diff --git a/action/reply.php b/action/reply.php
index 596fae9..973b122 100644
--- a/action/reply.php
+++ b/action/reply.php
@@ -9,19 +9,22 @@ if(!isset($_GET["q"])){
 else if(!isset($_SESSION["uid"])){
        	echo("You need to log in to perform that task.");
 }
-else if(isset($_POST["answered"])){
-	if($_POST["answer_body"] == ""){
-		echo("Answer cannot be blank.");
+else{
+	$db = new sqlite3('../ask.db');
+	
+	$question = $db->query("SELECT * FROM questions WHERE id = '" . $_GET["q"] . "';")->fetchArray(SQLITE3_ASSOC);
+	if(!$question || !$question["id"]){
+		echo("Question not found.");
+		die();
 	}
-	else{
-		$db = new sqlite3('../ask.db');
-		
-		$question = $db->query("SELECT * FROM questions WHERE id = '" . $_GET["q"] . "';")->fetchArray(SQLITE3_ASSOC);
-		if(!$question || !$question["id"]){
-			echo("Question not found.");
-		}
-		else if($question["user"] != $_SESSION["uid"]){
-			echo("You're not allowed to perform that task.");
+	else if($question["user"] != $_SESSION["uid"]){
+		echo("You have no permission to answer this question.");
+		die();
+	}
+
+	if(isset($_POST["answered"])){
+		if($_POST["answer_body"] == ""){
+			echo("Answer cannot be blank.");
 		}
 		else{
 			$db->exec("UPDATE questions SET answer = '" . htmlspecialchars($_POST["answer_body"], ENT_QUOTES) . "', a_date = " . strtotime("now") . " WHERE id = " . $_GET["q"] . ";");
@@ -37,11 +40,6 @@ else if(isset($_POST["answered"])){
 	}
 }
 
-
-$db = new SQLite3('../ask.db');
-		
-$question = $db->query("SELECT * FROM questions WHERE id = '" . $_GET["q"] . "';")->fetchArray(SQLITE3_ASSOC);
-
 ?>
 
 <!DOCTYPE html>