diff --git a/src/admin.py b/src/admin.py
index 17de9ac..91f94a8 100644
--- a/src/admin.py
+++ b/src/admin.py
@@ -41,24 +41,12 @@ def admin():
 
     if form.validate_on_submit():
         filename = form.file.data.filename
-        link = quote(form.link.data, safe='/:?&')
-
-        if not link and (not filename or not allowed_file(filename)):
-            flash("File type not supported")
-            return redirect("/admin")
+        link = form.link.data
 
         if link and filename:
             flash("Both file and link")
             return redirect("/admin")
 
-        if not link.startswith("https://"):
-            flash("Link didn't start with https://")
-            return redirect("/admin")
-
-        if link.startswith("https://tv.dtek.se"):
-            flash("No links to tv-mannnen D:")
-            return redirect("/admin")
-
         # Check if start date is after end date
         if (form.start_date.data > form.end_date.data):
             flash("Start date is after end date.")
@@ -72,9 +60,15 @@ def admin():
                 flash(msg)
                 return redirect("/admin")
 
-        org_filename = secure_filename(filename)
-
         if link:
+            if not link.startswith("https://"):
+                flash("Link didn't start with https://")
+                return redirect("/admin")
+
+            if link.startswith("https://tv.dtek.se"):
+                flash("No links to tv-mannnen D:")
+                return redirect("/admin")
+
             add_pr(file_name=link,
                 is_iframe=True,
                 desc=form.desc.data,
@@ -84,6 +78,12 @@ def admin():
                 user_id=current_user.id,
                 owner=current_user.username)
         elif filename:
+            if (not filename or not allowed_file(filename)):
+                flash("File type not supported")
+                return redirect("/admin")
+
+            org_filename = secure_filename(filename)
+
             # Generate random filename with correct extention
             filename = str(uuid.uuid4()) + "." + \
                 org_filename.rsplit('.', 1)[1].lower()
@@ -133,7 +133,8 @@ def delete():
         return redirect("/admin")
 
     try:
-        os.remove(os.path.join(config.UPLOAD_FOLDER, pr.file_name))
+        if not pr.is_iframe:
+            os.remove(os.path.join(config.UPLOAD_FOLDER, pr.file_name))
     except: 
         flash("PR wasn't found on disk but the database entry has been removed")
         
diff --git a/src/templates/admin.html b/src/templates/admin.html
index cbfb689..f805c78 100644
--- a/src/templates/admin.html
+++ b/src/templates/admin.html
@@ -26,7 +26,7 @@
 </tr>
 {% for pr in pr_list %}
   <tr>
-    <td data-label="Description:">  <a href="/img/{{pr.file_name}}">{{ pr.desc }}</a></td>
+    <td data-label="Description:">  <a href={{ pr.file_name if pr.is_iframe else "/img/" + pr.file_name}}>{{ pr.desc }}</a></td>
     <td data-label="Start time:">   {{ pr.start_date.strftime('%Y-%m-%d, %H:%M') }}</td>
     <td data-label="End time:">     {{ pr.end_date.strftime('%Y-%m-%d, %H:%M') }}</td>
     <td data-label="Priority:">     {{ pr.priority }}</td>
diff --git a/src/templates/pr.html b/src/templates/pr.html
index 6177d23..d6c3689 100644
--- a/src/templates/pr.html
+++ b/src/templates/pr.html
@@ -74,7 +74,7 @@
       if (prs[curr].iframe) {
         body.innerHTML = ""
         var iframe = document.createElement('iframe');
-        iframe.src = prs[curr].link;
+        iframe.src = encodeURI(prs[curr].link);
         iframe.width = "100%";
         iframe.height = "100%";
         iframe.style.background = 'white';