diff --git a/src/zutil/db/SQLQuery.java b/src/zutil/db/SQLQuery.java
new file mode 100644
index 0000000..8d7a256
--- /dev/null
+++ b/src/zutil/db/SQLQuery.java
@@ -0,0 +1,140 @@
+package zutil.db;
+
+import java.util.ArrayList;
+import java.util.LinkedList;
+
+/**
+ * A class that generates a query by objects, minimizes errors
+ * 
+ * @author Ziver
+ */
+public class SQLQuery {
+	protected abstract class SQLQueryItem{
+		public abstract void getString(StringBuilder query);
+		
+		public String toString(){
+			StringBuilder query = new StringBuilder();
+			this.getString(query);
+			return query.toString();
+		}
+	}
+
+	//*******************************************
+	// Main Types
+	protected class Select extends SQLQueryItem{
+		String[] params;
+
+		/**
+		 * @param		params		is the columns that you want out of the SELECT query, leave empty for all columns
+		 */
+		public Select(String ...params ){
+			this.params = params;
+		}
+		
+		public void getString(StringBuilder query) {
+			query.append("SELECT ");
+			if( params == null )
+				query.append("* ");
+			else{
+				for(int i=0; i<params.length ;i++){
+					query.append(params[i]);
+					if( i != params.length-1 )
+						query.append(", ");
+				}
+				query.append(' ');
+			}			
+		}
+		
+		public From FROM(String table){
+			return new From(table);
+		}
+	}
+	
+	protected class Update extends SQLQueryItem{
+		public void getString(StringBuilder query) {
+			
+		}
+	}
+	
+	protected class Delete extends SQLQueryItem{
+		public void getString(StringBuilder query) {
+			
+		}
+	}
+	
+	//*******************************************
+	// Sub Types
+	protected class From extends SQLQueryItem{
+		ArrayList<String> tables;
+
+		public From(String ...tables){
+			this.tables = new ArrayList<String>();
+			for( String table : tables )
+				this.tables.add(table);
+		}
+		
+		public From NATURALJOIN(String ...tables){
+			return joinTable("NATURAL JOIN", tables);
+		}
+		
+		public From JOIN(String ...tables){
+			return joinTable("JOIN", tables);
+		}
+		
+		public From UNION(String ...tables){
+			return joinTable("UNION", tables);
+		}
+		
+		private From joinTable(String type, String[] tables){
+			StringBuilder str = new StringBuilder();
+			for(int i=0; i<tables.length ;i++){
+				str.append(tables[i]);
+				if( i != tables.length-1 )
+					str.append(' ').append(type).append(' ');
+			}
+			str.append(' ');
+			this.tables.add(str.toString());
+			return this;
+		}
+		
+		public void getString(StringBuilder query) {
+			query.append("FROM ");
+			if( tables.isEmpty() )
+				throw new RuntimeException("The FROM query item must hav atleast 1 table!");
+			for(int i=0; i<tables.size() ;i++){
+				query.append(tables.get(i));
+				if( i != tables.size()-1 )
+					query.append(", ");
+			}
+			query.append(' ');
+		}
+	}
+	
+	
+	//*******************************************
+	// Condition Types
+	protected class Where extends SQLQueryItem{
+		
+		public void getString(StringBuilder query) {
+			
+		}
+	}
+	
+	//*******************************************
+	// Sorting Types
+	
+	
+	//*******************************************
+	public Select SELECT(){
+		return new Select();
+	}
+	
+	public Update UPDATE(){
+		return new Update();
+	}
+	
+	public Delete DELETE(){
+		return new Delete();
+	}
+	
+}
diff --git a/src/zutil/db/bean/DBBean.java b/src/zutil/db/bean/DBBean.java
index 02182cc..e5bf3e6 100644
--- a/src/zutil/db/bean/DBBean.java
+++ b/src/zutil/db/bean/DBBean.java
@@ -188,7 +188,7 @@ public abstract class DBBean {
 				if( id != null )
 					query.append( " WHERE id=?" );
 			}
-			logger.finest("Save query("+c.getSimpleName()+"): "+query.toString());
+			logger.finest("Save query("+c.getName()+" id:"+this.getId()+"): "+query.toString());
 			PreparedStatement stmt = db.getPreparedStatement( query.toString() );
 			// Put in the variables in the SQL
 			int index = 1;
@@ -250,8 +250,12 @@ public abstract class DBBean {
 							if(subConfig == null)
 								subConfig = beanConfigs.get( subobj.getClass() );
 							// Save links in link table
-							String subsql = "REPLACE INTO "+subtable+" SET "+idcol+"=?, "+sub_idcol+"=?";
-							logger.finest("List Save query("+c.getSimpleName()+"): "+subsql);
+							String subsql = "";
+							if( subtable.equals(subConfig.tableName) )
+								subsql = "UPDATE "+subtable+" SET "+idcol+"=? WHERE "+sub_idcol+"=?";
+							else
+								subsql = "REPLACE INTO "+subtable+" SET "+idcol+"=?, "+sub_idcol+"=?";
+							logger.finest("List Save query("+c.getName()+" id:"+subobj.getId()+"): "+subsql);
 							PreparedStatement subStmt = db.getPreparedStatement( subsql );
 							subStmt.setLong(1, this.getId() );
 							subStmt.setLong(2, subobj.getId() );
@@ -281,7 +285,7 @@ public abstract class DBBean {
 			throw new NoSuchElementException("ID field is null( Has the bean been saved?)!");
 
 		String sql = "DELETE FROM "+config.tableName+" WHERE id=?";
-		logger.fine("Delete query("+c.getSimpleName()+"): "+sql);
+		logger.fine("Delete query("+c.getName()+" id:"+this.getId()+"): "+sql);
 		PreparedStatement stmt = db.getPreparedStatement( sql );
 		// Put in the variables in the SQL
 		stmt.setObject(1, this.getId() );
@@ -305,7 +309,7 @@ public abstract class DBBean {
 		DBBeanConfig config = beanConfigs.get(c);
 		// Generate query
 		String sql = "SELECT * FROM "+config.tableName;
-		logger.fine("Load query("+c.getSimpleName()+"): "+sql);
+		logger.fine("Load All query("+c.getName()+"): "+sql);
 		PreparedStatement stmt = db.getPreparedStatement( sql );
 		// Run query
 		List<T> list = DBConnection.exec(stmt, DBBeanSQLResultHandler.createList(c, db) );
@@ -320,14 +324,14 @@ public abstract class DBBean {
 	 * @param	id		is the id value of the bean
 	 * @return			a DBBean Object with the specific id or null
 	 */
-	public static <T extends DBBean> T load(DBConnection db, Class<T> c, Object id) throws SQLException {
+	public static <T extends DBBean> T load(DBConnection db, Class<T> c, long id) throws SQLException {
 		// Initiate a BeanConfig if there is non
 		if( !beanConfigs.containsKey( c ) )
 			initBeanConfig( c );
 		DBBeanConfig config = beanConfigs.get(c);
 		// Generate query
 		String sql = "SELECT * FROM "+config.tableName+" WHERE id=? LIMIT 1";
-		logger.fine("Load query("+c.getSimpleName()+"): "+sql);
+		logger.fine("Load query("+c.getName()+" id:"+id+"): "+sql);
 		PreparedStatement stmt = db.getPreparedStatement( sql );
 		stmt.setObject(1, id );
 		// Run query
@@ -361,7 +365,7 @@ public abstract class DBBean {
 		}
 		query.delete( query.length()-2, query.length());
 		query.append(")");
-		logger.fine("Create query("+c.getSimpleName()+"): "+sql.toString());
+		logger.fine("Create query("+c.getName()+"): "+sql.toString());
 		PreparedStatement stmt = sql.getPreparedStatement( sql.toString() );
 
 		// Execute the SQL
diff --git a/src/zutil/io/file/FileUtil.java b/src/zutil/io/file/FileUtil.java
index c033455..c31101a 100644
--- a/src/zutil/io/file/FileUtil.java
+++ b/src/zutil/io/file/FileUtil.java
@@ -260,9 +260,9 @@ public class FileUtil {
 	 * @return 					The extension
 	 */
 	public static String fileExtension(String file){
-		if(file.lastIndexOf(".")==-1)
+		if( file == null || file.lastIndexOf(".") == -1 )
 			return "";
-		return file.substring(file.lastIndexOf(".")+1,file.length());
+		return file.substring(file.lastIndexOf(".")+1, file.length());
 	}
 	
 }
diff --git a/src/zutil/jee/upload/AjaxFileUpload.java b/src/zutil/jee/upload/AjaxFileUpload.java
index e3dcd9e..9151a61 100644
--- a/src/zutil/jee/upload/AjaxFileUpload.java
+++ b/src/zutil/jee/upload/AjaxFileUpload.java
@@ -5,10 +5,12 @@ import java.io.IOException;
 import java.io.PrintWriter;
 import java.util.ArrayList;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.Iterator;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
+import java.util.logging.Level;
 import java.util.logging.Logger;
 
 import javax.servlet.ServletConfig;
@@ -76,6 +78,7 @@ public abstract class AjaxFileUpload extends HttpServlet {
 
 	public static File TEMPFILE_PATH = null;
 	public static String JAVASCRIPT = "";
+	public static HashSet<String> ALLOWED_EXTENSIONS = new HashSet<String>();
 
 	public void init(ServletConfig config) throws ServletException {
 		super.init(config);
@@ -95,6 +98,14 @@ public abstract class AjaxFileUpload extends HttpServlet {
 				else
 					TEMPFILE_PATH = new File( config.getInitParameter("TEMP_PATH") );
 			}
+			
+			// Read allowed file types
+			if(config.getInitParameter("ALLOWED_EXTENSIONS") != null){
+				String[] tmp = config.getInitParameter("TEMP_PATH").split(",");
+				for( String ext : tmp ){
+					ALLOWED_EXTENSIONS.add(ext.trim());
+				}
+			}
 
 		} catch (IOException e) {
 			e.printStackTrace();
@@ -179,6 +190,8 @@ public abstract class AjaxFileUpload extends HttpServlet {
 			FileItemIterator it = upload.getItemIterator( request );
 			while( it.hasNext() ) {
 				FileItemStream item = it.next();
+				if( !ALLOWED_EXTENSIONS.contains( FileUtil.fileExtension(item.getName()) ))
+					throw new Exception("Filetype "+FileUtil.fileExtension(item.getName())+" not allowed!");
 				listener.setFileName( item.getName() );
 				FileItem fileItem = factory.createItem(item.getFieldName(),
 						item.getContentType(), item.isFormField(), item.getName());
@@ -204,7 +217,7 @@ public abstract class AjaxFileUpload extends HttpServlet {
 			// Done
 			listener.setStatus( Status.Done );
 		} catch (Exception e) {
-			e.printStackTrace();
+			logger.log(Level.WARNING, null, e);
 			listener.setStatus(Status.Error);
 			listener.setFileName("");
 			listener.setMessage( e.getMessage() );