diff --git a/themes/blueprint/templates/install/fixdatabase.phtml b/themes/blueprint/templates/install/fixdatabase.phtml
index 5601c15e143c84734b9241b9805f02d5ba346bcd..fd981534ab2ea71b6b249363249de9de0e3065a1 100644
--- a/themes/blueprint/templates/install/fixdatabase.phtml
+++ b/themes/blueprint/templates/install/fixdatabase.phtml
@@ -11,7 +11,7 @@
 
 <p>To create a new database for VuFind, please fill in this form:</p>
 
-<form method="POST">
+<form method="post">
   <table>
     <tbody>
       <tr><td>New database name: </td><td><input type="text" name="dbname" value="<?=$this->escapeHtml($this->dbname)?>"/></td></tr>
diff --git a/themes/blueprint/templates/upgrade/fixanonymoustags.phtml b/themes/blueprint/templates/upgrade/fixanonymoustags.phtml
index 759c5b930da5c5ad37e84a3bbbeb6408344dc132..ffad6960b7aad4bed08935bed3891793cd49b475 100644
--- a/themes/blueprint/templates/upgrade/fixanonymoustags.phtml
+++ b/themes/blueprint/templates/upgrade/fixanonymoustags.phtml
@@ -20,7 +20,7 @@ an administrator) to associate with old anonymous tags.</p>
 
 <br />
 
-<form method="POST" action="<?=$this->url('upgrade-fixanonymoustags')?>">
+<form method="post" action="<?=$this->url('upgrade-fixanonymoustags')?>">
   <?=$this->transEsc('Username') ?>: <input type="text" name="username" /> <input type="submit" name="submit" value="<?=$this->transEsc('Submit') ?>" /><br /><br />
   <input type="submit" name="skip" value="<?=$this->transEsc('skip_step') ?>." onclick="return confirm('<?=$this->transEsc('skip_confirm') ?>');"/>
 </form>
\ No newline at end of file
diff --git a/themes/blueprint/templates/upgrade/fixmetadata.phtml b/themes/blueprint/templates/upgrade/fixmetadata.phtml
index 40ebeb0ac678232d92c4c312d96f3290096645f4..d25aa35b9c92b05772f5802376bf557f585f4f03 100644
--- a/themes/blueprint/templates/upgrade/fixmetadata.phtml
+++ b/themes/blueprint/templates/upgrade/fixmetadata.phtml
@@ -13,7 +13,7 @@ but it will improve the user experience by allowing proper sorting of favorites
 
 <br />
 
-<form method="POST" action="<?=$this->url('upgrade-fixmetadata')?>">
+<form method="post" action="<?=$this->url('upgrade-fixmetadata')?>">
   <input type="submit" name="submit" value="<?=$this->transEsc('fix_metadata') ?>." /><br /><br />
   <input type="submit" name="skip" value="<?=$this->transEsc('skip_fix_metadata') ?>." onclick="return confirm('<?=$this->transEsc('skip_confirm') ?>');"/>
 </form>
\ No newline at end of file
diff --git a/themes/blueprint/templates/upgrade/getdbcredentials.phtml b/themes/blueprint/templates/upgrade/getdbcredentials.phtml
index 7a9433f9ef2cec7e33006ace6b436f7549abf4b7..e0851b2f33ce2018de24b1a3cebdcdf4969e8897 100644
--- a/themes/blueprint/templates/upgrade/getdbcredentials.phtml
+++ b/themes/blueprint/templates/upgrade/getdbcredentials.phtml
@@ -11,7 +11,7 @@
 <p>VuFind's database structure needs to be updated for the new version.  Please enter a database username and password
 with permission to alter and create tables.</p>
 
-<form method="POST" action="<?=$this->url('upgrade-getdbcredentials')?>">
+<form method="post" action="<?=$this->url('upgrade-getdbcredentials')?>">
   <table>
     <tbody>
       <tr><td>MySQL Root User: </td><td><input type="text" name="dbrootuser" value="<?=$this->escapeHtml($this->dbrootuser)?>"/></td></tr>
diff --git a/themes/blueprint/templates/upgrade/showsql.phtml b/themes/blueprint/templates/upgrade/showsql.phtml
index 7aba031e15a3f2f46f05e8a114993b1605c3f889..4af0746d0d65b39d1a67ab65f32c976b3b44a954 100644
--- a/themes/blueprint/templates/upgrade/showsql.phtml
+++ b/themes/blueprint/templates/upgrade/showsql.phtml
@@ -4,21 +4,20 @@
 
     // Set up breadcrumbs:
     $this->layout()->breadcrumbs = '<em>' . $this->transEsc('Upgrade VuFind') . '</em>';
+
+    // Set up styles:
+    $this->headstyle()->appendStyle(
+        "pre {\n"
+        . "  padding:8px; margin:1em 2em; background:#EEE; border:1px dashed #CCC;\n"
+        . "}\n"
+    );
 ?>
-<style>
-    pre {
-        padding:8px;
-        margin:1em 2em;
-        background:#EEE;
-        border:1px dashed #CCC;
-    }
-</style>
 <h1><?=$this->transEsc('Upgrade VuFind')?></h1>
 <?=$this->flashmessages()?>
-<p>Save this SQL somewhere safe:</p>
+<p>These SQL statements can be used to manually upgrade your database:</p>
 
-<pre><?=trim($this->sql) ?></pre>
+<pre><?=$this->escapeHtml(trim($this->sql))?></pre>
 
-<form method="POST" action="<?=$this->url('upgrade-showsql')?>">
-    <input type="submit" name="continue" value="Next">
+<form method="post" action="<?=$this->url('upgrade-showsql')?>">
+  <input type="submit" name="continue" value="Next" />
 </form>
\ No newline at end of file