Thanks to lilith2u for the .14 btc donation you are the first to donate and i really appreciate it to reply to supersecretsquirrelim sorry the code is closed source you may externally audit it if you choose but it does not contain and sql or anything of the like and is rather low tech and uses the kiss principle the xss was identified before release even due to it injecting the variable into the body of the page the regex stopped that