diff --git a/src/pocketmine/PocketMine.php b/src/pocketmine/PocketMine.php
index 0c7e0da58..d2cf8c419 100644
--- a/src/pocketmine/PocketMine.php
+++ b/src/pocketmine/PocketMine.php
@@ -177,7 +177,6 @@ namespace pocketmine {
 	ini_set("default_charset", "utf-8");
 
 	ini_set("memory_limit", '-1');
-	define('pocketmine\START_TIME', microtime(true));
 
 	define('pocketmine\RESOURCE_PATH', \pocketmine\PATH . 'src' . DIRECTORY_SEPARATOR . 'pocketmine' . DIRECTORY_SEPARATOR . 'resources' . DIRECTORY_SEPARATOR);
 
@@ -245,6 +244,8 @@ namespace pocketmine {
 			}
 		}
 
+		//TODO: move this to a Server field
+		define('pocketmine\START_TIME', microtime(true));
 		ThreadManager::init();
 		new Server($autoloader, $logger, \pocketmine\DATA, \pocketmine\PLUGIN_PATH);
 
diff --git a/src/pocketmine/command/defaults/DeopCommand.php b/src/pocketmine/command/defaults/DeopCommand.php
index df65f28ef..0dc92755f 100644
--- a/src/pocketmine/command/defaults/DeopCommand.php
+++ b/src/pocketmine/command/defaults/DeopCommand.php
@@ -53,6 +53,9 @@ class DeopCommand extends VanillaCommand{
 		}
 
 		$name = array_shift($args);
+		if(!Player::isValidUserName($name)){
+			throw new InvalidCommandSyntaxException();
+		}
 
 		$player = $sender->getServer()->getOfflinePlayer($name);
 		$player->setOp(false);
diff --git a/src/pocketmine/command/defaults/EffectCommand.php b/src/pocketmine/command/defaults/EffectCommand.php
index a13967bd1..e036021a3 100644
--- a/src/pocketmine/command/defaults/EffectCommand.php
+++ b/src/pocketmine/command/defaults/EffectCommand.php
@@ -83,7 +83,7 @@ class EffectCommand extends VanillaCommand{
 		$amplification = 0;
 
 		if(count($args) >= 3){
-			if(($d = $this->getBoundedInt($sender, $args[2], 0, INT32_MAX)) === null){
+			if(($d = $this->getBoundedInt($sender, $args[2], 0, (int) (INT32_MAX / 20))) === null){
 				return false;
 			}
 			$duration = $d * 20; //ticks
diff --git a/src/pocketmine/command/defaults/OpCommand.php b/src/pocketmine/command/defaults/OpCommand.php
index ec68a37c4..5f677a4ab 100644
--- a/src/pocketmine/command/defaults/OpCommand.php
+++ b/src/pocketmine/command/defaults/OpCommand.php
@@ -53,6 +53,9 @@ class OpCommand extends VanillaCommand{
 		}
 
 		$name = array_shift($args);
+		if(!Player::isValidUserName($name)){
+			throw new InvalidCommandSyntaxException();
+		}
 
 		$player = $sender->getServer()->getOfflinePlayer($name);
 		Command::broadcastCommandMessage($sender, new TranslationContainer("commands.op.success", [$player->getName()]));
diff --git a/src/pocketmine/command/defaults/WhitelistCommand.php b/src/pocketmine/command/defaults/WhitelistCommand.php
index 0a5872f57..81fb16f0b 100644
--- a/src/pocketmine/command/defaults/WhitelistCommand.php
+++ b/src/pocketmine/command/defaults/WhitelistCommand.php
@@ -27,6 +27,7 @@ use pocketmine\command\Command;
 use pocketmine\command\CommandSender;
 use pocketmine\command\utils\InvalidCommandSyntaxException;
 use pocketmine\lang\TranslationContainer;
+use pocketmine\Player;
 use pocketmine\utils\TextFormat;
 use function count;
 use function implode;
@@ -94,6 +95,9 @@ class WhitelistCommand extends VanillaCommand{
 			if($this->badPerm($sender, strtolower($args[0]))){
 				return false;
 			}
+			if(!Player::isValidUserName($args[1])){
+				throw new InvalidCommandSyntaxException();
+			}
 			switch(strtolower($args[0])){
 				case "add":
 					$sender->getServer()->getOfflinePlayer($args[1])->setWhitelisted(true);