Index: branches/unlabeled/unlabeled-1.68.4/core/kernel/db/db_tag_processor.php
===================================================================
diff -u -r7073 -r7091
--- branches/unlabeled/unlabeled-1.68.4/core/kernel/db/db_tag_processor.php	(.../db_tag_processor.php)	(revision 7073)
+++ branches/unlabeled/unlabeled-1.68.4/core/kernel/db/db_tag_processor.php	(.../db_tag_processor.php)	(revision 7091)
@@ -1501,6 +1501,8 @@
 			if (isset($params['type'])) {
 				$ret = $ret[ $params['type'] ];
 			}
+			
+			if( !$this->HasParam($params, 'no_special') ) $ret = htmlspecialchars($ret);
 			return $ret;
 		}
 
Index: branches/unlabeled/unlabeled-1.4.2/core/units/general/helpers/search_helper.php
===================================================================
diff -u -r7015 -r7091
--- branches/unlabeled/unlabeled-1.4.2/core/units/general/helpers/search_helper.php	(.../search_helper.php)	(revision 7015)
+++ branches/unlabeled/unlabeled-1.4.2/core/units/general/helpers/search_helper.php	(.../search_helper.php)	(revision 7091)
@@ -58,6 +58,7 @@
 						break;
 						
 					case '':
+						$keyword = str_replace('"', '\"', $keyword);
 						$normal_conditions[] = implode(' LIKE "%'.$keyword.'%" OR ', $fields).' LIKE "%'.$keyword.'%"';
 						break;
 				}
@@ -467,7 +468,7 @@
 		 */
 		function processRangeField(&$object, $search_field, $value, $type)
 		{
-			if (strlen($value[$type]) > 0) {
+			if (!strlen($value[$type])) {
 				return false;
 			}