diff --git a/website/src/routes/api/settings/+server.ts b/website/src/routes/api/settings/+server.ts
index fbdfa4a..90bae35 100644
--- a/website/src/routes/api/settings/+server.ts
+++ b/website/src/routes/api/settings/+server.ts
@@ -12,15 +12,16 @@ async function validateInputs(name: string, bio: string, username: string, avata
         throw error(400, 'Display name is required');
     }
 
-    if (name.trim().length < 2) {
+    const trimmedName = name.trim();
+    if (trimmedName.length < 2) {
         throw error(400, 'Display name must be at least 2 characters');
     }
 
-    if (name.trim().length > 50) {
+    if (trimmedName.length > 50) {
         throw error(400, 'Display name must be 50 characters or less');
     }
 
-    if (name && !(await isNameAppropriate(name.trim()))) {
+    if (!(await isNameAppropriate(trimmedName))) {
         throw error(400, 'Name contains inappropriate content');
     }
 
@@ -37,6 +38,11 @@ async function validateInputs(name: string, bio: string, username: string, avata
         if (!alphanumericRegex.test(username)) {
             throw error(400, 'Username must contain only lowercase letters, numbers, and underscores');
         }
+
+        const purelyNumericRegex = /^\d+$/;
+        if (purelyNumericRegex.test(username)) {
+            throw error(400, 'Username cannot be purely numeric');
+        }
     }
 
     if (username && !(await isNameAppropriate(username))) {
diff --git a/website/src/routes/settings/+page.svelte b/website/src/routes/settings/+page.svelte
index 03f61df..5750af0 100644
--- a/website/src/routes/settings/+page.svelte
+++ b/website/src/routes/settings/+page.svelte
@@ -125,7 +125,7 @@
 
 		try {
 			const fd = new FormData();
-			fd.append('name', name);
+			fd.append('name', name.trim());
 			fd.append('bio', bio);
 			fd.append('username', username);
 			if (avatarFile?.[0]) fd.append('avatar', avatarFile[0]);