You need to use filter() to get rid of the exploitable $_POST requests. filter() is an UberCMS function which automatically does real_escape_string, strip_slashes and shit like that. Other than that, it's a very nice release. It looks very nice and seems to do what it needs to do!
If you can make that roomid automatic is.. (but that is the system not!) is this a good job from you, yes idd you can not understand me so good? That is pretty bad.. I can not good english if you understand me. :)
Already released for RevCMS, all the code is the same lmao