diff --git a/system/admin/admin.php b/system/admin/admin.php
index 46c1855..afb62f4 100644
--- a/system/admin/admin.php
+++ b/system/admin/admin.php
@@ -5,7 +5,9 @@ function user($key, $user=null) {
 	static $_config = array();
 	if (file_exists($value)) {
 		$_config = parse_ini_file($value, true);
-		return $_config[$key];
+		if(!empty($_config[$key])) {
+			return $_config[$key];
+		}
 	}
 }
 
diff --git a/system/admin/views/delete-page.html.php b/system/admin/views/delete-page.html.php
index 56c4e6d..5db0fd6 100644
--- a/system/admin/views/delete-page.html.php
+++ b/system/admin/views/delete-page.html.php
@@ -1,5 +1,7 @@
 <?php
-	$destination = $_GET['destination'];
+	if(isset($_GET['destination'])) {
+		$destination = $_GET['destination'];
+	}
 	$url = $p->file;
 	
 	$dir = substr($url, 0, strrpos($url, '/'));
@@ -8,11 +10,17 @@
 	
 	$post = site_url() . $oldmd;
 	
-	if($destination == 'post') {
-		$back = $post;
+	if(isset($destination)) {
+	
+		if($destination == 'post') {
+			$back = $post;
+		}
+		else {
+			$back = site_url() . $destination;
+		}
 	}
 	else {
-		$back = site_url() . $destination;
+		$back = site_url();
 	}
 
 ?>
diff --git a/system/admin/views/delete-post.html.php b/system/admin/views/delete-post.html.php
index adea149..13e16bf 100644
--- a/system/admin/views/delete-post.html.php
+++ b/system/admin/views/delete-post.html.php
@@ -1,5 +1,7 @@
 <?php
-	$destination = $_GET['destination'];
+	if(isset($_GET['destination'])) {
+		$destination = $_GET['destination'];
+	}
 	$url = $p->file;
 	$oldurl = explode('_', $url);
 	$oldtag = $oldurl[1];
@@ -15,11 +17,17 @@
 	// The post URL
 	$post = site_url().date('Y/m', $postdate).'/'.$oldmd;
 	
-	if($destination == 'post') {
-		$back = $post;
+	if(isset($destination)) {
+	
+		if($destination == 'post') {
+			$back = $post;
+		}
+		else {
+			$back = site_url() . $destination;
+		}
 	}
 	else {
-		$back = site_url() . $destination;
+		$back = site_url();
 	}
 	
 ?>
diff --git a/system/admin/views/denied.html.php b/system/admin/views/denied.html.php
new file mode 100644
index 0000000..4ad1fac
--- /dev/null
+++ b/system/admin/views/denied.html.php
@@ -0,0 +1 @@
+<h1>You don't have permission to access this page</h1>
\ No newline at end of file
diff --git a/system/admin/views/edit-page.html.php b/system/admin/views/edit-page.html.php
index 039c3ce..9a4c17e 100644
--- a/system/admin/views/edit-page.html.php
+++ b/system/admin/views/edit-page.html.php
@@ -17,7 +17,12 @@
 		$oldcontent = ltrim($arr[0]);
 	}
 	
-	$destination = $_GET['destination'];
+	if(isset($_GET['destination'])) {
+		$destination = $_GET['destination'];
+	}
+	else {
+		$destination = 'admin';
+	}
 	$dir = substr($url, 0, strrpos($url, '/'));
 	$oldurl = str_replace($dir . '/','',$url);
 	$oldmd = str_replace('.md','',$oldurl);
diff --git a/system/admin/views/edit-post.html.php b/system/admin/views/edit-post.html.php
index 0d4f79b..6cc9eb5 100644
--- a/system/admin/views/edit-post.html.php
+++ b/system/admin/views/edit-post.html.php
@@ -25,7 +25,12 @@
 	
 	$oldmd = str_replace('.md','',$oldurl[2]);
 	
-	$destination = $_GET['destination'];
+	if(isset($_GET['destination'])) {
+		$destination = $_GET['destination'];
+	}
+	else {
+		$destination = 'admin';
+	}
 	$replaced = substr($oldurl[0], 0,strrpos($oldurl[0], '/')) . '/';
 	$dt = str_replace($replaced,'',$oldurl[0]);
 	$t = str_replace('-','',$dt);
diff --git a/system/admin/views/layout.html.php b/system/admin/views/layout.html.php
index 6a4a1cf..3ad773b 100644
--- a/system/admin/views/layout.html.php
+++ b/system/admin/views/layout.html.php
@@ -23,21 +23,7 @@
 		<meta content="<?php echo config('blog.title') ?>" itemprop="name"/>
 		<meta content="<?php echo config('blog.description')?>" itemprop="description"/>
 	</div>
-	<?php if(login()) {?>
-		<style>	#outer-wrapper{ padding-top:30px;} @media all and (max-width: 550px) {#outer-wrapper{ padding-top:60px;}}</style>
-		<div id="toolbar">						
-			<ul>
-				<li><a href="<?php echo site_url() ?>">Home</a></li>
-				<li><a href="<?php echo site_url() ?>admin">Admin</a></li>
-				<li><a href="<?php echo site_url() ?>admin/posts">Posts</a></li>
-				<li><a href="<?php echo site_url() ?>add/post">Add post</a></li>
-				<li><a href="<?php echo site_url() ?>add/page">Add page</a></li>
-				<li><a href="<?php echo site_url() ?>edit/profile">Edit profile</a></li>
-				<li><a href="<?php echo site_url() ?>admin/import">Import</a></li>
-				<li><a href="<?php echo site_url() ?>logout">Logout</a></li>
-			</ul>
-		</div>
-	<?php } ?>
+	<?php if(login()) { toolbar();} ?>
 	<div id="outer-wrapper">
 		<div id="menu-wrapper">
 			<div class="container">
diff --git a/system/admin/views/posts-list.html.php b/system/admin/views/posts-list.html.php
index 13f4a73..97e30d0 100644
--- a/system/admin/views/posts-list.html.php
+++ b/system/admin/views/posts-list.html.php
@@ -1,7 +1,7 @@
-<h2 class="post-index">Your posts</h2>
+<h2 class="post-index"><?php echo $heading?></h2>
 <?php if(!empty($posts)) {?>
 <table class="post-list">
-	<tr><th>Title</th><th>Published</th><th>Tag</th><th>Operations</th></tr>
+	<tr><th>Title</th><th>Published</th><th>Author</th><th>Tag</th><th>Operations</th></tr>
 	<?php $i = 0; $len = count($posts);?>
 	<?php foreach($posts as $p):?>
 		<?php 
@@ -19,6 +19,7 @@
 	<tr>
 		<td><a target="_blank" href="<?php echo $p->url ?>"><?php echo $p->title ?></a></td>
 		<td><?php echo date('d F Y', $p->date) ?></td>
+		<td><a target="_blank" href="<?php echo $p->authorurl ?>"><?php echo $p->author ?></a></td>
 		<td><?php echo $p->tag ?></td>
 		<td><a href="<?php echo $p->url ?>/edit?destination=admin/posts">Edit</a> <a href="<?php echo $p->url ?>/delete?destination=admin/posts">Delete</a></td>
 	</tr>
diff --git a/system/admin/views/user-posts.html.php b/system/admin/views/user-posts.html.php
new file mode 100644
index 0000000..c162fe4
--- /dev/null
+++ b/system/admin/views/user-posts.html.php
@@ -0,0 +1,37 @@
+<h2 class="post-index"><?php echo $heading?></h2>
+<?php if(!empty($posts)) {?>
+<table class="post-list">
+	<tr><th>Title</th><th>Published</th><th>Tag</th><th>Operations</th></tr>
+	<?php $i = 0; $len = count($posts);?>
+	<?php foreach($posts as $p):?>
+		<?php 
+			if ($i == 0) {
+				$class = 'first';
+			} 
+			elseif ($i == $len - 1) {
+				$class = 'last';
+			}
+			else {
+				$class = '';
+			}
+			$i++;		
+		?>
+	<tr>
+		<td><a target="_blank" href="<?php echo $p->url ?>"><?php echo $p->title ?></a></td>
+		<td><?php echo date('d F Y', $p->date) ?></td>
+		<td><?php echo $p->tag ?></td>
+		<td><a href="<?php echo $p->url ?>/edit?destination=admin/mine">Edit</a> <a href="<?php echo $p->url ?>/delete?destination=admin/mine">Delete</a></td>
+	</tr>
+	<?php endforeach;?>
+</table>
+<?php if (!empty($pagination['prev']) || !empty($pagination['next'])):?>
+	<div class="pager">
+		<?php if (!empty($pagination['prev'])):?>
+			<span><a href="?page=<?php echo $page-1?>" class="pagination-arrow newer" rel="prev">Newer</a></span>
+		<?php endif;?>
+		<?php if (!empty($pagination['next'])):?>
+			<span><a href="?page=<?php echo $page+1?>" class="pagination-arrow older" rel="next">Older</a></span>
+		<?php endif;?>
+	</div>
+<?php endif;?>
+<?php } else { echo 'No posts found!'; }?>
\ No newline at end of file
diff --git a/system/htmly.php b/system/htmly.php
index 6777bc8..7885e9c 100644
--- a/system/htmly.php
+++ b/system/htmly.php
@@ -155,6 +155,9 @@ get('/:year/:month/:name', function($year, $month, $name){
 // Edit blog post
 get('/:year/:month/:name/edit', function($year, $month, $name){
 
+	$user = $_SESSION['user'];
+	$role = user('role', $user);
+
 	if(login()) {
 
 		config('views.root', 'system/admin/views');
@@ -166,14 +169,26 @@ get('/:year/:month/:name/edit', function($year, $month, $name){
 		
 		$current = $post['current'];
 		
-		render('edit-post',array(
-			'title' => $current->title .' - ' . config('blog.title'),
-			'p' => $current,
-			'canonical' => $current->url,
-			'description' => $description = get_description($current->body),
-			'bodyclass' => 'editpost',
-			'breadcrumb' => '<span typeof="v:Breadcrumb"><a property="v:title" rel="v:url" href="' . config('site.url') .  '">' .config('breadcrumb.home'). '</a></span> &#187; '. $current->tagb . ' &#187; ' . $current->title
-		));
+		if($user === $current->author || $role === 'admin') {
+			render('edit-post',array(
+				'title' => $current->title .' - ' . config('blog.title'),
+				'p' => $current,
+				'canonical' => $current->url,
+				'description' => $description = get_description($current->body),
+				'bodyclass' => 'editpost',
+				'breadcrumb' => '<span typeof="v:Breadcrumb"><a property="v:title" rel="v:url" href="' . config('site.url') .  '">' .config('breadcrumb.home'). '</a></span> &#187; '. $current->tagb . ' &#187; ' . $current->title
+			));
+		}
+		else {
+			render('denied',array(
+				'title' => $current->title .' - ' . config('blog.title'),
+				'p' => $current,
+				'canonical' => $current->url,
+				'description' => $description = get_description($current->body),
+				'bodyclass' => 'denied',
+				'breadcrumb' => '<span typeof="v:Breadcrumb"><a property="v:title" rel="v:url" href="' . config('site.url') .  '">' .config('breadcrumb.home'). '</a></span> &#187; '. $current->tagb . ' &#187; ' . $current->title
+			));
+		}
 	}
 	else {
 		$login = site_url() . 'login';
@@ -232,6 +247,10 @@ post('/:year/:month/:name/edit', function() {
 // Delete blog post
 get('/:year/:month/:name/delete', function($year, $month, $name){
 
+	$user = $_SESSION['user'];
+	
+	$role = user('role', $user);
+
 	if(login()) {
 	
 		config('views.root', 'system/admin/views');
@@ -243,14 +262,26 @@ get('/:year/:month/:name/delete', function($year, $month, $name){
 		
 		$current = $post['current'];
 		
-		render('delete-post',array(
-			'title' => $current->title .' - ' . config('blog.title'),
-			'p' => $current,
-			'canonical' => $current->url,
-			'description' => $description = get_description($current->body),
-			'bodyclass' => 'deletepost',
-			'breadcrumb' => '<span typeof="v:Breadcrumb"><a property="v:title" rel="v:url" href="' . config('site.url') .  '">' .config('breadcrumb.home'). '</a></span> &#187; '. $current->tagb . ' &#187; ' . $current->title
-		));
+		if($user === $current->author || $role === 'admin') {
+			render('delete-post',array(
+				'title' => $current->title .' - ' . config('blog.title'),
+				'p' => $current,
+				'canonical' => $current->url,
+				'description' => $description = get_description($current->body),
+				'bodyclass' => 'deletepost',
+				'breadcrumb' => '<span typeof="v:Breadcrumb"><a property="v:title" rel="v:url" href="' . config('site.url') .  '">' .config('breadcrumb.home'). '</a></span> &#187; '. $current->tagb . ' &#187; ' . $current->title
+			));
+		}
+		else {
+			render('denied',array(
+				'title' => $current->title .' - ' . config('blog.title'),
+				'p' => $current,
+				'canonical' => $current->url,
+				'description' => $description = get_description($current->body),
+				'bodyclass' => 'deletepost',
+				'breadcrumb' => '<span typeof="v:Breadcrumb"><a property="v:title" rel="v:url" href="' . config('site.url') .  '">' .config('breadcrumb.home'). '</a></span> &#187; '. $current->tagb . ' &#187; ' . $current->title
+			));
+		}
 	}
 	else {
 		$login = site_url() . 'login';
@@ -370,8 +401,71 @@ post('/edit/profile', function() {
 	
 });
 
+get('/admin/posts', function () {
+
+	$user = $_SESSION['user'];
+	$role = user('role', $user);
+	if(login()) {
+	
+		config('views.root', 'system/admin/views');
+		if($role === 'admin') {
+	
+			config('views.root', 'system/admin/views');
+			$page = from($_GET, 'page');
+			$page = $page ? (int)$page : 1;
+			$perpage = 20;
+			
+			$posts = get_posts(null, $page, $perpage);
+			
+			$total = '';
+			
+			if(empty($posts) || $page < 1){
+			
+				// a non-existing page
+				render('no-posts',array(
+					'title' => config('blog.title'),
+					'canonical' => site_url(),
+					'description' => config('blog.description'),
+					'bodyclass' => 'noposts',
+				));
+				
+				die;
+			}
+			
+			$tl = config('blog.tagline');
+			
+			if($tl){ $tagline = ' - ' . $tl;} else {$tagline = '';}
+			
+			render('posts-list',array(
+				'title' => config('blog.title') . $tagline,
+				'heading' => 'All blog posts',
+				'page' => $page,
+				'posts' => $posts,
+				'canonical' => config('site.url'),
+				'description' => config('blog.description'),
+				'bodyclass' => 'all-posts',
+				'breadcrumb' => '',
+				'pagination' => has_pagination($total, $perpage, $page)
+			));
+		}
+		else {
+			render('denied',array(
+				'title' => config('blog.title'),
+				'canonical' => config('site.url'),
+				'description' => config('blog.description'),
+				'bodyclass' => 'denied',
+				'breadcrumb' => '',
+			));
+		}
+	}
+	else {
+		$login = site_url() . 'login';
+		header("location: $login");
+	}
+});
+
 // The author page
-get('/admin/posts', function(){
+get('/admin/mine', function(){
 
 	if(login()) {
 
@@ -397,9 +491,10 @@ get('/admin/posts', function(){
 		}
 		
 		if(empty($posts) || $page < 1){
-			render('posts-list',array(
+			render('user-posts',array(
 				'title' => 'All posts by: '. $bio->title .' - ' . config('blog.title'),
 				'page' => $page,
+				'heading' => 'My posts',
 				'posts' => null,
 				'bio' => $bio->body,
 				'name' => $bio->title,
@@ -412,8 +507,9 @@ get('/admin/posts', function(){
 			die;
 		}
 		
-		render('posts-list',array(
+		render('user-posts',array(
 			'title' => 'All posts by: '. $bio->title .' - ' . config('blog.title'),
+			'heading' => 'My posts',
 			'page' => $page,
 			'posts' => $posts,
 			'bio' => $bio->body,
diff --git a/system/includes/functions.php b/system/includes/functions.php
index 89e48fa..79d7dd1 100644
--- a/system/includes/functions.php
+++ b/system/includes/functions.php
@@ -769,6 +769,20 @@ function get_thumbnail($text) {
 	
 }
 
+// Return edit tab on post
+function tab($p) {
+	$user = $_SESSION['user'];
+	$role = user('role', $user);
+	if(isset($p->author)) {
+		if ($user === $p->author || $role === 'admin') {
+			echo '<div class="tab"><a href="' . $p->url . '">View</a><a href="' . $p->url .'/edit?destination=post">Edit</a></div>';
+		}
+	}
+	else {
+		echo '<div class="tab"><a href="' . $p->url . '">View</a><a href="' . $p->url .'/edit?destination=post">Edit</a></div>';
+	}
+}
+
 // Use base64 encode image to speed up page load time.
 function base64_encode_image($filename=string,$filetype=string) {
 	if ($filename) {
@@ -1263,4 +1277,25 @@ function generate_opml(){
 // Turn an array of posts into a JSON
 function generate_json($posts){
 	return json_encode($posts);
+}
+
+// Return toolbar
+function toolbar() {
+	$user = $_SESSION['user'];
+	$role = user('role', $user);
+	
+	echo <<<EOF
+<style>	#outer-wrapper{ padding-top:30px;} @media all and (max-width: 550px) {#outer-wrapper{ padding-top:60px;}}</style>
+EOF;
+	echo '<div id="toolbar"><ul>';
+	echo '<li><a href="'.site_url().'admin">Admin</a></li>';
+	if ($role === 'admin') {echo '<li><a href="'.site_url().'admin/posts">Posts</a></li>';}
+	echo '<li><a href="'.site_url().'admin/mine">Mine</a></li>';
+	echo '<li><a href="'.site_url().'add/post">Add post</a></li>';
+	echo '<li><a href="'.site_url().'add/page">Add page</a></li>';
+	echo '<li><a href="'.site_url().'edit/profile">Edit profile</a></li>';
+	echo '<li><a href="'.site_url().'admin/import">Import</a></li>';
+	echo '<li><a href="'.site_url().'logout">Logout</a></li>';
+		
+	echo '</ul></div>';
 }
\ No newline at end of file
diff --git a/themes/clean/layout.html.php b/themes/clean/layout.html.php
index 86bc80a..8c625f6 100644
--- a/themes/clean/layout.html.php
+++ b/themes/clean/layout.html.php
@@ -23,21 +23,7 @@
 		<meta content="<?php echo config('blog.title') ?>" itemprop="name"/>
 		<meta content="<?php echo config('blog.description')?>" itemprop="description"/>
 	</div>
-	<?php if(login()) {?>
-		<style>	aside{ padding-top:40px;} @media all and (max-width: 550px) {aside{ padding-top:70px;}}</style>
-		<div id="toolbar">						
-			<ul>
-				<li><a href="<?php echo site_url() ?>">Home</a></li>
-				<li><a href="<?php echo site_url() ?>admin">Admin</a></li>
-				<li><a href="<?php echo site_url() ?>admin/posts">Posts</a></li>
-				<li><a href="<?php echo site_url() ?>add/post">Add post</a></li>
-				<li><a href="<?php echo site_url() ?>add/page">Add page</a></li>
-				<li><a href="<?php echo site_url() ?>edit/profile">Edit profile</a></li>
-				<li><a href="<?php echo site_url() ?>admin/import">Import</a></li>
-				<li><a href="<?php echo site_url() ?>logout">Logout</a></li>
-			</ul>
-		</div>
-	<?php } ?>
+	<?php if(login()) { toolbar();} ?>
 	<aside>
 		<h1 class="blog-title"><a href="<?php echo site_url() ?>"><?php echo config('blog.title') ?></a></h1>
 		<div class="blog-tagline"><p><?php echo config('blog.tagline')?></p></div>
diff --git a/themes/clean/post.html.php b/themes/clean/post.html.php
index 46961a9..b0a3b7d 100644
--- a/themes/clean/post.html.php
+++ b/themes/clean/post.html.php
@@ -1,5 +1,5 @@
 <?php if (!empty($breadcrumb)):?><div class="breadcrumb" xmlns:v="http://rdf.data-vocabulary.org/#"><?php echo $breadcrumb ?></div><?php endif;?>
-<?php if(login()): ?><div class="tab"><a href="<?php echo $p->url ?>">View</a><a href="<?php echo $p->url ?>/edit?destination=post">Edit</a></div><?php endif;?>
+<?php if(login()) { echo tab($p);} ?>
 <div class="post" itemprop="blogPost" itemscope="itemscope" itemtype="http://schema.org/BlogPosting">
 	<div class="main">
 		<?php if ($type == 'blogpost'):?>
diff --git a/themes/default/layout.html.php b/themes/default/layout.html.php
index e8bb03e..2f85e4c 100644
--- a/themes/default/layout.html.php
+++ b/themes/default/layout.html.php
@@ -23,21 +23,7 @@
 		<meta content="<?php echo config('blog.title') ?>" itemprop="name"/>
 		<meta content="<?php echo config('blog.description')?>" itemprop="description"/>
 	</div>
-	<?php if(login()) {?>
-		<style>	#outer-wrapper{ padding-top:30px;} @media all and (max-width: 550px) {#outer-wrapper{ padding-top:60px;}}</style>
-		<div id="toolbar">						
-			<ul>
-				<li><a href="<?php echo site_url() ?>">Home</a></li>
-				<li><a href="<?php echo site_url() ?>admin">Admin</a></li>
-				<li><a href="<?php echo site_url() ?>admin/posts">Posts</a></li>
-				<li><a href="<?php echo site_url() ?>add/post">Add post</a></li>
-				<li><a href="<?php echo site_url() ?>add/page">Add page</a></li>
-				<li><a href="<?php echo site_url() ?>edit/profile">Edit profile</a></li>
-				<li><a href="<?php echo site_url() ?>admin/import">Import</a></li>
-				<li><a href="<?php echo site_url() ?>logout">Logout</a></li>
-			</ul>
-		</div>
-	<?php } ?>
+	<?php if(login()) { toolbar();} ?>
 	<div id="outer-wrapper">
 		<div id="menu-wrapper">
 			<div class="container">
diff --git a/themes/default/post.html.php b/themes/default/post.html.php
index 46961a9..b0a3b7d 100644
--- a/themes/default/post.html.php
+++ b/themes/default/post.html.php
@@ -1,5 +1,5 @@
 <?php if (!empty($breadcrumb)):?><div class="breadcrumb" xmlns:v="http://rdf.data-vocabulary.org/#"><?php echo $breadcrumb ?></div><?php endif;?>
-<?php if(login()): ?><div class="tab"><a href="<?php echo $p->url ?>">View</a><a href="<?php echo $p->url ?>/edit?destination=post">Edit</a></div><?php endif;?>
+<?php if(login()) { echo tab($p);} ?>
 <div class="post" itemprop="blogPost" itemscope="itemscope" itemtype="http://schema.org/BlogPosting">
 	<div class="main">
 		<?php if ($type == 'blogpost'):?>