diff --git a/e107_handlers/form_handler.php b/e107_handlers/form_handler.php
index a59ff7a69..a89e8e459 100644
--- a/e107_handlers/form_handler.php
+++ b/e107_handlers/form_handler.php
@@ -342,7 +342,7 @@ class e_form
 		$previnput	= $idinput."-preview";
 		$optioni 	= $idinput."-options";
 		
-		$img = (strpos($curVal,"://")!==false) ? $curVal : $tp->thumbUrl(e_MEDIA."avatars/".$curVal,"aw=".$width."&ah=".$height);
+		$img = (strpos($curVal,"://")!==false) ? $curVal : $tp->thumbUrl(e_MEDIA."avatars/".$curVal,"aw=".vartrue($width)."&ah=".vartrue($height));
 		
 		if(!$curVal)
 		{
@@ -365,7 +365,7 @@ class e_form
 			
 		$text .= "\n<div id='{$optioni}' style='display:none' >\n"; //TODO unique id. 
 		
-		if ($pref['avatar_upload'] && FILE_UPLOADS && vartrue($options['upload']))
+		if (vartrue($pref['avatar_upload']) && FILE_UPLOADS && vartrue($options['upload']))
 		{
 				$diz = LAN_USET_32.($pref['im_width'] || $pref['im_height'] ? "\n".str_replace(array('--WIDTH--','--HEIGHT--'), array($pref['im_width'], $pref['im_height']), LAN_USER_86) : "");
 	
@@ -716,12 +716,12 @@ class e_form
 
 	function password($name, $value = '', $maxlength = 50, $options = array())
 	{
-		if($options['generate'])
+		if(vartrue($options['generate']))
 		{
 			$addon .= '&nbsp;<a href="#" class="smalltext" id="Spn_PasswordGenerator" >Generate</a> | <a class="smalltext" href="#" id="showPwd">Show</a><br />';	
 		}
 		
-		if($options['strength'])
+		if(vartrue($options['strength']))
 		{
 			$addon .= "<div><div id='pwdColor' class='progress' style='float:left;display:inline-block;width:215px'><div class='bar' id='pwdMeter' style='width:0%' ></div></div> <div id='pwdStatus' class='smalltext' style='float:left;display:inline-block;width:150px;margin-left:5px'></span></div>";	
 		}
@@ -731,7 +731,7 @@ class e_form
 		//never allow id in format name-value for text fields
 		$text = "<input type='password' name='{$name}' value='{$value}' maxlength='{$maxlength}'".$this->get_attributes($options, $name)." />";
 
-		return $text.$addon;
+		return $text.vartrue($addon);
 		
 	}
 
diff --git a/e107_handlers/user_handler.php b/e107_handlers/user_handler.php
index 9cad2aa73..5d78a1903 100644
--- a/e107_handlers/user_handler.php
+++ b/e107_handlers/user_handler.php
@@ -496,7 +496,7 @@ class UserHandler
 		}
 		foreach (array(e_UC_MEMBER, e_UC_READONLY, e_UC_PUBLIC) as $c)
 		{
-			if (!in_array($c,$classList))
+			if (!in_array($c, vartrue($classList)))
 			{
 				$classList[] = $c;
 			}
diff --git a/usersettings.php b/usersettings.php
index de9cd6f16..095b98a23 100644
--- a/usersettings.php
+++ b/usersettings.php
@@ -642,7 +642,7 @@ if ($dataToSave && !$promptPassword)
 
 if (!$error && !$promptPassword) 
 {
-	if(isset($_POST) && $changedUserData['user_name'])
+	if(isset($_POST) && vartrue($changedUserData['user_name']))
 	{
 		$redirect = e107::getRedirect();
 		$url = e107::getUrl();
@@ -746,7 +746,7 @@ $curVal=$sql->db_Fetch(MYSQL_ASSOC);
 $curVal['user_class'] = varset($changedUserData['user_class'], $curVal['user_class']);
 $curVal['userclass_list'] = $userMethods->addCommonClasses($curVal, FALSE);
 
-if ($_POST)
+if (vartrue($_POST))
 {     // Fix for all the values being lost when there was an error in a field - restore from the latest $_POST values
 	  // (Password fields have intentionally been cleared). If no error, there's an unset($_POST) to disable this block
 	foreach ($_POST as $key => $val)
