diff --git a/public/include/classes/tools.class.php b/public/include/classes/tools.class.php
index 7891cb10..3bcf16e1 100644
--- a/public/include/classes/tools.class.php
+++ b/public/include/classes/tools.class.php
@@ -86,6 +86,9 @@ class Tools extends Base {
       	  return @$aData['return']['markets'][$strCurrency]['lasttradeprice'];
       	  break;
       }
+    } else {
+      $this->setErrorMessage("Got an invalid response using URL ".$this->config['price']['url']." and target ".$this->config['price']['target']);
+      return false;
     }
     // Catchall, we have no data extractor for this API url
     $this->setErrorMessage("Undefined API to getPrice() on URL " . $this->config['price']['url']);
diff --git a/public/include/pages/account/edit.inc.php b/public/include/pages/account/edit.inc.php
index 4c97879a..6acd773c 100644
--- a/public/include/pages/account/edit.inc.php
+++ b/public/include/pages/account/edit.inc.php
@@ -166,9 +166,9 @@ if ($user->isAuthenticated()) {
 // 2fa - one last time so we can sync with changes we made during this page
 if ($user->isAuthenticated() && $config['twofactor']['enabled']) {
   // set the token to be the old token, just in case an error occured
-  $ea_token = ($oldtoken_ea !== '') ? $oldtoken_ea : @$ea_token;
-  $wf_token = ($oldtoken_wf !== '') ? $oldtoken_wf : @$wf_token;
-  $cp_token = ($oldtoken_cp !== '') ? $oldtoken_cp : @$cp_token;
+  $ea_token = (@$oldtoken_ea !== '') ? $oldtoken_ea : @$ea_token;
+  $wf_token = (@$oldtoken_wf !== '') ? $oldtoken_wf : @$wf_token;
+  $cp_token = (@$oldtoken_cp !== '') ? $oldtoken_cp : @$cp_token;
   if ($config['twofactor']['options']['details']) {
     $ea_editable = $user->token->isTokenValid($_SESSION['USERDATA']['id'], $ea_token, 5);
     $ea_sent = $user->token->doesTokenExist('account_edit', $_SESSION['USERDATA']['id']);
diff --git a/public/include/pages/login.inc.php b/public/include/pages/login.inc.php
index 0682699f..cd8248f7 100644
--- a/public/include/pages/login.inc.php
+++ b/public/include/pages/login.inc.php
@@ -59,6 +59,7 @@ if ($setting->getValue('maintenance') && !$user->isAdmin($user->getUserId($_POST
       $_SESSION['POPUP'][] = array('CONTENT' => 'Unable to login: '. $user->getError(), 'TYPE' => 'errormsg');
     }
   } else {
+    // csrf enabled and invalid csrf token
     $img = $csrftoken->getDescriptionImageHTML();
     $_SESSION['POPUP'][] = array('CONTENT' => "Login token expired, please try again $img", 'TYPE' => 'info');
   }