diff --git a/htdocs/archive/report.c b/htdocs/archive/report.c
index 3782af689..0650acbda 100644
--- a/htdocs/archive/report.c
+++ b/htdocs/archive/report.c
@@ -3,44 +3,10 @@
 #include <stdio.h>
 #include <string.h>
 
+#include "webarchive.h"
+
 #define MAX_RECORDS 1000
 
-int readdata(char * * const data, int sz)
-{
-    FILE *f = fopen("data.txt", "rt");
-    if (!f)
-        return 0;  // failed
-
-    char line[10000] = {0};
-    int i = 0;
-    while (i < sz && fgets(line,sizeof(line)-2,f)) {
-        if (strncmp(line, "name=", 5) == 0) {
-            data[i] = malloc(strlen(line));
-            strcpy(data[i], line);
-            i++;
-        }
-    }
-    fclose(f);
-
-    return 1;  // success
-}
-
-const char * getname(const char *data) {
-    static char name[32];
-    if (strncmp(data,"name=",5) != 0)
-        return NULL;
-    int i = 0;
-    while (i < sizeof(name) && data[i+5] && data[i+5] != '&') {
-        name[i] = data[i+5];
-        i++;
-    }
-    if (i >= sizeof(name))
-        return NULL;
-    while (i < sizeof(name))
-        name[i++] = 0;
-    return name;
-}
-
 int main() {
     char *data[MAX_RECORDS] = {0};
 
@@ -50,15 +16,7 @@ int main() {
     }
 
     // sort
-    for (int i = 1; i < MAX_RECORDS && data[i]; i++) {
-        if (strcmp(data[i-1],data[i]) > 0) {
-            char *p = data[i-1];
-            data[i-1] = data[i];
-            data[i] = p;
-            if (i > 1)
-                i--;
-        }
-    }
+    sortdata(data,MAX_RECORDS);
 
     // output
     printf("Content-type: text/html\r\n\r\n");
diff --git a/htdocs/archive/submit.c b/htdocs/archive/submit.c
index 2ef3b81aa..ddcf7c861 100644
--- a/htdocs/archive/submit.c
+++ b/htdocs/archive/submit.c
@@ -1,6 +1,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <ctype.h>
+
+#include "webarchive.h"
 
 static void unencode(const char *src, char *dest)
 {
@@ -19,25 +22,63 @@ static void unencode(const char *src, char *dest)
     *dest = '\0';
 }
 
+const char *validate(const char *data)
+{
+    int i;
+    if (strncmp(data,"name=",5) != 0)
+        return "invalid query string: must start with 'name='";
+    i = 5;
+    while (isalnum(data[i]))
+        i++;
+    if (i == 5)
+        return "invalid query string: no name";
+    if (i > 35)
+        return "invalid query string: max name size is 32";
+    if (data[i] == '\0')
+        return NULL;
+    if (data[i] != '&')
+        return "invalid query string: only alphanumeric characters are allowed in the name";
+    if (strncmp(data+i,"&data=",6)!=0)
+        return "invalid query string";
+    i += 6;
+
+    // TODO: check XML data..
+    
+    return NULL;
+}
+
 int main()
 {
     const char *query_string = getenv("QUERY_STRING");
     if (query_string == NULL) {
-        printf("Content-type: text/plain\n\n");
+        printf("Content-type: text/plain\r\n\r\n");
         printf("empty/invalid data\n");
     } else if (strlen(query_string) > 1024) {
-        printf("Content-type: text/plain\n\n");
+        printf("Content-type: text/plain\r\n\r\n");
         printf("data size limit exceeded (1024)\n");
+    } else if (NULL != validate(query_string)) {
+        printf("Content-type: text/plain\r\n\r\n");
+        printf("%s\n", validate(query_string));
     } else {
         char data[4096] = {0};
         unencode(query_string, data);
 
-        FILE *f = fopen("data.txt", "a");
-        fprintf(f,"%s\n",data);
-        fclose(f);
+        printf("Content-type: text/plain\r\n\r\n");
 
-        printf("Content-type: text/plain\n\n");
-        printf("saved\n");
+        if (NULL != validate(data)) {
+            printf("%s\n", validate(data));
+        } else {
+            char *olddata[MAX_RECORDS] = {0};
+            olddata[0] = data;
+            readdata(&olddata[1], MAX_RECORDS-1);
+            sortdata(olddata, MAX_RECORDS);
+
+            FILE *f = fopen("data.txt", "wt");
+            for (int i = 0; i < MAX_RECORDS && olddata[i]; i++)
+                fprintf(f, "%s\n", olddata[i]);
+            fclose(f);
+            printf("saved\n");
+        }
     }
 
     return EXIT_SUCCESS;
diff --git a/htdocs/archive/webarchive.h b/htdocs/archive/webarchive.h
new file mode 100644
index 000000000..b08895ef4
--- /dev/null
+++ b/htdocs/archive/webarchive.h
@@ -0,0 +1,54 @@
+
+#include <string.h>
+
+#define MAX_RECORDS 1000
+
+int readdata(char * * const data, int sz)
+{
+    FILE *f = fopen("data.txt", "rt");
+    if (!f)
+        return 0;  // failed
+
+    char line[10000] = {0};
+    int i = 0;
+    while (i < sz && fgets(line,sizeof(line)-2,f)) {
+        if (strncmp(line, "name=", 5) == 0) {
+            data[i] = malloc(strlen(line));
+            strcpy(data[i], line);
+            i++;
+        }
+    }
+    fclose(f);
+
+    return 1;  // success
+}
+
+const char * getname(const char *data) {
+    static char name[32];
+    if (strncmp(data,"name=",5) != 0)
+        return NULL;
+    int i = 0;
+    while (i < sizeof(name) && data[i+5] && data[i+5] != '&') {
+        name[i] = data[i+5];
+        i++;
+    }
+    if (i >= sizeof(name))
+        return NULL;
+    while (i < sizeof(name))
+        name[i++] = 0;
+    return name;
+}
+
+void sortdata(char * * const data, int sz)
+{
+    for (int i = 1; i < sz && data[i]; i++) {
+        if (strcmp(data[i-1], data[i]) > 0) {
+            char *p = data[i-1];
+            data[i-1] = data[i];
+            data[i] = p;
+            if (i > 1)
+                i--;
+        }
+    }
+}
+