Index: branches/5.3.x/units/gateways/gw_classes/ideal_nl.php
===================================================================
diff -u -r15671 -r15899
--- branches/5.3.x/units/gateways/gw_classes/ideal_nl.php	(.../ideal_nl.php)	(revision 15671)
+++ branches/5.3.x/units/gateways/gw_classes/ideal_nl.php	(.../ideal_nl.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: ideal_nl.php 15671 2013-01-17 11:39:41Z alex $
+* @version	$Id: ideal_nl.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -103,7 +103,7 @@
 				$error_msg = $trans_data->FindChildValue('message');
 				$this->parsed_responce['XML'] = $transaction_xml;
 				$this->Application->SetVar('failure_template', $this->Application->RecallVar('gw_cancel_template'));
-				$this->parsed_responce['MESSAGE'] = $error_msg ? $error_msg : 'Unknown gateway error ('.htmlspecialchars($transaction_xml, null, CHARSET).')';
+				$this->parsed_responce['MESSAGE'] = $error_msg ? $error_msg : 'Unknown gateway error ('.kUtil::escape($transaction_xml, kUtil::ESCAPE_HTML).')';
 				return false;
 			}
 
Index: branches/5.3.x/install/upgrades.sql
===================================================================
diff -u -r15671 -r15899
--- branches/5.3.x/install/upgrades.sql	(.../upgrades.sql)	(revision 15671)
+++ branches/5.3.x/install/upgrades.sql	(.../upgrades.sql)	(revision 15899)
@@ -286,3 +286,10 @@
 # ===== v 5.2.1-B1 =====
 ALTER TABLE Affiliates CHANGE PortalUserId PortalUserId INT(10) NULL DEFAULT NULL;
 UPDATE Affiliates SET PortalUserId = NULL WHERE PortalUserId = 0;
+
+# ===== v 5.2.1-B2 =====
+UPDATE Modules
+SET ClassNamespace = 'Intechnic\\InPortal\\Modules\\InCommerce'
+WHERE `Name` = 'In-Commerce';
+
+# ===== v 5.2.1-RC1 =====
Index: branches/5.3.x/units/destinations/dst_event_handler.php
===================================================================
diff -u -r15671 -r15899
--- branches/5.3.x/units/destinations/dst_event_handler.php	(.../dst_event_handler.php)	(revision 15671)
+++ branches/5.3.x/units/destinations/dst_event_handler.php	(.../dst_event_handler.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: dst_event_handler.php 15671 2013-01-17 11:39:41Z alex $
+* @version	$Id: dst_event_handler.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -36,6 +36,7 @@
 
 		foreach ($items_info as $field_values) {
 			$object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values));
+			$event->setEventParam('form_data', $field_values);
 			$this->customProcessing($event, 'before');
 
 			if ( $object->Create() ) {
Index: branches/5.3.x/units/product_option_combinations/product_option_combinations_event_handler.php
===================================================================
diff -u -r15695 -r15899
--- branches/5.3.x/units/product_option_combinations/product_option_combinations_event_handler.php	(.../product_option_combinations_event_handler.php)	(revision 15695)
+++ branches/5.3.x/units/product_option_combinations/product_option_combinations_event_handler.php	(.../product_option_combinations_event_handler.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: product_option_combinations_event_handler.php 15695 2013-02-19 11:30:36Z alex $
+* @version	$Id: product_option_combinations_event_handler.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -177,6 +177,7 @@
 
 		list($id, $field_values) = each($items_info);
 		$object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values));
+		$event->setEventParam('form_data', $field_values);
 
 		if ( !$object->Validate() ) {
 			$event->status = kEvent::erFAIL;
@@ -208,6 +209,7 @@
 			{
 				$object->Load($id);
  				$object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values));
+				$event->setEventParam('form_data', $field_values);
 
  				if (!$object->Validate()) {
 					$event->status = kEvent::erFAIL;
Index: branches/5.3.x/units/shipping_quote_engines/usps.php
===================================================================
diff -u -r15695 -r15899
--- branches/5.3.x/units/shipping_quote_engines/usps.php	(.../usps.php)	(revision 15695)
+++ branches/5.3.x/units/shipping_quote_engines/usps.php	(.../usps.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: usps.php 15695 2013-02-19 11:30:36Z alex $
+* @version	$Id: usps.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -734,7 +734,7 @@
 			            '</IntlRateRequest>';
 			$api_query = 'IntlRate';
 		}
-		$request = 'API='.$api_query.'&XML=' . urlencode($request);
+		$request = 'API='.$api_query.'&XML=' . kUtil::escape($request, kUtil::ESCAPE_URL);
 		$body = $this->PostQuery($request);
 		$body = str_replace(chr(146), '', $body); // for bad `
 
@@ -937,7 +937,7 @@
 
 		// die($request);
 
-		$request = 'API='.$api_query.'&XML='.urlencode($request);
+		$request = 'API='.$api_query.'&XML='.kUtil::escape($request, kUtil::ESCAPE_URL);
 
 		$body = $this->PostQuery($request, 1);
 
@@ -1079,7 +1079,7 @@
 
 			$request = '<TrackRequest USERID="'.$this->usps_userid.'"><TrackID ID="'.$TrackingNumber.'"></TrackID></TrackRequest>';
 			$api_query = 'TrackV2';
-			$request = 'API='.$api_query.'&XML='.urlencode($request);
+			$request = 'API='.$api_query.'&XML='.kUtil::escape($request, kUtil::ESCAPE_URL);
 			$body = $this->PostQuery($request);
 
 			// check for errors
Index: branches/5.3.x/units/gateways/gw_classes/google_checkout.php
===================================================================
diff -u -r15671 -r15899
--- branches/5.3.x/units/gateways/gw_classes/google_checkout.php	(.../google_checkout.php)	(revision 15671)
+++ branches/5.3.x/units/gateways/gw_classes/google_checkout.php	(.../google_checkout.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: google_checkout.php 15671 2013-01-17 11:39:41Z alex $
+* @version	$Id: google_checkout.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -80,8 +80,8 @@
 			$cart_xml = Array ();
 			foreach ($order_items as $order_item) {
 				$cart_xml[] = '	<item>
-					        		<item-name>'.htmlspecialchars($order_item['ProductName'], null, CHARSET).'</item-name>
-					        		<item-description>'.htmlspecialchars($order_item[$ml_formatter->LangFieldName('DescriptionExcerpt')], null, CHARSET).'</item-description>'.
+					        		<item-name>'.kUtil::escape($order_item['ProductName'], kUtil::ESCAPE_HTML).'</item-name>
+					        		<item-description>'.kUtil::escape($order_item[$ml_formatter->LangFieldName('DescriptionExcerpt')], kUtil::ESCAPE_HTML).'</item-description>'.
 									$this->getPriceXML('unit-price', $order_item['Price']).'
 					        		<quantity>'.$order_item['Quantity'].'</quantity>
 								</item>';
@@ -102,7 +102,7 @@
 
 			$shipping_xml = '';
 			foreach ($shipping_types as $shipping_name) {
-				$shipping_xml .= '	<merchant-calculated-shipping name="'.htmlspecialchars($shipping_name, null, CHARSET).'">
+				$shipping_xml .= '	<merchant-calculated-shipping name="'.kUtil::escape($shipping_name, kUtil::ESCAPE_HTML).'">
 										<price currency="USD">0.00</price>
 									</merchant-calculated-shipping>';
 			}
@@ -390,7 +390,7 @@
 				$shipping_name = $shipping_type['ShippingName'];
 				$processable_shipping_index = array_search($shipping_name, $process_shippings);
 				if ($processable_shipping_index !== false) {
-					$shipping_types_xml .= '<result shipping-name="'.htmlspecialchars($shipping_name, null, CHARSET).'" address-id="'.$address_id.'">
+					$shipping_types_xml .= '<result shipping-name="'.kUtil::escape($shipping_name, kUtil::ESCAPE_HTML).'" address-id="'.$address_id.'">
 				    	        				<shipping-rate currency="USD">'.sprintf('%01.2f', $shipping_type['TotalCost']).'</shipping-rate>
 				        	    				<shippable>true</shippable>
 				        					</result>';
@@ -402,7 +402,7 @@
 
 			// add unavailable shipping types
 			foreach ($process_shippings as $shipping_name) {
-				$shipping_types_xml .= '<result shipping-name="'.htmlspecialchars($shipping_name, null, CHARSET).'" address-id="'.$address_id.'">
+				$shipping_types_xml .= '<result shipping-name="'.kUtil::escape($shipping_name, kUtil::ESCAPE_HTML).'" address-id="'.$address_id.'">
 											<shipping-rate currency="USD">0.00</shipping-rate>
 				            				<shippable>false</shippable>
 				        				</result>';
Index: branches/5.3.x/admin_templates/affiliate_plans/affiliate_plans_edit.tpl
===================================================================
diff -u -r15671 -r15899
--- branches/5.3.x/admin_templates/affiliate_plans/affiliate_plans_edit.tpl	(.../affiliate_plans_edit.tpl)	(revision 15671)
+++ branches/5.3.x/admin_templates/affiliate_plans/affiliate_plans_edit.tpl	(.../affiliate_plans_edit.tpl)	(revision 15899)
@@ -68,7 +68,7 @@
 
 			<inp2:m_RenderElement design="form_row" prefix="ap" field="MinPaymentAmount" title="la_fld_MinimumPaymentAmount">
 				<td class="control-cell">
-					<input type="text" name="<inp2:ap_InputName field='MinPaymentAmount' />" id="<inp2:ap_InputName field='MinPaymentAmount' />" value="<inp2:ap_Field name='MinPaymentAmount' />" tabindex="<inp2:m_get param='tab_index'/>" size="8">
+					<input type="text" name="<inp2:$prefix_InputName field='$field' />" id="<inp2:$prefix_InputName field='$field' />" value="<inp2:$prefix_Field name='$field' />" tabindex="<inp2:m_get param='tab_index'/>" size="8"/>
 					<span class="small">(<inp2:curr_PrimaryCurrencyISO />)</span>
 				</td>
 			</inp2:m_RenderElement>
Index: branches/5.3.x/units/order_items/order_items_event_handler.php
===================================================================
diff -u -r15695 -r15899
--- branches/5.3.x/units/order_items/order_items_event_handler.php	(.../order_items_event_handler.php)	(revision 15695)
+++ branches/5.3.x/units/order_items/order_items_event_handler.php	(.../order_items_event_handler.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: order_items_event_handler.php 15695 2013-02-19 11:30:36Z alex $
+* @version	$Id: order_items_event_handler.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -114,6 +114,7 @@
 
 				$object->Load($id);
 				$object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values));
+				$event->setEventParam('form_data', $field_values);
 				$this->customProcessing($event, 'before');
 
 				if ( $object->Update($id) ) {
Index: branches/5.3.x/units/shipping_costs/shipping_costs_event_handler.php
===================================================================
diff -u -r15492 -r15899
--- branches/5.3.x/units/shipping_costs/shipping_costs_event_handler.php	(.../shipping_costs_event_handler.php)	(revision 15492)
+++ branches/5.3.x/units/shipping_costs/shipping_costs_event_handler.php	(.../shipping_costs_event_handler.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: shipping_costs_event_handler.php 15453 2012-07-16 16:41:43Z alex $
+* @version	$Id: shipping_costs_event_handler.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -67,6 +67,7 @@
 
 		foreach ($items_info as $field_values) {
 			$object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values));
+			$event->setEventParam('form_data', $field_values);
 			$this->customProcessing($event, 'before');
 
 			if ( $object->Create() ) {
Index: branches/5.3.x/units/orders/orders_event_handler.php
===================================================================
diff -u -r15807 -r15899
--- branches/5.3.x/units/orders/orders_event_handler.php	(.../orders_event_handler.php)	(revision 15807)
+++ branches/5.3.x/units/orders/orders_event_handler.php	(.../orders_event_handler.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: orders_event_handler.php 15807 2013-06-25 14:18:34Z alex $
+* @version	$Id: orders_event_handler.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -440,7 +440,10 @@
 	function OnCompleteOrder($event)
 	{
 		$this->LockTables($event);
-		if ( !$this->CheckQuantites($event) ) {
+		$reoccurring_order = substr($event->Special, 0, 9) == 'recurring';
+
+		if ( !$reoccurring_order && !$this->CheckQuantites($event) ) {
+			// don't check quantities (that causes recalculate) for reoccurring orders
 			return;
 		}
 
@@ -2916,7 +2919,8 @@
 						$sql = 'SELECT '.$backorder_select.' AS BackOrderFlagCalc, oi.*
 								FROM '.TABLE_PREFIX.'OrderItems oi
 								LEFT JOIN '.TABLE_PREFIX.'Products p ON p.ProductId = oi.ProductId
-								WHERE (OrderId = %s) AND (BackOrderFlagCalc = 0) AND (p.Type = '.PRODUCT_TYPE_TANGIBLE.')';
+								WHERE (OrderId = %s) AND (p.Type = '.PRODUCT_TYPE_TANGIBLE.')
+								HAVING BackOrderFlagCalc = 0';
 
 							$products = $this->Conn->Query( sprintf($sql, $ord_id) );
 							foreach ($products as $product) {
Index: branches/5.3.x/units/shipping_quote_engines/intershipper.php
===================================================================
diff -u -r15695 -r15899
--- branches/5.3.x/units/shipping_quote_engines/intershipper.php	(.../intershipper.php)	(revision 15695)
+++ branches/5.3.x/units/shipping_quote_engines/intershipper.php	(.../intershipper.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: intershipper.php 15695 2013-02-19 11:30:36Z alex $
+* @version	$Id: intershipper.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -56,8 +56,8 @@
 		foreach($params['carriers'] as $carrier)
 		{
 			$i++;
-			$uri .= '&CarrierCode'.$i.'='.	rawurlencode($carrier['name']).
-			'&CarrierAccount'.$i.'='.		rawurlencode($carrier['account']).
+			$uri .= '&CarrierCode'.$i.'='.	kUtil::escape($carrier['name'], kUtil::ESCAPE_URL).
+			'&CarrierAccount'.$i.'='.		kUtil::escape($carrier['account'], kUtil::ESCAPE_URL).
 			'&CarrierInvoiced'.$i.'='.		$carrier['invoiced'];
 		}
 
@@ -71,21 +71,21 @@
 		$uri .= '&DeliveryType='.	'COM'.
 			'&ShipMethod='.			$params['ShipMethod'].
 
-			'&OriginationName='.	rawurlencode( $params['orig_name'] ).
-			'&OriginationAddress1='.rawurlencode( $params['orig_addr1'] ).
-			'&OriginationAddress2='.rawurlencode( $params['orig_addr2'] ).
-			'&OriginationCity='.	rawurlencode( $params['orig_city'] ).
-			'&OriginationState='.	rawurlencode( $params['orig_state'] ).
-			'&OriginationPostal='.	rawurlencode( $params['orig_postal'] ).
-			'&OriginationCountry='.	rawurlencode( $params['orig_country'] ).
+			'&OriginationName='.	kUtil::escape( $params['orig_name'], kUtil::ESCAPE_URL ).
+			'&OriginationAddress1='.kUtil::escape( $params['orig_addr1'], kUtil::ESCAPE_URL ).
+			'&OriginationAddress2='.kUtil::escape( $params['orig_addr2'], kUtil::ESCAPE_URL ).
+			'&OriginationCity='.	kUtil::escape( $params['orig_city'], kUtil::ESCAPE_URL ).
+			'&OriginationState='.	kUtil::escape( $params['orig_state'], kUtil::ESCAPE_URL ).
+			'&OriginationPostal='.	kUtil::escape( $params['orig_postal'], kUtil::ESCAPE_URL ).
+			'&OriginationCountry='.	kUtil::escape( $params['orig_country'], kUtil::ESCAPE_URL ).
 
-			'&DestinationName='.	rawurlencode( $params['dest_name'] ).
-			'&DestinationAddress1='.rawurlencode( $params['dest_addr1'] ).
-			'&DestinationAddress2='.rawurlencode( $params['dest_addr2'] ).
-			'&DestinationCity='.	rawurlencode( $params['dest_city'] ).
-			'&DestinationState='.	rawurlencode( $params['dest_state'] ).
-			'&DestinationPostal='.	rawurlencode( $params['dest_postal'] ).
-			'&DestinationCountry='.	rawurlencode( $params['dest_country'] ).
+			'&DestinationName='.	kUtil::escape( $params['dest_name'], kUtil::ESCAPE_URL ).
+			'&DestinationAddress1='.kUtil::escape( $params['dest_addr1'], kUtil::ESCAPE_URL ).
+			'&DestinationAddress2='.kUtil::escape( $params['dest_addr2'], kUtil::ESCAPE_URL ).
+			'&DestinationCity='.	kUtil::escape( $params['dest_city'], kUtil::ESCAPE_URL ).
+			'&DestinationState='.	kUtil::escape( $params['dest_state'], kUtil::ESCAPE_URL ).
+			'&DestinationPostal='.	kUtil::escape( $params['dest_postal'], kUtil::ESCAPE_URL ).
+			'&DestinationCountry='.	kUtil::escape( $params['dest_country'], kUtil::ESCAPE_URL ).
 
 			'&Currency='.			'USD'.
 			'&TotalPackages='.		count($params['packages']);
@@ -94,7 +94,7 @@
 		foreach($params['packages'] as $package)
 		{
 			$i++;
-			$uri .=	'&BoxID'.$i.'='.	urlencode( $package['package_key'] ).
+			$uri .=	'&BoxID'.$i.'='.	kUtil::escape( $package['package_key'] , kUtil::ESCAPE_URL ).
 			'&Weight'.$i.'='.			$package['weight'].
 			'&WeightUnit'.$i.'='.		$package['weight_unit'].
 			'&Length'.$i.'='.			$package['length'].
Index: branches/5.3.x/install/upgrades.php
===================================================================
diff -u -r15695 -r15899
--- branches/5.3.x/install/upgrades.php	(.../upgrades.php)	(revision 15695)
+++ branches/5.3.x/install/upgrades.php	(.../upgrades.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: upgrades.php 15695 2013-02-19 11:30:36Z alex $
+* @version	$Id: upgrades.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -62,6 +62,8 @@
 				'5.2.0-RC1' => Array ('Core' => '5.2.0-RC1'),
 				'5.2.0' => Array ('Core' => '5.2.0'),
 				'5.2.1-B1' => Array ('Core' => '5.2.1-B1'),
+				'5.2.1-B2' => Array ('Core' => '5.2.1-B2'),
+				'5.2.1-RC1' => Array ('Core' => '5.2.1-RC1'),
 			);
 		}
 
Index: branches/5.3.x/install.php
===================================================================
diff -u -r15492 -r15899
--- branches/5.3.x/install.php	(.../install.php)	(revision 15492)
+++ branches/5.3.x/install.php	(.../install.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: install.php 14689 2011-10-25 13:43:04Z alex $
+* @version	$Id: install.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -10,43 +10,49 @@
 * and will be prosecuted to the maximum extent possible under the law
 * See http://www.in-portal.org/commercial-license for copyright notices and details.
 */
-	$module_folder = 'modules/in-commerce';
+$module_folder = 'modules/in-commerce';
 
-	if (!defined('IS_INSTALL')) {
-		// separate module install
-		define('IS_INSTALL', 1);
-		define('ADMIN', 1);
-		define('FULL_PATH', realpath(dirname(__FILE__) . '/../..') );
+if ( !defined('IS_INSTALL') ) {
+	// separate module install
+	define('IS_INSTALL', 1);
+	define('ADMIN', 1);
+	define('FULL_PATH', realpath(dirname(__FILE__) . '/../..'));
 
-		include_once(FULL_PATH . '/core/kernel/startup.php');
-		require_once FULL_PATH . '/core/install/install_toolkit.php';
+	include_once(FULL_PATH . '/core/kernel/startup.php');
+	require_once FULL_PATH . '/core/install/install_toolkit.php';
 
-		$toolkit = new kInstallToolkit();
+	$constants_file = FULL_PATH . '/' . $module_folder . '/constants.php';
+
+	if ( file_exists($constants_file) ) {
+		require_once $constants_file;
 	}
-	else {
-		// install, using installation wizard
-		$toolkit =& $this->toolkit;
-		/* @var $toolkit kInstallToolkit */
-	}
 
-	$application =& kApplication::Instance();
-	$application->Init();
+	$toolkit = new kInstallToolkit();
+}
+else {
+	// install, using installation wizard
+	$toolkit =& $this->toolkit;
+	/* @var $toolkit kInstallToolkit */
+}
 
-	if ($application->RecallVar('user_id') != USER_ROOT) {
-		die('restricted access!');
-	}
+$application =& kApplication::Instance();
+$application->Init();
 
-	$category =& $toolkit->createModuleCategory('Products', 'Product Catalog', '#in-commerce/section_design#', 'in-commerce/img/menu_products.gif');
+if ( $application->RecallVar('user_id') != USER_ROOT ) {
+	die('restricted access!');
+}
 
-	$toolkit->RunSQL('/' . $module_folder . '/install/install_schema.sql');
-	$toolkit->RunSQL('/' . $module_folder . '/install/install_data.sql', '{ProductCatId}', $category->GetID());
-	$toolkit->ImportLanguage('/' . $module_folder . '/install/english');
+$category =& $toolkit->createModuleCategory('Products', 'Product Catalog', '#in-commerce/section_design#', 'in-commerce/img/menu_products.gif');
 
-	$toolkit->SetModuleRootCategory(basename($module_folder), $category->GetID());
+$toolkit->RunSQL('/' . $module_folder . '/install/install_schema.sql');
+$toolkit->RunSQL('/' . $module_folder . '/install/install_data.sql', '{ProductCatId}', $category->GetID());
+$toolkit->ImportLanguage('/' . $module_folder . '/install/english');
 
-	$toolkit->linkCustomFields(basename($module_folder), 'p', 11); // to create Custom Fields for Products
-	$toolkit->linkCustomFields('KERNEL', 'u', 6); // to create shipping related Custom Fields for Users
-	$toolkit->linkCustomFields('KERNEL', 'c', 1); // to create ItemTemplate custom field
-	$toolkit->setModuleItemTemplate($category, 'p', '#in-commerce/item_design#');
+$toolkit->SetModuleRootCategory(basename($module_folder), $category->GetID());
 
-	$toolkit->finalizeModuleInstall($module_folder, true);
\ No newline at end of file
+$toolkit->linkCustomFields(basename($module_folder), 'p', 11); // to create Custom Fields for Products
+$toolkit->linkCustomFields('KERNEL', 'u', 6); // to create shipping related Custom Fields for Users
+$toolkit->linkCustomFields('KERNEL', 'c', 1); // to create ItemTemplate custom field
+$toolkit->setModuleItemTemplate($category, 'p', '#in-commerce/item_design#');
+
+$toolkit->finalizeModuleInstall($module_folder, true);
Index: branches/5.3.x/units/product_options/product_options_tag_processor.php
===================================================================
diff -u -r15671 -r15899
--- branches/5.3.x/units/product_options/product_options_tag_processor.php	(.../product_options_tag_processor.php)	(revision 15671)
+++ branches/5.3.x/units/product_options/product_options_tag_processor.php	(.../product_options_tag_processor.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: product_options_tag_processor.php 15671 2013-01-17 11:39:41Z alex $
+* @version	$Id: product_options_tag_processor.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -60,12 +60,12 @@
 			$val = $option;
 
 			if ( getArrayValue($params, 'js') ) {
-				$block_params['id'] = addslashes($val);
-				$block_params['value'] = htmlspecialchars($val, null, CHARSET);
+				$block_params['id'] = kUtil::escape($val, kUtil::ESCAPE_JS);
+				$block_params['value'] = kUtil::escape($val);
 			}
 			else {
-				$block_params['id'] = htmlspecialchars($val, null, CHARSET);
-				$block_params['value'] = htmlspecialchars($val, null, CHARSET);
+				$block_params['id'] = kUtil::escape($val);
+				$block_params['value'] = kUtil::escape($val);
 			}
 
 			if ( $conv_prices[$val] ) {
@@ -105,7 +105,7 @@
 				$option_value = array_key_exists($object->GetID(), $options) ? $options[$object->GetID()] : '';
 
 				if ( $object->GetDBField('OptionType') == OptionType::CHECKBOX ) {
-					$selected = is_array($option_value) && in_array(htmlspecialchars($val, null, CHARSET), $option_value);
+					$selected = is_array($option_value) && in_array(kUtil::escape($val), $option_value);
 				}
 				else { // radio buttons ?
 					$selected = htmlspecialchars_decode($option_value) == $val;
Index: branches/5.3.x/units/order_items/order_items_tag_processor.php
===================================================================
diff -u -r15695 -r15899
--- branches/5.3.x/units/order_items/order_items_tag_processor.php	(.../order_items_tag_processor.php)	(revision 15695)
+++ branches/5.3.x/units/order_items/order_items_tag_processor.php	(.../order_items_tag_processor.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: order_items_tag_processor.php 15695 2013-02-19 11:30:36Z alex $
+* @version	$Id: order_items_tag_processor.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -126,7 +126,9 @@
 						$block_params['price_type'] = $price_type;
 						$block_params['sign'] = $price >= 0 ? '+' : '-';
 					}
-					$block_params['value'] = htmlspecialchars($val, null, CHARSET);
+
+					// TODO: consider escaping in template instead
+					$block_params['value'] = kUtil::escape($val);
 					$block_params['type'] = $key_data['OptionType'];
 				}
 				$o .= $this->Application->ParseBlock($block_params, 1);
@@ -176,7 +178,10 @@
 		foreach ($values as $val) {
 			$i++;
 			$val = htmlspecialchars_decode($val);
-			$block_params['value'] = htmlspecialchars($val, null, CHARSET);
+
+			// TODO: consider escaping in template instead
+			$block_params['value'] = kUtil::escape($val);
+
 			if ($price_types[$val] == '$') {
 				$iso = $this->GetISO($params['currency']);
 				$value = $this->AddCurrencySymbol(sprintf("%.2f", $this->ConvertCurrency($prices[$val], $iso)), $iso, true); // true to force sign
Index: branches/5.3.x/units/products/products_tag_processor.php
===================================================================
diff -u -r15695 -r15899
--- branches/5.3.x/units/products/products_tag_processor.php	(.../products_tag_processor.php)	(revision 15695)
+++ branches/5.3.x/units/products/products_tag_processor.php	(.../products_tag_processor.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: products_tag_processor.php 15695 2013-02-19 11:30:36Z alex $
+* @version	$Id: products_tag_processor.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -836,7 +836,7 @@
 	 */
 	protected function CompareLink($params)
 	{
-		$params['continue'] = urlencode($this->Application->HREF('__default__', '', Array ('pass_category' => 1)));
+		$params['continue'] = kUtil::escape($this->Application->HREF('__default__', '', Array ('pass_category' => 1)), kUtil::ESCAPE_URL);
 
 		return $this->Application->ProcessParsedTag('m', 'Link', $params);
 	}
Index: branches/5.3.x/units/gateways/gw_tag_processor.php
===================================================================
diff -u -r15695 -r15899
--- branches/5.3.x/units/gateways/gw_tag_processor.php	(.../gw_tag_processor.php)	(revision 15695)
+++ branches/5.3.x/units/gateways/gw_tag_processor.php	(.../gw_tag_processor.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: gw_tag_processor.php 15695 2013-02-19 11:30:36Z alex $
+* @version	$Id: gw_tag_processor.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -50,7 +50,7 @@
 
 		$value = isset($this->ConfigValues[$id]) ? $this->ConfigValues[$id] : '';
 		if ( !array_key_exists('no_special', $params) || !$params['no_special'] ) {
-			$value = htmlspecialchars($value, null, CHARSET);
+			$value = kUtil::escape($value);
 		}
 
 		if ( getArrayValue($params, 'checked') ) {
Index: branches/5.3.x/units/order_items/order_items_config.php
===================================================================
diff -u -r15656 -r15899
--- branches/5.3.x/units/order_items/order_items_config.php	(.../order_items_config.php)	(revision 15656)
+++ branches/5.3.x/units/order_items/order_items_config.php	(.../order_items_config.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: order_items_config.php 15656 2013-01-02 17:24:49Z alex $
+* @version	$Id: order_items_config.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -106,7 +106,7 @@
 		'Weight' => Array ('type' => 'double', 'default' => NULL),
 		'ShippingTypeId' => Array ('type' => 'string', 'default' => NULL),
 		'ItemData' => Array ('type' => 'string', 'default' => null),
-		'OptionsSalt' => Array ('type' => 'int', 'default' => 0),
+		'OptionsSalt' => Array ('type' => 'string', 'default' => 0),
 		'SplitShippingGroup' => Array ('type' => 'int', 'not_null' => 1, 'default' => 0,),
 		'PackageNum' => Array ('type' => 'int', 'not_null' => 1, 'default' => 0,),
 		'ReturnType' => Array (
Index: branches/5.3.x/units/products/products_config.php
===================================================================
diff -u -r15675 -r15899
--- branches/5.3.x/units/products/products_config.php	(.../products_config.php)	(revision 15675)
+++ branches/5.3.x/units/products/products_config.php	(.../products_config.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: products_config.php 15675 2013-01-17 12:08:15Z alex $
+* @version	$Id: products_config.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -42,20 +42,8 @@
 	'RewriteListener' => 'CategoryItemRewrite:RewriteListener',
 
 	'Hooks' => Array (
-		// for subscription products: access group is saved before changing pricings
 		Array (
 			'Mode' => hAFTER,
-			'Conditional' => true,
-			'HookToPrefix' => 'pr',
-			'HookToSpecial' => '*',
-			'HookToEvent' => Array ('OnNew', 'OnAfterItemLoad'),
-			'DoPrefix' => '',
-			'DoSpecial' => '*',
-			'DoEvent' => 'OnPreSave',
-		),
-
-		Array (
-			'Mode' => hAFTER,
 			'Conditional' => false,
 			'HookToPrefix' => 'lst',
 			'HookToSpecial' => '',
@@ -417,21 +405,21 @@
 					FROM %1$s
 					LEFT JOIN '.TABLE_PREFIX.'UserGroups ON '.TABLE_PREFIX.'UserGroups.GroupId = %1$s.AccessGroupId
 					LEFT JOIN '.TABLE_PREFIX.'%3$sCategoryItems ON '.TABLE_PREFIX.'%3$sCategoryItems.ItemResourceId = %1$s.ResourceId
+					{PERM_JOIN}
 					LEFT JOIN '.TABLE_PREFIX.'Categories ON '.TABLE_PREFIX.'Categories.CategoryId = '.TABLE_PREFIX.'%3$sCategoryItems.CategoryId
 					LEFT JOIN '.TABLE_PREFIX.'%3$sCatalogImages img ON img.ResourceId = %1$s.ResourceId AND img.DefaultImg = 1
 					LEFT JOIN '.TABLE_PREFIX.'%3$sProductFiles files ON files.ProductId = %1$s.ProductId AND files.IsPrimary = 1
 					LEFT JOIN '.TABLE_PREFIX.'%3$sProductsPricing pricing ON pricing.ProductId = %1$s.ProductId AND pricing.IsPrimary = 1
 					LEFT JOIN '.TABLE_PREFIX.'Manufacturers ON '.TABLE_PREFIX.'Manufacturers.ManufacturerId = %1$s.ManufacturerId
-					LEFT JOIN '.TABLE_PREFIX.'CategoryPermissionsCache perm ON perm.CategoryId = '.TABLE_PREFIX.'%3$sCategoryItems.CategoryId
 					LEFT JOIN '.TABLE_PREFIX.'%3$sProductsCustomData cust ON %1$s.ResourceId = cust.ResourceId',
 
 		'showall' => 'SELECT %1$s.* %2$s FROM %1$s
 					LEFT JOIN '.TABLE_PREFIX.'%3$sProductsPricing pricing ON pricing.ProductId = %1$s.ProductId AND pricing.IsPrimary = 1
 					LEFT JOIN '.TABLE_PREFIX.'%3$sProductFiles files ON files.ProductId = %1$s.ProductId AND files.IsPrimary = 1
 					LEFT JOIN '.TABLE_PREFIX.'Manufacturers ON '.TABLE_PREFIX.'Manufacturers.ManufacturerId = %1$s.ManufacturerId
 					LEFT JOIN '.TABLE_PREFIX.'%3$sCategoryItems ON '.TABLE_PREFIX.'%3$sCategoryItems.ItemResourceId = %1$s.ResourceId
+					{PERM_JOIN}
 					LEFT JOIN '.TABLE_PREFIX.'Categories ON '.TABLE_PREFIX.'Categories.CategoryId = '.TABLE_PREFIX.'%3$sCategoryItems.CategoryId
-					LEFT JOIN '.TABLE_PREFIX.'CategoryPermissionsCache perm ON perm.CategoryId = '.TABLE_PREFIX.'%3$sCategoryItems.CategoryId
 					LEFT JOIN '.TABLE_PREFIX.'%3$sProductsCustomData cust ON %1$s.ResourceId = cust.ResourceId',
 	),
 
Index: branches/5.3.x/admin_templates/products/products_access.tpl
===================================================================
diff -u -r15492 -r15899
--- branches/5.3.x/admin_templates/products/products_access.tpl	(.../products_access.tpl)	(revision 15492)
+++ branches/5.3.x/admin_templates/products/products_access.tpl	(.../products_access.tpl)	(revision 15899)
@@ -10,6 +10,7 @@
   	<td>
   		<script type="text/javascript">
 				a_toolbar = new ToolBar();
+
 				a_toolbar.AddButton( new ToolBarButton('select', '<inp2:m_phrase label="la_ToolTip_Save" escape="1"/>', function() {
 							submit_event('p','<inp2:p_SaveEvent/>');
 						}
@@ -35,16 +36,36 @@
 
 //				a_toolbar.AddButton( new ToolBarSeparator('sep3') );
 				//Pricing related:
-				a_toolbar.AddButton( new ToolBarButton('new_item', '<inp2:m_phrase label="la_ToolTip_NewPricing" escape="1"/>::<inp2:m_phrase label="la_ToolTip_Add" escape="1"/>',
-						function() {
+				a_toolbar.AddButton(
+					new ToolBarButton('new_item', '<inp2:m_phrase label="la_ToolTip_NewPricing" escape="1"/>::<inp2:m_phrase label="la_ToolTip_Add" escape="1"/>',
+					function() {
+						save_product_ajax(function () {
 							std_new_item('pr', 'in-commerce/products/access_pricing_edit')
-						} ) );
+						});
+					})
+				);
 
 				function edit()
   				{
-  					std_edit_temp_item('pr', 'in-commerce/products/access_pricing_edit');
+					save_product_ajax(function () {
+						std_edit_temp_item('pr', 'in-commerce/products/access_pricing_edit');
+					});
   				}
 
+				function save_product_ajax($callback) {
+					$.post(
+						'<inp2:m_Link p_event="OnPreSaveAjax" pass="m,p" no_amp="1" js_escape="1"/>',
+						$('#' + $form_name).serialize(),
+						function ($data) {
+							$data = eval('(' + $data + ')');
+
+							if ($data.status == 'OK') {
+								$callback();
+							}
+						}
+					);
+				}
+
 				a_toolbar.AddButton( new ToolBarButton('edit', '<inp2:m_phrase label="la_ToolTip_Edit" escape="1"/>', edit) );
 				a_toolbar.AddButton( new ToolBarButton('delete', '<inp2:m_phrase label="la_ToolTip_Delete" escape="1"/>',
 						function() {
@@ -85,12 +106,12 @@
 
 			<inp2:m_RenderElement name="inp_edit_options" prefix="p" field="AccessGroupId" title="la_fld_AccessGroup" has_empty="1"/>
 			<inp2:m_RenderElement name="inp_edit_checkbox" prefix="p" field="IsRecurringBilling" title="la_fld_IsRecurringBilling"/>
-			
+
 			<!--## TODO check on implementation of this field
 			<inp2:m_RenderElement name="inp_edit_checkbox" prefix="p" field="PayPalRecurring" title="la_fld_IsPayPalRecurring"/>
 			##-->
-			
-			<!--## TODO check on implementation of these fields 
+
+			<!--## TODO check on implementation of these fields
 			<inp2:m_RenderElement name="inp_edit_box" prefix="p" field="AccessDuration" title="la_fld_AccessDuration" size="4" />
 			<inp2:m_RenderElement name="inp_edit_options" prefix="p" field="AccessDurationType" title="la_fld_AccessDurationType" size="20"/>
 			<inp2:m_RenderElement name="inp_edit_date_time" prefix="p" field="AccessStart" title="la_fld_AccessStart" size="10" />
Index: branches/5.3.x/units/product_option_combinations/product_option_combinations_config.php
===================================================================
diff -u -r15656 -r15899
--- branches/5.3.x/units/product_option_combinations/product_option_combinations_config.php	(.../product_option_combinations_config.php)	(revision 15656)
+++ branches/5.3.x/units/product_option_combinations/product_option_combinations_config.php	(.../product_option_combinations_config.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: product_option_combinations_config.php 15656 2013-01-02 17:24:49Z alex $
+* @version	$Id: product_option_combinations_config.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -66,7 +66,7 @@
 		'CombinationId' => Array ('type' => 'int', 'not_null' => 1, 'default' => 0, ),
 		'ProductId' => Array ('type' => 'int', 'not_null' => 1, 'default' => 0, ),
 		'Combination' => Array ('type' => 'string', 'required' => 1, 'formatter' => 'kCombinationFormatter', 'format' =>"%s: %s<br>", 'default' => NULL),
-		'CombinationCRC' => Array ('type' => 'int', 'not_null' => 1, 'default' => 0, ),
+		'CombinationCRC' => Array ('type' => 'string', 'not_null' => 1, 'default' => 0, ),
 		'PriceType' => Array ('type' => 'int', 'formatter' => 'kOptionsFormatter', 'options' => Array (1 => 'la_Txt_=', 2 => 'la_Flat', 3 => 'la_Percent'), 'use_phrases' => 1, 'default' => 3, ),
 		'Price' => Array ('type' => 'float', 'required' => 1, 'formatter' => 'kFormatter', 'default' => '', ),
 		'WeightType' => Array ('type' => 'int', 'formatter' => 'kOptionsFormatter', 'options' => Array (1 => 'la_Txt_=', 2 => 'la_Flat', 3 => 'la_Percent'), 'use_phrases' => 1, 'default' => 3, ),
Index: branches/5.3.x/units/pricing/pricing_event_handler.php
===================================================================
diff -u -r15671 -r15899
--- branches/5.3.x/units/pricing/pricing_event_handler.php	(.../pricing_event_handler.php)	(revision 15671)
+++ branches/5.3.x/units/pricing/pricing_event_handler.php	(.../pricing_event_handler.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: pricing_event_handler.php 15671 2013-01-17 11:39:41Z alex $
+* @version	$Id: pricing_event_handler.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2011 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -207,6 +207,7 @@
 				if (in_array($item_id, $stored_ids)) { //if it's already exist
 					$object->Load($item_id);
 					$object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values));
+					$event->setEventParam('form_data', $field_values);
 
 					if (!$object->Validate()) {
 						unset($stored_ids[array_search($item_id, $stored_ids)]);
@@ -226,6 +227,8 @@
 				else {
 					$object->Clear();
 					$object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values));
+					$event->setEventParam('form_data', $field_values);
+
 					$object->SetDBField('ProductId', $product_id);
 
 					if( $object->Create() ) {
Index: branches/5.3.x/install/english.lang
===================================================================
diff -u -r15492 -r15899
--- branches/5.3.x/install/english.lang	(.../english.lang)	(revision 15492)
+++ branches/5.3.x/install/english.lang	(.../english.lang)	(revision 15899)
@@ -1,5 +1,9 @@
-<LANGUAGES Version="5">
-	<LANGUAGE Encoding="base64" PackName="English" LocalName="English" DateFormat="m/d/Y" TimeFormat="g:i A" InputDateFormat="m/d/Y" InputTimeFormat="g:i:s A" DecimalPoint="." ThousandSep="," Charset="utf-8" UnitSystem="2" Locale="en-US" UserDocsUrl="http://docs.in-portal.org/eng/index.php">
+<?xml version="1.0" encoding="utf-8"?>
+<LANGUAGES Version="6">
+	<LANGUAGE Encoding="base64" PackName="English" LocalName="English" DateFormat="m/d/Y" ShortDateFormat="m/d" TimeFormat="g:i A" ShortTimeFormat="g:i A" InputDateFormat="m/d/Y" InputTimeFormat="g:i:s A" DecimalPoint="." ThousandSep="," UnitSystem="2" Locale="en-US" UserDocsUrl="http://docs.in-portal.org/eng/index.php">
+		<EMAILDESIGNS>
+			<HTML>JGJvZHkNCjxici8+PGJyLz4NCg0KU2luY2VyZWx5LDxici8+PGJyLz4NCg0KV2Vic2l0ZSBhZG1pbmlzdHJhdGlvbi4NCg0KPCEtLSMjIDxpbnAyOmVtYWlsLWxvZ19JdGVtTGluayB0ZW1wbGF0ZT0icGxhdGZvcm0vbXlfYWNjb3VudC9lbWFpbCIvPiAjIy0tPg==</HTML>
+		</EMAILDESIGNS>
 		<PHRASES>
 			<PHRASE Label="la_AccountLogin" Module="In-Commerce" Type="1">QWNjb3VudA==</PHRASE>
 			<PHRASE Label="la_AddressLine1" Module="In-Commerce" Type="1">QWRkcmVzcyBMaW5lIDE=</PHRASE>
@@ -596,7 +600,6 @@
 			<PHRASE Label="la_section_CreditCard" Module="In-Commerce" Type="1">Q3JlZGl0IENhcmQ=</PHRASE>
 			<PHRASE Label="la_section_Currency" Module="In-Commerce" Type="1">Q3VycmVuY3k=</PHRASE>
 			<PHRASE Label="la_section_EmailDelivery" Module="In-Commerce" Type="1">U2VuZCB2aWEgRS1tYWlsIHRv</PHRASE>
-			<PHRASE Label="la_section_File" Module="In-Commerce" Type="1">RmlsZQ==</PHRASE>
 			<PHRASE Label="la_section_Files" Module="In-Commerce" Type="1">RmlsZXM=</PHRASE>
 			<PHRASE Label="la_section_help_file_missing" Module="In-Commerce" Type="1">IFRoaXMgaGVscCBzZWN0aW9uIGRvZXMgbm90IHlldCBleGlzdCwgaXQncyBjb21pbmcgc29vbiE=</PHRASE>
 			<PHRASE Label="la_section_OrderBilling" Module="In-Commerce" Type="1">QmlsbGluZyBJbmZvcm1hdGlvbg==</PHRASE>
Index: branches/5.3.x/install/install_data.sql
===================================================================
diff -u -r15671 -r15899
--- branches/5.3.x/install/install_data.sql	(.../install_data.sql)	(revision 15671)
+++ branches/5.3.x/install/install_data.sql	(.../install_data.sql)	(revision 15899)
@@ -477,4 +477,4 @@
 	(DEFAULT, 'p', 'Price', 'range', 1, 10),
 	(DEFAULT, 'p', 'EditorsPick', 'radio', 1, NULL);
 
-INSERT INTO Modules VALUES ('In-Commerce', 'modules/in-commerce/', 'p', DEFAULT, 1, 4, 'in-commerce/', 2, NULL, NULL);
+INSERT INTO Modules VALUES ('In-Commerce', 'modules/in-commerce/', 'Intechnic\\InPortal\\Modules\\InCommerce', 'p', DEFAULT, 1, 4, 'in-commerce/', 2, NULL, NULL);
Index: branches/5.3.x/units/gateways/gw_classes/sella_guestpay.php
===================================================================
diff -u -r15671 -r15899
--- branches/5.3.x/units/gateways/gw_classes/sella_guestpay.php	(.../sella_guestpay.php)	(revision 15671)
+++ branches/5.3.x/units/gateways/gw_classes/sella_guestpay.php	(.../sella_guestpay.php)	(revision 15899)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: sella_guestpay.php 15671 2013-01-17 11:39:41Z alex $
+* @version	$Id: sella_guestpay.php 15899 2013-07-12 10:32:25Z alex $
 * @package	In-Commerce
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license	Commercial License
@@ -63,7 +63,7 @@
 			$separator = '*P1*';
 			$b = array();
 			foreach ($params as $key=>$val) {
-				$b[] = $key.'='.urlencode(trim($val));
+				$b[] = $key.'='.kUtil::escape(trim($val), kUtil::ESCAPE_URL);
 			}
 			//the last one is CUSTOMINFO according to GW specs, passing the atosorigin-style 'caddie'
 			$b = join($separator, $b);