diff --git a/archive/settings-old.php b/archive/settings-old.php
new file mode 100644
index 0000000..70150a9
--- /dev/null
+++ b/archive/settings-old.php
@@ -0,0 +1,24 @@
+<?php
+
+$sitesettings = new SQLite3('settings.sqlite');
+
+$getName = $sitesettings->query('SELECT description FROM site WHERE id = 1');
+
+while ($row = $getName->fetchArray()) {
+    $SiteName = $row['description'];
+}
+
+$getSubName = $sitesettings->query('SELECT description FROM site WHERE id = 2');
+
+while ($row = $getSubName->fetchArray()) {
+    $SubName = $row['description'];
+}
+
+$getURL = $sitesettings->query('SELECT description FROM site WHERE id = 3');
+
+while ($row = $getURL->fetchArray()) {
+    $SiteURL = $row['description'];
+}
+
+
+?>
\ No newline at end of file
diff --git a/recent.php b/recent.php
index 21d2908..ca4cde3 100644
--- a/recent.php
+++ b/recent.php
@@ -2,80 +2,131 @@
 
 include_once "settings.php";
 
-// Get and use a basic title search for pulling records.
-$keywordsearch = htmlspecialchars($_GET["kw"]);
-$authorsearch = htmlspecialchars($_GET["au"]);
-$typesearch = htmlspecialchars($_GET["ty"]);
+// Initialize variables
+$keywordsearch = '';
+$authorsearch = '';
+$typesearch = '';
+$searchtopic = '';
+$searchtype = '';
 
-$socialkw = mb_convert_case($keywordsearch, MB_CASE_TITLE, "UTF-8");
-$socialau = mb_convert_case($authorsearch, MB_CASE_TITLE, "UTF-8");
-$socialty = mb_convert_case($typesearch, MB_CASE_TITLE, "UTF-8");
-
-if (!empty($keywordsearch)) {
-	$searchtopic = 'Keyword: '.$socialkw;
-} elseif (!empty($authorsearch)) {
-	$searchtopic = 'Author: '.$socialau;
-} else {
-	$searchtopic = 'Type: '.$socialty;
+// Sanitize and validate input
+if (!empty($_GET["kw"])) {
+    $keywordsearch = trim($_GET["kw"]);
+    $searchtopic = 'Keyword: ' . htmlspecialchars($keywordsearch, ENT_QUOTES, 'UTF-8');
+    $searchtype = 'keyword';
+} elseif (!empty($_GET["au"])) {
+    $authorsearch = trim($_GET["au"]);
+    $searchtopic = 'Author: ' . htmlspecialchars($authorsearch, ENT_QUOTES, 'UTF-8');
+    $searchtype = 'author';
+} elseif (!empty($_GET["ty"])) {
+    $typesearch = trim($_GET["ty"]);
+    $searchtopic = 'Type: ' . htmlspecialchars(mb_convert_case($typesearch, MB_CASE_TITLE, "UTF-8"), ENT_QUOTES, 'UTF-8');
+    $searchtype = 'type';
 }
 
+// If no valid search parameter, redirect to index
+if (empty($searchtype)) {
+    header('Location: index.php');
+    exit;
+}
 
 // -------------------- BEGIN DATABASE QUERIES --------------------
 
-// Establish atabase connection
-$db = new SQLite3('metadata.sqlite');
+// Establish database connection
+try {
+    $db = new SQLite3('metadata.sqlite');
+    $db->enableExceptions(true);
+} catch (Exception $e) {
+    error_log("Database connection error: " . $e->getMessage());
+    die("Database connection failed");
+}
 
-$keywordquery = $db->query("SELECT
-DISTINCT books.id AS id,
-books.title AS title,
-SUBSTR(comments.text,0,120) AS excerpt
-FROM books
-INNER JOIN
-comments ON comments.book = books.id
-INNER JOIN
-books_tags_link ON books_tags_link.book = books.id
-INNER JOIN
-tags ON tags.id = books_tags_link.tag
-WHERE books.title LIKE '%$keywordsearch%'
-OR books.author_sort LIKE '%$keywordsearch%'
-OR comments.text LIKE '%$keywordsearch%'
-OR tags.name LIKE '%$keywordsearch%'
-ORDER BY books.timestamp DESC");
+// Prepare the appropriate query based on search type
+$results = null;
 
-$authorquery = $db->query("SELECT
-DISTINCT books.id AS id,
-books.title AS title,
-SUBSTR(comments.text,0,120) AS excerpt
-FROM books
-INNER JOIN
-comments ON comments.book = books.id
-INNER JOIN
-books_tags_link ON books_tags_link.book = books.id
-WHERE books.author_sort LIKE '%$authorsearch%'
-ORDER BY books.timestamp DESC");
+switch ($searchtype) {
+    case 'keyword':
+        $searchPattern = '%' . $keywordsearch . '%';
+        $stmt = $db->prepare("SELECT
+            DISTINCT books.id AS id,
+            books.title AS title,
+            SUBSTR(comments.text, 0, 120) AS excerpt
+            FROM books
+            INNER JOIN comments ON comments.book = books.id
+            INNER JOIN books_tags_link ON books_tags_link.book = books.id
+            INNER JOIN tags ON tags.id = books_tags_link.tag
+            WHERE books.title LIKE :search
+            OR books.author_sort LIKE :search
+            OR comments.text LIKE :search
+            OR tags.name LIKE :search
+            ORDER BY books.timestamp DESC
+            LIMIT 100");
+        $stmt->bindValue(':search', $searchPattern, SQLITE3_TEXT);
+        break;
+        
+    case 'author':
+        $searchPattern = '%' . $authorsearch . '%';
+        $stmt = $db->prepare("SELECT
+            DISTINCT books.id AS id,
+            books.title AS title,
+            SUBSTR(comments.text, 0, 120) AS excerpt
+            FROM books
+            INNER JOIN comments ON comments.book = books.id
+            INNER JOIN books_tags_link ON books_tags_link.book = books.id
+            WHERE books.author_sort LIKE :search
+            ORDER BY books.timestamp DESC
+            LIMIT 100");
+        $stmt->bindValue(':search', $searchPattern, SQLITE3_TEXT);
+        break;
+        
+    case 'type':
+        $stmt = $db->prepare("SELECT
+            DISTINCT books.id AS id,
+            books.title AS title,
+            SUBSTR(comments.text, 0, 120) AS excerpt
+            FROM books
+            INNER JOIN comments ON comments.book = books.id
+            INNER JOIN books_custom_column_1_link ON books_custom_column_1_link.book = books.id
+            INNER JOIN custom_column_1 ON custom_column_1.id = books_custom_column_1_link.value
+            WHERE custom_column_1.value = :search
+            ORDER BY books.timestamp DESC
+            LIMIT 100");
+        $stmt->bindValue(':search', $typesearch, SQLITE3_TEXT);
+        break;
+}
 
-$typequery = $db->query("SELECT
-DISTINCT books.id AS id,
-books.title AS title,
-SUBSTR(comments.text,0,120) AS excerpt
-FROM books
-INNER JOIN
-comments ON comments.book = books.id
-INNER JOIN
-books_custom_column_1_link ON books_custom_column_1_link.book = books.id
-INNER JOIN
-custom_column_1 ON custom_column_1.id = books_custom_column_1_link.value
-WHERE
-custom_column_1.value = '$typesearch'
-ORDER BY books.timestamp DESC");
+// Execute query and handle errors
+try {
+    $results = $stmt->execute();
+} catch (Exception $e) {
+    error_log("Query execution error: " . $e->getMessage());
+    $results = null;
+}
+
+// Get types for menu
+try {
+    $types = $db->query("SELECT value FROM custom_column_1 ORDER BY value ASC");
+} catch (Exception $e) {
+    error_log("Types query error: " . $e->getMessage());
+    $types = null;
+}
+
+// Build social media URLs safely
+$socialUrl = '';
+switch ($searchtype) {
+    case 'keyword':
+        $socialUrl = $SiteURL . '/recent.php?kw=' . urlencode($keywordsearch);
+        break;
+    case 'author':
+        $socialUrl = $SiteURL . '/recent.php?au=' . urlencode($authorsearch);
+        break;
+    case 'type':
+        $socialUrl = $SiteURL . '/recent.php?ty=' . urlencode($typesearch);
+        break;
+}
 
-$types = $db->query("SELECT
-value
-FROM custom_column_1
-ORDER BY value ASC");
 ?>
 
-
 <!DOCTYPE html>
 <!--[if lt IE 7]>      <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
 <!--[if IE 7]>         <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
@@ -84,9 +135,9 @@ ORDER BY value ASC");
 	<head>
 	<meta charset="utf-8">
 	<meta http-equiv="X-UA-Compatible" content="IE=edge">
-	<title>Infopump - Recently Added - <?php echo $searchtopic; ?></title>
+	<title>Infopump - Recently Added - <?php echo htmlspecialchars($searchtopic, ENT_QUOTES, 'UTF-8'); ?></title>
 	<meta name="viewport" content="width=device-width, initial-scale=1">
-	<meta name="description" content="Free HTML5 Template by FREEHTML5.CO" />
+	<meta name="description" content="Recently added items for <?php echo htmlspecialchars($searchtopic, ENT_QUOTES, 'UTF-8'); ?>" />
 	<meta name="keywords" content="free html5, free template, free bootstrap, html5, css3, mobile first, responsive" />
 	<meta name="author" content="FREEHTML5.CO" />
 
@@ -105,33 +156,14 @@ ORDER BY value ASC");
 	 -->
 
   	<!-- Facebook and Twitter integration -->
-	<meta property="og:title" content=<?php echo '"'.$SiteName.' - Recently Added - '.$searchtopic.'" />';?>
-
-	<meta property="og:image" content=<?php echo '"'.$SiteURL.'/images/og-site-avatar.jpg" />';?>
-
-	<?php
-		if (!empty($keywordsearch)) {
-			echo '<meta property="og:url" content="'.$SiteURL.'/recent.php?kw='.$socialkw.'" />';
-			echo '<meta name="twitter:url" content="'.$SiteURL.'/recent.php?kw='.$socialkw.'" />';
-		} elseif (!empty($authorsearch)) {
-			echo '<meta property="og:url" content="'.$SiteURL.'/recent.php?au='.$socialau.'" />';
-			echo '<meta name="twitter:url" content="'.$SiteURL.'/recent.php?au='.$socialau.'" />';
-		} else {
-			echo '<meta property="og:url" content="'.$SiteURL.'/recent.php?ty='.$socialty.'" />';
-			echo '<meta name="twitter:url" content="'.$SiteURL.'/recent.php?ty='.$socialty.'" />';
-		}
-	?>
-
-	<meta property="og:site_name" content=<?php echo '"'.$SiteName.' - Recently Added" />';?>
-
-	<meta property="og:description" content=<?php echo '"'.$SubName.'" />';?>
-
-	<meta name="twitter:title" content=<?php echo '"'.$SiteName.' - Recently Added - '.$searchtopic.'" />';?>
-
-	<meta name="twitter:image" content=<?php echo '"'.$SiteURL.'/images/og-site-avatar.jpg" />';?>
-
-	
-
+	<meta property="og:title" content="<?php echo htmlspecialchars($SiteName . ' - Recently Added - ' . $searchtopic, ENT_QUOTES, 'UTF-8'); ?>" />
+	<meta property="og:image" content="<?php echo htmlspecialchars($SiteURL, ENT_QUOTES, 'UTF-8'); ?>/images/og-site-avatar.jpg" />
+	<meta property="og:url" content="<?php echo htmlspecialchars($socialUrl, ENT_QUOTES, 'UTF-8'); ?>" />
+	<meta property="og:site_name" content="<?php echo htmlspecialchars($SiteName . ' - Recently Added', ENT_QUOTES, 'UTF-8'); ?>" />
+	<meta property="og:description" content="<?php echo htmlspecialchars($SubName, ENT_QUOTES, 'UTF-8'); ?>" />
+	<meta name="twitter:title" content="<?php echo htmlspecialchars($SiteName . ' - Recently Added - ' . $searchtopic, ENT_QUOTES, 'UTF-8'); ?>" />
+	<meta name="twitter:image" content="<?php echo htmlspecialchars($SiteURL, ENT_QUOTES, 'UTF-8'); ?>/images/og-site-avatar.jpg" />
+	<meta name="twitter:url" content="<?php echo htmlspecialchars($socialUrl, ENT_QUOTES, 'UTF-8'); ?>" />
 	<meta name="twitter:card" content="summary" />
 
 	<!-- Place favicon.ico and apple-touch-icon.png in the root directory -->
@@ -144,10 +176,8 @@ ORDER BY value ASC");
 	<link rel="stylesheet" href="css/icomoon.css">
 	<!-- Bootstrap  -->
 	<link rel="stylesheet" href="css/bootstrap.css">
-
 	<link rel="stylesheet" href="css/style.css">
 
-
 	<!-- Modernizr JS -->
 	<script src="js/modernizr-2.6.2.min.js"></script>
 	<!-- FOR IE9 below -->
@@ -165,7 +195,7 @@ ORDER BY value ASC");
 			</figure>
 			<h3 class="heading">About the Project</h3>
 			<a href="index.php"><h2>Infopump</h2></a>
-			<p>A bibliographic management and display system.</p>
+			<p>A bibliographic management and display system.<br /><a href="about.php">More info</a></p>
 			<hr>
 			<p>A free, open source project from:<br />
 				<a href="https://rss.com/podcasts/l0wl1f3podcast/">The L0WL1F3 Podcast</a><br />
@@ -173,8 +203,8 @@ ORDER BY value ASC");
 				<a href="https://cyberpunklibrarian.com">Cyberpunk Librarian</a>
 			</p>
 			<ul class="fh5co-social">
-				<!--<li><a href="#"><i class="icon-twitter"></i></a></li>-->
-				<!--<li><a href="#"><i class="icon-facebook"></i></a></li>
+				<!--<li><a href="#"><i class="icon-twitter"></i></a></li>
+				<li><a href="#"><i class="icon-facebook"></i></a></li>
 				<li><a href="#"><i class="icon-instagram"></i></a></li>-->
 			</ul>
 		</div>
@@ -184,22 +214,22 @@ ORDER BY value ASC");
 				<h3 class="heading">Recent Additions</h3>
 				<ul>
 				<?php
-				while ($row = $types->fetchArray()) {
-					$row_value = $row['value'];
-					$row_titlecase = mb_convert_case($row_value, MB_CASE_TITLE, "UTF-8");
-					echo '<li><a href="recent.php?ty='.$row_value.'">'.$row_titlecase.'</a></li>';
-					//echo '<li>'.$row_value.'</li>';
-					
+				if ($types) {
+					while ($row = $types->fetchArray(SQLITE3_ASSOC)) {
+						$row_value = htmlspecialchars($row['value'], ENT_QUOTES, 'UTF-8');
+						$row_titlecase = htmlspecialchars(mb_convert_case($row['value'], MB_CASE_TITLE, "UTF-8"), ENT_QUOTES, 'UTF-8');
+						echo '<li><a href="recent.php?ty=' . urlencode($row['value']) . '">' . $row_titlecase . '</a></li>';
+					}
 				}
-
 				?>
 				</ul>
+
 			</div>
 			<div class="fh5co-box">
 				<h3 class="heading">Search</h3>
 				<form action="results.php" method="get">
 					<div class="form-group">
-						<input type="text" class="form-control" name="kw" placeholder="Keyword search">
+						<input type="text" class="form-control" name="kw" placeholder="Keyword search" maxlength="100">
 					</div>
 				</form>
 			</div>
@@ -219,7 +249,7 @@ ORDER BY value ASC");
 					<li><a href="#"><i class="icon-instagram"></i></a></li>
 				</ul> -->
 				<div class="col-lg-12 col-md-12 text-center">
-					<h1 id="fh5co-logo"><a href="index.php">Recently Added<br /><br /><?php echo $searchtopic; ?></a></h1>
+					<h1 id="fh5co-logo"><a href="index.php">Recently Added<br /><br /><?php echo htmlspecialchars($searchtopic, ENT_QUOTES, 'UTF-8'); ?></a></h1>
 				</div>
 
 			</div>
@@ -235,31 +265,26 @@ ORDER BY value ASC");
 					<div class="row rp-b">
 						<div class="col-md-12 animate-box">
 							<?php
-							if ($keywordsearch != '') {
-							while ($row = $keywordquery->fetchArray()) {
-								$row_id = $row['id'];
-								$row_title = $row['title'];
-								$row_excerpt = $row['excerpt'];
-							
-								echo '<p style="padding:25px 0 35px 0;"><img style="float:left; max-height: 120px; padding: 10px 10px" src="images/'.$row_id.'.jpg"><strong><em><a href="itemrecord.php?itemid='.$row_id.'">'.$row_title.'</em></a> :</strong> '.strip_tags($row_excerpt).'...</p>';
+							if ($results) {
+								$hasResults = false;
+								while ($row = $results->fetchArray(SQLITE3_ASSOC)) {
+									$hasResults = true;
+									$row_id = (int)$row['id'];
+									$row_title = htmlspecialchars($row['title'], ENT_QUOTES, 'UTF-8');
+									$row_excerpt = htmlspecialchars(strip_tags($row['excerpt']), ENT_QUOTES, 'UTF-8');
+								
+									echo '<p style="padding:25px 0 35px 0;">';
+									echo '<img style="float:left; max-height: 120px; padding: 10px 10px" src="images/' . $row_id . '.jpg" alt="' . $row_title . '">';
+									echo '<strong><em><a href="itemrecord.php?itemid=' . $row_id . '">' . $row_title . '</a></em> :</strong> ';
+									echo $row_excerpt . '...</p>';
+								}
+								
+								if (!$hasResults) {
+									echo '<p>No recent items found.</p>';
+								}
+							} else {
+								echo '<p>An error occurred while retrieving recent items. Please try again.</p>';
 							}
-						} elseif ($typesearch != '') {
-							while ($row = $typequery->fetchArray()) {
-								$row_id = $row['id'];
-								$row_title = $row['title'];
-								$row_excerpt = $row['excerpt'];
-							
-								echo '<p style="padding:25px 0 35px 0;"><img style="float:left; max-height: 120px; padding: 10px 10px" src="images/'.$row_id.'.jpg"><strong><em><a href="itemrecord.php?itemid='.$row_id.'">'.$row_title.'</em></a> :</strong> '.strip_tags($row_excerpt).'...</p>';								
-						}
-						} else {
-							while ($row = $authorquery->fetchArray()) {
-								$row_id = $row['id'];
-								$row_title = $row['title'];
-								$row_excerpt = $row['excerpt'];
-							
-								echo '<p style="padding:25px 0 35px 0;"><img style="float:left; max-height: 120px; padding: 10px 10px" src="images/'.$row_id.'.jpg"><strong><em><a href="itemrecord.php?itemid='.$row_id.'">'.$row_title.'</em></a> :</strong> '.strip_tags($row_excerpt).'...</p>';
-							}
-						}
 							?>
 						</div>
 					</div>
@@ -270,7 +295,7 @@ ORDER BY value ASC");
 	</div>
 
 	<footer id="fh5co-footer">
-	<p><small>&copy; Creative Commons By-NC-SA<br> Design by <a href="http://freehtml5.co" target="_blank">FREEHTML5.co</a></small></p>
+		<p><small>&copy; Creative Commons By-NC-SA<br> Design by <a href="http://freehtml5.co" target="_blank">FREEHTML5.co</a></small></p>
 	</footer>
 	
 	<!-- jQuery -->
@@ -287,3 +312,7 @@ ORDER BY value ASC");
 	</body>
 </html>
 
+<?php
+// Close database connection
+$db->close();
+?>
\ No newline at end of file
diff --git a/settings.php b/settings.php
index 70150a9..a2a843d 100644
--- a/settings.php
+++ b/settings.php
@@ -1,24 +1,68 @@
 <?php
 
-$sitesettings = new SQLite3('settings.sqlite');
+/**
+ * Site Settings Configuration
+ * Loads site settings from SQLite database
+ */
 
-$getName = $sitesettings->query('SELECT description FROM site WHERE id = 1');
+// Initialize default values
+$SiteName = 'Infopump';
+$SubName = 'A bibliographic display system';
+$SiteURL = '';
 
-while ($row = $getName->fetchArray()) {
-    $SiteName = $row['description'];
+try {
+    // Establish database connection
+    $sitesettings = new SQLite3('settings.sqlite', SQLITE3_OPEN_READONLY);
+    $sitesettings->enableExceptions(true);
+    
+    // Fetch all settings in a single query for efficiency
+    $stmt = $sitesettings->prepare('SELECT id, description FROM site WHERE id IN (1, 2, 3) ORDER BY id');
+    $result = $stmt->execute();
+    
+    // Process results
+    $settings = [];
+    while ($row = $result->fetchArray(SQLITE3_ASSOC)) {
+        $settings[(int)$row['id']] = $row['description'];
+    }
+    
+    // Assign settings to variables with validation
+    if (isset($settings[1]) && !empty(trim($settings[1]))) {
+        $SiteName = htmlspecialchars(trim($settings[1]), ENT_QUOTES, 'UTF-8');
+    }
+    
+    if (isset($settings[2]) && !empty(trim($settings[2]))) {
+        $SubName = htmlspecialchars(trim($settings[2]), ENT_QUOTES, 'UTF-8');
+    }
+    
+    if (isset($settings[3]) && !empty(trim($settings[3]))) {
+        // Validate and sanitize URL
+        $url = trim($settings[3]);
+        // Remove trailing slash for consistency
+        $url = rtrim($url, '/');
+        // Basic URL validation
+        if (filter_var($url, FILTER_VALIDATE_URL)) {
+            $SiteURL = htmlspecialchars($url, ENT_QUOTES, 'UTF-8');
+        } else {
+            error_log("Invalid site URL in settings: " . $url);
+        }
+    }
+    
+    // Close database connection
+    $sitesettings->close();
+    
+} catch (Exception $e) {
+    // Log error but continue with default values
+    error_log("Settings database error: " . $e->getMessage());
+    
+    // Ensure variables are set even if database fails
+    if (!isset($SiteName)) $SiteName = 'Infopump';
+    if (!isset($SubName)) $SubName = 'A bibliographic display system';
+    if (!isset($SiteURL)) $SiteURL = '';
 }
 
-$getSubName = $sitesettings->query('SELECT description FROM site WHERE id = 2');
-
-while ($row = $getSubName->fetchArray()) {
-    $SubName = $row['description'];
+// Verify all required settings are defined
+if (empty($SiteName) || empty($SubName)) {
+    error_log("Critical site settings are missing or empty");
 }
 
-$getURL = $sitesettings->query('SELECT description FROM site WHERE id = 3');
-
-while ($row = $getURL->fetchArray()) {
-    $SiteURL = $row['description'];
-}
-
-
 ?>
\ No newline at end of file