diff --git a/app/Http/Controllers/Api/ApiLinkController.php b/app/Http/Controllers/Api/ApiLinkController.php
index cc03ebe..2007e55 100644
--- a/app/Http/Controllers/Api/ApiLinkController.php
+++ b/app/Http/Controllers/Api/ApiLinkController.php
@@ -7,18 +7,21 @@ use App\Factories\LinkFactory;
 use App\Helpers\LinkHelper;
 
 class ApiLinkController extends ApiController {
-    public static function shortenLink(Request $request) {
+    public function shortenLink(Request $request) {
         $response_type = $request->input('response_type');
         $user = self::getApiUserInfo($request);
 
-        /* */
+        // Validate parameters
+        $validator = \Validator::make($request->all(), [
+            'url' => 'required|url'
+        ]);
+        if ($validator->fails()) {
+            return abort(400, 'Parameters invalid or missing.');
+        }
+
         $long_url = $request->input('url'); // * required
         $is_secret = ($request->input('is_secret') == 'true' ? true : false);
 
-        if (!self::checkRequiredArgs([$long_url])) {
-            abort(400, "Missing required arguments.");
-        }
-
         $link_ip = $request->ip();
         $custom_ending = $request->input('custom_ending');
 
@@ -32,18 +35,21 @@ class ApiLinkController extends ApiController {
         return self::encodeResponse($formatted_link, 'shorten', $response_type);
     }
 
-    public static function lookupLink(Request $request) {
+    public function lookupLink(Request $request) {
         $response_type = $request->input('response_type');
         $user = self::getApiUserInfo($request);
 
-        /* */
+        // Validate URL form data
+        $validator = Validator::make($request, [
+            'url_ending' => 'required|alpha_dash'
+        ]);
 
-        $url_ending = $request->input('url_ending'); // * required
-
-        if (!self::checkRequiredArgs([$url_ending])) {
-            abort(400, "Missing required arguments.");
+        if ($validator->fails()) {
+            return abort(400, 'Parameters invalid or missing.');
         }
 
+        $url_ending = $request->input('url_ending');
+
         // "secret" key required for lookups on secret URLs
         $url_key = $request->input('url_key');
 
@@ -55,7 +61,6 @@ class ApiLinkController extends ApiController {
             }
         }
 
-
         if ($link) {
             return self::encodeResponse([
                 'long_url' => $link['long_url'],
diff --git a/app/Http/Controllers/LinkController.php b/app/Http/Controllers/LinkController.php
index 4aea9a0..593a930 100644
--- a/app/Http/Controllers/LinkController.php
+++ b/app/Http/Controllers/LinkController.php
@@ -24,14 +24,15 @@ class LinkController extends Controller {
             return redirect(route('index'))->with('error', 'You must be logged in to shorten links.');
         }
 
-        $this->request = $request;
+        // Validate URL form data
+        $this->validate($request, [
+            'link-url' => 'required|url'
+        ]);
 
         $long_url = $request->input('link-url');
         $custom_ending = $request->input('custom-ending');
         $is_secret = ($request->input('options') == "s" ? true : false);
-
         $creator = session('username');
-
         $link_ip = $request->ip();
 
         try {
diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php
index 7c6d7b8..df0935c 100644
--- a/app/Http/Controllers/UserController.php
+++ b/app/Http/Controllers/UserController.php
@@ -57,15 +57,17 @@ class UserController extends Controller {
             return redirect(route('index'))->with('error', 'Sorry, but registration is disabled.');
         }
 
+        // Validate signup form data
+        $this->validate($request, [
+            'username' => 'required|alpha_dash',
+            'password' => 'required',
+            'email' => 'required|email'
+        ]);
+
         $username = $request->input('username');
         $password = $request->input('password');
         $email = $request->input('email');
 
-        if (!self::checkRequiredArgs([$username, $password, $email])) {
-            // missing a required argument
-            return redirect(route('signup'))->with('error', 'Please fill in all required fields.');
-        }
-
         $ip = $request->ip();
 
         $user_exists = UserHelper::userExists($username);
diff --git a/bootstrap/app.php b/bootstrap/app.php
index 462b31f..b5a254a 100644
--- a/bootstrap/app.php
+++ b/bootstrap/app.php
@@ -59,8 +59,8 @@ $app->middleware([
     Illuminate\Cookie\Middleware\EncryptCookies::class,
     // Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
     Illuminate\Session\Middleware\StartSession::class,
-    // Illuminate\View\Middleware\ShareErrorsFromSession::class,
-    Laravel\Lumen\Http\Middleware\VerifyCsrfToken::class,
+    Illuminate\View\Middleware\ShareErrorsFromSession::class,
+    App\Http\Middleware\VerifyCsrfToken::class
 ]);
 
 // $app->routeMiddleware([
diff --git a/resources/lang/en/validation.php b/resources/lang/en/validation.php
index ff1c087..909c77e 100644
--- a/resources/lang/en/validation.php
+++ b/resources/lang/en/validation.php
@@ -102,6 +102,8 @@ return [
     |
     */
 
-    'attributes' => [],
+    'attributes' => [
+        'link-url' => 'link URL'
+    ],
 
 ];
diff --git a/resources/views/layouts/base.blade.php b/resources/views/layouts/base.blade.php
index 6e010fc..251a74e 100644
--- a/resources/views/layouts/base.blade.php
+++ b/resources/views/layouts/base.blade.php
@@ -70,6 +70,13 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
     @if (Session::has('success'))
         toastr["success"](`{{session('success')}}`, "Success")
     @endif
+
+    @if (count($errors) > 0)
+        // Handle Lumen validation errors
+        @foreach ($errors->all() as $error)
+            toastr["error"](`{{$error}}`, "Error")
+        @endforeach
+    @endif
     </script>
 
     @yield('js')