diff --git a/.gitignore b/.gitignore
index 3d96e92..26344d9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -20,4 +20,7 @@ go.work
 # Executable
 hibiscus
 
-.idea/
\ No newline at end of file
+.idea/
+
+# Because currently it's used in "prod"
+data/
\ No newline at end of file
diff --git a/config/config.txt b/config/config.txt
new file mode 100644
index 0000000..ceb3092
--- /dev/null
+++ b/config/config.txt
@@ -0,0 +1,4 @@
+port=7101
+username=test
+password=pass
+export_code=hibiscus
\ No newline at end of file
diff --git a/files.go b/files.go
index 3c92e09..02b5e47 100644
--- a/files.go
+++ b/files.go
@@ -12,7 +12,7 @@ import (
 )
 
 func GetFile(filename string, w http.ResponseWriter, r *http.Request) {
-	path := "data/" + filepath.Base(filename) + ".txt" // This should *theoretically* sanitize the string
+	path := "data/" + filename + ".txt" // Can we and should we sanitize this?
 
 	if _, err := os.Stat(path); errors.Is(err, os.ErrNotExist) {
 		NotFound(w, r)
diff --git a/pages/index.html b/pages/index.html
index eb2679d..f4ffe0a 100644
--- a/pages/index.html
+++ b/pages/index.html
@@ -16,11 +16,11 @@
     <main class="container">
         <h2 style="margin-bottom:0;"><label for="day">Your day so far:</label></h2>
         <textarea id="day" name="Day entry" cols="40" rows="10" style="max-width: 640px; width: 100%"></textarea>
-        <div class="grid"><button onclick="console.log('Test save')">Save</button></div>
+        <div class="grid"><button onclick="saveToday()">Save</button></div>
 
         <h2><label for="log">Log</label></h2>
         <input type="text" id="log" name="log" style="max-width: 640px; width: 100%"/>
-        <div class="grid"><button onclick="console.log('Test log save')">Save</button></div>
+        <div class="grid"><button onclick="saveLog()">Save</button></div>
     </main>
     <footer class="container">
         <p><a href="/page/sitemap" class="no-accent"></a> v0.0.1 | PoC using <a href="https://picocss.com">PicoCSS</a></p>
@@ -34,7 +34,67 @@
         timeField.innerText = todayDate.toISOString().split('T')[0]
 
     }
-
     updateTime()
+
+    async function postData(url = "", data = "") {
+        const response = await fetch(url, {
+            method: "POST",
+            credentials: "same-origin",
+            headers: {
+                "Content-Type": "text/plain",
+            },
+            redirect: "follow",
+            referrerPolicy: "no-referrer",
+            body: data,
+        });
+        if (response.ok) {
+            return response.text();
+        } else {
+            return response.status
+        }
+    }
+
+    async function getData(url = "", data = "") {
+        const response = await fetch(url, {
+            method: "GET",
+            credentials: "same-origin",
+            redirect: "follow",
+            referrerPolicy: "no-referrer"
+        });
+        if (response.ok) {
+            return response.text();
+        } else {
+            console.log(response.text())
+            return response.status
+            // return "Error"
+        }
+    }
+
+    function saveLog() {
+        let logField = document.getElementById("log")
+        postData("/api/log", logField.value).then((data) => {
+            if (data !== 500) {
+                logField.value = ""
+            }
+        });
+    }
+
+    function saveToday() {
+        let logField = document.getElementById("day")
+        postData("/api/today", logField.value).then((data) => {
+            console.log(data);
+        });
+    }
+    function loadToday() {
+        let dayField = document.getElementById("day")
+        getData("/api/today", dayField.value).then((data) => {
+            if (data !== 404) {
+                dayField.value = data
+            } else {
+                dayField.value = ""
+            }
+        });
+    }
+    loadToday()
 </script>
 </html>
\ No newline at end of file
diff --git a/serve.go b/serve.go
index 87e7211..10b73b6 100644
--- a/serve.go
+++ b/serve.go
@@ -14,6 +14,7 @@ func Serve() {
 	r := chi.NewRouter()
 	r.Use(middleware.Logger, middleware.CleanPath, middleware.StripSlashes)
 	r.Use(basicAuth) // TODO: ..duh!
+	r.NotFound(NotFound)
 
 	// Home page
 	r.Get("/", func(w http.ResponseWriter, r *http.Request) {
@@ -39,8 +40,6 @@ func Serve() {
 
 	r.Mount("/api", apiRouter)
 
-	r.NotFound(NotFound)
-
 	// Static files
 	fs := http.FileServer(http.Dir("public"))
 	r.Handle("/public/*", http.StripPrefix("/public/", fs))