diff --git a/inc/UserCVS.php b/inc/UserCVS.php
index 3454e7e3..ee1cb0a0 100755
--- a/inc/UserCVS.php
+++ b/inc/UserCVS.php
@@ -6,9 +6,12 @@ $Page["CVS"] = $_SESSION['CVS'][ $Page["Name"] ];
 
 if( $DEBUG ) 
 {
-	echo "UserID:". $_SESSION["UID"]. "<br>";
-	echo "Nick:". $_SESSION["Nick"]. "<br>";
-	
+//	echo "UserID:". $_SESSION["UID"]. "<br>";
+//	echo "Nick:". $_SESSION["Nick"]. "<br>";
+
+	foreach( $_SESSION as $k => $v)
+		echo "$k = $v<br>\n";
+
 	if( strlen($Page["CVS"]) == 0 )
 		echo "<h1><u> CVS ERROR, on page '". $Page["Name"]. "'</u></h1>";
 	else
diff --git a/inc/secure.php b/inc/secure.php
index 99d646d2..32c8f864 100755
--- a/inc/secure.php
+++ b/inc/secure.php
@@ -5,33 +5,26 @@
 foreach ($_GET as $k => $v) 
 {	
   	$v = htmlspecialchars($v);
-//echo "$v<br>";
 	$v = mysql_escape_string($v);
-//echo "$v<br>";
 //	$v = htmlentities($v);
-//echo "$v<br>";
-//    if (preg_match('/([\'"`\'])/', $v, $match)) 
 	if (preg_match('/([\"`])/', $v, $match)) 
 	{
 		print "sorry get has illegal char '$match[1]'";
 		exit;
 	}
-	$$k = $v;
+	$_GET[$k] = $v;
 }
   
 foreach ($_POST as $k => $v) 
 {
   	$v = htmlspecialchars($v);
-//echo "$v<br>";
 	$v = mysql_escape_string($v);
-//echo "$v<br>";
 //	$v = htmlentities($v);
-//echo "$v<br>";
 	if (preg_match('/([\'"`\'])/', $v, $match)) {
 		print "sorry post has illegal char '$match[1]'";
 		exit;
 	}
-	$$k = $v;
+	$_POST[$k] = $v;
 }
 
 ?>