diff --git a/src/db/doll.rs b/src/db/doll.rs
index 79296c9..f2dc5f8 100644
--- a/src/db/doll.rs
+++ b/src/db/doll.rs
@@ -39,6 +39,17 @@ pub async fn check_ids(mut db: DollTagsDb, idents: &Vec<i64>) -> sqlx::Result<Ve
 	query.fetch_all(&mut **db).await
 }
 
+pub async fn id_exists(mut db: DollTagsDb, ident: i64, microchip_id: &str) -> sqlx::Result<bool> {
+	Ok(sqlx::query!(
+		"select id from doll_profiles where id = ? or microchip_id = ?",
+		ident,
+		microchip_id
+	)
+	.fetch_optional(&mut **db)
+	.await?
+	.is_some())
+}
+
 pub async fn create(mut db: DollTagsDb, doll: CreateDollProfile<'_>) -> sqlx::Result<i64> {
 	sqlx::query!(
 		r#"
diff --git a/src/main.rs b/src/main.rs
index 667341e..fe3ca71 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -8,7 +8,7 @@ use db::schema::{CreateDollProfile, DollTags, DollTagsDb};
 use regex::Regex;
 use rng::generate_ids;
 use rocket::fairing::AdHoc;
-use rocket::form::Form;
+use rocket::form::{self, Form};
 use rocket::fs::{relative, FileServer};
 use rocket::response::Redirect;
 use rocket_db_pools::Database;
@@ -57,27 +57,61 @@ async fn show_register(db: DollTagsDb) -> Template {
 // TODO: Validation
 #[derive(Debug, FromForm)]
 struct TagForm<'a> {
+	#[field(validate=len(1..=6))]
 	pub ident: &'a str,
+	#[field(validate=len(..32))]
 	pub microchip_id: &'a str,
 
+	#[field(validate=len(..256))]
 	pub name: &'a str,
+	#[field(validate=len(..32))]
 	pub pronoun_subject: &'a str,
+	#[field(validate=len(..32))]
 	pub pronoun_object: &'a str,
+	#[field(validate=len(..32))]
 	pub pronoun_possessive: &'a str,
 
+	#[field(validate=len(..256))]
 	pub handler_name: &'a str,
+	#[field(validate=len(..2048))]
 	pub handler_link: &'a str,
 
+	#[field(validate=len(..256))]
 	pub kind: &'a str,
+	#[field(validate=len(..256))]
 	pub breed: &'a str,
+	#[field(validate=len(..256))]
 	pub behaviour: &'a str,
+	#[field(validate=len(..2048))]
 	pub description: &'a str,
 
+	#[field(validate=validate_chassis(self.chassis_id, self.chassis_color, "chassis_type"))]
 	pub chassis_type: &'a str,
+	#[field(validate=validate_chassis(self.chassis_type, self.chassis_color, "chassis_id"))]
 	pub chassis_id: &'a str,
+	#[field(validate=validate_chassis(self.chassis_type, self.chassis_id, "chassis_color"))]
 	pub chassis_color: &'a str,
 }
 
+fn validate_chassis<'v>(a: &str, b: &str, c: &str, field: &str) -> form::Result<'v, ()> {
+	let all_empty = a.len() == 0 && b.len() == 0 && c.len() == 0;
+	let all_full = a.len() != 0
+		&& a.len() < 256
+		&& b.len() != 0
+		&& b.len() < 256
+		&& c.len() != 0
+		&& c.len() < 256;
+
+	if !all_empty && !all_full {
+		Err(form::Error::validation(format!(
+			"missing chassis field {}",
+			field
+		)))?;
+	}
+
+	Ok(())
+}
+
 #[post("/register", data = "<tag>")]
 async fn handle_register(db: DollTagsDb, tag: Form<TagForm<'_>>) -> Template {
 	println!("register: {:?}", tag);