diff --git a/.codebeatignore b/.codebeatignore
index 5978505e..b6fccf76 100644
--- a/.codebeatignore
+++ b/.codebeatignore
@@ -1,10 +1,10 @@
-/public/trumbowyg/*
-/public/jquery-emojiarea/*
-/public/font-awesome-4.7.0/*
+/public/trumbowyg/**
+/public/jquery-emojiarea/**
+/public/font-awesome-4.7.0/**
 /public/jquery-3.1.1.min.js
 /public/EQCSS.min.js
 /public/EQCSS.js
-/schema/*
+/schema/**
 
 template_list.go
 template_forum.go
diff --git a/install-linux b/install-linux
index 6b23f0f3..be7b8f9f 100644
--- a/install-linux
+++ b/install-linux
@@ -25,6 +25,9 @@ go get -u github.com/robertkrimen/otto
 echo "Installing the Riot Search Engine"
 go get -u github.com/robertkrimen/otto
 
+echo "Installing the Rez Image Resizer"
+go get -u github.com/bamiaux/rez
+
 
 echo "Building the installer"
 cd ./install
diff --git a/install.bat b/install.bat
index 2bbe9354..2e4832af 100644
--- a/install.bat
+++ b/install.bat
@@ -78,6 +78,13 @@ if %errorlevel% neq 0 (
 	exit /b %errorlevel%
 )
 
+echo Installing the Rez Image Resizer
+go get -u github.com/bamiaux/rez
+if %errorlevel% neq 0 (
+	pause
+	exit /b %errorlevel%
+)
+
 
 echo Building the installer
 go generate
diff --git a/member_routes.go b/member_routes.go
index e31777b0..d42c26be 100644
--- a/member_routes.go
+++ b/member_routes.go
@@ -6,7 +6,6 @@ import (
 	"html"
 	"io"
 	"log"
-	"net"
 	"net/http"
 	"os"
 	"path/filepath"
@@ -134,12 +133,7 @@ func routeTopicCreateSubmit(w http.ResponseWriter, r *http.Request, user User) R
 
 	topicName := html.EscapeString(r.PostFormValue("topic-name"))
 	content := html.EscapeString(preparseMessage(r.PostFormValue("topic-content")))
-	ipaddress, _, err := net.SplitHostPort(r.RemoteAddr)
-	if err != nil {
-		return LocalError("Bad IP", w, r, user)
-	}
-
-	tid, err := topics.Create(fid, topicName, content, user.ID, ipaddress)
+	tid, err := topics.Create(fid, topicName, content, user.ID, user.LastIP)
 	if err != nil {
 		switch err {
 		case ErrNoRows:
@@ -339,12 +333,7 @@ func routeCreateReply(w http.ResponseWriter, r *http.Request, user User) RouteEr
 	}
 
 	content := preparseMessage(html.EscapeString(r.PostFormValue("reply-content")))
-	ipaddress, _, err := net.SplitHostPort(r.RemoteAddr)
-	if err != nil {
-		return LocalError("Bad IP", w, r, user)
-	}
-
-	_, err = rstore.Create(topic, content, ipaddress, user.ID)
+	_, err = rstore.Create(topic, content, user.LastIP, user.ID)
 	if err != nil {
 		return InternalError(err, w, r)
 	}
@@ -537,13 +526,8 @@ func routeProfileReplyCreate(w http.ResponseWriter, r *http.Request, user User)
 		return LocalError("Invalid UID", w, r, user)
 	}
 
-	ipaddress, _, err := net.SplitHostPort(r.RemoteAddr)
-	if err != nil {
-		return LocalError("Bad IP", w, r, user)
-	}
-
 	content := html.EscapeString(preparseMessage(r.PostFormValue("reply-content")))
-	_, err = prstore.Create(uid, content, user.ID, ipaddress)
+	_, err = prstore.Create(uid, content, user.ID, user.LastIP)
 	if err != nil {
 		return InternalError(err, w, r)
 	}
diff --git a/mod_routes.go b/mod_routes.go
index 033bdafe..b3949467 100644
--- a/mod_routes.go
+++ b/mod_routes.go
@@ -6,7 +6,6 @@ import (
 	"encoding/json"
 	"html"
 	"log"
-	"net"
 	"net/http"
 	"strconv"
 	"time"
@@ -113,11 +112,7 @@ func routeDeleteTopic(w http.ResponseWriter, r *http.Request, user User) RouteEr
 			return InternalErrorJSQ(err, w, r, isJs)
 		}
 
-		ipaddress, _, err := net.SplitHostPort(r.RemoteAddr)
-		if err != nil {
-			return LocalErrorJSQ("Bad IP", w, r, user, isJs)
-		}
-		err = addModLog("delete", tid, "topic", ipaddress, user.ID)
+		err = addModLog("delete", tid, "topic", user.LastIP, user.ID)
 		if err != nil {
 			return InternalErrorJSQ(err, w, r, isJs)
 		}
@@ -161,16 +156,11 @@ func routeStickTopic(w http.ResponseWriter, r *http.Request, user User) RouteErr
 		return InternalError(err, w, r)
 	}
 
-	// ! - Can we use user.LastIP here? It might be racey, if another thread mutates it... We need to fix this.
-	ipaddress, _, err := net.SplitHostPort(r.RemoteAddr)
-	if err != nil {
-		return LocalError("Bad IP", w, r, user)
-	}
-	err = addModLog("stick", tid, "topic", ipaddress, user.ID)
+	err = addModLog("stick", tid, "topic", user.LastIP, user.ID)
 	if err != nil {
 		return InternalError(err, w, r)
 	}
-	err = topic.CreateActionReply("stick", ipaddress, user)
+	err = topic.CreateActionReply("stick", user.LastIP, user)
 	if err != nil {
 		return InternalError(err, w, r)
 	}
@@ -205,15 +195,11 @@ func routeUnstickTopic(w http.ResponseWriter, r *http.Request, user User) RouteE
 		return InternalError(err, w, r)
 	}
 
-	ipaddress, _, err := net.SplitHostPort(r.RemoteAddr)
-	if err != nil {
-		return LocalError("Bad IP", w, r, user)
-	}
-	err = addModLog("unstick", tid, "topic", ipaddress, user.ID)
+	err = addModLog("unstick", tid, "topic", user.LastIP, user.ID)
 	if err != nil {
 		return InternalError(err, w, r)
 	}
-	err = topic.CreateActionReply("unstick", ipaddress, user)
+	err = topic.CreateActionReply("unstick", user.LastIP, user)
 	if err != nil {
 		return InternalError(err, w, r)
 	}
@@ -268,16 +254,11 @@ func routeLockTopic(w http.ResponseWriter, r *http.Request, user User) RouteErro
 			return InternalErrorJSQ(err, w, r, isJs)
 		}
 
-		// ! - Can we use user.LastIP here? It might be racey, if another thread mutates it... We need to fix this.
-		ipaddress, _, err := net.SplitHostPort(r.RemoteAddr)
-		if err != nil {
-			return LocalErrorJSQ("Bad IP", w, r, user, isJs)
-		}
-		err = addModLog("lock", tid, "topic", ipaddress, user.ID)
+		err = addModLog("lock", tid, "topic", user.LastIP, user.ID)
 		if err != nil {
 			return InternalErrorJSQ(err, w, r, isJs)
 		}
-		err = topic.CreateActionReply("lock", ipaddress, user)
+		err = topic.CreateActionReply("lock", user.LastIP, user)
 		if err != nil {
 			return InternalErrorJSQ(err, w, r, isJs)
 		}
@@ -316,16 +297,11 @@ func routeUnlockTopic(w http.ResponseWriter, r *http.Request, user User) RouteEr
 		return InternalError(err, w, r)
 	}
 
-	// ! - Can we use user.LastIP here? It might be racey, if another thread mutates it... We need to fix this.
-	ipaddress, _, err := net.SplitHostPort(r.RemoteAddr)
-	if err != nil {
-		return LocalError("Bad IP", w, r, user)
-	}
-	err = addModLog("unlock", tid, "topic", ipaddress, user.ID)
+	err = addModLog("unlock", tid, "topic", user.LastIP, user.ID)
 	if err != nil {
 		return InternalError(err, w, r)
 	}
-	err = topic.CreateActionReply("unlock", ipaddress, user)
+	err = topic.CreateActionReply("unlock", user.LastIP, user)
 	if err != nil {
 		return InternalError(err, w, r)
 	}
@@ -447,11 +423,7 @@ func routeReplyDeleteSubmit(w http.ResponseWriter, r *http.Request, user User) R
 		return InternalErrorJSQ(err, w, r, isJs)
 	}
 
-	ipaddress, _, err := net.SplitHostPort(r.RemoteAddr)
-	if err != nil {
-		return LocalErrorJSQ("Bad IP", w, r, user, isJs)
-	}
-	err = addModLog("delete", reply.ParentID, "reply", ipaddress, user.ID)
+	err = addModLog("delete", reply.ParentID, "reply", user.LastIP, user.ID)
 	if err != nil {
 		return InternalErrorJSQ(err, w, r, isJs)
 	}
@@ -694,11 +666,7 @@ func routeBanSubmit(w http.ResponseWriter, r *http.Request, user User) RouteErro
 		return InternalError(err, w, r)
 	}
 
-	ipaddress, _, err := net.SplitHostPort(r.RemoteAddr)
-	if err != nil {
-		return LocalError("Bad IP", w, r, user)
-	}
-	err = addModLog("ban", uid, "user", ipaddress, user.ID)
+	err = addModLog("ban", uid, "user", user.LastIP, user.ID)
 	if err != nil {
 		return InternalError(err, w, r)
 	}
@@ -740,11 +708,7 @@ func routeUnban(w http.ResponseWriter, r *http.Request, user User) RouteError {
 		return InternalError(err, w, r)
 	}
 
-	ipaddress, _, err := net.SplitHostPort(r.RemoteAddr)
-	if err != nil {
-		return LocalError("Bad IP", w, r, user)
-	}
-	err = addModLog("unban", uid, "user", ipaddress, user.ID)
+	err = addModLog("unban", uid, "user", user.LastIP, user.ID)
 	if err != nil {
 		return InternalError(err, w, r)
 	}
@@ -781,11 +745,7 @@ func routeActivate(w http.ResponseWriter, r *http.Request, user User) RouteError
 		return InternalError(err, w, r)
 	}
 
-	ipaddress, _, err := net.SplitHostPort(r.RemoteAddr)
-	if err != nil {
-		return LocalError("Bad IP", w, r, user)
-	}
-	err = addModLog("activate", targetUser.ID, "user", ipaddress, user.ID)
+	err = addModLog("activate", targetUser.ID, "user", user.LastIP, user.ID)
 	if err != nil {
 		return InternalError(err, w, r)
 	}
diff --git a/permissions.go b/permissions.go
index d408f1de..b78fcb10 100644
--- a/permissions.go
+++ b/permissions.go
@@ -89,7 +89,8 @@ type Perms struct {
 	// TODO: Add a permission for enabling avatars
 
 	// Forum permissions
-	ViewTopic   bool
+	ViewTopic bool
+	//ViewOwnTopic bool
 	LikeItem    bool
 	CreateTopic bool
 	EditTopic   bool
@@ -108,7 +109,8 @@ type Perms struct {
 
 /* Inherit from group permissions for ones we don't have */
 type ForumPerms struct {
-	ViewTopic   bool
+	ViewTopic bool
+	//ViewOwnTopic bool
 	LikeItem    bool
 	CreateTopic bool
 	EditTopic   bool
diff --git a/query_gen/lib/utils.go b/query_gen/lib/utils.go
index fd0196a7..6f1fec80 100644
--- a/query_gen/lib/utils.go
+++ b/query_gen/lib/utils.go
@@ -81,12 +81,12 @@ func processJoiner(joinstr string) (joiner []DB_Joiner) {
 		outjoin.Operator, parseOffset = getOperator(segment, parseOffset+1)
 		right, parseOffset = getIdentifier(segment, parseOffset+1)
 
-		left_column := strings.Split(left, ".")
-		right_column := strings.Split(right, ".")
-		outjoin.LeftTable = strings.TrimSpace(left_column[0])
-		outjoin.RightTable = strings.TrimSpace(right_column[0])
-		outjoin.LeftColumn = strings.TrimSpace(left_column[1])
-		outjoin.RightColumn = strings.TrimSpace(right_column[1])
+		leftColumn := strings.Split(left, ".")
+		rightColumn := strings.Split(right, ".")
+		outjoin.LeftTable = strings.TrimSpace(leftColumn[0])
+		outjoin.RightTable = strings.TrimSpace(rightColumn[0])
+		outjoin.LeftColumn = strings.TrimSpace(leftColumn[1])
+		outjoin.RightColumn = strings.TrimSpace(rightColumn[1])
 
 		joiner = append(joiner, outjoin)
 	}
@@ -102,14 +102,14 @@ func processWhere(wherestr string) (where []DB_Where) {
 	var buffer string
 	var optype int // 0: None, 1: Number, 2: Column, 3: Function, 4: String, 5: Operator
 	for _, segment := range strings.Split(wherestr, " AND ") {
-		var tmp_where DB_Where
+		var tmpWhere DB_Where
 		segment += ")"
 		for i := 0; i < len(segment); i++ {
 			char := segment[i]
-			//fmt.Println("optype",optype)
+			//fmt.Println("optype", optype)
 			switch optype {
 			case 0: // unknown
-				//fmt.Println("case 0:",char,string(char))
+				//fmt.Println("case 0:", char, string(char))
 				if '0' <= char && char <= '9' {
 					optype = 1
 					buffer = string(char)
@@ -119,12 +119,12 @@ func processWhere(wherestr string) (where []DB_Where) {
 				} else if char == '\'' {
 					optype = 4
 					buffer = ""
-				} else if _is_op_byte(char) {
+				} else if isOpByte(char) {
 					optype = 5
 					buffer = string(char)
 				} else if char == '?' {
 					//fmt.Println("Expr:","?")
-					tmp_where.Expr = append(tmp_where.Expr, DB_Token{"?", "substitute"})
+					tmpWhere.Expr = append(tmpWhere.Expr, DB_Token{"?", "substitute"})
 				}
 			case 1: // number
 				if '0' <= char && char <= '9' {
@@ -133,7 +133,7 @@ func processWhere(wherestr string) (where []DB_Where) {
 					optype = 0
 					i--
 					//fmt.Println("Expr:",buffer)
-					tmp_where.Expr = append(tmp_where.Expr, DB_Token{buffer, "number"})
+					tmpWhere.Expr = append(tmpWhere.Expr, DB_Token{buffer, "number"})
 				}
 			case 2: // column
 				if ('a' <= char && char <= 'z') || ('A' <= char && char <= 'Z') || char == '.' || char == '_' {
@@ -144,23 +144,23 @@ func processWhere(wherestr string) (where []DB_Where) {
 				} else {
 					optype = 0
 					i--
-					//fmt.Println("Expr:",buffer)
-					tmp_where.Expr = append(tmp_where.Expr, DB_Token{buffer, "column"})
+					//fmt.Println("Expr:", buffer)
+					tmpWhere.Expr = append(tmpWhere.Expr, DB_Token{buffer, "column"})
 				}
 			case 3: // function
 				var preI = i
-				//fmt.Println("buffer",buffer)
-				//fmt.Println("len(halves)",len(halves[1]))
-				//fmt.Println("preI",string(halves[1][preI]))
-				//fmt.Println("msg prior to preI",halves[1][0:preI])
+				//fmt.Println("buffer", buffer)
+				//fmt.Println("len(halves)", len(halves[1]))
+				//fmt.Println("preI", string(halves[1][preI]))
+				//fmt.Println("msg prior to preI", halves[1][0:preI])
 				i = skipFunctionCall(segment, i-1)
 				//fmt.Println("i",i)
-				//fmt.Println("msg prior to i-1",halves[1][0:i-1])
-				//fmt.Println("string(i-1)",string(halves[1][i-1]))
-				//fmt.Println("string(i)",string(halves[1][i]))
+				//fmt.Println("msg prior to i-1", halves[1][0:i-1])
+				//fmt.Println("string(i-1)", string(halves[1][i-1]))
+				//fmt.Println("string(i)", string(halves[1][i]))
 				buffer += segment[preI:i] + string(segment[i])
 				//fmt.Println("Expr:",buffer)
-				tmp_where.Expr = append(tmp_where.Expr, DB_Token{buffer, "function"})
+				tmpWhere.Expr = append(tmpWhere.Expr, DB_Token{buffer, "function"})
 				optype = 0
 			case 4: // string
 				if char != '\'' {
@@ -168,22 +168,22 @@ func processWhere(wherestr string) (where []DB_Where) {
 				} else {
 					optype = 0
 					//fmt.Println("Expr:",buffer)
-					tmp_where.Expr = append(tmp_where.Expr, DB_Token{buffer, "string"})
+					tmpWhere.Expr = append(tmpWhere.Expr, DB_Token{buffer, "string"})
 				}
 			case 5: // operator
-				if _is_op_byte(char) {
+				if isOpByte(char) {
 					buffer += string(char)
 				} else {
 					optype = 0
 					i--
 					//fmt.Println("Expr:",buffer)
-					tmp_where.Expr = append(tmp_where.Expr, DB_Token{buffer, "operator"})
+					tmpWhere.Expr = append(tmpWhere.Expr, DB_Token{buffer, "operator"})
 				}
 			default:
 				panic("Bad optype in _process_where")
 			}
 		}
-		where = append(where, tmp_where)
+		where = append(where, tmpWhere)
 	}
 	return where
 }
@@ -241,7 +241,7 @@ func processSet(setstr string) (setter []DB_Setter) {
 				} else if char == '\'' {
 					optype = 4
 					buffer = ""
-				} else if _is_op_byte(char) {
+				} else if isOpByte(char) {
 					optype = 5
 					buffer = string(char)
 				} else if char == '?' {
@@ -289,20 +289,20 @@ func processSet(setstr string) (setter []DB_Setter) {
 					buffer += string(char)
 				} else {
 					optype = 0
-					//fmt.Println("Expr:",buffer)
+					//fmt.Println("Expr:", buffer)
 					tmpSetter.Expr = append(tmpSetter.Expr, DB_Token{buffer, "string"})
 				}
 			case 5: // operator
-				if _is_op_byte(char) {
+				if isOpByte(char) {
 					buffer += string(char)
 				} else {
 					optype = 0
 					i--
-					//fmt.Println("Expr:",buffer)
+					//fmt.Println("Expr:", buffer)
 					tmpSetter.Expr = append(tmpSetter.Expr, DB_Token{buffer, "operator"})
 				}
 			default:
-				panic("Bad optype in _process_set")
+				panic("Bad optype in processSet")
 			}
 		}
 		setter = append(setter, tmpSetter)
@@ -322,11 +322,11 @@ func processLimit(limitstr string) (limiter DB_Limit) {
 	return limiter
 }
 
-func _is_op_byte(char byte) bool {
+func isOpByte(char byte) bool {
 	return char == '<' || char == '>' || char == '=' || char == '!' || char == '*' || char == '%' || char == '+' || char == '-' || char == '/'
 }
 
-func _is_op_rune(char rune) bool {
+func isOpRune(char rune) bool {
 	return char == '<' || char == '>' || char == '=' || char == '!' || char == '*' || char == '%' || char == '+' || char == '-' || char == '/'
 }
 
@@ -375,7 +375,7 @@ func getIdentifier(segment string, startOffset int) (out string, i int) {
 			i = skipFunctionCall(segment, i)
 			return strings.TrimSpace(segment[startOffset:i]), (i - 1)
 		}
-		if (segment[i] == ' ' || _is_op_byte(segment[i])) && i != startOffset {
+		if (segment[i] == ' ' || isOpByte(segment[i])) && i != startOffset {
 			return strings.TrimSpace(segment[startOffset:i]), (i - 1)
 		}
 	}
@@ -386,7 +386,7 @@ func getOperator(segment string, startOffset int) (out string, i int) {
 	segment = strings.TrimSpace(segment)
 	segment += " " // Avoid overflow bugs with slicing
 	for i = startOffset; i < len(segment); i++ {
-		if !_is_op_byte(segment[i]) && i != startOffset {
+		if !isOpByte(segment[i]) && i != startOffset {
 			return strings.TrimSpace(segment[startOffset:i]), (i - 1)
 		}
 	}
diff --git a/router_gen/route_impl.go b/router_gen/route_impl.go
new file mode 100644
index 00000000..96b4fd02
--- /dev/null
+++ b/router_gen/route_impl.go
@@ -0,0 +1,38 @@
+package main
+
+type RouteImpl struct {
+	Name      string
+	Path      string
+	Vars      []string
+	RunBefore []Runnable
+}
+
+type Runnable struct {
+	Contents string
+	Literal  bool
+}
+
+func addRoute(route *RouteImpl) {
+	routeList = append(routeList, route)
+}
+
+func (route *RouteImpl) Before(item string, literal ...bool) *RouteImpl {
+	var litItem bool
+	if len(literal) > 0 {
+		litItem = literal[0]
+	}
+	route.RunBefore = append(route.RunBefore, Runnable{item, litItem})
+	return route
+}
+
+func addRouteGroup(routeGroup *RouteGroup) {
+	routeGroups = append(routeGroups, routeGroup)
+}
+
+func blankRoute() *RouteImpl {
+	return &RouteImpl{"", "", []string{}, []Runnable{}}
+}
+
+func Route(fname string, path string, args ...string) *RouteImpl {
+	return &RouteImpl{fname, path, args, []Runnable{}}
+}
diff --git a/router_gen/routes.go b/router_gen/routes.go
index b96cafea..366d1ddb 100644
--- a/router_gen/routes.go
+++ b/router_gen/routes.go
@@ -1,42 +1,5 @@
 package main
 
-type RouteImpl struct {
-	Name      string
-	Path      string
-	Vars      []string
-	RunBefore []Runnable
-}
-
-type Runnable struct {
-	Contents string
-	Literal  bool
-}
-
-func addRoute(route *RouteImpl) {
-	routeList = append(routeList, route)
-}
-
-func (route *RouteImpl) Before(item string, literal ...bool) *RouteImpl {
-	var litItem bool
-	if len(literal) > 0 {
-		litItem = literal[0]
-	}
-	route.RunBefore = append(route.RunBefore, Runnable{item, litItem})
-	return route
-}
-
-func addRouteGroup(routeGroup *RouteGroup) {
-	routeGroups = append(routeGroups, routeGroup)
-}
-
-func blankRoute() *RouteImpl {
-	return &RouteImpl{"", "", []string{}, []Runnable{}}
-}
-
-func Route(fname string, path string, args ...string) *RouteImpl {
-	return &RouteImpl{fname, path, args, []Runnable{}}
-}
-
 // TODO: How should we handle headerLite and headerVar?
 func routes() {
 	//addRoute("default_route","","")
diff --git a/routes.go b/routes.go
index 6705bbbc..fa5e8f6e 100644
--- a/routes.go
+++ b/routes.go
@@ -12,7 +12,6 @@ import (
 	"bytes"
 	"html"
 	"io"
-	"net"
 	"net/http"
 	"strconv"
 	"strings"
@@ -808,12 +807,8 @@ func routeLoginSubmit(w http.ResponseWriter, r *http.Request, user User) RouteEr
 	auth.SetCookies(w, uid, session)
 	if user.IsAdmin {
 		// Is this error check reundant? We already check for the error in PreRoute for the same IP
-		host, _, err := net.SplitHostPort(r.RemoteAddr)
-		if err != nil {
-			return InternalError(err, w, r)
-		}
 		// TODO: Should we be logging this?
-		log.Print("#" + strconv.Itoa(uid) + " has logged in with IP " + host)
+		log.Printf("#%d has logged in with IP %s", uid, user.LastIP)
 	}
 	http.Redirect(w, r, "/", http.StatusSeeOther)
 	return nil
diff --git a/routes_common.go b/routes_common.go
index fc4d908a..9d5dad53 100644
--- a/routes_common.go
+++ b/routes_common.go
@@ -270,33 +270,40 @@ func userCheck(w http.ResponseWriter, r *http.Request, user *User) (headerVars *
 }
 
 func preRoute(w http.ResponseWriter, r *http.Request) (User, bool) {
-	user, halt := auth.SessionCheck(w, r)
-	if halt {
-		return *user, false
-	}
-	if user == &guestUser {
+	user, ok := func(w http.ResponseWriter, r *http.Request) (User, bool) {
+		user, halt := auth.SessionCheck(w, r)
+		if halt {
+			return *user, false
+		}
+		if user == &guestUser {
+			return *user, true
+		}
+
+		h := w.Header()
+		h.Set("X-Frame-Options", "deny")
+		//h.Set("X-XSS-Protection", "1")
+		// TODO: Set the content policy header
 		return *user, true
+	}(w, r)
+	if !ok {
+		return user, false
 	}
 
+	// TODO: WIP. Refactor this to eliminate the unnecessary query
 	host, _, err := net.SplitHostPort(r.RemoteAddr)
 	if err != nil {
 		PreError("Bad IP", w, r)
-		return *user, false
+		return user, false
 	}
 	if host != user.LastIP {
 		_, err = stmts.updateLastIP.Exec(host, user.ID)
 		if err != nil {
 			InternalError(err, w, r)
-			return *user, false
+			return user, false
 		}
-		user.LastIP = host // ! - Is this racey?
+		user.LastIP = host
 	}
-
-	h := w.Header()
-	h.Set("X-Frame-Options", "deny")
-	//h.Set("X-XSS-Protection", "1")
-	// TODO: Set the content policy header
-	return *user, true
+	return user, ok
 }
 
 // SuperModeOnly makes sure that only super mods or higher can access the panel routes
diff --git a/template_list.go b/template_list.go
index 4d87476b..c5bfbb55 100644
--- a/template_list.go
+++ b/template_list.go
@@ -509,48 +509,49 @@ var profile_0 = []byte(`
 			<img src="`)
 var profile_1 = []byte(`" class="avatar" />
 		</div>
-		<div class="rowitem nameRow">`)
-var profile_2 = []byte(`
+		<div class="rowitem nameRow">
 			<span class="profileName">`)
-var profile_3 = []byte(`</span>`)
-var profile_4 = []byte(`<span class="username" style="float: right;font-weight: normal;">`)
-var profile_5 = []byte(`</span>`)
-var profile_6 = []byte(`
+var profile_2 = []byte(`</span>`)
+var profile_3 = []byte(`<span class="username">`)
+var profile_4 = []byte(`</span>`)
+var profile_5 = []byte(`
 		</div>
-		<div class="rowitem passive">
-			<a class="profile_menu_item">Add Friend</a>
-		</div>
-		`)
-var profile_7 = []byte(`<div class="rowitem passive">
+		<div class="passiveBlock">
+			<div class="rowitem passive">
+				<a class="profile_menu_item">Add Friend</a>
+			</div>
 			`)
-var profile_8 = []byte(`<a href="/users/unban/`)
-var profile_9 = []byte(`?session=`)
-var profile_10 = []byte(`" class="profile_menu_item">Unban</a>
-		`)
-var profile_11 = []byte(`<a href="#ban_user" class="profile_menu_item">Ban</a>`)
+var profile_6 = []byte(`<div class="rowitem passive">
+				`)
+var profile_7 = []byte(`<a href="/users/unban/`)
+var profile_8 = []byte(`?session=`)
+var profile_9 = []byte(`" class="profile_menu_item">Unban</a>
+			`)
+var profile_10 = []byte(`<a href="#ban_user" class="profile_menu_item">Ban</a>`)
+var profile_11 = []byte(`
+			</div>`)
 var profile_12 = []byte(`
-		</div>`)
-var profile_13 = []byte(`
-		<div class="rowitem passive">
-			<a href="/report/submit/`)
-var profile_14 = []byte(`?session=`)
-var profile_15 = []byte(`&type=user" class="profile_menu_item report_item">Report</a>
+			<div class="rowitem passive">
+				<a href="/report/submit/`)
+var profile_13 = []byte(`?session=`)
+var profile_14 = []byte(`&type=user" class="profile_menu_item report_item">Report</a>
+			</div>
 		</div>
 	</div>
 </div>
 
 <div id="profile_right_lane" class="colstack_right">
 	`)
-var profile_16 = []byte(`
+var profile_15 = []byte(`
 	<!-- TODO: Inline the display: none; CSS -->
 	<div id="ban_user_head" class="colstack_item colstack_head hash_hide ban_user_hash" style="display: none;">
 			<div class="rowitem"><h1>Ban User</h1></div>
 	</div>
 	<form id="ban_user_form" class="hash_hide ban_user_hash" action="/users/ban/submit/`)
-var profile_17 = []byte(`?session=`)
-var profile_18 = []byte(`" method="post" style="display: none;">
+var profile_16 = []byte(`?session=`)
+var profile_17 = []byte(`" method="post" style="display: none;">
 		`)
-var profile_19 = []byte(`
+var profile_18 = []byte(`
 		<div class="colline">If all the fields are left blank, the ban will be permanent.</div>
 		<div class="colstack_item">
 			<div class="formrow real_first_child">
@@ -581,53 +582,53 @@ var profile_19 = []byte(`
 		</div>
 	</form>
 	`)
-var profile_20 = []byte(`
+var profile_19 = []byte(`
 
 	<div id="profile_comments_head" class="colstack_item colstack_head hash_hide">
 		<div class="rowitem"><h1>Comments</h1></div>
 	</div>
 	<div id="profile_comments" class="colstack_item hash_hide">`)
-var profile_21 = []byte(`
+var profile_20 = []byte(`
 		<div class="rowitem passive deletable_block editable_parent simple `)
-var profile_22 = []byte(`" style="`)
-var profile_23 = []byte(`background-image: url(`)
-var profile_24 = []byte(`), url(/static/post-avatar-bg.jpg);background-position: 0px `)
-var profile_25 = []byte(`-1`)
-var profile_26 = []byte(`0px;`)
-var profile_27 = []byte(`">
+var profile_21 = []byte(`" style="`)
+var profile_22 = []byte(`background-image: url(`)
+var profile_23 = []byte(`), url(/static/post-avatar-bg.jpg);background-position: 0px `)
+var profile_24 = []byte(`-1`)
+var profile_25 = []byte(`0px;`)
+var profile_26 = []byte(`">
 			<span class="editable_block user_content simple">`)
-var profile_28 = []byte(`</span>
+var profile_27 = []byte(`</span>
 			<span class="controls">
 				<a href="`)
-var profile_29 = []byte(`" class="real_username username">`)
-var profile_30 = []byte(`</a>&nbsp;&nbsp;
+var profile_28 = []byte(`" class="real_username username">`)
+var profile_29 = []byte(`</a>&nbsp;&nbsp;
 
 				`)
-var profile_31 = []byte(`<a href="/profile/reply/edit/submit/`)
-var profile_32 = []byte(`" class="mod_button" title="Edit Item"><button class="username edit_item edit_label"></button></a>
+var profile_30 = []byte(`<a href="/profile/reply/edit/submit/`)
+var profile_31 = []byte(`" class="mod_button" title="Edit Item"><button class="username edit_item edit_label"></button></a>
 
 				<a href="/profile/reply/delete/submit/`)
-var profile_33 = []byte(`" class="mod_button" title="Delete Item"><button class="username delete_item trash_label"></button></a>`)
-var profile_34 = []byte(`
+var profile_32 = []byte(`" class="mod_button" title="Delete Item"><button class="username delete_item trash_label"></button></a>`)
+var profile_33 = []byte(`
 
 				<a class="mod_button" href="/report/submit/`)
-var profile_35 = []byte(`?session=`)
-var profile_36 = []byte(`&type=user-reply"><button class="username report_item flag_label"></button></a>
+var profile_34 = []byte(`?session=`)
+var profile_35 = []byte(`&type=user-reply"><button class="username report_item flag_label"></button></a>
 
 				`)
-var profile_37 = []byte(`<a class="username hide_on_mobile user_tag" style="float: right;">`)
-var profile_38 = []byte(`</a>`)
-var profile_39 = []byte(`
+var profile_36 = []byte(`<a class="username hide_on_mobile user_tag" style="float: right;">`)
+var profile_37 = []byte(`</a>`)
+var profile_38 = []byte(`
 			</span>
 		</div>
 	`)
-var profile_40 = []byte(`</div>
+var profile_39 = []byte(`</div>
 
 `)
-var profile_41 = []byte(`
+var profile_40 = []byte(`
 	<form id="profile_comments_form" class="hash_hide" action="/profile/reply/create/" method="post">
 		<input name="uid" value='`)
-var profile_42 = []byte(`' type="hidden" />
+var profile_41 = []byte(`' type="hidden" />
 		<div class="colstack_item topic_reply_form" style="border-top: none;">
 			<div class="formrow">
 				<div class="formitem"><textarea name="reply-content" placeholder="Insert reply here"></textarea></div>
@@ -638,13 +639,13 @@ var profile_42 = []byte(`' type="hidden" />
 		</div>
 	</form>
 `)
-var profile_43 = []byte(`
+var profile_42 = []byte(`
 </div>
 
 </div>
 
 `)
-var profile_44 = []byte(`
+var profile_43 = []byte(`
 <script type="text/javascript">
 function handle_profile_hashbit() {
 	var hash_class = ""
diff --git a/template_profile.go b/template_profile.go
index 063305d5..66876500 100644
--- a/template_profile.go
+++ b/template_profile.go
@@ -77,91 +77,90 @@ w.Write(header_18)
 w.Write(profile_0)
 w.Write([]byte(tmpl_profile_vars.ProfileOwner.Avatar))
 w.Write(profile_1)
-w.Write(profile_2)
 w.Write([]byte(tmpl_profile_vars.ProfileOwner.Name))
-w.Write(profile_3)
+w.Write(profile_2)
 if tmpl_profile_vars.ProfileOwner.Tag != "" {
-w.Write(profile_4)
+w.Write(profile_3)
 w.Write([]byte(tmpl_profile_vars.ProfileOwner.Tag))
-w.Write(profile_5)
+w.Write(profile_4)
 }
-w.Write(profile_6)
+w.Write(profile_5)
 if tmpl_profile_vars.CurrentUser.IsSuperMod && !tmpl_profile_vars.ProfileOwner.IsSuperMod {
-w.Write(profile_7)
+w.Write(profile_6)
 if tmpl_profile_vars.ProfileOwner.IsBanned {
-w.Write(profile_8)
+w.Write(profile_7)
 w.Write([]byte(strconv.Itoa(tmpl_profile_vars.ProfileOwner.ID)))
-w.Write(profile_9)
+w.Write(profile_8)
 w.Write([]byte(tmpl_profile_vars.CurrentUser.Session))
-w.Write(profile_10)
+w.Write(profile_9)
 } else {
+w.Write(profile_10)
+}
 w.Write(profile_11)
 }
 w.Write(profile_12)
-}
+w.Write([]byte(strconv.Itoa(tmpl_profile_vars.ProfileOwner.ID)))
 w.Write(profile_13)
-w.Write([]byte(strconv.Itoa(tmpl_profile_vars.ProfileOwner.ID)))
+w.Write([]byte(tmpl_profile_vars.CurrentUser.Session))
 w.Write(profile_14)
-w.Write([]byte(tmpl_profile_vars.CurrentUser.Session))
-w.Write(profile_15)
 if tmpl_profile_vars.CurrentUser.Perms.BanUsers {
-w.Write(profile_16)
+w.Write(profile_15)
 w.Write([]byte(strconv.Itoa(tmpl_profile_vars.ProfileOwner.ID)))
-w.Write(profile_17)
+w.Write(profile_16)
 w.Write([]byte(tmpl_profile_vars.CurrentUser.Session))
+w.Write(profile_17)
 w.Write(profile_18)
-w.Write(profile_19)
 }
-w.Write(profile_20)
+w.Write(profile_19)
 if len(tmpl_profile_vars.ItemList) != 0 {
 for _, item := range tmpl_profile_vars.ItemList {
-w.Write(profile_21)
+w.Write(profile_20)
 w.Write([]byte(item.ClassName))
-w.Write(profile_22)
+w.Write(profile_21)
 if item.Avatar != "" {
-w.Write(profile_23)
+w.Write(profile_22)
 w.Write([]byte(item.Avatar))
-w.Write(profile_24)
+w.Write(profile_23)
 if item.ContentLines <= 5 {
+w.Write(profile_24)
+}
 w.Write(profile_25)
 }
 w.Write(profile_26)
-}
-w.Write(profile_27)
 w.Write([]byte(item.ContentHtml))
-w.Write(profile_28)
+w.Write(profile_27)
 w.Write([]byte(item.UserLink))
-w.Write(profile_29)
+w.Write(profile_28)
 w.Write([]byte(item.CreatedByName))
-w.Write(profile_30)
+w.Write(profile_29)
 if tmpl_profile_vars.CurrentUser.IsMod {
+w.Write(profile_30)
+w.Write([]byte(strconv.Itoa(item.ID)))
 w.Write(profile_31)
 w.Write([]byte(strconv.Itoa(item.ID)))
 w.Write(profile_32)
-w.Write([]byte(strconv.Itoa(item.ID)))
-w.Write(profile_33)
 }
-w.Write(profile_34)
+w.Write(profile_33)
 w.Write([]byte(strconv.Itoa(item.ID)))
-w.Write(profile_35)
+w.Write(profile_34)
 w.Write([]byte(tmpl_profile_vars.CurrentUser.Session))
-w.Write(profile_36)
+w.Write(profile_35)
 if item.Tag != "" {
-w.Write(profile_37)
+w.Write(profile_36)
 w.Write([]byte(item.Tag))
+w.Write(profile_37)
+}
 w.Write(profile_38)
 }
+}
 w.Write(profile_39)
-}
-}
-w.Write(profile_40)
 if !tmpl_profile_vars.CurrentUser.IsBanned {
-w.Write(profile_41)
+w.Write(profile_40)
 w.Write([]byte(strconv.Itoa(tmpl_profile_vars.ProfileOwner.ID)))
-w.Write(profile_42)
+w.Write(profile_41)
 }
+w.Write(profile_42)
 w.Write(profile_43)
-w.Write(profile_44)
 w.Write(footer_0)
 if len(tmpl_profile_vars.Header.Themes) != 0 {
 for _, item := range tmpl_profile_vars.Header.Themes {
diff --git a/templates/profile.html b/templates/profile.html
index 9d05d84e..4817be58 100644
--- a/templates/profile.html
+++ b/templates/profile.html
@@ -10,18 +10,20 @@
 		<div class="rowitem avatarRow">
 			<img src="{{.ProfileOwner.Avatar}}" class="avatar" />
 		</div>
-		<div class="rowitem nameRow">{{/** TODO: Stop inlining this CSS **/}}
-			<span class="profileName">{{.ProfileOwner.Name}}</span>{{if .ProfileOwner.Tag}}<span class="username" style="float: right;font-weight: normal;">{{.ProfileOwner.Tag}}</span>{{end}}
+		<div class="rowitem nameRow">
+			<span class="profileName">{{.ProfileOwner.Name}}</span>{{if .ProfileOwner.Tag}}<span class="username">{{.ProfileOwner.Tag}}</span>{{end}}
 		</div>
-		<div class="rowitem passive">
-			<a class="profile_menu_item">Add Friend</a>
-		</div>
-		{{if (.CurrentUser.IsSuperMod) and not (.ProfileOwner.IsSuperMod) }}<div class="rowitem passive">
-			{{if .ProfileOwner.IsBanned }}<a href="/users/unban/{{.ProfileOwner.ID}}?session={{.CurrentUser.Session}}" class="profile_menu_item">Unban</a>
-		{{else}}<a href="#ban_user" class="profile_menu_item">Ban</a>{{end}}
-		</div>{{end}}
-		<div class="rowitem passive">
-			<a href="/report/submit/{{.ProfileOwner.ID}}?session={{.CurrentUser.Session}}&type=user" class="profile_menu_item report_item">Report</a>
+		<div class="passiveBlock">
+			<div class="rowitem passive">
+				<a class="profile_menu_item">Add Friend</a>
+			</div>
+			{{if (.CurrentUser.IsSuperMod) and not (.ProfileOwner.IsSuperMod) }}<div class="rowitem passive">
+				{{if .ProfileOwner.IsBanned }}<a href="/users/unban/{{.ProfileOwner.ID}}?session={{.CurrentUser.Session}}" class="profile_menu_item">Unban</a>
+			{{else}}<a href="#ban_user" class="profile_menu_item">Ban</a>{{end}}
+			</div>{{end}}
+			<div class="rowitem passive">
+				<a href="/report/submit/{{.ProfileOwner.ID}}?session={{.CurrentUser.Session}}&type=user" class="profile_menu_item report_item">Report</a>
+			</div>
 		</div>
 	</div>
 </div>
diff --git a/themes/cosora/public/main.css b/themes/cosora/public/main.css
index 1b921edd..390c0db8 100644
--- a/themes/cosora/public/main.css
+++ b/themes/cosora/public/main.css
@@ -714,6 +714,7 @@ select, input, textarea {
 }
 #profile_left_pane .avatarRow {
 	padding: 24px;
+	padding-bottom: 8px;
 }
 #profile_left_pane .avatar {
 	border-radius: 80px;
@@ -724,6 +725,12 @@ select, input, textarea {
 	margin-left: auto;
 	margin-right: auto;
 }
+#profile_left_pane .nameRow .username {
+	text-align: center;
+}
+#profile_left_pane .profileName {
+	font-size: 19px;
+}
 #profile_right_lane {
 	width: 100%;
 	margin-right: 12px;
diff --git a/themes/shadow/public/main.css b/themes/shadow/public/main.css
index c7ee52eb..2b261ddf 100644
--- a/themes/shadow/public/main.css
+++ b/themes/shadow/public/main.css
@@ -667,6 +667,10 @@ input, select, textarea {
 	display: block;
 	margin-top: 3px;
 }
+#profile_left_pane .nameRow .username {
+	float: right;
+	font-weight: normal;
+}
 #profile_left_lane .profileName {
 	font-size: 18px;
 }
diff --git a/themes/tempra-conflux/public/main.css b/themes/tempra-conflux/public/main.css
index 507c7f38..c1642849 100644
--- a/themes/tempra-conflux/public/main.css
+++ b/themes/tempra-conflux/public/main.css
@@ -710,6 +710,10 @@ button.username {
 	margin: 0;
 	display: block;
 }
+#profile_left_pane .nameRow .username {
+	float: right;
+	font-weight: normal;
+}
 #profile_right_lane {
 	width: calc(100% - 230px);
 }
diff --git a/themes/tempra-cursive/public/main.css b/themes/tempra-cursive/public/main.css
index be5d5557..57821705 100644
--- a/themes/tempra-cursive/public/main.css
+++ b/themes/tempra-cursive/public/main.css
@@ -546,6 +546,10 @@ button.username {
 #profile_left_lane .avatarRow {
 	padding: 0;
 }
+#profile_left_pane .nameRow .username {
+	float: right;
+	font-weight: normal;
+}
 
 /* Media Queries */
 
diff --git a/themes/tempra-simple/public/main.css b/themes/tempra-simple/public/main.css
index bc694cb3..e948b772 100644
--- a/themes/tempra-simple/public/main.css
+++ b/themes/tempra-simple/public/main.css
@@ -767,6 +767,10 @@ button.username {
 	display: block;
 	margin-top: 3px;
 }
+#profile_left_pane .nameRow .username {
+	float: right;
+	font-weight: normal;
+}
 #profile_left_lane .profileName {
 	font-size: 18px;
 }
diff --git a/update-deps-linux b/update-deps-linux
index c820d0d3..06aec9a4 100644
--- a/update-deps-linux
+++ b/update-deps-linux
@@ -24,3 +24,6 @@ go get -u github.com/robertkrimen/otto
 
 echo "Updating the Riot Search Engine"
 go get -u github.com/go-ego/riot
+
+echo "Updating the Rez Image Resizer"
+go get -u github.com/bamiaux/rez
diff --git a/update-deps.bat b/update-deps.bat
index c37711b6..cd08e990 100644
--- a/update-deps.bat
+++ b/update-deps.bat
@@ -68,12 +68,19 @@ if %errorlevel% neq 0 (
 	exit /b %errorlevel%
 )
 
-echo Installing the Riot Search Engine
+echo Updating the Riot Search Engine
 go get -u github.com/go-ego/riot
 if %errorlevel% neq 0 (
 	pause
 	exit /b %errorlevel%
 )
 
+echo Updating the Rez Image Resizer
+go get -u github.com/bamiaux/rez
+if %errorlevel% neq 0 (
+	pause
+	exit /b %errorlevel%
+)
+
 echo The dependencies were successfully updated
 pause
diff --git a/user.go b/user.go
index d5390e0b..27ce19f4 100644
--- a/user.go
+++ b/user.go
@@ -54,7 +54,7 @@ type User struct {
 	Tag          string
 	Level        int
 	Score        int
-	LastIP       string
+	LastIP       string // ! This part of the UserCache data might fall out of date
 	TempGroup    int
 }