diff --git a/design.inc.php b/design.inc.php
index 433d36a5..7518b175 100644
--- a/design.inc.php
+++ b/design.inc.php
@@ -35,7 +35,7 @@ function toggle(id) {
 			}
 			foreach ($breadcrumb as $key => $val) {
 				if (strlen($val)) {
-					echo '<a href="' . htmlspecialchars($SELF) . "$key=" . ($key != "privileges" ? urlencode($val) : "") . '">' . htmlspecialchars($val) . '</a> &raquo; ';
+					echo '<a href="' . htmlspecialchars("$SELF$key=") . ($key != "privileges" ? urlencode($val) : "") . '">' . htmlspecialchars($val) . '</a> &raquo; ';
 				}
 			}
 		}
diff --git a/edit.inc.php b/edit.inc.php
index 053cb64c..564b88a7 100644
--- a/edit.inc.php
+++ b/edit.inc.php
@@ -1,8 +1,9 @@
 <?php
 $where = where($_GET);
+$update = ($where && !$_GET["clone"]);
 $fields = fields($_GET["edit"]);
 foreach ($fields as $name => $field) {
-	if (isset($_GET["default"]) ? $field["auto_increment"] || preg_match('~text|blob~', $field["type"]) : !isset($field["privileges"][$where && !$_GET["clone"] ? "update" : "insert"])) {
+	if (isset($_GET["default"]) ? $field["auto_increment"] || preg_match('~text|blob~', $field["type"]) : !isset($field["privileges"][$update ? "update" : "insert"])) {
 		unset($fields[$name]);
 	}
 }
@@ -29,7 +30,7 @@ if ($_POST && !$error) {
 		}
 		if (isset($_GET["default"])) {
 			query_redirect("ALTER TABLE " . idf_escape($_GET["edit"]) . implode(",", $set), $location, lang('Default values has been set.'));
-		} elseif ($where && !$_GET["clone"]) {
+		} elseif ($update) {
 			query_redirect("UPDATE " . idf_escape($_GET["edit"]) . " SET " . implode(", ", $set) . " WHERE " . implode(" AND ", $where) . " LIMIT 1", $location, lang('Item has been updated.'));
 		} else {
 			query_redirect("INSERT INTO " . idf_escape($_GET["edit"]) . " SET " . implode(", ", $set), $location, lang('Item has been inserted.'));
@@ -94,8 +95,8 @@ if ($fields) {
 <input type="hidden" name="token" value="<?php echo $token; ?>" />
 <?php if ($fields) { ?>
 <input type="submit" value="<?php echo lang('Save'); ?>" />
-<?php if (!isset($_GET["default"])) { ?><input type="submit" name="insert" value="<?php echo ($where && !$_GET["clone"] ? lang('Save and continue edit') : lang('Save and insert next')); ?>" /><?php } ?>
+<?php if (!isset($_GET["default"])) { ?><input type="submit" name="insert" value="<?php echo ($update ? lang('Save and continue edit') : lang('Save and insert next')); ?>" /><?php } ?>
 <?php } ?>
-<?php if ($where && !$_GET["clone"]) { ?> <input type="submit" name="delete" value="<?php echo lang('Delete'); ?>" onclick="return confirm('<?php echo lang('Are you sure?'); ?>');" /><?php } ?>
+<?php if ($update) { ?> <input type="submit" name="delete" value="<?php echo lang('Delete'); ?>" onclick="return confirm('<?php echo lang('Are you sure?'); ?>');" /><?php } ?>
 </p>
 </form>
diff --git a/index.php b/index.php
index fe6f5bfe..87fd6edb 100644
--- a/index.php
+++ b/index.php
@@ -159,9 +159,8 @@ if (isset($_GET["download"])) {
 				while ($row = $result->fetch_assoc()) {
 					echo '<tr class="nowrap"><td>' . (isset($row["Rows"]) ? '<input type="checkbox" name="tables[]" value="' . htmlspecialchars($row["Name"]) . '"' . (in_array($row["Name"], (array) $_POST["tables"], true) ? ' checked="checked"' : '') . ' /></td><th><a href="' . htmlspecialchars($SELF) . 'table=' . urlencode($row["Name"]) . '">' . htmlspecialchars($row["Name"]) . "</a></th><td align='left'>$row[Engine]</td><td align='left'>$row[Collation]" : '&nbsp;</td><th><a href="' . htmlspecialchars($SELF) . 'view=' . urlencode($row["Name"]) . '">' . htmlspecialchars($row["Name"]) . '</a></th><td colspan="6">' . lang('View'));
 					$row["count"] = $mysql->result($mysql->query("SELECT COUNT(*) FROM " . idf_escape($row["Name"])));
-					foreach ((isset($row["Rows"]) ? array("Data_length" => "create", "Index_length" => "indexes", "Data_free" => "", "Auto_increment" => "") : array()) + array("count" => "select") as $key => $link) {
-						$num = (strlen($row[$key]) ? number_format($row[$key], 0, '.', lang(',')) : '&nbsp;');
-						echo '</td><td align="right">' . ($link ? '<a href="' . htmlspecialchars($SELF) . "$link=" . urlencode($row["Name"]) . '">' . "$num</a>" : $num);
+					foreach ((isset($row["Rows"]) ? array("Data_length" => "create", "Index_length" => "indexes", "Data_free" => "edit", "Auto_increment" => "create") : array()) + array("count" => "select") as $key => $link) {
+						echo '</td><td align="right">' . (isset($row[$key]) ? '<a href="' . htmlspecialchars("$SELF$link=") . urlencode($row["Name"]) . '">' . number_format($row[$key], 0, '.', lang(',')) . '</a>' : '&nbsp;');
 					}
 					echo "</td></tr>\n";
 				}
@@ -181,8 +180,8 @@ if (isset($_GET["download"])) {
 					while ($row = $result->fetch_assoc()) {
 						echo "<tr>";
 						echo "<td>" . htmlspecialchars($row["ROUTINE_TYPE"]) . "</td>";
-						echo '<th><a href="' . htmlspecialchars($SELF) . ($row["ROUTINE_TYPE"] == "FUNCTION" ? 'callf' : 'call') . '=' . urlencode($row["ROUTINE_NAME"]) . '">' . htmlspecialchars($row["ROUTINE_NAME"]) . '</a></th>';
-						echo '<td><a href="' . htmlspecialchars($SELF) . ($row["ROUTINE_TYPE"] == "FUNCTION" ? 'function' : 'procedure') . '=' . urlencode($row["ROUTINE_NAME"]) . '">' . lang('Alter') . "</a></td>";
+						echo '<th><a href="' . htmlspecialchars($SELF) . ($row["ROUTINE_TYPE"] == "FUNCTION" ? 'callf=' : 'call=') . urlencode($row["ROUTINE_NAME"]) . '">' . htmlspecialchars($row["ROUTINE_NAME"]) . '</a></th>';
+						echo '<td><a href="' . htmlspecialchars($SELF) . ($row["ROUTINE_TYPE"] == "FUNCTION" ? 'function=' : 'procedure=') . urlencode($row["ROUTINE_NAME"]) . '">' . lang('Alter') . "</a></td>";
 						echo "</tr>\n";
 					}
 					echo "</table>\n";