diff --git a/files/routes/login.py b/files/routes/login.py
index 0b308ef01..bc059dc36 100644
--- a/files/routes/login.py
+++ b/files/routes/login.py
@@ -248,7 +248,11 @@ def sign_up_post(v):
 
 	now = int(time.time())
 
-	username = request.values.get("username").strip()
+	username = request.values.get("username")
+	
+	if not username: abort(400)
+
+	username = username.strip()
 
 	def signup_error(error):
 
diff --git a/files/routes/posts.py b/files/routes/posts.py
index 0b21a5fd3..47155c098 100644
--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@@ -370,6 +370,9 @@ def viewmore(v, pid, sort, offset):
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
 @auth_desired
 def morecomments(v, cid):
+	try: cid = int(cid)
+	except: abort(400)
+
 	tcid = g.db.query(Comment.top_comment_id).filter_by(id=cid).one_or_none()[0]
 
 	if v:
diff --git a/files/routes/users.py b/files/routes/users.py
index 5f64e06ef..daab1f8ab 100644
--- a/files/routes/users.py
+++ b/files/routes/users.py
@@ -859,7 +859,8 @@ def u_username(username, v=None):
 
 	sort = request.values.get("sort", "new")
 	t = request.values.get("t", "all")
-	page = int(request.values.get("page", "1"))
+	try: page = int(request.values.get("page", "1"))
+	except: abort(400)
 	page = max(page, 1)
 
 	ids = u.userpagelisting(v=v, page=page, sort=sort, t=t)