diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6c78b15..7ab3cde 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,7 +9,7 @@
 * Adding `messages_count`, `followers_count` and `following_count` to `profile_info` API endpoint (what I've done to 0.7.1 too).
 * Adding `create2` API endpoint that accepts media, due to an issue with the `create` endpoint that would make it incompatible.
 * Adding media URLs to messages in API.
-* Added `relationships_follow`, `relationships_unfollow`, `username_availability` and `edit_profile` endpoints to API.
+* Added `relationships_follow`, `relationships_unfollow`, `username_availability`, `edit_profile`, `request_edit` and `confirm_edit` endpoints to API.
 * Added `url` utility to model `Upload`.
 * Changed default `robots.txt`, adding report and admin-related lines.
 
diff --git a/app/api.py b/app/api.py
index 0171f0f..3481ec4 100644
--- a/app/api.py
+++ b/app/api.py
@@ -4,7 +4,8 @@ from functools import wraps
 from peewee import IntegrityError
 from .models import User, Message, Upload, Relationship, database, \
     MSGPRV_PUBLIC, MSGPRV_UNLISTED, MSGPRV_FRIENDS, MSGPRV_ONLYME, UPLOAD_DIRECTORY
-from .utils import check_access_token, Visibility, push_notification, unpush_notification
+from .utils import check_access_token, Visibility, push_notification, unpush_notification, \
+    create_mentions, is_username
 
 bp = Blueprint('api', __name__, url_prefix='/api/V1')
 
@@ -86,23 +87,8 @@ def create(self):
         text=text,
         pub_date=datetime.datetime.now(),
         privacy=privacy)
-    # Currently, API does not support files.
-    # create mentions
-    mention_usernames = set()
-    for mo in re.finditer(r'\+([A-Za-z0-9_]+(?:\.[A-Za-z0-9_]+)*)', text):
-        mention_usernames.add(mo.group(1))
-    # to avoid self mention
-    mention_usernames.difference_update({self.username})
-    for u in mention_usernames:
-        try:
-            mention_user = User.get(User.username == u)
-            if privacy in (MSGPRV_PUBLIC, MSGPRV_UNLISTED) or \
-                    (privacy == MSGPRV_FRIENDS and
-                    mention_user.is_following(self) and 
-                    self.is_following(mention_user)):
-                push_notification('mention', mention_user, user=user.id)
-        except User.DoesNotExist:
-            pass
+    # This API does not support files. Use create2 instead.
+    create_mentions(self, text)
     return {}
 
 @bp.route('/create2', methods=['POST'])
@@ -124,22 +110,7 @@ def create2(self):
             message=message
         )
         file.save(os.path.join(UPLOAD_DIRECTORY, str(upload.id) + '.' + ext))
-    # create mentions
-    mention_usernames = set()
-    for mo in re.finditer(r'\+([A-Za-z0-9_]+(?:\.[A-Za-z0-9_]+)*)', text):
-        mention_usernames.add(mo.group(1))
-    # to avoid self mention
-    mention_usernames.difference_update({self.username})
-    for u in mention_usernames:
-        try:
-            mention_user = User.get(User.username == u)
-            if privacy in (MSGPRV_PUBLIC, MSGPRV_UNLISTED) or \
-                    (privacy == MSGPRV_FRIENDS and
-                    mention_user.is_following(self) and 
-                    self.is_following(mention_user)):
-                push_notification('mention', mention_user, user=user.id)
-        except User.DoesNotExist:
-            pass
+    create_mentions(self, text)
     return {}
 
 def get_relationship_info(self, other):
@@ -306,3 +277,23 @@ def edit_profile(user):
         telegram=data['telegram']
     ).where(UserProfile.user == user).execute()
     return {}
+
+@bp.route('/request_edit/<int:id>')
+@validate_access
+def request_edit(self, id):
+    message = Message[id]
+    if message.user != self:
+        raise ValueError('Attempt to edit a message from another')
+    return {
+        'message_info': get_message_info(message)
+    }
+
+@bp.route('/save_edit/<int:id>', methods=['POST'])
+@validate_access
+def save_edit(self, id):
+    message = Message[id]
+    if message.user != self:
+        raise ValueError('Attempt to edit a message from another')
+    data = request.get_json(True)
+    Message.update(text=data['text'], privacy=data['privacy']).where(Message.id == id).execute()
+    return {}
diff --git a/app/models.py b/app/models.py
index 34d04e3..ec37798 100644
--- a/app/models.py
+++ b/app/models.py
@@ -212,6 +212,8 @@ REPORT_REASON_SELFINJURY = 7
 REPORT_REASON_FIREARMS = 8
 REPORT_REASON_DRUGS = 9
 REPORT_REASON_UNDERAGE = 10
+REPORT_REASON_LEAK = 11
+REPORT_REASON_DMCA = 12
 
 report_reasons = [
     (REPORT_REASON_SPAM, "It's spam"),
diff --git a/app/utils.py b/app/utils.py
index 302cb3a..f459bf1 100644
--- a/app/utils.py
+++ b/app/utils.py
@@ -3,7 +3,8 @@ A list of utilities used across modules.
 '''
 
 import datetime, re, base64, hashlib, string, sys, json
-from .models import User, Notification
+from .models import User, Message, Notification, MSGPRV_PUBLIC, MSGPRV_UNLISTED, \
+    MSGPRV_FRIENDS, MSGPRV_ONLYME
 from flask import abort, render_template, request, session
 
 _forbidden_extensions = 'com net org txt'.split()
@@ -196,3 +197,21 @@ def check_access_token(token):
     h.update(str(user.password).encode('utf-8'))
     if h.hexdigest()[:32] == hh:
         return user
+
+def create_mentions(cur_user, text):
+    # create mentions
+    mention_usernames = set()
+    for mo in re.finditer(r'\+([A-Za-z0-9_]+(?:\.[A-Za-z0-9_]+)*)', text):
+        mention_usernames.add(mo.group(1))
+    # to avoid self mention
+    mention_usernames.difference_update({cur_user.username})
+    for u in mention_usernames:
+        try:
+            mention_user = User.get(User.username == u)
+            if privacy in (MSGPRV_PUBLIC, MSGPRV_UNLISTED) or \
+                    (privacy == MSGPRV_FRIENDS and
+                    mention_user.is_following(cur_user) and 
+                    cur_user.is_following(mention_user)):
+                push_notification('mention', mention_user, user=user.id)
+        except User.DoesNotExist:
+            pass