diff --git a/controller/Account/RegisterController.php b/controller/Account/RegisterController.php
index 0e234c16be1544e5ae3a7d580001f935fb946dad..41a92e1e8f5d29b55ca3ab2c8fc851536c7df39b 100644
--- a/controller/Account/RegisterController.php
+++ b/controller/Account/RegisterController.php
@@ -3,6 +3,7 @@ namespace JLAS\Book\Controller\Account;
 use \JLAS\Book\Controller\BaseController;
 use \JLAS\Book\Model as Model;
 use \JLAS\Book\Entity as Entity;
+use JLAS\Book\Controller\BiodataController as BiodataController;
 
 class RegisterController extends BaseController {
 
@@ -28,6 +29,10 @@ class RegisterController extends BaseController {
                     "address" => escapeHTML($this->getArg('address')),
                     "phone" => escapeHTML($this->getArg('phone')),
                 ));
+                if (!BiodataController::validate($biodata)) {
+                    $this->setResponse(400);
+                    return;
+                }
                 try {
                     // Create user.
                     $user = new Entity\AccountEntity(array(
diff --git a/controller/BiodataController.php b/controller/BiodataController.php
index 4f59995e8d2e038812a93c65ed0b52f7521fe2b6..28f590106ad5cd4c276390d22395dd3abef4f2ac 100644
--- a/controller/BiodataController.php
+++ b/controller/BiodataController.php
@@ -6,6 +6,22 @@ use \JLAS\Book\Entity as Entity;
 
 class BiodataController extends BaseController {
 
+    static $username_pattern = '^\w{5,20}$';
+    static $phone_pattern = '^\d{9,12}$';
+
+    public static function validate($biodata) {
+        if (!filter_var($biodata->email, FILTER_VALIDATE_EMAIL)) {
+            return false;
+        }
+        if (!preg_match($username_pattern, $biodata->username)) {
+            return false;
+        }
+        if (!preg_match($phone_pattern, $biodata->phone)) {
+            return false;
+        }
+        return true;
+    }
+
     /**
      * Get the data needed for this controller.
      * @return array data passed to the view.
diff --git a/controller/EditController.php b/controller/EditController.php
index 6d917d72ba49f2e3a8b0af67599628f15ab2ea8f..8b56d9fa5f14319604556a281bbde9d8f2cd1750 100644
--- a/controller/EditController.php
+++ b/controller/EditController.php
@@ -3,6 +3,7 @@ namespace JLAS\Book\Controller;
 use \JLAS\Book\Controller\BaseController;
 use \JLAS\Book\Model as Model;
 use \JLAS\Book\Entity as Entity;
+use JLAS\Book\Controller\BiodataController as BiodataController;
 
 class EditController extends BaseController {
 
@@ -50,6 +51,11 @@ class EditController extends BaseController {
                 $biodata->name = escapeHTML($this->getArg('name'));
                 $biodata->address = escapeHTML($this->getArg('address'));
                 $biodata->phone = escapeHTML($this->getArg('phone'));
+
+                if (!BiodataController::validate($biodata)) {
+                    $this->setResponse(400);
+                    return;
+                }
                 
                 //Update profile picture
                 if (isset($image_id)) {