diff --git a/_sakura/changelog.json b/_sakura/changelog.json
index 82a1851..3c46e73 100644
--- a/_sakura/changelog.json
+++ b/_sakura/changelog.json
@@ -142,10 +142,6 @@
                 "type":     "FIX",
                 "change":   "Replace broken template tags."
             },
-            {
-                "type":     "FIX",
-                "change":   "Replace broken template tags."
-            },
             {
                 "type":     "ADD",
                 "change":   "Upload remaining assets."
@@ -1269,6 +1265,18 @@
             {
                 "type":     "ADD",
                 "change":   "Added friends system."
+            },
+            {
+                "type":     "FIX",
+                "change":   "Changed &amp; to &amp;amp; in some URLs."
+            },
+            {
+                "type":     "FIX",
+                "change":   "Fixed settings page being usable when logged out."
+            },
+            {
+                "type":     "REM",
+                "change":   "Removed remaining code for the old profile API."
             }
 
         ]
diff --git a/_sakura/templates/yuuno/elements/indexPanel.tpl b/_sakura/templates/yuuno/elements/indexPanel.tpl
index f193685..d63a59c 100644
--- a/_sakura/templates/yuuno/elements/indexPanel.tpl
+++ b/_sakura/templates/yuuno/elements/indexPanel.tpl
@@ -1,10 +1,9 @@
 {% if user.checklogin %}
     <div class="head">Hi, {{ user.data.username }}!</div>
-    <img src="//{{ sakura.urls.main }}/a/{{ user.data.id }}" class="default-avatar-setting homepage-menu-avatar" />
-    <ul>
-        <li><a href="//{{ sakura.urls.main }}/settings/profile" class="underline">Edit profile</a></li>
-        <li><a href="//{{ sakura.urls.main }}/settings/avatar" class="underline">Change avatar</a></li>
-        <li><a href="//{{ sakura.urls.main }}/settings/sessions" class="underline">View active sessions</a></li>
+    <a href="//{{ sakura.urls.main }}/settings/avatar"><img src="//{{ sakura.urls.main }}/a/{{ user.data.id }}" class="default-avatar-setting homepage-menu-avatar" /></a>
+    <ul class="panel-quick-links">
+        <li><a href="//{{ sakura.urls.main }}/friends" title="View friends list"><span class="fa fa-users"></span><span class="count">0</span></a></li>
+        <li><a href="//{{ sakura.urls.main }}/messages" title="View private messages"><span class="fa fa-envelope"></span><span class="count">0</span></a></li>
     </ul>
     <div class="clear"></div>
 {% else %}
diff --git a/_sakura/templates/yuuno/global/header.tpl b/_sakura/templates/yuuno/global/header.tpl
index 76d1da4..ef6e20e 100644
--- a/_sakura/templates/yuuno/global/header.tpl
+++ b/_sakura/templates/yuuno/global/header.tpl
@@ -226,7 +226,7 @@
                             <a class="menu-item" href="//{{ sakura.urls.main }}/messages" title="Read your private message">Messages</a>
                             <a class="menu-item" href="//{{ sakura.urls.main }}/manage" title="Manage the site">Manage</a>
                             <a class="menu-item" href="//{{ sakura.urls.main }}/settings" title="Change your settings">Settings</a>
-                            <a class="menu-item" href="//{{ sakura.urls.main }}/logout?mode=logout&time={{ php.time }}&session={{ php.sessionid }}&redirect={{ sakura.currentpage }}" title="End your login session" id="headerLogoutLink">Logout</a>
+                            <a class="menu-item" href="//{{ sakura.urls.main }}/logout?mode=logout&amp;time={{ php.time }}&amp;session={{ php.sessionid }}&amp;redirect={{ sakura.currentpage }}" title="End your login session" id="headerLogoutLink">Logout</a>
                         {% else %}
                             {% if sakura.lockauth %}
                             <div class="menu-item" style="padding-left: 10px; padding-right: 10px;">Authentication is locked</div>
diff --git a/_sakura/templates/yuuno/main/profile.tpl b/_sakura/templates/yuuno/main/profile.tpl
index 1fdce18..dafefc9 100644
--- a/_sakura/templates/yuuno/main/profile.tpl
+++ b/_sakura/templates/yuuno/main/profile.tpl
@@ -19,16 +19,16 @@
                 <br /><span style="font-size: .8em;">{{ profile.ranktitle }}</span>
                 <h1 style="color: {{ profile.colour }}; text-shadow: 0 0 7px #888; padding: 0 0 2px;">{{ profile.user.username }}</h1>
                 {% if profile.user.rank_main > 1 %}
-                {% if profile.istenshi %}<img src="//{{ sakura.urls.content }}/images/tenshi.png" alt="Tenshi" /> {% endif %}<img src="//{{ sakura.urls.content }}/images/flags/{% if profile.user.country|lower == 'eu' %}europeanunion{% else %}{{ profile.user.country|lower }}{% endif %}.png" alt="{{ profile.user.country }}" /> <span style="font-size: .9em; line-height: 11px;">{{ profile.country }}</span>
+                    {% if profile.istenshi %}<img src="//{{ sakura.urls.content }}/images/tenshi.png" alt="Tenshi" /> {% endif %}<img src="//{{ sakura.urls.content }}/images/flags/{% if profile.user.country|lower == 'eu' %}europeanunion{% else %}{{ profile.user.country|lower }}{% endif %}.png" alt="{{ profile.user.country }}" /> <span style="font-size: .9em; line-height: 11px;">{{ profile.country }}</span>
                 {% if user.checklogin %}
                 <div class="user-actions">
-                {% if user.data.id == profile.user.id %}
-                <a class="fa fa-pencil-square" title="Edit your profile" href="//{{ sakura.urls.main }}/settings/profile"></a>
-                {% else %}
-                {% if profile.friend != 0 %}<a class="fa fa-{% if profile.friend == 2 %}heart{% else %}star{% endif %}" title="You are friends"></a>{% endif %}
-                <a class="fa fa-user-{% if profile.friend == 0 %}plus{% else %}times{% endif %}" title="{% if profile.friend == 0 %}Add {{ profile.user.username }} as a friend{% else %}Remove friend{% endif %}" href="//{{ sakura.urls.main }}/friends?{% if profile.friend == 0 %}add{% else %}remove{% endif %}={{ profile.user.id }}&session={{ php.sessionid }}&time={{ php.time }}&redirect={{ sakura.currentpage }}" id="profileFriendToggle"></a>
-                <a class="fa fa-flag" title="Report {{ profile.user.username }}" href="//{{ sakura.urls.main }}/report/{{ profile.user.id }}"></a>
-                {% endif %}
+                    {% if user.data.id == profile.user.id %}
+                    <a class="fa fa-pencil-square" title="Edit your profile" href="//{{ sakura.urls.main }}/settings/profile"></a>
+                    {% else %}
+                    {% if profile.friend != 0 %}<a class="fa fa-{% if profile.friend == 2 %}heart{% else %}star{% endif %}" title="You are friends"></a>{% endif %}
+                    <a class="fa fa-user-{% if profile.friend == 0 %}plus{% else %}times{% endif %}" title="{% if profile.friend == 0 %}Add {{ profile.user.username }} as a friend{% else %}Remove friend{% endif %}" href="//{{ sakura.urls.main }}/friends?{% if profile.friend == 0 %}add{% else %}remove{% endif %}={{ profile.user.id }}&amp;session={{ php.sessionid }}&amp;time={{ php.time }}&amp;redirect={{ sakura.currentpage }}" id="profileFriendToggle"></a>
+                    <a class="fa fa-flag" title="Report {{ profile.user.username }}" href="//{{ sakura.urls.main }}/report/{{ profile.user.id }}"></a>
+                    {% endif %}
                 </div>
                 {% endif %}
                 <hr class="default" />
diff --git a/main/.htaccess b/main/.htaccess
index 7758478..7b1a2ed 100644
--- a/main/.htaccess
+++ b/main/.htaccess
@@ -54,13 +54,16 @@ RewriteRule ^members/([a-z]+)/([0-9]+)/p([0-9]+)/?$ members.php?sort=$1&rank=$2&
 ## Profiles
 RewriteRule ^u/?$ profile.php [L,QSA]
 RewriteRule ^u/([A-Za-z0-9_-\s\.]+)/?$ profile.php?u=$1 [L,QSA]
-RewriteRule ^u/([A-Za-z0-9_-\s\.]+)/api/?$ profile.php?data [L,QSA]
 RewriteRule ^u/([A-Za-z0-9_-\s\.]+)/header/?$ imageserve.php?m=header&u=$1 [L,QSA]
 RewriteRule ^u/([A-Za-z0-9_-\s\.]+)/groups/?$ profile.php?u=$1&view=groups [L,QSA]
 RewriteRule ^u/([A-Za-z0-9_-\s\.]+)/friends/?$ profile.php?u=$1$view=friends [L,QSA]
 RewriteRule ^u/([A-Za-z0-9_-\s\.]+)/threads/?$ profile.php?u=$1$view=threads [L,QSA]
 RewriteRule ^u/([A-Za-z0-9_-\s\.]+)/posts/?$ profile.php?u=$1$view=posts [L,QSA]
 
+## Groups
+RewriteRule ^g/?$ group.php [L,QSA]
+RewriteRule ^g/([0-9]+)/?$ group.php?g=$1 [L,QSA]
+
 # Serving Images
 RewriteRule ^a/([0-9]+)$|a/([0-9]+).png$ imageserve.php?m=avatar&u=$1 [L,QSA]
 RewriteRule ^bg/([0-9]+)$|bg/([0-9]+).png$ imageserve.php?m=background&u=$1 [L,QSA]
diff --git a/main/group.php b/main/group.php
new file mode 100644
index 0000000..323fb42
--- /dev/null
+++ b/main/group.php
@@ -0,0 +1,55 @@
+<?php
+/*
+ * Sakura User Groups
+ */
+
+// Declare Namespace
+namespace Sakura;
+
+// Include components
+require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php';
+/*
+// Get group data
+if(isset($_GET['g'])) {
+
+    $renderData['profile'] = [
+        'notset'        => false,
+        'user'          => ($_PROFILE_USER_DATA = Users::getUser(($_USER_USERNAME_ID = Users::userExists($_GET['u'], false)) ? $_USER_USERNAME_ID : $_GET['u'])),
+        'rank'          => ($_PROFILE_RANK_DATA = Users::getRank($_PROFILE_USER_DATA['rank_main'])),
+        'colour'        => ($_PROFILE_USER_DATA['name_colour']  == null ? $_PROFILE_RANK_DATA['colour'] : $_PROFILE_USER_DATA['name_colour']),
+        'ranktitle'     => ($_PROFILE_USER_DATA['usertitle']    == null ? $_PROFILE_RANK_DATA['title']  : $_PROFILE_USER_DATA['usertitle']),
+        'data'          => ($_PROFILE_PROFILE_DATA = Users::getUserProfileData($_PROFILE_USER_DATA, true)),
+        'country'       => Main::getCountryName($_PROFILE_USER_DATA['country']),
+        'istenshi'      => Users::checkUserTenshi($_PROFILE_USER_DATA['id']),
+        'online'        => Users::checkUserOnline($_PROFILE_USER_DATA['id']),
+        'profilePage'   => Users::getProfilePage($_PROFILE_PROFILE_DATA, true),
+        'fields'        => Users::getUserProfileFields($_PROFILE_PROFILE_DATA, true),
+        'warnings'      => Users::getWarnings($_PROFILE_USER_DATA['id']),
+        'friend'        => Users::checkFriend($_PROFILE_USER_DATA['id'])
+    ];
+
+    $renderData['page'] = [
+        'title'         => ($_PROFILE_USER_DATA['id'] < 1 || $_PROFILE_USER_DATA['password_algo'] == 'nologin' ? 'User not found!' : 'Profile of '. $_PROFILE_USER_DATA['username']),
+        'style'         => (!empty($_PROFILE_PROFILE_DATA['profileBackground']) ? [
+            '#userBackground' => [
+                'background' => 'url("/bg/'. $_PROFILE_USER_DATA['id'] .'") no-repeat center center / cover transparent !important',
+                'position' => 'fixed',
+                'top' => '0',
+                'bottom' => '0',
+                'right' => '0',
+                'left' => '0',
+                'z-index' => '-1'
+            ]
+        ] : null)
+    ];
+
+} else {
+
+    $renderData['profile']['notset']    = true;
+    $renderData['page']['title']        = 'User not found!';
+
+}
+
+// Print page contents
+print Templates::render('main/profile.tpl', $renderData);
+*/
diff --git a/main/profile.php b/main/profile.php
index b84b0b1..956a000 100644
--- a/main/profile.php
+++ b/main/profile.php
@@ -9,18 +9,6 @@ namespace Sakura;
 // Include components
 require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php';
 
-// Catch old profile API and return error
-if(isset($_REQUEST['data'])) {
-
-    header('Content-Type: text/plain; charset=utf-8');
-	header('Access-Control-Allow-Origin: *');
-
-    print json_encode(['error' => true]);
-
-    exit;
-
-}
-
 // Get user data
 if(isset($_GET['u'])) {
 
diff --git a/main/settings.php b/main/settings.php
index fe7240f..13207ab 100644
--- a/main/settings.php
+++ b/main/settings.php
@@ -47,7 +47,7 @@ if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications
     exit;
 
 // Friends
-} elseif(isset($_REQUEST['friend-action']) && $_REQUEST['friend-action']) {
+} elseif(isset($_REQUEST['friend-action']) && $_REQUEST['friend-action'] && Users::checkLogin()) {
 
     // Continue
     $continue = true;
@@ -58,6 +58,13 @@ if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications
     // Compare time and session so we know the link isn't forged
     if(!isset($_REQUEST['add']) && !isset($_REQUEST['remove'])) {
 
+        if(!isset($_REQUEST['ajax'])) {
+
+            header('Location: /settings/friends');
+            exit;
+
+        }
+
         $renderData['page'] = [
             'title'     => 'Action failed',
             'redirect'  => $redirect,
@@ -71,7 +78,7 @@ if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications
     }
 
     // Compare time and session so we know the link isn't forged
-    if($_REQUEST[(isset($_REQUEST['add']) ? 'add' : 'remove')] == Session::$userId) {
+    if($continue && $_REQUEST[(isset($_REQUEST['add']) ? 'add' : 'remove')] == Session::$userId) {
 
         $renderData['page'] = [
             'title'     => 'Action failed',
@@ -182,42 +189,52 @@ if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications
 
 }
 
-// Settings page list
-$pages = [
-    'home'          => ['General',          'Home'],
-    'profile'       => ['General',          'Edit Profile'],
-    'notifications' => ['Notifications',    'History'],
-    'avatar'        => ['Aesthetics',       'Avatar'],
-    'background'    => ['Aesthetics',       'Background'],
-    'page'          => ['Aesthetics',       'Profile Page'],
-    'email'         => ['Account',          'E-mail Address'],
-    'username'      => ['Account',          'Username'],
-    'usertitle'     => ['Account',          'User Title'],
-    'password'      => ['Account',          'Password'],
-    'ranks'         => ['Account',          'Ranks'],
-    'sessions'      => ['Danger zone',      'Sessions'],
-    'regkeys'       => ['Danger zone',      'Registration Keys'],
-    'deactivate'    => ['Danger zone',      'Deactivate Account'],
-    'notfound'      => ['Settings',         '404']
-];
+if(Users::checkLogin()) {
 
-// Current settings page
-$currentPage = isset($_GET['mode']) ? (array_key_exists($_GET['mode'], $pages) ? $_GET['mode'] : 'notfound') : 'home';
+    // Settings page list
+    $pages = [
+        'home'          => ['General',          'Home'],
+        'profile'       => ['General',          'Edit Profile'],
+        'notifications' => ['Notifications',    'History'],
+        'avatar'        => ['Aesthetics',       'Avatar'],
+        'background'    => ['Aesthetics',       'Background'],
+        'page'          => ['Aesthetics',       'Profile Page'],
+        'email'         => ['Account',          'E-mail Address'],
+        'username'      => ['Account',          'Username'],
+        'usertitle'     => ['Account',          'User Title'],
+        'password'      => ['Account',          'Password'],
+        'ranks'         => ['Account',          'Ranks'],
+        'sessions'      => ['Danger zone',      'Sessions'],
+        'regkeys'       => ['Danger zone',      'Registration Keys'],
+        'deactivate'    => ['Danger zone',      'Deactivate Account'],
+        'notfound'      => ['Settings',         '404']
+    ];
 
-// Render data
-$renderData['page'] = [
-    'title' => $pages[$currentPage][0] .' / '. $pages[$currentPage][1]
-];
+    // Current settings page
+    $currentPage = isset($_GET['mode']) ? (array_key_exists($_GET['mode'], $pages) ? $_GET['mode'] : 'notfound') : 'home';
 
-// Section specific
-switch($currentPage) {
+    // Render data
+    $renderData['page'] = [
+        'title' => $pages[$currentPage][0] .' / '. $pages[$currentPage][1]
+    ];
 
-    // Notification history
-    case 'notifications':
-        $renderData['notifs'] = array_reverse(Users::getNotifications(null, 0, false, true));
-        break;
+    // Section specific
+    switch($currentPage) {
+
+        // Notification history
+        case 'notifications':
+            $renderData['notifs'] = array_reverse(Users::getNotifications(null, 0, false, true));
+            break;
+
+    }
+
+    // Print page contents
+    print Templates::render('settings/'. $currentPage .'.tpl', $renderData);
+
+} else {
+
+    print Templates::render('global/header.tpl', $renderData);
+    print Templates::render('elements/restricted.tpl', $renderData);
+    print Templates::render('global/footer.tpl', $renderData);
 
 }
-
-// Print page contents
-print Templates::render('settings/'. $currentPage .'.tpl', $renderData);
