diff --git a/metrics.go b/metrics.go
index 1bc4c2d..20ce51a 100644
--- a/metrics.go
+++ b/metrics.go
@@ -31,6 +31,16 @@ type OneMetric struct {
 
 // metrics handler
 
+func validProperty(prop string) bool {
+    valid_properties := [...]string{"w", "t", "h", "p", "vp" }
+    for _, p := range valid_properties {
+        if p == prop {
+            return true
+        }
+    }
+    return false
+}
+
 func metricsHandler(response http.ResponseWriter, request *http.Request) {
 	name := getUserName(request)
 	if name != "" {
@@ -42,6 +52,13 @@ func metricsHandler(response http.ResponseWriter, request *http.Request) {
 			return
 		}
 
+		if (!validProperty(property[0])) {
+			log.Println("Url Param 'property' is invalid")
+			fmt.Fprintf(response, "{ \"msg\": \"error: invalid property\" }")
+			return
+		}
+
+
 		deveui, ok := request.URL.Query()["deveui"]
 
 		if !ok || len(deveui[0]) < 1 {
diff --git a/snippets/graph.html b/snippets/graph.html
index d7c4c82..1695001 100644
--- a/snippets/graph.html
+++ b/snippets/graph.html
@@ -9,7 +9,7 @@
 <link href="static/bulma-calendar/css/bulma-calendar.min.css" rel="stylesheet">
 <script src="static/bulma-calendar/js/bulma-calendar.min.js"></script>
 
-<div class="columns">
+<div class="columns" id="myselectors">
   <div class="column is-half">
     <div id="reportrange" style="background: #fff; cursor: pointer; padding: 5px 10px; border: 1px solid #ccc; width: 100%">
       <i class="fa fa-calendar"></i>&nbsp;
@@ -214,6 +214,7 @@ function drawGraph(deveui, alias, property, start, stop, create_graph) {
   </div>
 </article>`);
       } else if (mydata.msg.includes("error:")) {
+        $('#myselectors').hide();
         $('#chart').html(`<article class="message is-danger">
   <div class="message-body">
     Fehler im Aufruf