diff --git a/src/shim/shim.php b/src/shim/shim.php
index a1a3eca..318d825 100755
--- a/src/shim/shim.php
+++ b/src/shim/shim.php
@@ -266,6 +266,18 @@ function migrate_user_media($type) {
 	}
 }
 
+function migrate_seq() {
+	echo "migrating sequences\n";
+	extract($GLOBALS);
+
+	$tables = array('user', 'post', 'like', 'comment', 'follow', 'user_media');
+
+	foreach ($tables as $table) {
+		$sql = "SELECT setval('sys.{$table}_id_seq', (SELECT MAX(id) FROM admin.{$table}), true);";
+		$psql->exec($sql);
+	}
+}
+
 try {
 	wait_until_ready();
 	clear_all();
@@ -276,6 +288,7 @@ try {
 	migrate_follow();
 	migrate_user_media('avatar');
 	migrate_user_media('banner');
+	migrate_seq();
 } catch (Exception $ex) {
 	echo "$ex\n";
 	$psql->rollBack();
diff --git a/src/web/_model/main.php b/src/web/_model/main.php
index 6d8b708..58ae307 100644
--- a/src/web/_model/main.php
+++ b/src/web/_model/main.php
@@ -13,6 +13,9 @@ class Main_model {
 	// stores the current request info
 	public $info;
 
+	// tthe logged in user
+	private $user;
+
 	/**
 	 * Loads the main model
 	 * @param Loader $load - the main loader object
@@ -28,6 +31,7 @@ class Main_model {
 		};
 		/// init other vars
 		$this->users = array();
+		$this->user = NULL;
 	}
 
 	/**
@@ -36,14 +40,20 @@ class Main_model {
 	 */
 	private function get_session($jwt) {
 		$query = $this->db
-			->select("_api.verify_jwt('" . $jwt . "') AS user_id;");
-		$result = $query->row();
+			->select("_api.verify_jwt(?) AS user_id;");
+		$result = $query->row($jwt);
 		$user_id = $result['user_id'];
 		if ($user_id) {
 			$this->session = array(
 				'id' => $user_id,
 				'jwt' => $jwt
 			);
+			$user = $this->user();
+			if ($user === FALSE) {
+				/// valid jwt for invalid user!!!
+				$this->session = NULL;
+				$this->user = NULL;
+			}
 		}
 	}
 
@@ -79,16 +89,19 @@ class Main_model {
 	 * Gets the current user
 	 */
 	public function user() {
+		if ($this->user) {
+			return $this->user;
+		}
 		if ($this->session) {
-			return $this->db
+			$this->user = $this->db
 				->select('*')
 				->from('api.user')
 				->where('id')
 				->eq($this->session['id'])
 				->row();
-		} else {
-			return NULL;
+			return $this->user;
 		}
+		return NULL;
 	}
 
 }
diff --git a/src/web/core/database.php b/src/web/core/database.php
index e9b8109..25cb5ba 100644
--- a/src/web/core/database.php
+++ b/src/web/core/database.php
@@ -19,6 +19,89 @@ class DatabaseQuery {
 		$this->param = array();
 	}
 
+	///
+	/// ARBITRARY QUERY
+	///
+
+	public function query($query) {
+		$this->query .= $query;
+		return $this;
+	}
+
+	///
+	/// SELECT
+	///
+
+	public function select($select) {
+		$this->query .= "SELECT $select\n";
+		return $this;
+	}
+
+	public function from($from) {
+		$this->query .= "FROM $from\n";
+		return $this;
+	}
+
+	///
+	/// INSERT
+	///
+
+	public function insert_into($insert, ...$columns) {
+		$this->query .= "INSERT INTO $insert\n (";
+		foreach ($columns as $idx => $column) {
+			if ($idx !== 0) {
+				$this->query .= ",";
+			}
+			$this->query .= $column;
+		}
+		$this->query .= ")\n";
+		return $this;
+	}
+
+	public function values(...$values) {
+		$this->query .= "VALUES (";
+		foreach ($values as $idx => $value) {
+			if ($idx !== 0) {
+				$this->query .= ",";
+			}
+			$this->query .= "?";
+			array_push($this->param, $value);
+		}
+		$this->query .= ")\n";
+		return $this;
+	}
+
+	///
+	/// WHERE
+	///
+
+	public function where($cond) {
+		if (!$this->where) {
+			$this->where = TRUE;
+			$this->query .= "WHERE ";
+		} else {
+			$this->query .= "AND ";
+		}
+		$this->query .= "$cond ";
+		return $this;
+	}
+
+	public function where_in($column, $array) {
+		if (!$this->where) {
+			$this->where = TRUE;
+			$this->query .= "WHERE ";
+		} else {
+			$this->query .= "AND ";
+		}
+		if (empty($array)) {
+			$this->query .= "FALSE\n";
+			return $this;
+		}
+		$in = $this->in($array);
+		$this->query .= "$column $in\n";
+		return $this;
+	}
+
 	private function in($array) {
 		$in = 'IN (';
 		foreach ($array as $idx => $item) {
@@ -32,26 +115,9 @@ class DatabaseQuery {
 		return $in;
 	}
 
-	public function select($select) {
-		$this->query .= "SELECT $select\n";
-		return $this;
-	}
-
-	public function from($from) {
-		$this->query .= "FROM $from\n";
-		return $this;
-	}
-
-	public function where($cond) {
-		if (!$this->where) {
-			$this->where = TRUE;
-			$this->query .= "WHERE ";
-		} else {
-			$this->query .= "AND ";
-		}
-		$this->query .= "$cond ";
-		return $this;
-	}
+	///
+	/// OPERATORS
+	///
 
 	public function like($item) {
 		$this->query .= "LIKE ?\n";
@@ -83,27 +149,19 @@ class DatabaseQuery {
 		return $this;
 	}
 
-	public function where_in($column, $array) {
-		if (!$this->where) {
-			$this->where = TRUE;
-			$this->query .= "WHERE ";
-		} else {
-			$this->query .= "AND ";
-		}
-		if (empty($array)) {
-			$this->query .= "FALSE\n";
-			return $this;
-		}
-		$in = $this->in($array);
-		$this->query .= "$column $in\n";
-		return $this;
-	}
+	///
+	/// JOINS
+	///
 
 	public function join($table, $on, $type = 'LEFT') {
 		$this->query .= "$type JOIN $table ON $on\n";
 		return $this;
 	}
 
+	///
+	/// LIMIT, OFFSET, ORDER
+	///
+
 	public function limit($limit) {
 		$this->query .= "LIMIT ?\n";
 		array_push($this->param, $limit);
@@ -121,10 +179,18 @@ class DatabaseQuery {
 		return $this;
 	}
 
-	public function rows() {
+	///
+	/// COLLECT
+	///
+
+	public function rows(...$params) {
+		$args = $this->param;
+		foreach ($params as $param) {
+			array_push($args, $param);
+		}
 		$stmt = $this->conn->prepare($this->query);
 		try {
-			$stmt->execute($this->param);
+			$stmt->execute($args);
 		} catch (Exception $ex) {
 			echo $ex;
 			echo '<br> >> caused by <<<br>';
@@ -133,17 +199,38 @@ class DatabaseQuery {
 		return $stmt->fetchAll(PDO::FETCH_ASSOC);
 	}
 
-	public function row() {
+	public function row(...$params) {
+		$args = $this->param;
+		foreach ($params as $param) {
+			array_push($args, $param);
+		}
 		$stmt = $this->conn->prepare($this->query);
-		$stmt->execute($this->param);
+		$stmt->execute($args);
 		return $stmt->fetch(PDO::FETCH_ASSOC);
 	}
+
+	public function execute(...$params) {
+		$args = $this->param;
+		foreach ($params as $param) {
+			array_push($args, $param);
+		}
+		$stmt = $this->conn->prepare($this->query);
+		try {
+			$stmt->execute($args);
+			return TRUE;
+		} catch (Exception $_e) {
+			echo $_e;
+			echo '<br> >> caused by <<<br>';
+			echo str_replace("\n", "<br>", $this->query);
+			return FALSE;
+		}
+	}
 }
 
 /**
  * DatabaseHelper
  * allows queries on the
- * xssbook postgres database
+ * postgres database
  */
 class DatabaseHelper {
 
@@ -180,4 +267,16 @@ class DatabaseHelper {
 		return $query->select($select);
 	}
 
+	public function insert_into($insert, ...$columns) {
+		$conn = $this->connect();
+		$query = new DatabaseQuery($conn);
+		return $query->insert_into($insert, ...$columns);
+	}
+
+	public function query($query_str) {
+		$conn = $this->connect();
+		$query = new DatabaseQuery($conn);
+		return $query->query($query_str);
+	}
 }
+
diff --git a/src/web/lang/en_US/common_lang.php b/src/web/lang/en_US/common_lang.php
index ef93ce8..22e1c89 100644
--- a/src/web/lang/en_US/common_lang.php
+++ b/src/web/lang/en_US/common_lang.php
@@ -1,6 +1,6 @@
 <?php /* Copyright (c) 2024 Freya Murphy */
 
-$lang['version'] = 'Version 2.0.1';
+$lang['version'] = 'Version 2.0.2';
 $lang['copyright'] = 'Freya Murphy © 2024';
 
 // Navigation Bar Lang