>
+    <form method=post action=team_join_action.php>
+    <input type=hidden name=teamid value=$teamid>
+    <input type=submit value='Join team'>
+    </form>
+";
+page_tail();
 
 ?>
diff --git a/html/user/team_remove_inactive_form.php b/html/user/team_remove_inactive_form.php
index 6eb9a2c575..b931a04918 100644
--- a/html/user/team_remove_inactive_form.php
+++ b/html/user/team_remove_inactive_form.php
@@ -1,51 +1,51 @@
 <?php
 
-    require_once("../inc/db.inc");
-    require_once("../inc/util.inc");
-    require_once("../inc/team.inc");
+require_once("../inc/db.inc");
+require_once("../inc/util.inc");
+require_once("../inc/team.inc");
 
-    db_init();
-    $user = get_logged_in_user();
-    $teamid = $_GET["teamid"];
-    $team = lookup_team($teamid);
-    require_founder_login($user, $team);
-    $nusers = $team->nusers;
-    page_head("Remove Members from $team->name");
-    echo "
-        Removing a member will subtract their credit from team totals
-        <form method=post action=team_remove_inactive_action.php>
-        <input type=hidden name=id value=$team->id>
-    ";
-    start_table();
-    echo "<tr>
-        <th>Remove?</th>
-        <th>Name</th>
+db_init();
+$user = get_logged_in_user();
+$teamid = get_int("teamid");
+$team = lookup_team($teamid);
+require_founder_login($user, $team);
+$nusers = $team->nusers;
+page_head("Remove Members from $team->name");
+echo "
+    Removing a member will subtract their credit from team totals
+    <form method=post action=team_remove_inactive_action.php>
+    <input type=hidden name=id value=$team->id>
+";
+start_table();
+echo "<tr>
+    <th>Remove?</th>
+    <th>Name</th>
 .        <th>Total credit</th>
-        <th>Recent average credit</th>
-        </tr>
+    <th>Recent average credit</th>
+    </tr>
+";
+
+$result = mysql_query("select * from user where teamid = $team->id");
+
+$ninactive_users = 0;
+while ($user = mysql_fetch_object($result)) {
+    $user_total_credit = format_credit($user->total_credit);
+    $user_expavg_credit = format_credit($user->expavg_credit);
+    echo "
+        <tr>
+        <td align=center><input type=checkbox name=remove_$ninactive_users value=$user->id>
+        <td>$user->name</td>
+        <td>$user_total_credit</td>
+        <td>$user_expavg_credit</td>
     ";
-
-    $result = mysql_query("select * from user where teamid = $team->id");
-
-    $ninactive_users = 0;
-    while ($user = mysql_fetch_object($result)) {
-        $user_total_credit = format_credit($user->total_credit);
-        $user_expavg_credit = format_credit($user->expavg_credit);
-        echo "
-            <tr>
-            <td align=center><input type=checkbox name=remove_$ninactive_users value=$user->id>
-            <td>$user->name</td>
-            <td>$user_total_credit</td>
-            <td>$user_expavg_credit</td>
-        ";
-        $ninactive_users++;
-    }
-    echo "<input type=hidden name=ninactive_users value=$ninactive_users>";
-    if ($result) {
-       mysql_free_result($result);
-    }
-    end_table();
-    echo "<input type=submit value=\"Remove users\">";
-    echo "</form>";
-    page_tail();
+    $ninactive_users++;
+}
+echo "<input type=hidden name=ninactive_users value=$ninactive_users>";
+if ($result) {
+   mysql_free_result($result);
+}
+end_table();
+echo "<input type=submit value=\"Remove users\">";
+echo "</form>";
+page_tail();
 ?>
diff --git a/html/user/top_hosts.php b/html/user/top_hosts.php
index 993ec1529b..0b4a1cf49c 100644
--- a/html/user/top_hosts.php
+++ b/html/user/top_hosts.php
@@ -1,63 +1,65 @@
 <?php
-    require_once("../inc/cache.inc");
-    require_once("../inc/util.inc");
 
-    $n = 20;
+require_once("../inc/cache.inc");
+require_once("../inc/util.inc");
 
-    $sort_by = $_GET["sort_by"];
-    if (!$sort_by) $sort_by = "expavg_credit";
-    $offset = $_GET["offset"];
-    if (!$offset) $offset=0;
+$n = 20;
 
-    if ($offset % $n) $offset = 0;
+$sort_by = $_GET["sort_by"];
+if (!$sort_by) $sort_by = "expavg_credit";
+$offset = get_int("offset", true);
+if (!$offset) $offset=0;
 
-    if ($offset < 1000) {
-        $cache_args = "sort_by=$sort_by&offset=$offset";
-        start_cache(TOP_PAGES_TTL, $cache_args);
-    } else {
-        page_head("Limit exceeded");
-        echo "Sorry - first 1000 only.";
-        page_tail();
-        exit();
-    }
+if ($offset % $n) $offset = 0;
 
-    require_once("../inc/db.inc");
-    require_once("../inc/host.inc");
+if ($offset < 1000) {
+    $cache_args = "sort_by=$sort_by&offset=$offset";
+    start_cache(TOP_PAGES_TTL, $cache_args);
+} else {
+    page_head("Limit exceeded");
+    echo "Sorry - first 1000 only.";
+    page_tail();
+    exit();
+}
 
-    db_init();
-    page_head("Top computers");
+require_once("../inc/db.inc");
+require_once("../inc/host.inc");
+
+db_init();
+page_head("Top computers");
+if ($sort_by == "total_credit") {
+    $sort_clause = "total_credit desc";
+} else {
+    $sort_clause = "expavg_credit desc";
+}
+$result = mysql_query("select * from host order by $sort_clause limit $offset,$n");
+top_host_table_start($sort_by);
+$i = $offset+1;
+while ($host = mysql_fetch_object($result)) {
     if ($sort_by == "total_credit") {
-        $sort_clause = "total_credit desc";
+        show_host_row($host, $i, false, true);
+        $i++;
     } else {
-        $sort_clause = "expavg_credit desc";
-    }
-    $result = mysql_query("select * from host order by $sort_clause limit $offset,$n");
-    top_host_table_start($sort_by);
-    $i = $offset+1;
-    while ($host = mysql_fetch_object($result)) {
-        if ($sort_by == "total_credit") {
+        if (!host_inactive_ndays($host, 7)) {
             show_host_row($host, $i, false, true);
             $i++;
-        } else {
-            if (!host_inactive_ndays($host, 7)) {
-                show_host_row($host, $i, false, true);
-                $i++;
-            }
         }
     }
-    mysql_free_result($result);
-    echo "</table>\n";
-    if ($offset > 0) {
-        $new_offset = $offset - $n;
-        echo "<a href=top_hosts.php?sort_by=$sort_by&offset=$new_offset>Last $n</a> | ";
+}
+mysql_free_result($result);
+echo "</table>\n";
+if ($offset > 0) {
+    $new_offset = $offset - $n;
+    echo "<a href=top_hosts.php?sort_by=$sort_by&offset=$new_offset>Last $n</a> | ";
+
+}
+$new_offset = $offset + $n;
+echo "<a href=top_hosts.php?sort_by=$sort_by&offset=$new_offset>Next $n</a>";
+if ($offset < 1000) {
+    page_tail(true);
+    end_cache(TOP_PAGES_TTL,$cache_args);
+} else {
+    page_tail();
+}
 
-    }
-    $new_offset = $offset + $n;
-    echo "<a href=top_hosts.php?sort_by=$sort_by&offset=$new_offset>Next $n</a>";
-    if ($offset < 1000) {
-        page_tail(true);
-        end_cache(TOP_PAGES_TTL,$cache_args);
-    } else {
-        page_tail();
-    }
 ?>
diff --git a/html/user/top_teams.php b/html/user/top_teams.php
index d12beebe2f..2d13451681 100644
--- a/html/user/top_teams.php
+++ b/html/user/top_teams.php
@@ -8,10 +8,9 @@ $n = 20;
 
 $sort_by = $_GET["sort_by"];
 if (!$sort_by) $sort_by = "expavg_credit";
-$offset = $_GET["offset"];
+$offset = get_int("offset", true);
 if (!$offset) $offset=0;
-$type = $_GET["type"];
-$type = $type + 0;
+$type = get_int("type", true);
 if ($type < 1 || $type > 7) {
     $type = null;
 }
diff --git a/html/user/top_users.php b/html/user/top_users.php
index 2b6b997220..4fbf3947e5 100644
--- a/html/user/top_users.php
+++ b/html/user/top_users.php
@@ -1,65 +1,67 @@
-<?php {
-    require_once("../inc/cache.inc");
-    require_once("../inc/util.inc");
+<?php
 
-    $n = 20;
+require_once("../inc/cache.inc");
+require_once("../inc/util.inc");
 
-    $sort_by = $_GET["sort_by"];
-    if (!$sort_by) $sort_by = "expavg_credit";
-    $offset = $_GET["offset"];
-    if (!$offset) $offset=0;
+$n = 20;
 
-    if ($offset % $n) $offset = 0;
+$sort_by = $_GET["sort_by"];
+if (!$sort_by) $sort_by = "expavg_credit";
+$offset = get_int("offset", true);
+if (!$offset) $offset=0;
 
-    if ($offset < 1000) {
-        $cache_args = "sort_by=$sort_by&offset=$offset";
-        start_cache(TOP_PAGES_TTL, $cache_args);
-    } else {
-        page_head("Limit exceeded");
-        echo "Sorry - first 1000 only.";
-        page_tail();
-        exit();
-    }
+if ($offset % $n) $offset = 0;
 
-    require_once("../inc/db.inc");
-    require_once("../inc/user.inc");
+if ($offset < 1000) {
+    $cache_args = "sort_by=$sort_by&offset=$offset";
+    start_cache(TOP_PAGES_TTL, $cache_args);
+} else {
+    page_head("Limit exceeded");
+    echo "Sorry - first 1000 only.";
+    page_tail();
+    exit();
+}
 
-    db_init();
-    page_head("Top participants");
+require_once("../inc/db.inc");
+require_once("../inc/user.inc");
+
+db_init();
+page_head("Top participants");
+if ($sort_by == "total_credit") {
+    $sort_order = "total_credit desc";
+} else {
+    $sort_order = "expavg_credit desc";
+}
+
+$result = mysql_query("select * from user order by $sort_order limit $offset,$n");
+user_table_start($sort_by);
+$i = 1 + $offset;
+while ($user = mysql_fetch_object($result)) {
     if ($sort_by == "total_credit") {
-        $sort_order = "total_credit desc";
+        show_user_row($user, $i);
+        $i++;
     } else {
-        $sort_order = "expavg_credit desc";
-    }
-
-    $result = mysql_query("select * from user order by $sort_order limit $offset,$n");
-    user_table_start($sort_by);
-    $i = 1 + $offset;
-    while ($user = mysql_fetch_object($result)) {
-        if ($sort_by == "total_credit") {
+        if (!user_inactive_ndays($user, 7)) {
             show_user_row($user, $i);
             $i++;
-        } else {
-            if (!user_inactive_ndays($user, 7)) {
-                show_user_row($user, $i);
-                $i++;
-            }
         }
     }
-    echo "</table>\n";
+}
+echo "</table>\n";
 
-    if ($offset > 0) {
-        $new_offset = $offset - $n;
-        echo "<a href=top_users.php?sort_by=$sort_by&offset=$new_offset>Previous $n</a> | ";
+if ($offset > 0) {
+    $new_offset = $offset - $n;
+    echo "<a href=top_users.php?sort_by=$sort_by&offset=$new_offset>Previous $n</a> | ";
 
-    }
-    $new_offset = $offset + $n;
-    echo "<a href=top_users.php?sort_by=$sort_by&offset=$new_offset>Next $n</a>";
+}
+$new_offset = $offset + $n;
+echo "<a href=top_users.php?sort_by=$sort_by&offset=$new_offset>Next $n</a>";
 
-    if ($offset < 1000) {
-        page_tail(true);
-        end_cache(TOP_PAGES_TTL,$cache_args);
-    } else {
-        page_tail();
-    }
-} ?>
+if ($offset < 1000) {
+    page_tail(true);
+    end_cache(TOP_PAGES_TTL,$cache_args);
+} else {
+    page_tail();
+}
+
+?>
diff --git a/html/user/view_profile.php b/html/user/view_profile.php
index 10a9b7220c..c57fe24492 100644
--- a/html/user/view_profile.php
+++ b/html/user/view_profile.php
@@ -4,7 +4,7 @@ require_once("../inc/profile.inc");
 
 db_init();
 
-$userid = $_GET['userid'];
+$userid = get_int('userid');
 
 // Check for recommendation or rejection votes
 
diff --git a/html/user/workunit.php b/html/user/workunit.php
index 692fd8145c..ae70827edc 100644
--- a/html/user/workunit.php
+++ b/html/user/workunit.php
@@ -1,39 +1,39 @@
 <?php
-    // show summary of a workunit
+// show summary of a workunit
 
-    require_once("../inc/db.inc");
-    require_once("../inc/result.inc");
+require_once("../inc/db.inc");
+require_once("../inc/result.inc");
 
-    db_init();
-    $wuid = $_GET["wuid"];
-    page_head("Work unit");
-    $wu = lookup_wu($wuid);
-    if (!$wu) {
-        echo "can't find workunit";
-        exit();
-    }
+db_init();
+$wuid = get_int("wuid");
+$wu = lookup_wu($wuid);
+if (!$wu) {
+    error_page("car't find workunit");
+}
 
-    $app = lookup_app($wu->appid);
+page_head("Work unit");
+$app = lookup_app($wu->appid);
 
-    start_table();
-    row2("application", $app->user_friendly_name);
-    row2("created", time_str($wu->create_time));
-    row2("name", $wu->name);
-    if ($wu->canonical_resultid) {
-        row2("canonical result", "<a href=result.php?resultid=$wu->canonical_resultid>$wu->canonical_resultid</a>");
-        row2("granted credit", format_credit($wu->canonical_credit));
-    }
-    if ($wu->error_mask) {
-        row2("errors", wu_error_mask_str($wu->error_mask));
-    }
-    echo "</table>\n";
+start_table();
+row2("application", $app->user_friendly_name);
+row2("created", time_str($wu->create_time));
+row2("name", $wu->name);
+if ($wu->canonical_resultid) {
+    row2("canonical result", "<a href=result.php?resultid=$wu->canonical_resultid>$wu->canonical_resultid</a>");
+    row2("granted credit", format_credit($wu->canonical_credit));
+}
+if ($wu->error_mask) {
+    row2("errors", wu_error_mask_str($wu->error_mask));
+}
+echo "</table>\n";
+
+result_table_start(false, true, true);
+$result = mysql_query("select * from result where workunitid=$wuid");
+while ($res = mysql_fetch_object($result)) {
+    show_result_row($res, false, true, true);
+}
+mysql_free_result($result);
+echo "</table>\n";
+page_tail();
 
-    result_table_start(false, true, true);
-    $result = mysql_query("select * from result where workunitid=$wuid");
-    while ($res = mysql_fetch_object($result)) {
-        show_result_row($res, false, true, true);
-    }
-    mysql_free_result($result);
-    echo "</table>\n";
-    page_tail();
 ?>