diff --git a/pool/base.php b/pool/base.php
index ee07306e..ec419c75 100644
--- a/pool/base.php
+++ b/pool/base.php
@@ -335,6 +335,12 @@ function loginStr($str)
  return preg_replace($all, '', $str);
 }
 #
+function deworker($str)
+{
+ $work = '/[\._].*$/';
+ return preg_replace($work, '', $str);
+}
+#
 function trn($str)
 {
  $rep = str_replace(array('<', '>'), array('&lt;', '&gt;'), $str);
diff --git a/pool/page_api.php b/pool/page_api.php
index 7a228201..bd92055b 100644
--- a/pool/page_api.php
+++ b/pool/page_api.php
@@ -13,6 +13,9 @@ function show_api($info, $page, $menu, $name, $user)
 {
  global $fld_sep;
  $u = getparam('username', true);
+ if (nutem($u))
+	no_api();
+ $u = deworker($u);
  if (nutem($u))
 	no_api();
  $api = getparam('api', true);