diff --git a/Website/__init__.py b/Website/__init__.py
index 34b1b00..0cfcb09 100644
--- a/Website/__init__.py
+++ b/Website/__init__.py
@@ -76,7 +76,7 @@ def create_app(test_config=None):
         users = c.fetchall()
         text = ""
         for i in users:
-            text = text + f'<p><a href="list/user?id={i[0]}">{escape(i[1])}</a>: {i[2]}€ <form action="/change" method="get"><input name="id" type="hidden" value="{i[0]}"> <input name="change" type="number" step="0.1" placeholder="change balance"></form></p> <br style="line-height: 50%;"></br>'
+            text = text + f'<p><a href="list/user?id={i[0]}">{escape(i[1])}</a>: {i[2]}€ <form action="/change" method="post"><input name="id" type="hidden" value="{i[0]}"> <input name="change" type="number" step="0.1" placeholder="change balance"></form></p> <br style="line-height: 50%;"></br>'
         return '''<!DOCTYPE html>
             <html lang="en">
             <script src="https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.0.1/socket.io.js" integrity="sha512-q/dWJ3kcmjBLU4Qc47E4A9kTB4m3wuTY7vkFJDTZKjTs8jhyGQnaUrxa0Ytd0ssMZhbNua9hE+E7Qv1j+DyZwA==" crossorigin="anonymous"></script>
@@ -89,7 +89,7 @@ def create_app(test_config=None):
             <title>Strichliste</title>
             <p><a href="/list">user and tag list</a> | <a href="/documentation">Documentation</a></p>
             <form action="/list/user" method="get"><input name="user" type="search" placeholder="Search for user"><button>Search</button></form>
-            <form action="/adduser" method="get"><button type="submit">Add User</button></form> 
+            <form action="/adduser" method="post"><button type="submit">Add User</button></form> 
             <br></br>
             ''' + text + '</html>'  
 
@@ -117,29 +117,29 @@ def create_app(test_config=None):
                 <title>{escape(user[1])}</title>
                 <p><a href="/list">user and tag list</a> | <a href="/documentation">Documentation</a></p>
                 <p> {escape(user[1])} : {user[2]}€ <p>
-                <form action="/addtag" method="get"><input name="id" type="hidden" value="{user[0]}"><button type="submit">Add Tag</button></form>
-                <form action="/removetag" method="get"><input name="id" type="hidden" value="{user[0]}"><button type="submit">Remove Tag</button></form>
-                </p><form action="/change" method="get"><input name="id" type="hidden" value="{user[0]}"> <input name="change" type="number" step="0.1" placeholder="change balance"></form>
+                <form action="/addtag" method="post"><input name="id" type="hidden" value="{user[0]}"><button type="submit">Add Tag</button></form>
+                <form action="/removetag" method="post"><input name="id" type="hidden" value="{user[0]}"><button type="submit">Remove Tag</button></form>
+                </p><form action="/change" method="post"><input name="id" type="hidden" value="{user[0]}"> <input name="change" type="number" step="0.1" placeholder="change balance"></form>
                 </p>
                 <br></br>
                 <p>Tags:</p>
                 {text}
                 <br></br>
-                <form action="/removeuser" method="get"><input name="id" type="hidden" value="{user[0]}"><button type="submit">Remove User</button></form>
+                <form action="/removeuser" method="post"><input name="id" type="hidden" value="{user[0]}"><button type="submit">Remove User</button></form>
             </html>
             """
         else:
             return render_template("error.html", error_code="043")
 
-    @app.route("/adduser")
+    @app.route("/adduser", methods=['POST'])
     def new_user():
         return render_template("adduser.html")
 
-    @app.route("/removeuser", methods=['GET'])
+    @app.route("/removeuser", methods=['POST'])
     def remove_user():
         db = get_db()
         c = db.cursor()
-        user_id = request.args.get("id")
+        user_id = request.form["id"]
         c.execute(f"SELECT * FROM users WHERE id=?", [user_id])
         users = c.fetchall()
         if users != []:
@@ -154,11 +154,11 @@ def create_app(test_config=None):
         else:
             return render_template("error.html", error_code="043")
 
-    @app.route("/adduser/user", methods=['GET'])
+    @app.route("/adduser/user", methods=['POST'])
     def adduser():
         db = get_db()
         c = db.cursor()
-        username = request.args.get("username")
+        username = request.form["username"]
         if username == None:
             return render_template("error.html", error_code="418")
         c.execute("SELECT * FROM users WHERE username=?", [username]) 
@@ -181,12 +181,12 @@ def create_app(test_config=None):
             return render_template("error.html", error_code="757")
 
 
-    @app.route("/change", methods=['GET'])
+    @app.route("/change", methods=['POST'])
     def change():
         db = get_db()
         c = db.cursor()
         try: 
-            user_id = request.args.get("id")
+            user_id = request.form["id"]
             change = float(request.args.get("change"))
         except:
             return render_template("error.html", error_code="095")
@@ -210,10 +210,10 @@ def create_app(test_config=None):
         else:
             return render_template("error.html", error_code="043")
 
-    @app.route("/addtag", methods=['GET'])
+    @app.route("/addtag", methods=['POST'])
     def get_addtag_request(): 
         try:
-            user_id = int(request.args.get("id"))
+            user_id = int(request.form["id"])
         except:  #except im Normalen Code!
             return render_template("error.html", error_code="095")
         session_id = uuid.uuid4()
@@ -248,10 +248,10 @@ def create_app(test_config=None):
             socketio.emit("error", "418", to=session[id])
         leave_room(session[id])
     
-    @app.route("/removetag", methods=['GET'])
+    @app.route("/removetag", methods=['POST'])
     def get_removetag_request(): 
         try:
-            user_id = int(request.args.get("id"))
+            user_id = int(request.form["id"])
         except:  #except im Normalen Code!
             return render_template("error.html", error_code="043")
         session_id = uuid.uuid4()
@@ -287,11 +287,11 @@ def create_app(test_config=None):
         leave_room(session[id])
 
     #api
-    @app.route("/api/change", methods=['GET']) 
+    @app.route("/api/change", methods=['POST']) 
     def api_change():
         db = get_db()
         c = db.cursor()
-        userid = request.args.get("id")
+        userid = request.form["id"]
         c.execute("SELECT * FROM users WHERE id=?", [userid])
         user_list = c.fetchall()
         if user_list != []:
@@ -311,13 +311,13 @@ def create_app(test_config=None):
             return make_response(json.dumps({"mode":"error","error":"043"}))
 
 
-    @app.route("/api/tag_id", methods=['GET'])
+    @app.route("/api/tag_id", methods=['POST'])
     def get_id():
         global finished
         global message
         db = get_db()
         c = db.cursor()
-        tag_id = request.args.get("id")
+        tag_id = request.form["id"]
         c.execute(f"SELECT * FROM tags WHERE tagid=?", [tag_id])
 
         tag_list = c.fetchall()
diff --git a/Website/templates/adduser.html b/Website/templates/adduser.html
index 680302a..7368ebe 100644
--- a/Website/templates/adduser.html
+++ b/Website/templates/adduser.html
@@ -3,6 +3,6 @@
    <title>add user</title>
    <p><a href="/list">user and tag list</a> | <a href="/documentation">Documentation</a></p>
    <p>
-    <form action="/adduser/user" method="get"><input name="username" type="search" placeholder="Username"><button>Add user</button></form>
+    <form action="/adduser/user" method="post"><input name="username" type="search" placeholder="Username"><button>Add user</button></form>
    </p>
 </html>
\ No newline at end of file
