diff --git a/web/yaamp/modules/renting/login.php b/web/yaamp/modules/renting/login.php
index 5f4cc6d..e7ad453 100644
--- a/web/yaamp/modules/renting/login.php
+++ b/web/yaamp/modules/renting/login.php
@@ -13,6 +13,9 @@ $this->widget('UniForm');
 
 $address = getparam('address');
 if($address == 0) $address = '';
+if (!empty($address) && preg_match('/[^A-Za-z0-9]/', $address)) {
+	die;
+}
 
 echo <<<end
 
diff --git a/web/yaamp/modules/site/wallet.php b/web/yaamp/modules/site/wallet.php
index abeaadd..15700e7 100644
--- a/web/yaamp/modules/site/wallet.php
+++ b/web/yaamp/modules/site/wallet.php
@@ -14,6 +14,10 @@ foreach($raw_recents as $addr) {
 }
 
 $address = getparam('address');
+if (!empty($address) && preg_match('/[^A-Za-z0-9]/', $address)) {
+	// Just to make happy XSS seekers who can hack their own browser html...
+	die;
+}
 
 $drop_address = getparam('drop');
 if (!empty($drop_address)) {
diff --git a/web/yaamp/modules/trading/index.php b/web/yaamp/modules/trading/index.php
index db69d23..d510b07 100644
--- a/web/yaamp/modules/trading/index.php
+++ b/web/yaamp/modules/trading/index.php
@@ -10,6 +10,9 @@ JavascriptFile("/extensions/jqplot/plugins/jqplot.highlighter.js");
 $height = '240px';
 
 $wallet = user()->getState('yaamp-wallet');
+if (!empty($wallet) && preg_match('/[^A-Za-z0-9]/', $wallet)) {
+	die;
+}
 $user = getuserparam($wallet);
 
 $algo_unit = 'Mh';