diff --git a/src/mibew/client.php b/src/mibew/client.php
index 4ea6fc16..26f3f222 100644
--- a/src/mibew/client.php
+++ b/src/mibew/client.php
@@ -168,7 +168,7 @@ if( !isset($_GET['token']) || !isset($_GET['thread']) ) {
 	$threadid = $thread->id;
 	$token = $thread->lastToken;
 	$chatstyle = verifyparam( "style", "/^\w+$/", "");
-	header("Location: $mibewroot/client.php?thread=$threadid&token=$token".($chatstyle ? "&style=$chatstyle" : ""));
+	header("Location: $mibewroot/client.php?thread=" . intval($threadid) . "&token=" . urlencode($token) . ($chatstyle ? "&style=" . urlencode($chatstyle) : ""));
 	exit;
 }
 
diff --git a/src/mibew/operator/agent.php b/src/mibew/operator/agent.php
index c89c3623..b36f2e16 100644
--- a/src/mibew/operator/agent.php
+++ b/src/mibew/operator/agent.php
@@ -98,7 +98,7 @@ if (!isset($_GET['token'])) {
 	}
 
 	$token = $thread->lastToken;
-	header("Location: $mibewroot/operator/agent.php?thread=$threadid&token=$token");
+	header("Location: $mibewroot/operator/agent.php?thread=" . intval($threadid) . "&token=" . urlencode($token));
 	exit;
 }
 
diff --git a/src/mibew/operator/avatar.php b/src/mibew/operator/avatar.php
index 054b0991..e2928174 100644
--- a/src/mibew/operator/avatar.php
+++ b/src/mibew/operator/avatar.php
@@ -76,7 +76,7 @@ if (!$op) {
 		if ($opId && $avatar && $_SESSION[$session_prefix."operator"] && $operator['operatorid'] == $opId) {
 			$_SESSION[$session_prefix."operator"]['vcavatar'] = $avatar;
 		}
-		header("Location: $mibewroot/operator/avatar.php?op=$opId");
+		header("Location: $mibewroot/operator/avatar.php?op=" . intval($opId));
 		exit;
 	} else {
 		$page['avatar'] = topage($op['vcavatar']);
@@ -85,7 +85,7 @@ if (!$op) {
 } else {
 	if (isset($_GET['delete']) && $_GET['delete'] == "true" && $canmodify) {
 		update_operator_avatar($op['operatorid'], '');
-		header("Location: $mibewroot/operator/avatar.php?op=$opId");
+		header("Location: $mibewroot/operator/avatar.php?op=" . intval($opId));
 		exit;
 	}
 	$page['avatar'] = topage($op['vcavatar']);
diff --git a/src/mibew/operator/canned.php b/src/mibew/operator/canned.php
index 5ccdde72..39770b49 100644
--- a/src/mibew/operator/canned.php
+++ b/src/mibew/operator/canned.php
@@ -78,7 +78,7 @@ if (isset($_GET['act']) && $_GET['act'] == 'delete') {
 	if (count($errors) == 0) {
 		$db = Database::getInstance();
 		$db->query("delete from {chatresponses} where id = ?", array($key));
-		header("Location: $mibewroot/operator/canned.php?lang=$lang&group=$groupid");
+		header("Location: $mibewroot/operator/canned.php?lang=" . urlencode($lang) . "&group=" . intval($groupid));
 		exit;
 	}
 }
diff --git a/src/mibew/operator/group.php b/src/mibew/operator/group.php
index db7f3bf1..424e5fb2 100644
--- a/src/mibew/operator/group.php
+++ b/src/mibew/operator/group.php
@@ -184,7 +184,7 @@ if (isset($_POST['name'])) {
 				'chattitle' => $chattitle,
 				'hosturl' => $hosturl,
 				'logo' => $logo));
-			header("Location: $mibewroot/operator/groupmembers.php?gid=" . $newdep['groupid']);
+			header("Location: $mibewroot/operator/groupmembers.php?gid=" . intval($newdep['groupid']));
 			exit;
 		} else {
 			update_group(array(
@@ -200,7 +200,7 @@ if (isset($_POST['name'])) {
 				'chattitle' => $chattitle,
 				'hosturl' => $hosturl,
 				'logo' => $logo));
-			header("Location: $mibewroot/operator/group.php?gid=$groupid&stored");
+			header("Location: $mibewroot/operator/group.php?gid=" . intval($groupid) . "&stored");
 			exit;
 		}
 	} else {
diff --git a/src/mibew/operator/groupmembers.php b/src/mibew/operator/groupmembers.php
index ba5b3f2a..781c9436 100644
--- a/src/mibew/operator/groupmembers.php
+++ b/src/mibew/operator/groupmembers.php
@@ -74,7 +74,7 @@ if (!$group) {
 	}
 
 	update_group_members($groupid, $new_members);
-	header("Location: $mibewroot/operator/groupmembers.php?gid=$groupid&stored");
+	header("Location: $mibewroot/operator/groupmembers.php?gid=" . intval($groupid) . "&stored");
 	exit;
 }
 
diff --git a/src/mibew/operator/invite.php b/src/mibew/operator/invite.php
index 9d8899d2..2301c169 100644
--- a/src/mibew/operator/invite.php
+++ b/src/mibew/operator/invite.php
@@ -32,8 +32,8 @@ if (!$thread) {
 
 // Open chat window for operator
 $redirect_to = $mibewroot .
-	'/operator/agent.php?thread=' . $thread->id .
-	'&token=' . $thread->lastToken;
+	'/operator/agent.php?thread=' . intval($thread->id) .
+	'&token=' . urlencode($thread->lastToken);
 header('Location: ' . $redirect_to);
 
 ?>
\ No newline at end of file
diff --git a/src/mibew/operator/login.php b/src/mibew/operator/login.php
index b768c9c3..9c2a47d7 100644
--- a/src/mibew/operator/login.php
+++ b/src/mibew/operator/login.php
@@ -30,7 +30,7 @@ if (isset($_POST['login']) && isset($_POST['password'])) {
 	if ($operator && isset($operator['vcpassword']) && check_password_hash($operator['vclogin'], $password, $operator['vcpassword']) && !operator_is_disabled($operator)) {
 
 		$target = $password == ''
-				? "$mibewroot/operator/operator.php?op=" . $operator['operatorid']
+				? "$mibewroot/operator/operator.php?op=" . intval($operator['operatorid'])
 				: (isset($_SESSION['backpath'])
 					? $_SESSION['backpath']
 					: "$mibewroot/operator/index.php");
diff --git a/src/mibew/operator/operator.php b/src/mibew/operator/operator.php
index b97921d0..73d1e365 100644
--- a/src/mibew/operator/operator.php
+++ b/src/mibew/operator/operator.php
@@ -91,7 +91,7 @@ if ((isset($_POST['login']) || !is_capable(CAN_ADMINISTRATE, $operator)) && isse
 	if (count($errors) == 0) {
 		if (!$opId) {
 			$newop = create_operator($login, $email, $password, $localname, $commonname, "", $code);
-			header("Location: $mibewroot/operator/avatar.php?op=" . $newop['operatorid']);
+			header("Location: $mibewroot/operator/avatar.php?op=" . intval($newop['operatorid']));
 			exit;
 		} else {
 			update_operator($opId, $login, $email, $password, $localname, $commonname, $code);
@@ -104,7 +104,7 @@ if ((isset($_POST['login']) || !is_capable(CAN_ADMINISTRATE, $operator)) && isse
 					exit;
 				}
 			}
-			header("Location: $mibewroot/operator/operator.php?op=$opId&stored");
+			header("Location: $mibewroot/operator/operator.php?op=" . intval($opId) . "&stored");
 			exit;
 		}
 	} else {
diff --git a/src/mibew/operator/opgroups.php b/src/mibew/operator/opgroups.php
index 34eeb446..bee8088a 100644
--- a/src/mibew/operator/opgroups.php
+++ b/src/mibew/operator/opgroups.php
@@ -66,7 +66,7 @@ if (!$op) {
 		}
 
 		update_operator_groups($op['operatorid'], $new_groups);
-		header("Location: $mibewroot/operator/opgroups.php?op=$opId&stored");
+		header("Location: $mibewroot/operator/opgroups.php?op=" . intval($opId) . "&stored");
 		exit;
 	}
 }
diff --git a/src/mibew/operator/permissions.php b/src/mibew/operator/permissions.php
index a400ac23..81960f8c 100644
--- a/src/mibew/operator/permissions.php
+++ b/src/mibew/operator/permissions.php
@@ -53,7 +53,7 @@ if (!$op) {
 		if ($opId && $_SESSION[$session_prefix."operator"] && $operator['operatorid'] == $opId) {
 			$_SESSION[$session_prefix."operator"]['iperm'] = $new_permissions;
 		}
-		header("Location: $mibewroot/operator/permissions.php?op=$opId&stored");
+		header("Location: $mibewroot/operator/permissions.php?op=" . intval($opId) . "&stored");
 		exit;
 	}