diff --git a/globals/Dependencies/Users/ReferralProgram.php b/globals/Dependencies/Users/ReferralProgram.php
index 3b9c000..4ec9460 100644
--- a/globals/Dependencies/Users/ReferralProgram.php
+++ b/globals/Dependencies/Users/ReferralProgram.php
@@ -8,13 +8,14 @@ namespace Alphaland\Users {
 
     use Alphaland\Moderation\UserModerationManager;
     use Alphaland\Common\HashingUtiltity;
+    use Alphaland\Users\User;
     use PDO;
 
     class ReferralProgram
     {
         public static function IsMember(int $userid)
         {
-            if (isInGroup($userid, 22)) //id 22 is the official referral program group
+            if (User::IsInGroup($userid, 22)) //id 22 is the official referral program group
             {
                 return true;
             }
diff --git a/globals/Dependencies/Users/User.php b/globals/Dependencies/Users/User.php
index d13a67f..9fb9b18 100644
--- a/globals/Dependencies/Users/User.php
+++ b/globals/Dependencies/Users/User.php
@@ -3,6 +3,7 @@
 namespace Alphaland\Users {
 
     use Alphaland\Assets\Asset;
+    use Exception;
     use PDO;
 
     class User
@@ -89,6 +90,24 @@ namespace Alphaland\Users {
             return $wearingassets;
         }
 
+        public static function WearingItemsCount(int $userid, int $assettype)
+        {
+            $check = $GLOBALS['pdo']->prepare("SELECT COUNT(*) FROM `wearing_items` WHERE `uid` = :userid AND (SELECT COUNT(*) from `assets` WHERE `id` = wearing_items.aid AND `AssetTypeId` = :assettypeid) > 0"); 
+            $check->bindParam(":userid", $userid, PDO::PARAM_INT);
+            $check->bindParam(":assettypeid", $assettype, PDO::PARAM_INT);
+            $check->execute();
+            return $check->fetchColumn();
+        }
+
+        public static function LastWornItem(int $userid, int $assettype)
+        {
+            $check = $GLOBALS['pdo']->prepare("SELECT aid FROM `wearing_items` WHERE `uid` = :userid AND (SELECT COUNT(*) from `assets` WHERE `id` = wearing_items.aid AND `AssetTypeId` = :assettypeid) > 0 ORDER BY whenWorn DESC LIMIT 1"); 
+            $check->bindParam(":userid", $userid, PDO::PARAM_INT);
+            $check->bindParam(":assettypeid", $assettype, PDO::PARAM_INT);
+            $check->execute();
+            return $check->fetchColumn();
+        }
+
         public static function SetCanJoinUser(int $userid, int $status)
         {
             if ($status <= 2) {
@@ -166,12 +185,129 @@ namespace Alphaland\Users {
             );
         }
 
-        public static function IsInventoryPrivate(int $userid)
+        public static function SetIsInventoryPrivate(int $userid, int $status)
         {
-            if (User::GetUserInfo($userid)->privateInventory && !$GLOBALS['user']->IsAdmin()) {
+            if ($status <= 2) {
+                $setstatus = $GLOBALS['pdo']->prepare("UPDATE users SET privateInventory = :c WHERE id = :u");
+                $setstatus->bindParam(":c", $status, PDO::PARAM_INT);
+                $setstatus->bindParam(":u", $userid, PDO::PARAM_INT);
+                $setstatus->execute();
+                if ($setstatus->rowCount() > 0) {
+                    return true; 
+                }
+            }
+            return false;
+        }
+
+        public static function IsInventoryPrivate(int $targetuser)
+        {
+            /*
+                0 = no one
+                1 = friends
+                2 = everyone
+            */
+
+            $inventoryView = User::GetUserInfo($targetuser)->privateInventory;
+            if ($targetuser == $GLOBALS['user']->id) {
+                return false;
+            } else if ($inventoryView == 1 && friendsWith($targetuser)) {
+                return false;
+            } else if ($inventoryView == 2) {
+                return false;
+            }
+            return true;
+        }
+
+        public static function GroupsCount(int $userid)
+        {
+            $groups = $GLOBALS['pdo']->prepare("SELECT COUNT(*) FROM groups WHERE creatorid = :creatorid");
+            $groups->bindParam(":creatorid", $userid, PDO::PARAM_INT);
+            $groups->execute();
+            return $groups->fetchColumn();
+        }
+
+        public static function OwnsAsset(int $userid, $assetid)
+        {
+            $ownership = $GLOBALS['pdo']->prepare("SELECT COUNT(*) FROM `owned_assets` WHERE `aid` = :assetid AND `uid` = :userid");
+            $ownership->bindParam(":assetid", $assetid, PDO::PARAM_INT);
+            $ownership->bindParam(":userid", $userid, PDO::PARAM_INT);
+            $ownership->execute();
+            if($ownership->fetchColumn() > 0) {
                 return true;
             }
             return false;
         }
+
+        public static function IsInGroup(int $userid, int $groupid)
+        {
+            $member = $GLOBALS['pdo']->prepare("SELECT COUNT(*) FROM `group_members` WHERE `userid` = :uid AND `groupid` = :gid");
+            $member->bindParam(":uid", $userid, PDO::PARAM_INT);
+            $member->bindParam(":gid", $groupid, PDO::PARAM_INT);
+            $member->execute();
+            if ($member->fetchColumn() > 0) {
+                return true;
+            }
+            return false;
+        }
+
+        public static function IsWearingItem($userid, $assetid)
+        {
+            $wearing = $GLOBALS['pdo']->prepare("SELECT COUNT(*) FROM wearing_items WHERE uid = :userid AND aid = :assetid");
+            $wearing->bindParam(":userid", $userid, PDO::PARAM_INT);
+            $wearing->bindParam(":assetid", $assetid, PDO::PARAM_INT);
+            $wearing->execute();
+            if ($wearing->fetchColumn() > 0) {
+                return true;
+            }
+            return false;
+        }
+
+        public static function DeequipAsset(int $userid, int $assetid, bool $force=false)
+        {
+            if (!User::IsWearingItem($userid, $assetid) && !$force) {
+                throw new Exception('Error occurred');
+            } else if (!isThumbnailerAlive() && !$force) {
+                throw new Exception('Thumbnail Server offline');
+            } else if (Render::RenderCooldown($userid) && !$force) {
+                throw new Exception('Slow down!');
+            } else {
+                $deequip = $GLOBALS['pdo']->prepare("DELETE from wearing_items WHERE uid = :userid AND aid = :assetid"); //delete db key
+                $deequip->bindParam(":userid", $userid, PDO::PARAM_INT);
+                $deequip->bindParam(":assetid", $assetid, PDO::PARAM_INT);
+                $deequip->execute();
+                if (!$force) {
+                    Render::RenderPlayer($userid);
+                }
+                return true;
+            }
+        }
+
+        public static function EquipAsset(int $userid, int $assetid, bool $force=false)
+        {
+            $asset = Asset::GetAssetInfo($assetid);
+            if (!$asset || !User::OwnsAsset($userid, $assetid) || !isWearable($asset->AssetTypeId) && !$force) {
+                throw new Exception('Error occurred');
+            } else if (User::IsWearingItem($userid, $assetid) && !$force) {
+                throw new Exception('Already wearing this item');
+            } else if (!isThumbnailerAlive() && !$force) {
+                throw new Exception('Thumbnail Server offline');
+            } else if (Render::RenderCooldown($userid) && !$force) {
+                throw new Exception('Slow down!');
+            } else if (isAssetModerated($assetid) && !$force) {
+                throw new Exception('This item is moderated');
+            } else {
+                if (User::WearingItemsCount($userid, $asset->AssetTypeId) >= typeToMaxCosmetic($asset->AssetTypeId) && !$force) {
+                    User::DeequipAsset($userid, User::LastWornItem($userid, $asset->AssetTypeId), true);
+                }
+                $equip = $GLOBALS['pdo']->prepare("INSERT INTO wearing_items(uid,aid,whenWorn) VALUES(:userid,:assetid,UNIX_TIMESTAMP())");
+                $equip->bindParam(":userid", $userid, PDO::PARAM_INT);
+                $equip->bindParam(":assetid", $assetid, PDO::PARAM_INT);
+                $equip->execute();
+                if (!$force) {
+                    Render::RenderPlayer($userid);
+                }
+                return true;
+            }         
+        }
     }
-}
\ No newline at end of file
+}
diff --git a/html/catalog/view.php b/html/catalog/view.php
index cb88755..64a0846 100644
--- a/html/catalog/view.php
+++ b/html/catalog/view.php
@@ -1,5 +1,6 @@
 <?php
 
+use Alphaland\Users\User;
 use Alphaland\Web\WebContextManager;
 
 $body = "";
@@ -69,7 +70,7 @@ if(isset($_GET['id']))
 		
 		$buy_button = "";
 		$confirmbuy_button = "";
-		if(playerOwnsAsset($id))
+		if (User::OwnsAsset($user->id, $id))
 		{
 			//already owns the hat
 			$buy_button = '<button class="btn btn-danger" style="width:12rem;" disabled><b>Owned</b></button>';
diff --git a/html_api/ownership/hasasset.php b/html_api/ownership/hasasset.php
index b88b724..830ccca 100644
--- a/html_api/ownership/hasasset.php
+++ b/html_api/ownership/hasasset.php
@@ -1,11 +1,13 @@
 <?php
 
+use Alphaland\Users\User;
+
 header('Content-Type: application/json');
 
 $userid = $_GET['userId'];
 $assetId = $_GET['assetId'];
 
-if (playerOwnsAsset($assetId, $userid) || isOwner($assetId, $userid))
+if (User::OwnsAsset($userid, $assetId) || isOwner($assetId, $userid))
 {
     echo(json_encode(true));
 }
diff --git a/html_api/settings/update/inventoryprivacy.php b/html_api/settings/update/inventoryprivacy.php
new file mode 100644
index 0000000..1ff7bc9
--- /dev/null
+++ b/html_api/settings/update/inventoryprivacy.php
@@ -0,0 +1,26 @@
+<?php
+
+/*
+Alphaland 2021 
+*/
+
+//headers
+
+use Alphaland\Users\User;
+
+header("Access-Control-Allow-Origin: https://www.alphaland.cc");
+
+header("access-control-allow-credentials: true");
+
+$data = json_decode(file_get_contents('php://input'));
+
+if (!$data)
+{
+	http_response_code(400);
+}
+else
+{	
+	$private = $data->preference;
+	header('Content-Type: application/json');
+	echo json_encode(array("success" => User::SetIsInventoryPrivate($user->id, $private)));
+}
\ No newline at end of file
diff --git a/html_api/user/avatar/assets/remove.php b/html_api/user/avatar/assets/remove.php
index c389293..763b6d7 100644
--- a/html_api/user/avatar/assets/remove.php
+++ b/html_api/user/avatar/assets/remove.php
@@ -8,9 +8,12 @@ Alphaland 2021
 //https://api.alphaland.cc/user/avatar/deequipItem?assetId=74
 
 //headers
-header("Access-Control-Allow-Origin: https://www.alphaland.cc");
 
+use Alphaland\Users\User;
+
+header("Access-Control-Allow-Origin: https://www.alphaland.cc");
 header("access-control-allow-credentials: true");
+header('Content-Type: application/json');
 
 $assetid = (int)$_GET['assetId'];
 
@@ -20,11 +23,12 @@ if (!$assetid)
 }
 else
 {
-	$deequip = deequipItem($assetid);
-	if ($deequip !== true)
-	{
-		header('Content-Type: application/json');
+	$error = null;
+	try {
+		User::DeequipAsset($user->id, $assetid);
+	} catch (Exception $e) {
 		http_response_code(500);
-		echo json_encode(array("error" => $deequip));
+		$error = $e->getMessage();
 	}
+	echo json_encode(array("error" => $error));
 }
\ No newline at end of file
diff --git a/html_api/user/avatar/assets/wear.php b/html_api/user/avatar/assets/wear.php
index 7b85179..e962e2d 100644
--- a/html_api/user/avatar/assets/wear.php
+++ b/html_api/user/avatar/assets/wear.php
@@ -8,9 +8,12 @@ Alphaland 2021
 //https://api.alphaland.cc/user/avatar/equipItem?assetId=
 
 //headers
-header("Access-Control-Allow-Origin: https://www.alphaland.cc");
 
+use Alphaland\Users\User;
+
+header("Access-Control-Allow-Origin: https://www.alphaland.cc");
 header("access-control-allow-credentials: true");
+header('Content-Type: application/json');
 
 $assetid = (int)$_GET['assetId'];
 
@@ -20,11 +23,12 @@ if (!$assetid)
 }
 else
 {
-	$equip = equipItem($assetid);
-	if ($equip !== true)
-	{
-		header('Content-Type: application/json');
+	$error = null;
+	try {
+		User::EquipAsset($user->id, $assetid);
+	} catch (Exception $e) {
 		http_response_code(500);
-		echo json_encode(array("error" => $equip));
+		$error = $e->getMessage();
 	}
+	echo json_encode(array("error" => $error));
 }
\ No newline at end of file