diff --git a/cfg_grades.php b/cfg_grades.php
index 074ffb4..182e061 100644
--- a/cfg_grades.php
+++ b/cfg_grades.php
@@ -51,23 +51,20 @@ foreach ($mappings as $cfg) {
 }
 
 print $OUTPUT->header();
-print "<pre>";
-print $CFG->gradebookroles;
-print "</pre>";
 
-if ($_POST["action"] == "update") {
+$action = optional_param("action","",PARAM_TEXT);
+if ($action == "update") {
     // First loop through the scales to see which need to be updated.
     foreach ($scales as $scale) {
         if (array_key_exists($scale->id, $scalecfgs)) {
             $scalecfg = $scalecfgs[$scale->id];
 
             $needupdate = false;
-            foreach (["min_progress", "min_completed"] as $handle) {
+            foreach (["min_completed"] as $handle) {
                 $key = "s_{$scale->id}_{$handle}";
-                if (array_key_exists($key, $_POST) && is_numeric($_POST[$key])) {
-                    $value = intval($_POST[$key]);
-                    if ($value != $scalecfg->$handle) {
-                        $scalecfg->$handle = $value;
+                if (($v = optional_param($key, null, PARAM_INT)) !== null) {
+                    if ($v != $scalecfg->$handle) {
+                        $scalecfg->$handle = $v;
                         $needupdate = true;
                     }
                 }
@@ -79,10 +76,10 @@ if ($_POST["action"] == "update") {
         } else {
             $scalecfg = (object)[ "scale_id" => $scale->id];
             $requireinsert = false;
-            foreach (["min_progress", "min_completed"] as $handle) {
+            foreach (["min_completed"] as $handle) {
                 $key = "s_{$scale->id}_{$handle}";
-                if (array_key_exists($key, $_POST) && is_numeric($_POST[$key])) {
-                    $scalecfg->$handle = intval($_POST[$key]);
+                if (($v = optional_param($key, null, PARAM_INT)) !== null) {
+                    $scalecfg->$handle = $v;
                     $requireinsert = true;
                 }
             }
@@ -98,39 +95,36 @@ if ($_POST["action"] == "update") {
     $deletelist = [];
     foreach ($gradecfgs as $gradecfg) {
         $deletekey = "g_{$gradecfg->grade_points}_delete";
-        if (array_key_exists($deletekey, $_POST) && boolval($_POST[$deletekey]) === true) {
+        $dval = optional_param($deletekey, "", PARAM_TEXT);
+        if (in_array(strtolower($dval),["on","true"])) {
             $DB->delete_records(GRADECFG_TABLE, ["id" => $gradecfg->id]);
             $deletelist[] = $gradecfg;
         } else {
-            foreach (["min_progress", "min_completed"] as $handle) {
+            foreach (["min_completed"] as $handle) {
                 $key = "g_{$gradecfg->grade_points}_{$handle}";
-                if (array_key_exists($key, $_POST) && is_numeric($_POST[$key])) {
-                    $gradecfg->$handle = floatval($_POST[$key]);
+                $gradecfg->$handle = optional_param($key, null, PARAM_LOCALISEDFLOAT);
+                if ($gradecfg->$handle !== null) {
+                    $DB->update_record(GRADECFG_TABLE, $gradecfg);
+                    // Reload to ensure proper rounding is done.
+                    $gradecfgs[$gradecfg->grade_points] = $DB->get_record(GRADECFG_TABLE, ['id' => $gradecfg->id]);
                 }
             }
-            $DB->update_record(GRADECFG_TABLE, $gradecfg);
-            // Reload to ensure proper rounding is done.
-            $gradecfgs[$gradecfg->grade_points] = $DB->get_record(GRADECFG_TABLE, ['id' => $gradecfg->id]);
         }
     }
-
     foreach ($deletelist as $gradeconfig) {
-        unset($gradecfgs[$gradecfg->grade_points]);
+        unset($gradecfgs[$gradeconfig->grade_points]);
     }
     unset($deletelist);
 
     // And add an optionally existing new gradepoint setting.
-    if (array_key_exists("g_new_gradepoints", $_POST)
-        && !empty($_POST["g_new_gradepoints"])
-        && is_numeric($_POST["g_new_gradepoints"]) ) {
-        $gp = intval($_POST["g_new_gradepoints"]);
+    if (($gp = optional_param("g_new_gradepoints", null, PARAM_INT)) !== null) {
         if (!array_key_exists($gp, $gradecfgs)) {
             $gradecfg = (object)[ "grade_points" => $gp];
             $requireinsert = false;
             foreach (["min_progress", "min_completed"] as $handle) {
                 $key = "g_new_{$handle}";
-                if (array_key_exists($key, $_POST) && is_numeric($_POST[$key])) {
-                    $gradecfg->$handle = floatval($_POST[$key]);
+                if (($v = optional_param($key, null, PARAM_LOCALISEDFLOAT)) !== null) {
+                    $gradecfg->$handle = $v;
                     $requireinsert = true;
                 }
             }
@@ -146,7 +140,7 @@ if ($_POST["action"] == "update") {
 
 }
 
-    // Process all available scales and load the current configuration for it.
+// Process all available scales and load the current configuration for it.
 $data = [];
 foreach ($scales as $scale) {
     $scale->load_items();
@@ -205,7 +199,6 @@ print html_writer::tag("input", null, ['name' => "action", 'value' => 'update',
 $table = new html_table();
 $table->id = "";
 $table->attributes['class'] = 'generaltable m-roomtable';
-$table->tablealign = 'center';
 $table->head = [];
 $table->data = $data;
 $table->head[] = get_string('scale');
@@ -253,7 +246,6 @@ $data[] = $row;
 $table = new html_table();
 $table->id = "";
 $table->attributes['class'] = 'generaltable m-roomtable';
-$table->tablealign = 'center';
 $table->head = [];
 $table->data = $data;
 $table->head[] = get_string('grade_points', 'local_treestudyplan');