diff --git a/src/database.ts b/src/database.ts
index 8e7c302..df0f3d2 100644
--- a/src/database.ts
+++ b/src/database.ts
@@ -45,8 +45,12 @@ async function query(query: string){
 }
 
 async function validatePassword(username: string, password: string){
-	let pass: any = await query('select password_hash from users where username='+raw.escape(username)+' limit 1');
-	return await bcrypt.compare(password, pass[0].password_hash.toString());
+	try {
+		let pass: any = await query('select password_hash from users where username='+raw.escape(username)+' limit 1');
+		return await bcrypt.compare(password, pass[0].password_hash.toString());
+	} catch(e) {
+		return false;
+	}
 }
 
 async function hash(pwd){
diff --git a/templates/login.njk b/templates/login.njk
index f5cb4f8..b61f1e3 100644
--- a/templates/login.njk
+++ b/templates/login.njk
@@ -3,8 +3,15 @@
 <h3>Log in to {{ sitename }}</h3><span style="font-size: small;">Not registered yet? Sign up <a href="/register">here</a>.</br></br></span>
 			<form action="/api/login" method="POST" target="responseFrame">
 				Username: </br><input type="text" name="username" style="min-width: 300px" placeholder="e.g. lain"/></br>
-        		Password: </br><input type="password" name="password" style="min-width: 300px"/></br>
+        		Password: </br><input type="password" name="password" style="min-width: 300px"/></br></br>
 				<input type="submit" value="Submit">
 			</form>
-			<iframe name="responseFrame" border="0" frameborder="0" style="display: inline;"></iframe>
+			<script type="text/javascript">
+        		function handleLoad() {
+            		var r = JSON.parse(document.getElementById('responseFrame').contentDocument.documentElement.textContent).success
+					if (typeof(r) !== 'undefined') window.location.href = '/profile'
+        		}
+    		</script>
+			<iframe name="responseFrame" onload="handleLoad()" border="0" frameborder="0" style="display: inline;" id="responseFrame">
+			</iframe>
 {% endblock %}
\ No newline at end of file