diff --git a/gulp/res/css/style.css b/gulp/res/css/style.css
index 24780d0c..dd2cd747 100644
--- a/gulp/res/css/style.css
+++ b/gulp/res/css/style.css
@@ -265,8 +265,7 @@ blockquote {
 	text-align: center;
 	margin: 2px;
 	margin-top: 0px;
-	max-width: 128px;
-	word-break: break-all;
+	/*max-width: 128px;*/
 }
 
 .post-file-src {
diff --git a/helpers/captchagenerate.js b/helpers/captchagenerate.js
index 74f4127b..3022d76d 100644
--- a/helpers/captchagenerate.js
+++ b/helpers/captchagenerate.js
@@ -32,7 +32,7 @@ module.exports = (text, captchaId) => {
 		.quality(30)
 		.write(`./uploads/captcha/${captchaId}.jpg`, (err) => {
 			if (err) {
-				return reject();
+				return reject(err);
 			}
 			return resolve();
 		});
diff --git a/helpers/tripcode.js b/helpers/tripcode.js
index 985abc1b..64298741 100644
--- a/helpers/tripcode.js
+++ b/helpers/tripcode.js
@@ -1,7 +1,9 @@
 'use strict';
 
 const Tripcodes = require(__dirname+'/../db/trips.js')
-	, crypto = require('crypto');
+    , util = require('util')
+    , crypto = require('crypto')
+    , randomBytes = util.promisify(crypto.randomBytes);
 
 module.exports = async (password) => {
 
@@ -12,7 +14,8 @@ module.exports = async (password) => {
 	}
 
 	//fix, not sure how secure
-	const fullTripCodeHash = crypto.createHash('sha256').update(password + Math.random()).digest('base64');
+	const salt = (await randomBytes(128)).toString('hex');
+	const fullTripCodeHash = crypto.createHash('sha256').update(password + salt).digest('base64');
 	const trip = fullTripCodeHash.substring(fullTripCodeHash.length-10);
 	await Tripcodes.insertOne(password, trip);
 	return trip;
diff --git a/models/forms/make-post.js b/models/forms/make-post.js
index 18cb905b..581ff16e 100644
--- a/models/forms/make-post.js
+++ b/models/forms/make-post.js
@@ -48,6 +48,8 @@ module.exports = async (req, res, next, numFiles) => {
 				'redirect': redirect
 			});
 		}
+		salt = thread.salt;
+		redirect += `/thread/${req.body.thread}`
 		if (thread.locked && !hasPerms) {
 			return res.status(400).render('message', {
 				'title': 'Bad request',
@@ -62,8 +64,6 @@ module.exports = async (req, res, next, numFiles) => {
 				'redirect': redirect
 			});
 		}
-		salt = thread.salt;
-		redirect += `/thread/${req.body.thread}`
 	}
 	let files = [];
 	// if we got a file