diff --git a/classes/context/Context.class.php b/classes/context/Context.class.php
index cde31a5f5..071c08fdd 100644
--- a/classes/context/Context.class.php
+++ b/classes/context/Context.class.php
@@ -118,6 +118,20 @@ class Context
 	 * @var bool true if attached file exists
 	 */
 	var $is_uploaded = false;
+	/**
+	 * Pattern for request vars check
+	 * @var array
+	 */
+	var $patterns = array(
+			'/<\?/iUsm',
+			'/<\%/iUsm',
+			'/<script\s*?language\s*?=\s*?("|\')?\s*?php\s*("|\')?/iUsm'
+			);
+	/**
+	 * Check init
+	 * @var bool false if init fail
+	 */
+	var $isSuccessInit = true;
 
 	/**
 	 * returns static context object (Singleton). It's to use Context without declaration of an object
@@ -798,56 +812,63 @@ class Context
 
 		$obj = clone($source_obj);
 
-		foreach($charset_list as $charset)
+		foreach($charset_list as $charset) 
 		{
-			$flag = true;
-			foreach($obj as $key=>$val)
-			{
-				if(!$val) continue;
-				if(!is_array($val) && iconv($charset,$charset,$val)!=$val) $flag = false;
-				else if(is_array($val))
-				{
-					$userdata = array('charset1'=>$charset,'charset2'=>$charset,'useFlag'=>true);
-					Context::arrayConvWalkCallback($val,null,$userdata);
-					if($userdata['returnFlag'] === false) $flag = false;
-				}
-			}
+			array_walk($obj,'Context::checkConvertFlag',$charset);
+			$flag = Context::checkConvertFlag($flag = true);
 			if($flag)
 			{
 				if($charset == 'UTF-8') return $obj;
-				foreach($obj as $key => $val)
-				{
-					if(!is_array($val)) $obj->{$key} = iconv($charset,'UTF-8',$val);
-					else Context::arrayConvWalkCallback($val,null,array($charset,'UTF-8'));
-				}
-
+				array_walk($obj,'Context::doConvertEncoding',$charset);
 				return $obj;
 			}
 		}
-
 		return $obj;
 	}
 
+	/**
+	 * Check flag 
+	 *
+	 * @param mixed $val
+	 * @param string $key
+	 * @param mixed $charset charset 
+	 * @see arrayConvWalkCallback will replaced array_walk_recursive in >=PHP5
+	 * @return void
+	 */
+	function checkConvertFlag(&$val, $key = null, $charset = null)
+	{
+		static $flag = true;
+		if($charset)
+		{
+			if(is_array($val))
+				array_walk($val,'Context::checkConvertFlag',$charset);
+			else if($val && iconv($charset,$charset,$val)!=$val) $flag = false;
+			else $flag = false;
+		}
+		else
+		{
+			$return = $flag;
+			$flag = true;
+			return $return;
+		}
+	}
+
 	/**
 	 * Convert array type variables into UTF-8 
 	 *
 	 * @param mixed $val
 	 * @param string $key
-	 * @param mixed $userdata charset1 charset2 useFlag retrunFlag
+	 * @param string $charset character set
 	 * @see arrayConvWalkCallback will replaced array_walk_recursive in >=PHP5
 	 * @return object converted object
 	 */
-	function arrayConvWalkCallback(&$val, $key = null, &$userdata)
+	function doConvertEncoding(&$val, $key = null, $charset)
 	{
-		if (is_array($val)) array_walk($val,'Context::arrayConvWalkCallback', $userdata);
-		else 
+		if (is_array($val))
 		{
-			if(!$userdata['useFlag']) $val = iconv($userdata['charset1'],$userdata['charset2'],$val);
-			else
-			{
-				if(iconv($charset,$charset,$val)!=$val) $userdata['returnFlag'] = (bool)false;
-			}
+			array_walk($val,'Context::doConvertEncoding',$charset);
 		}
+		else $val = iconv($charset,'UTF-8',$val);
 	}
 
 	/**
@@ -934,15 +955,36 @@ class Context
 
 			if($set_to_vars)
 			{
-				$val = preg_replace('/<\?/i', '', $val);
-				$val = preg_replace('/<\%/i', '', $val);
-				$val = preg_replace('/<script\s+language\s*=\s*("|\')php("|\')\s*>/ism', '', $val);
+				$this->_recursiveCheckVar($val);
 			}
 
 			$this->set($key, $val, $set_to_vars);
 		}
 	}
 
+	function _recursiveCheckVar($val)
+	{
+		if(is_string($val))
+		{
+			foreach($this->patterns as $pattern)
+			{
+				$result = preg_match($pattern, $val);
+				if($result)
+				{
+					$this->isSuccessInit = FALSE;
+					return;
+				}
+			}
+		}
+		else if(is_array($val))
+		{
+			foreach($val as $val2)
+			{
+				$this->_recursiveCheckVar($val2);
+			}
+		}
+	}
+
 	/**
 	 * Handle request arguments for JSON
 	 *
diff --git a/classes/db/DB.class.php b/classes/db/DB.class.php
index 68ea238da..2c329134b 100644
--- a/classes/db/DB.class.php
+++ b/classes/db/DB.class.php
@@ -14,6 +14,7 @@ if(!defined('__XE_LOADED_DB_CLASS__'))
 	require(_XE_PATH_.'classes/db/queryparts/expression/InsertExpression.class.php');
 	require(_XE_PATH_.'classes/db/queryparts/expression/UpdateExpression.class.php');
 	require(_XE_PATH_.'classes/db/queryparts/expression/UpdateExpressionWithoutArgument.class.php');
+	require(_XE_PATH_.'classes/db/queryparts/expression/ClickCountExpression.class.php');
 	require(_XE_PATH_.'classes/db/queryparts/table/Table.class.php');
 	require(_XE_PATH_.'classes/db/queryparts/table/JoinTable.class.php');
 	require(_XE_PATH_.'classes/db/queryparts/table/CubridTableWithHint.class.php');
@@ -123,9 +124,9 @@ class DB
 	 * transaction flag
 	 * @var boolean
 	 */
-	var $transaction_started = false;
+	var $transaction_started = FALSE;
 
-	var $is_connected = false;
+	var $is_connected = FALSE;
 
 	/**
 	 * returns enable list in supported dbms list
@@ -269,7 +270,7 @@ class DB
 		$get_supported_list = array();
 		$db_classes_path = _XE_PATH_."classes/db/";
 		$filter = "/^DB([^\.]+)\.class\.php/i";
-		$supported_list = FileHandler::readDir($db_classes_path, $filter, true);
+		$supported_list = FileHandler::readDir($db_classes_path, $filter, TRUE);
 
 		// after creating instance of class, check is supported
 		for($i = 0; $i < count($supported_list); $i++)
@@ -289,9 +290,9 @@ class DB
 
 			if(!$oDB) continue;
 
-			$obj = null;
+			$obj = NULL;
 			$obj->db_type = $db_type;
-			$obj->enable = $oDB->isSupported() ? true : false;
+			$obj->enable = $oDB->isSupported() ? TRUE : FALSE;
 
 			$get_supported_list[] = $obj;
 		}
@@ -352,8 +353,8 @@ class DB
 	 */
 	function isConnected($type = 'master', $indx = 0)
 	{
-		if($type == 'master') return $this->master_db["is_connected"] ? true : false;
-		else return $this->slave_db[$indx]["is_connected"] ? true : false;
+		if($type == 'master') return $this->master_db["is_connected"] ? TRUE : FALSE;
+		else return $this->slave_db[$indx]["is_connected"] ? TRUE : FALSE;
 	}
 
 	/**
@@ -402,7 +403,7 @@ class DB
 				$debug_file = _XE_PATH_."files/_debug_db_query.php";
 				$buff = array();
 				if(!file_exists($debug_file)) $buff[] = '<?php exit(); ?>';
-				$buff[] = print_r($log, true);
+				$buff[] = print_r($log, TRUE);
 
 				if(@!$fp = fopen($debug_file, "a")) return;
 				fwrite($fp, implode("\n", $buff)."\n\n");
@@ -453,7 +454,7 @@ class DB
 	 */
 	function isError()
 	{
-		return $this->errno === 0 ? false : true;
+		return $this->errno === 0 ? FALSE : TRUE;
 	}
 
 	/**
@@ -617,8 +618,8 @@ class DB
 	 */
 	function getCountCache($tables, $condition)
 	{
-		return false;
-		if(!$tables) return false;
+		return FALSE;
+		if(!$tables) return FALSE;
 		if(!is_dir($this->count_cache_path)) return FileHandler::makeDir($this->count_cache_path);
 
 		$condition = md5($condition);
@@ -630,7 +631,7 @@ class DB
 		if(!is_dir($cache_path)) FileHandler::makeDir($cache_path);
 
 		$cache_filename = sprintf('%s/%s.%s', $cache_path, $tables_str, $condition);
-		if(!file_exists($cache_filename)) return false;
+		if(!file_exists($cache_filename)) return FALSE;
 
 		$cache_mtime = filemtime($cache_filename);
 
@@ -638,7 +639,7 @@ class DB
 		foreach($tables as $alias => $table)
 		{
 			$table_filename = sprintf('%s/cache.%s%s', $this->count_cache_path, $this->prefix, $table) ;
-			if(!file_exists($table_filename) || filemtime($table_filename) > $cache_mtime) return false;
+			if(!file_exists($table_filename) || filemtime($table_filename) > $cache_mtime) return FALSE;
 		}
 
 		$count = (int)FileHandler::readFile($cache_filename);
@@ -654,8 +655,8 @@ class DB
 	 */
 	function putCountCache($tables, $condition, $count = 0)
 	{
-		return false;
-		if(!$tables) return false;
+		return FALSE;
+		if(!$tables) return FALSE;
 		if(!is_dir($this->count_cache_path)) return FileHandler::makeDir($this->count_cache_path);
 
 		$condition = md5($condition);
@@ -678,8 +679,8 @@ class DB
 	 */
 	function resetCountCache($tables)
 	{
-		return false;
-		if(!$tables) return false;
+		return FALSE;
+		if(!$tables) return FALSE;
 		if(!is_dir($this->count_cache_path)) return FileHandler::makeDir($this->count_cache_path);
 
 		if(!is_array($tables)) $tables = array($tables);
@@ -690,7 +691,7 @@ class DB
 			FileHandler::writeFile($filename, '');
 		}
 
-		return true;
+		return TRUE;
 	}
 
 	/**
@@ -730,7 +731,7 @@ class DB
 	 * @param boolean $with_values
 	 * @return string
 	 */
-	function getSelectSql($query, $with_values = true)
+	function getSelectSql($query, $with_values = TRUE)
 	{
 		$select = $query->getSelectString($with_values);
 		if($select == '') return new Object(-1, "Invalid query");
@@ -766,6 +767,36 @@ class DB
 		return $select . ' ' . $from . ' ' . $where . ' ' . $index_hint_list . ' ' . $groupBy . ' ' . $orderBy . ' ' . $limit;
 	}
 
+	/**
+	 * Given a SELECT statement that uses click count
+	 * returns the corresponding update sql string
+	 * for databases that don't have click count support built in
+	 * (aka all besides CUBRID)
+	 *
+	 * Function does not check if click count columns exist!
+	 * You must call $query->usesClickCount() before using this function
+	 *
+	 * @param $queryObject
+	 */
+	function getClickCountQuery($queryObject)
+	{
+		$new_update_columns = array();
+		$click_count_columns = $queryObject->getClickCountColumns();
+		foreach($click_count_columns as $click_count_column)
+		{
+			$click_count_column_name = $click_count_column->column_name;
+
+			$increase_by_1 = new Argument($click_count_column_name, null);
+			$increase_by_1->setColumnOperation('+');
+			$increase_by_1->ensureDefaultValue(1);
+
+			$update_expression = new UpdateExpression($click_count_column_name, $increase_by_1);
+			$new_update_columns[] = $update_expression;
+		}
+		$queryObject->columns = $new_update_columns;
+		return $queryObject;
+	}
+
 	/**
 	 * Return delete query string
 	 * @param object $query
@@ -773,7 +804,7 @@ class DB
 	 * @param boolean $with_priority
 	 * @return string
 	 */
-	function getDeleteSql($query, $with_values = true, $with_priority = false)
+	function getDeleteSql($query, $with_values = TRUE, $with_priority = FALSE)
 	{
 		$sql = 'DELETE ';
 
@@ -799,7 +830,7 @@ class DB
 	 * @param boolean $with_priority
 	 * @return string
 	 */
-	function getUpdateSql($query, $with_values = true, $with_priority = false)
+	function getUpdateSql($query, $with_values = TRUE, $with_priority = FALSE)
 	{
 		$columnsList = $query->getUpdateString($with_values);
 		if($columnsList == '') return new Object(-1, "Invalid query");
@@ -822,7 +853,7 @@ class DB
 	 * @param boolean $with_priority
 	 * @return string
 	 */
-	function getInsertSql($query, $with_values = true, $with_priority = false)
+	function getInsertSql($query, $with_values = TRUE, $with_priority = FALSE)
 	{
 		$tableName = $query->getFirstTableName();
 		$values = $query->getInsertString($with_values);
@@ -875,10 +906,10 @@ class DB
 	function _dbInfoExists()
 	{
 		if (!$this->master_db)
-			return false;
+			return FALSE;
 		if (count($this->slave_db) === 0)
-			return false;
-		return true;
+			return FALSE;
+		return TRUE;
 	}
 
 	/**
@@ -910,7 +941,7 @@ class DB
 
 		$this->_close($connection["resource"]);
 
-		$connection["is_connected"] = false;
+		$connection["is_connected"] = FALSE;
 	}
 
 	/**
@@ -920,7 +951,7 @@ class DB
 	 */
 	function _begin()
 	{
-		return true;
+		return TRUE;
 	}
 
 	/**
@@ -933,7 +964,7 @@ class DB
 			return;
 
 		if($this->_begin())
-			$this->transaction_started = true;
+			$this->transaction_started = TRUE;
 	}
 
 	/**
@@ -943,7 +974,7 @@ class DB
 	 */
 	function _rollback()
 	{
-		return true;
+		return TRUE;
 	}
 
 	/**
@@ -955,7 +986,7 @@ class DB
 		if (!$this->isConnected() || !$this->transaction_started)
 			return;
 		if($this->_rollback())
-			$this->transaction_started = false;
+			$this->transaction_started = FALSE;
 	}
 
 	/**
@@ -965,7 +996,7 @@ class DB
 	 */
 	function _commit()
 	{
-		return true;
+		return TRUE;
 	}
 
 	/**
@@ -973,12 +1004,12 @@ class DB
 	 * @param boolean $force regardless transaction start status or connect status, forced to commit
 	 * @return void
 	 */
-	function commit($force = false)
+	function commit($force = FALSE)
 	{
 		if (!$force && (!$this->isConnected() || !$this->transaction_started))
 			return;
 		if($this->_commit())
-			$this->transaction_started = false;
+			$this->transaction_started = FALSE;
 	}
 
 	/**
@@ -1000,9 +1031,9 @@ class DB
 	 * @param resource $connection
 	 * @return resource
 	 */
-	function _query($query, $connection = null)
+	function _query($query, $connection = NULL)
 	{
-		if($connection == null)
+		if($connection == NULL)
 			$connection = $this->_getConnection('master');
 		// Notify to start a query execution
 		$this->actStart($query);
@@ -1082,15 +1113,15 @@ class DB
 			$connection = &$this->slave_db[$indx];
 
 		$result = $this->__connect($connection);
-		if($result === NULL || $result === false)
+		if($result === NULL || $result === FALSE)
 		{
-			$connection["is_connected"] = false;
+			$connection["is_connected"] = FALSE;
 			return;
 		}
 
 		// Check connections
 		$connection["resource"] = $result;
-		$connection["is_connected"] = true;
+		$connection["is_connected"] = TRUE;
 
 		// Save connection info for db logs
 		$this->connection = ucfirst($type) . ' ' . $connection["db_hostname"];
@@ -1132,9 +1163,9 @@ class DB
 	 * @param boolean $force force load DBParser instance
 	 * @return DBParser
 	 */
-	function &getParser($force = false)
+	function &getParser($force = FALSE)
 	{
-		static $dbParser = null;
+		static $dbParser = NULL;
 		if(!$dbParser || $force)
 		{
 			$oDB = &DB::getInstance();
diff --git a/classes/db/DBMssql.class.php b/classes/db/DBMssql.class.php
index 27c541db9..dd0765191 100644
--- a/classes/db/DBMssql.class.php
+++ b/classes/db/DBMssql.class.php
@@ -767,6 +767,12 @@ class DBMssql extends DB
 				$buff->data = array();
 				$buff->page_navigation = new PageHandler($total_count, $total_page, $page, $page_count);
 				return $buff;
+
+				if($queryObject->usesClickCount())
+				{
+					$update_query = $this->getClickCountQuery($queryObject);
+					$this->_executeUpdateAct($update_query);
+				}
 			}
 
 			$start_count = ($page - 1) * $list_count;
diff --git a/classes/db/DBMysql.class.php b/classes/db/DBMysql.class.php
index 3f2ff1504..ab431ef8b 100644
--- a/classes/db/DBMysql.class.php
+++ b/classes/db/DBMysql.class.php
@@ -545,6 +545,13 @@ class DBMysql extends DB
 			$data = $this->_fetch($result);
 			$buff = new Object ();
 			$buff->data = $data;
+
+			if($queryObject->usesClickCount())
+			{
+				$update_query = $this->getClickCountQuery($queryObject);
+				$this->_executeUpdateAct($update_query, $with_values);
+			}
+
 			return $buff;
 		}
 	}
diff --git a/classes/db/queryparts/Query.class.php b/classes/db/queryparts/Query.class.php
index f33250266..5a75ce3f2 100644
--- a/classes/db/queryparts/Query.class.php
+++ b/classes/db/queryparts/Query.class.php
@@ -57,13 +57,13 @@ class Query extends Object
 	 * argument list
 	 * @var array
 	 */
-	var $arguments = null;
+	var $arguments = NULL;
 
 	/**
 	 * column list
 	 * @var array
 	 */
-	var $columnList = null;
+	var $columnList = NULL;
 
 	/**
 	 * order by text
@@ -84,15 +84,15 @@ class Query extends Object
 	 * @param string $priority
 	 * @return void
 	 */
-	function Query($queryID = null
-			, $action = null
-			, $columns = null
-			, $tables = null
-			, $conditions = null
-			, $groups = null
-			, $orderby = null
-			, $limit = null
-			, $priority = null)
+	function Query($queryID = NULL
+			, $action = NULL
+			, $columns = NULL
+			, $tables = NULL
+			, $conditions = NULL
+			, $groups = NULL
+			, $orderby = NULL
+			, $limit = NULL
+			, $priority = NULL)
 	{
 		$this->queryID = $queryID;
 		$this->action = $action;
@@ -109,7 +109,7 @@ class Query extends Object
 
 	function show()
 	{
-		return true;
+		return TRUE;
 	}
 
 	function setQueryId($queryID)
@@ -162,7 +162,7 @@ class Query extends Object
 	{
 		if(!isset($tables) || count($tables) === 0)
 		{
-			$this->setError(true);
+			$this->setError(TRUE);
 			$this->setMessage("You must provide at least one table for the query.");
 			return;
 		}
@@ -217,7 +217,7 @@ class Query extends Object
 	 * @param string|array $columns
 	 * @return Query return Query instance
 	 */
-	function select($columns= null)
+	function select($columns= NULL)
 	{
 		$this->action = 'select';
 		$this->setColumns($columns);
@@ -290,12 +290,33 @@ class Query extends Object
 		return $this->priority?'LOW_PRIORITY':'';
 	}
 
+	/**
+	 * Check if current query uses the click count attribute
+	 * For CUBRID, this statement uses the click count feature.
+	 * For the other databases, using this attribute causes a query
+	 * to produce both a select and an update
+	 */
+	function usesClickCount()
+	{
+		return count($this->getClickCountColumns()) > 0;
+	}
+
+	function getClickCountColumns()
+	{
+		$click_count_columns = array();
+		foreach($this->columns as $column){
+			if($column->show() && is_a($column, 'ClickCountExpression'))
+				$click_count_columns[] = $column;
+		}
+		return $click_count_columns;
+	}
+
 	/**
 	 * Return select sql
 	 * @param boolean $with_values
 	 * @return string
 	 */
-	function getSelectString($with_values = true)
+	function getSelectString($with_values = TRUE)
 	{
 		foreach($this->columns as $column)
 		{
@@ -315,7 +336,7 @@ class Query extends Object
 	 * @param boolean $with_values
 	 * @return string
 	 */
-	function getUpdateString($with_values = true)
+	function getUpdateString($with_values = TRUE)
 	{
 		foreach($this->columns as $column)
 		{
@@ -330,7 +351,7 @@ class Query extends Object
 	 * @param boolean $with_values
 	 * @return string
 	 */
-	function getInsertString($with_values = true)
+	function getInsertString($with_values = TRUE)
 	{
 		$columnsList = '';
 		// means we have insert-select
@@ -374,7 +395,7 @@ class Query extends Object
 	 * @param boolean $with_values
 	 * @return string
 	 */
-	function getFromString($with_values = true)
+	function getFromString($with_values = TRUE)
 	{
 		$from = '';
 		$simple_table_count = 0;
@@ -397,7 +418,7 @@ class Query extends Object
 	 * @param boolean $with_optimization
 	 * @return string
 	 */
-	function getWhereString($with_values = true, $with_optimization = true)
+	function getWhereString($with_values = TRUE, $with_optimization = TRUE)
 	{
 		$where = '';
 		$condition_count = 0;
diff --git a/classes/db/queryparts/expression/ClickCountExpression.class.php b/classes/db/queryparts/expression/ClickCountExpression.class.php
index e81eb77f3..e7be5eb9c 100644
--- a/classes/db/queryparts/expression/ClickCountExpression.class.php
+++ b/classes/db/queryparts/expression/ClickCountExpression.class.php
@@ -26,9 +26,8 @@ class ClickCountExpression extends SelectExpression
 
 		if(!is_bool($click_count))
 		{
-			error_log("Click_count value for $column_name was not boolean", 0);
+			// error_log("Click_count value for $column_name was not boolean", 0);
 			$this->click_count = false;
-			return;
 		}
 		$this->click_count = $click_count;
 	}
@@ -44,7 +43,15 @@ class ClickCountExpression extends SelectExpression
 	 */
 	function getExpression()
 	{
-		return "$this->column_name = $this->column_name + 1";
+		$db_type = Context::getDBType();
+		if($db_type == 'cubrid')
+		{
+			return "INCR($this->column_name)";
+		}
+		else
+		{
+			return "$this->column_name";
+		}
 	}
 }
 
diff --git a/classes/frontendfile/FrontEndFileHandler.class.php b/classes/frontendfile/FrontEndFileHandler.class.php
index c4f69f9ea..62a351e68 100644
--- a/classes/frontendfile/FrontEndFileHandler.class.php
+++ b/classes/frontendfile/FrontEndFileHandler.class.php
@@ -2,7 +2,7 @@
 /**
  * Handle front end files
  * @author NHN (developers@xpressengine.com)
- */
+ **/
 class FrontEndFileHandler extends Handler
 {
 	/**
@@ -91,40 +91,41 @@ class FrontEndFileHandler extends Handler
 	 * @param string $cdnPrefix CDN url prefix. (http://static.xpressengine.com/core/)
 	 * @param string $cdnVersion CDN version string (ardent1)
 	 * @return void
-	 */
+	 **/
 	function loadFile($args, $useCdn = false, $cdnPrefix = '', $cdnVersion = '')
 	{
 		if (!is_array($args)) $args = array($args);
 
 		$pathInfo = pathinfo($args[0]);
+		$file = new stdClass();
 		$file->fileName = $pathInfo['basename'];
 		$file->filePath = $this->_getAbsFileUrl($pathInfo['dirname']);
 		$file->fileRealPath = FileHandler::getRealPath($pathInfo['dirname']);
 		$file->fileExtension = strtolower($pathInfo['extension']);
-		$file->fileNameNoExt = preg_replace("/\.{$file->fileExtension}$/", '', $file->fileName);
+		$file->fileNameNoExt = preg_replace('/\.min$/', '', $pathInfo['filename']);
+		$file->keyName = implode('.', array($file->fileNameNoExt, $file->fileExtension));
 
-		// Remove .min
-		$file->fileNameNoExt = preg_replace("/\.min$/", '', $file->fileNameNoExt);
-		$file->fileName = $file->keyName = "{$file->fileNameNoExt}.{$file->fileExtension}";
-
-		// if no debug mode load minified file
-		if(!__DEBUG__)
+		if(strpos($file->filePath, '://') === FALSE)
 		{
-			$tmp = "{$file->fileNameNoExt}.min.{$file->fileExtension}";
-			if(file_exists("{$file->fileRealPath}/{$tmp}"))
+			if(!__DEBUG__)
 			{
-				$file->fileName = $tmp;
-				$file->useMin = TRUE;
+				// if no debug mode, load minifed file
+				$minifiedFileName = implode('.', array($file->fileNameNoExt, 'min', $file->fileExtension));
+				$minifiedRealPath = implode('/', array($file->fileRealPath, $minifiedFileName));
+				if(file_exists($minifiedRealPath))
+				{
+					$file->fileName = $minifiedFileName;
+				}
+			}
+			else
+			{
+				// Remove .min
+				if(file_exists(implode('/', array($file->fileRealPath, $file->keyName))))
+				{
+					$file->fileName = $file->keyName;
+				}
 			}
-		}
 
-		if(!$file->useMin && !file_exists("{$file->fileRealPath}/{$file->fileName}"))
-		{
-			$file->fileName = "{$file->fileNameNoExt}.min.{$file->fileExtension}";
-		}
-
-		if(strpos($file->filePath, '://') == false)
-		{
 			$file->useCdn = $useCdn;
 			$file->cdnPath = $this->_normalizeFilePath($pathInfo['dirname']);
 			$file->cdnPrefix = $cdnPrefix;
@@ -132,25 +133,25 @@ class FrontEndFileHandler extends Handler
 		}
 
 		$availableExtension = array('css'=>1, 'js'=>1);
-		if(!isset($availableExtension[$file->fileExtension])) return;
+		if (!isset($availableExtension[$file->fileExtension])) return;
 
 		$file->targetIe = $args[2];
 		$file->index = (int)$args[3];
 
-		if($file->fileExtension == 'css')
+		if ($file->fileExtension == 'css')
 		{
 			$file->media = $args[1];
-			if(!$file->media) $file->media = 'all';
+			if (!$file->media) $file->media = 'all';
 			$map = &$this->cssMap;
 			$mapIndex = &$this->cssMapIndex;
 			$key = $file->filePath . $file->keyName . "\t" . $file->targetIe . "\t" . $file->media;
 
 			$this->_arrangeCssIndex($pathInfo['dirname'], $file);
 		}
-		else if($file->fileExtension == 'js')
+		else if ($file->fileExtension == 'js')
 		{
 			$type = $args[1];
-			if($type == 'body')
+			if ($type == 'body')
 			{
 				$map = &$this->jsBodyMap;
 				$mapIndex = &$this->jsBodyMapIndex;
@@ -164,7 +165,7 @@ class FrontEndFileHandler extends Handler
 		}
 
 		(is_null($file->index))?$file->index=0:$file->index=$file->index;
-		if(!isset($map[$file->index][$key]) || $mapIndex[$key] > $file->index)
+		if (!isset($map[$file->index][$key]) || $mapIndex[$key] > $file->index)
 		{
 			$this->unloadFile($args[0], $args[2], $args[1]);
 			$map[$file->index][$key] = $file;
@@ -188,7 +189,7 @@ class FrontEndFileHandler extends Handler
 		$fileExtension = strtolower($pathInfo['extension']);
 		$key = $filePath . $fileName . "\t" . $targetIe;
 
-		if($fileExtension == 'css')
+		if ($fileExtension == 'css')
 		{
 			if(empty($media))
 			{
@@ -196,7 +197,7 @@ class FrontEndFileHandler extends Handler
 			}
 
 			$key .= "\t" . $media;
-			if(isset($this->cssMapIndex[$key]))
+			if (isset($this->cssMapIndex[$key]))
 			{
 				$index = $this->cssMapIndex[$key];
 				unset($this->cssMap[$index][$key]);
@@ -205,13 +206,13 @@ class FrontEndFileHandler extends Handler
 		}
 		else
 		{
-			if(isset($this->jsHeadMapIndex[$key]))
+			if (isset($this->jsHeadMapIndex[$key]))
 			{
 				$index = $this->jsHeadMapIndex[$key];
 				unset($this->jsHeadMap[$index][$key]);
 				unset($this->jsHeadMapIndex[$key]);
 			}
-			if(isset($this->jsBodyMapIndex[$key]))
+			if (isset($this->jsBodyMapIndex[$key]))
 			{
 				$index = $this->jsBodyMapIndex[$key];
 				unset($this->jsBodyMap[$index][$key]);
@@ -228,13 +229,13 @@ class FrontEndFileHandler extends Handler
 	 */
 	function unloadAllFiles($type = 'all')
 	{
-		if($type == 'css' || $type == 'all')
+		if ($type == 'css' || $type == 'all')
 		{
 			$this->cssMap = array();
 			$this->cssMapIndex = array();
 		}
 
-		if($type == 'js' || $type == 'all')
+		if ($type == 'js' || $type == 'all')
 		{
 			$this->jsHeadMap = array();
 			$this->jsBodyMap = array();
@@ -263,7 +264,7 @@ class FrontEndFileHandler extends Handler
 		{
 			foreach($indexedMap as $file)
 			{
-				if($this->isSsl() == false && $useCdn == 'Y' && $file->useCdn && $file->cdnVersion != '%__XE_CDN_VERSION__%')
+				if ($this->isSsl() == false && $useCdn == 'Y' && $file->useCdn && $file->cdnVersion != '%__XE_CDN_VERSION__%')
 				{
 					$fullFilePath = $file->cdnPrefix . $file->cdnVersion . '/' . substr($file->cdnPath, 2) . '/' . $file->fileName;
 				}
@@ -287,7 +288,7 @@ class FrontEndFileHandler extends Handler
 	 */
 	function getJsFileList($type = 'head')
 	{
-		if($type == 'head')
+		if ($type == 'head')
 		{
 			$map = &$this->jsHeadMap;
 			$mapIndex = &$this->jsHeadMapIndex;
@@ -308,7 +309,7 @@ class FrontEndFileHandler extends Handler
 		{
 			foreach($indexedMap as $file)
 			{
-				if($this->isSsl() == false && $useCdn == 'Y' && $file->useCdn && $file->cdnVersion != '%__XE_CDN_VERSION__%')
+				if ($this->isSsl() == false && $useCdn == 'Y' && $file->useCdn && $file->cdnVersion != '%__XE_CDN_VERSION__%')
 				{
 					$fullFilePath = $file->cdnPrefix . $file->cdnVersion . '/' . substr($file->cdnPath, 2) . '/' . $file->fileName;
 				}
@@ -344,7 +345,7 @@ class FrontEndFileHandler extends Handler
 	 */
 	function _normalizeFilePath($path)
 	{
-		if(strpos($path, '://') === false && $path{0} != '/' && $path{0} != '.')
+		if (strpos($path, '://') === false && $path{0} != '/' && $path{0} != '.')
 		{
 			$path = './' . $path;
 		}
@@ -371,7 +372,7 @@ class FrontEndFileHandler extends Handler
 
 		if(strpos($path, './') === 0)
 		{
-			if(dirname($_SERVER['SCRIPT_NAME']) == '/' || dirname($_SERVER['SCRIPT_NAME']) == '\\')
+			if (dirname($_SERVER['SCRIPT_NAME']) == '/' || dirname($_SERVER['SCRIPT_NAME']) == '\\')
 			{
 				$path = '/' . substr($path, 2);
 			}
diff --git a/classes/module/ModuleHandler.class.php b/classes/module/ModuleHandler.class.php
index 529e1ed3e..7de235eba 100644
--- a/classes/module/ModuleHandler.class.php
+++ b/classes/module/ModuleHandler.class.php
@@ -38,6 +38,14 @@
                 $this->act = Context::get('act');
                 return;
             }
+
+			$oContext = Context::getInstance();
+			if($oContext->isSuccessInit == false)
+			{
+				$this->error = 'msg_invalid_request';
+				return;
+			}
+
             // Set variables from request arguments
             $this->module = $module?$module:Context::get('module');
             $this->act    = $act?$act:Context::get('act');
diff --git a/classes/security/EmbedFilter.class.php b/classes/security/EmbedFilter.class.php
index 88c220258..92fcdf096 100644
--- a/classes/security/EmbedFilter.class.php
+++ b/classes/security/EmbedFilter.class.php
@@ -3,6 +3,16 @@ include _XE_PATH_ . 'classes/security/phphtmlparser/src/htmlparser.inc';
 
 class EmbedFilter
 {
+	/**
+	 * allow script access list
+	 * @var array
+	 */
+	var $allowscriptaccessList = array();
+	/**
+	 * allow script access key
+	 * @var int
+	 */
+	var $allowscriptaccessKey = 0;
 	var $whiteUrlXmlFile = './classes/security/conf/embedWhiteUrl.xml';
 	var $whiteUrlCacheFile = './files/cache/embedfilter/embedWhiteUrl.php';
 	var $whiteUrlList = array();
@@ -285,6 +295,9 @@ class EmbedFilter
 	 */
 	function check(&$content)
 	{
+		$content = preg_replace_callback('/<(object|param|embed)[^>]*/is', array($this, '_checkAllowScriptAccess'), $content);
+		$content = preg_replace_callback('/<object[^>]*>/is', array($this, '_addAllowScriptAccess'), $content);
+
 		$this->checkObjectTag($content);
 		$this->checkEmbedTag($content);
 		$this->checkIframeTag($content);
@@ -543,6 +556,49 @@ class EmbedFilter
 		return false;
 	}
 
+	function _checkAllowScriptAccess($m)
+	{
+		if($m[1] == 'object')
+		{
+			$this->allowscriptaccessList[] = 1;
+		}
+
+		if($m[1] == 'param')
+		{
+			if(strpos(strtolower($m[0]), 'allowscriptaccess'))
+			{
+				$m[0] = '<param name="allowscriptaccess" value="never"';
+				if(substr($m[0], -1) == '/')
+				{
+					$m[0] .= '/';
+				}
+				$this->allowscriptaccessList[count($this->allowscriptaccessList)-1]--;
+			}
+		}
+		else if($m[1] == 'embed')
+		{
+			if(strpos(strtolower($m[0]), 'allowscriptaccess'))
+			{
+				$m[0] = preg_replace('/always|samedomain/i', 'never', $m[0]);
+			}
+			else
+			{
+				$m[0] = preg_replace('/\<embed/i', '<embed allowscriptaccess="never"', $m[0]);
+			}
+		}
+		return $m[0];
+	}
+
+	function _addAllowScriptAccess($m)
+	{
+		if($this->allowscriptaccessList[$this->allowscriptaccessKey] == 1)
+		{
+			$m[0] = $m[0].'<param name="allowscriptaccess" value="never"></param>';
+		}
+		$this->allowscriptaccessKey++;
+		return $m[0];
+	}
+
 	/**
 	 * Make white domain list cache file from xml config file.
 	 * @return void
diff --git a/classes/xml/XmlQueryParser.150.class.php b/classes/xml/XmlQueryParser.150.class.php
index 226251a57..3c90600b0 100644
--- a/classes/xml/XmlQueryParser.150.class.php
+++ b/classes/xml/XmlQueryParser.150.class.php
@@ -1,4 +1,8 @@
 <?php
+/**
+ * File containing the XE 1.5 XmlQueryParserClass
+ */
+
 if(!defined('__XE_LOADED_XML_CLASS__'))
 {
 	define('__XE_LOADED_XML_CLASS__', 1);
@@ -30,13 +34,12 @@ if(!defined('__XE_LOADED_XML_CLASS__'))
 }
 
 /**
- * New XmlQueryParser class
- * @author NHN (developers@xpressengine.com)
- * @brief case to parse XE xml query
- * @version 0.1
+ * New XmlQueryParser class  <br />
+ * Parses XE XML query files
  *
- * @todo need to support extend query such as subquery, union
- * @todo include info about column types for parsing user input
+ * @author Corina Udrescu (corina.udrescu@arnia.ro)
+ * @package classes\xml
+ * @version 0.1
  */
 class XmlQueryParser extends XmlParser
 {
@@ -50,11 +53,12 @@ class XmlQueryParser extends XmlParser
 
 	/**
 	 * Create XmlQueryParser instance for Singleton
+	 *
 	 * @return XmlQueryParser object
 	 */
 	function &getInstance()
 	{
-		static $theInstance = null;
+		static $theInstance = NULL;
 		if(!isset($theInstance))
 		{
 			$theInstance = new XmlQueryParser();
@@ -63,9 +67,16 @@ class XmlQueryParser extends XmlParser
 	}
 
 	/**
+	 * Parses an XML query file
+	 *
 	 * 1. Read xml file<br />
 	 * 2. Check the action<br />
-	 * 3. Parsing and write a cache file<br />
+	 * 3. Parse and write cache file <br />
+	 *
+	 * @param $query_id
+	 * @param $xml_file
+	 * @param $cache_file
+	 *
 	 * @return QueryParser object
 	 */
 	function &parse_xml_query($query_id, $xml_file, $cache_file)
@@ -85,8 +96,13 @@ class XmlQueryParser extends XmlParser
 	}
 
 	/**
-	 * Query XML file parsing
-	 * @return QueryParser object
+	 * Override for parent "parse" method
+	 *
+	 * @param null $query_id
+	 * @param null $xml_file
+	 * @param null $cache_file
+	 *
+	 * @return void
 	 */
 	function parse($query_id = NULL, $xml_file = NULL, $cache_file = NULL)
 	{
@@ -94,8 +110,11 @@ class XmlQueryParser extends XmlParser
 	}
 
 	/**
-	 * Return XML file content
-	 * @return array|NULL Returns a resultant data object or NULL in case of error
+	 * Returns XML file contents as an object
+	 * or NULL in case of error
+	 *
+	 * @param $xml_file
+	 * @return array|NULL
 	 */
 	function getXmlFileContent($xml_file)
 	{
diff --git a/classes/xml/xmlquery/DBParser.class.php b/classes/xml/xmlquery/DBParser.class.php
index 86df40bf3..53184e5d1 100644
--- a/classes/xml/xmlquery/DBParser.class.php
+++ b/classes/xml/xmlquery/DBParser.class.php
@@ -1,33 +1,59 @@
 <?php
 /**
- * DBParser class
- * @author NHN (developers@xpressengine.com)
- * @package /classes/xml/xmlquery
+ * File containing the DBParser class
+ */
+/**
+ * Escapes query statements: <br />
+ *  - column names: member.member_srl =&gt; "member"."member_srl" <br />
+ *  - expressions: SUM(member.member_srl) =&gt; SUM("member"."member_srl") <br />
+ *
+ * @author Corina Udrescu (corina.udrescu@arnia.ro)
+ * @package classes\xml\xmlquery
  * @version 0.1
  */
 class DBParser
 {
 	/**
 	 * Character for escape target value on the left
+	 *
+	 * For example, in CUBRID left and right escape
+	 * chars are the same, the double quote - "  <br />
+	 * But for SQL Server, the escape is made with
+	 * [double brackets], so the left and right char differ
+	 *
+	 *
 	 * @var string
 	 */
 	var $escape_char_left;
+
 	/**
 	 * Character for escape target value on the right
+	 *
+	 * For example, in CUBRID left and right escape
+	 * chars are the same, the double quote - "   <br />
+	 * But for SQL Server, the escape is made with
+	 * [double brackets], so the left and right char differ
+	 *
 	 * @var string
 	 */
 	var $escape_char_right;
+
 	/**
 	 * Table prefix string
+	 *
+	 * Default is "xe_"
+	 *
 	 * @var string
 	 */
 	var $table_prefix;
 
 	/**
-	 * constructor
+	 * Constructor
+	 *
 	 * @param string $escape_char_left
 	 * @param string $escape_char_right
 	 * @param string $table_prefix
+	 *
 	 * @return void
 	 */
 	function DBParser($escape_char_left,  $escape_char_right = "", $table_prefix = "xe_")
@@ -40,6 +66,7 @@ class DBParser
 
 	/**
 	 * Get escape character
+	 *
 	 * @param string $leftOrRight left or right
 	 * @return string
 	 */
@@ -50,17 +77,19 @@ class DBParser
 	}
 
 	/**
-	 * escape the value
+	 * Escape the value
+	 *
 	 * @param mixed $name
 	 * @return string
 	 */
 	function escape($name)
 	{
 		return $this->escape_char_left . $name . $this->escape_char_right;
-	}		
+	}
 
 	/**
-	 * escape the string value
+	 * Escape the string value
+	 *
 	 * @param string $name
 	 * @return string
 	 */
@@ -70,7 +99,8 @@ class DBParser
 	}
 
 	/**
-	 * escape the string value
+	 * Escape the string value
+	 *
 	 * @param string $value
 	 * @return string
 	 */
@@ -83,7 +113,9 @@ class DBParser
 
 	/**
 	 * Return table full name
+	 *
 	 * @param string $name table name without table prefix
+	 *
 	 * @return string table full name with table prefix
 	 */
 	function parseTableName($name)
@@ -92,8 +124,10 @@ class DBParser
 	}
 
 	/**
-	 * Return colmun name after escape
+	 * Return column name after escape
+	 *
 	 * @param string $name column name before escape
+	 *
 	 * @return string column name after escape
 	 */
 	function parseColumnName($name)
@@ -102,7 +136,8 @@ class DBParser
 	}
 
 	/**
-	 * Escape column
+	 * Escape column name
+	 *
 	 * @param string $column_name
 	 * @return string column name with db name
 	 */
@@ -120,27 +155,53 @@ class DBParser
 	}
 
 	/**
-	 * Column name is suitable for use in checking
+	 * Checks to see if a given column name is unqualified
+	 *
+	 * Ex: "member_srl"           -> unqualified <br />
+	 *     "member"."member_srl"  -> qualified
+	 *
 	 * @param string $column_name
 	 * @return bool
 	 */
 	function isUnqualifiedColumnName($column_name)
 	{
-		if(strpos($column_name,'.')===false && strpos($column_name,'(')===false) return true;
-		return false;	
+		if(strpos($column_name,'.')===FALSE && strpos($column_name,'(')===FALSE) return TRUE;
+		return FALSE;
 	}
 
 	/**
-	 * Column name is suitable for use in checking
+	 * Checks to see if a given column name is qualified
+	 *
+	 * Ex: "member_srl"           -> unqualified <br />
+	 *     "member"."member_srl"  -> qualified
+	 *
 	 * @param string $column_name
 	 * @return bool
 	 */
 	function isQualifiedColumnName($column_name)
 	{
-		if(strpos($column_name,'.')!==false && strpos($column_name,'(')===false) return true;
-		return false;		
+		if(strpos($column_name,'.')!==FALSE && strpos($column_name,'(')===FALSE) return TRUE;
+		return FALSE;
 	}
 
+	/**
+	 * Escapes a query expression
+	 *
+	 * An expression can be: <br />
+	 * <ul>
+	 *  <li> a column name: "member_srl" or "xe_member"."member_srl"
+	 *  <li> an expression:
+	 *     <ul>
+	 *        <li> LEFT(UPPER("content")) <br />
+	 *        <li> readed_count + voted_count <br />
+	 *        <li> CAST(regdate as DATE) </li>
+	 *     </ul>
+	 *  </li>
+	 * </ul>
+	 *
+	 * @param $column_name
+	 * @return string
+	 */
 	function parseExpression($column_name)
 	{
 		$functions = preg_split('/([\+\-\*\/\ ])/', $column_name, -1, PREG_SPLIT_DELIM_CAPTURE|PREG_SPLIT_NO_EMPTY);
@@ -156,45 +217,47 @@ class DBParser
 			{
 				$match = &$matches[$i];
 				if($match == '(') {$brackets++; continue;}
-				if(strpos($match,')') !== false) continue;
+				if(strpos($match,')') !== FALSE) continue;
 				if(in_array($match, array(',', '.'))) continue;
 				if($brackets == $total_brackets)
 				{
-					if(!is_numeric($match))
+					if(!is_numeric($match) && !in_array(strtoupper($match), array('UNSIGNED', 'INTEGER', 'AS')))
 					{
 						$match = $this->escapeColumnExpression($match);	
 					}
 				}
 			}
 			$function = implode('', $matches);
-		}	
-		return implode('', $functions);				
+		}
+		return implode('', $functions);
 	}
 
-	/*
-	 * Checks argument is asterisk
+	/**
+	 * Checks if a given argument is an asterisk
+	 *
 	 * @param string $column_name
 	 * @return bool
 	 */
 	function isStar($column_name)
 	{
-		if(substr($column_name,-1) == '*') return true;
-		return false;
+		if(substr($column_name,-1) == '*') return TRUE;
+		return FALSE;
 	}
 
-	/*
+	/**
 	 * Checks to see if expression is an aggregate star function
 	 * like count(*)
+	 *
 	 * @param string $column_name
 	 * @return bool
 	 */
 	function isStarFunction($column_name)
 	{
-		if(strpos($column_name, "(*)")!==false) return true;
-		return false;
+		if(strpos($column_name, "(*)")!==FALSE) return TRUE;
+		return FALSE;
 	}
 
-	/*
+	/**
 	 * Return column name after escape
 	 * @param string $column_name
 	 * @return string
@@ -206,9 +269,9 @@ class DBParser
 		{
 			return $column_name;
 		}
-		if(strpos(strtolower($column_name), 'distinct') !== false) return $column_name;
-		return $this->escapeColumn($column_name);			
-	}				
+		if(strpos(strtolower($column_name), 'distinct') !== FALSE) return $column_name;
+		return $this->escapeColumn($column_name);
+	}
 }
 /* End of file DBParser.class.php */
 /* Location: ./classes/xml/xmlquery/DBParser.class.php */
diff --git a/classes/xml/xmlquery/QueryParser.class.php b/classes/xml/xmlquery/QueryParser.class.php
index d34f681fe..6ab74b0b5 100644
--- a/classes/xml/xmlquery/QueryParser.class.php
+++ b/classes/xml/xmlquery/QueryParser.class.php
@@ -1,32 +1,46 @@
 <?php
 /**
- * QueryParser class
- * @author NHN (developers@xpressengine.com)
- * @package /classes/xml/xmlquery
+ * File containing the QueryParser class
+ */
+/**
+ * Parses an XML Object and returns a string used for generating the PHP cache file <br />
+ * The XML Object structure must be the one defined in the XmlParser class
+ *
+ * @author Corina Udrescu (corina.udrescu@arnia.ro)
+ * @package classes\xml\xmlquery
  * @version 0.1
  */
 class QueryParser
 {
+
 	/**
-	 * QueryTag object
+	 * Property containing the associated QueryTag object
+	 *
 	 * @var QueryTag object
 	 */
 	var $queryTag;
 
 	/**
-	 * constructor
-	 * @param object $query
+	 * Constructor
+	 *
+	 * @param object $query XML object obtained after reading the XML Query file
 	 * @param bool $isSubQuery
 	 * @return void
 	 */
-	function QueryParser($query = NULL, $isSubQuery = false)
+	function QueryParser($query = NULL, $isSubQuery = FALSE)
 	{
 		if($query)
+		{
 			$this->queryTag = new QueryTag($query, $isSubQuery);
+		}
 	}
 
 	/**
-	 * Return table information
+	 * Returns table information
+	 *
+	 * Used for finding column type info (string/numeric) <br />
+	 * Obtains the table info from XE's XML schema files
+	 *
 	 * @param object $query_id
 	 * @param bool $table_name
 	 * @return array
@@ -90,7 +104,8 @@ class QueryParser
 	}
 
 	/**
-	 * Change code string from queryTag object
+	 * Returns the contents for the query cache file
+	 *
 	 * @return string
 	 */
 	function toString()
diff --git a/classes/xml/xmlquery/argument/Argument.class.php b/classes/xml/xmlquery/argument/Argument.class.php
index 490d2d2e2..5898a191d 100644
--- a/classes/xml/xmlquery/argument/Argument.class.php
+++ b/classes/xml/xmlquery/argument/Argument.class.php
@@ -109,6 +109,7 @@ class Argument
 
 	function getUnescapedValue()
 	{
+		if($this->value === 'null') return null;
 		return $this->value;
 	}
 
@@ -228,8 +229,10 @@ class Argument
 	function isColumnName()
 	{
 		$type = $this->getType();
+		$value = $this->getUnescapedValue();
 		if($type == 'column_name') return true;
-		if($type == 'number' && !is_numeric($this->value) && $this->uses_default_value) return true;
+		if($type == 'number' && is_null($value)) return false;
+		if($type == 'number' && !is_numeric($value) && $this->uses_default_value) return true;
 		return false;
 	}
 
diff --git a/classes/xml/xmlquery/tags/column/ColumnTag.class.php b/classes/xml/xmlquery/tags/column/ColumnTag.class.php
index 13f14608c..f2906998a 100644
--- a/classes/xml/xmlquery/tags/column/ColumnTag.class.php
+++ b/classes/xml/xmlquery/tags/column/ColumnTag.class.php
@@ -1,13 +1,12 @@
 <?php
 /**
- * ColumnTag class
- * Models the <column> tag inside an XML Query file
- * Since the <column> tag supports different attributes depending on
+ * Models the &lt;column&gt; tag inside an XML Query file <br />
+ * Since the &lt;column&gt; tag supports different attributes depending on
  * the type of query (select, update, insert, delete) this is only
- * the base class for the classes that will model each type <column> tag. 
+ * the base class for the classes that will model each type <column> tag.
  *
- * @author Arnia Software
- * @package /classes/xml/xmlquery/tags/column
+ * @author Corina Udrescu (corina.udrescu@arnia.ro)
+ * @package classes\xml\xmlquery\tags\column
  * @version 0.1
  */
 class ColumnTag
@@ -19,7 +18,7 @@ class ColumnTag
 	var $name;
 
 	/**
-	 * constructor
+	 * Constructor
 	 * @param string $name
 	 * @return void
 	 */
diff --git a/classes/xml/xmlquery/tags/column/InsertColumnTag.class.php b/classes/xml/xmlquery/tags/column/InsertColumnTag.class.php
index 6ebff8bb4..b43a223eb 100644
--- a/classes/xml/xmlquery/tags/column/InsertColumnTag.class.php
+++ b/classes/xml/xmlquery/tags/column/InsertColumnTag.class.php
@@ -1,23 +1,25 @@
 <?php
 /**
- * InsertColumnTag
- * Models the <column> tag inside an XML Query file whose action is 'insert'
+ * Models the &lt;column&gt; tag inside an XML Query file whose action is 'insert'
  *
- * @author Arnia Software
- * @package /classes/xml/xmlquery/tags/column
+ * @author Corina Udrescu (corina.udrescu@arnia.ro)
+ * @package classes\xml\xmlquery\tags\column
  * @version 0.1
  */
 class InsertColumnTag extends ColumnTag
 {
 	/**
-	 * argument
+	 * Argument
+	 *
 	 * @var QueryArgument object
 	 */
 	var $argument;
 
 	/**
-	 * constructor
+	 * Constructor
+	 *
 	 * @param object $column
+	 *
 	 * @return void
 	 */
 	function InsertColumnTag($column)
@@ -28,6 +30,13 @@ class InsertColumnTag extends ColumnTag
 		$this->argument = new QueryArgument($column);
 	}
 
+	/**
+	 * Returns the string to be output in the cache file
+	 * used for instantiating an InsertExpression when a
+	 * query is executed
+	 *
+	 * @return string
+	 */
 	function getExpressionString()
 	{
 		return sprintf('new InsertExpression(\'%s\', ${\'%s_argument\'})'
@@ -35,6 +44,11 @@ class InsertColumnTag extends ColumnTag
 			, $this->argument->argument_name);
 	}
 
+	/**
+	 * Returns the QueryArgument object associated with this INSERT statement
+	 *
+	 * @return QueryArgument
+	 */
 	function getArgument()
 	{
 		return $this->argument;
diff --git a/classes/xml/xmlquery/tags/column/InsertColumnTagWithoutArgument.class.php b/classes/xml/xmlquery/tags/column/InsertColumnTagWithoutArgument.class.php
index ead87944b..1cf205409 100644
--- a/classes/xml/xmlquery/tags/column/InsertColumnTagWithoutArgument.class.php
+++ b/classes/xml/xmlquery/tags/column/InsertColumnTagWithoutArgument.class.php
@@ -1,16 +1,16 @@
 <?php
 /**
- * InsertColumnTagWithoutArgument
- * Models the <column> tag inside an XML Query file whose action is 'insert-select'
+ * Models the &lt;column&gt; tag inside an XML Query file whose action is 'insert-select'
  *
- * @author Arnia Software
- * @package /classes/xml/xmlquery/tags/column
+ * @author Corina Udrescu (corina.udrescu@arnia.ro)
+ * @package classes\xml\xmlquery\tags\column
  * @version 0.1
  */
 class InsertColumnTagWithoutArgument extends ColumnTag
 {
 	/**
-	 * constructor
+	 * Constructor
+	 *
 	 * @param object $column
 	 * @return void
 	 */
@@ -21,14 +21,24 @@ class InsertColumnTagWithoutArgument extends ColumnTag
 		$this->name = $dbParser->parseColumnName($this->name);
 	}
 
+	/**
+	 * Returns the string to be output in the cache file
+	 *
+	 * @return string
+	 */
 	function getExpressionString()
 	{
 		return sprintf('new Expression(\'%s\')', $this->name);
 	}
 
+	/**
+	 * Returns the QueryArgument object associated with this INSERT statement
+	 *
+	 * @return null
+	 */
 	function getArgument()
 	{
-		return null;
+		return NULL;
 	}
 
 }
diff --git a/classes/xml/xmlquery/tags/column/InsertColumnsTag.class.php b/classes/xml/xmlquery/tags/column/InsertColumnsTag.class.php
index 1fb19643e..98f26d68f 100644
--- a/classes/xml/xmlquery/tags/column/InsertColumnsTag.class.php
+++ b/classes/xml/xmlquery/tags/column/InsertColumnsTag.class.php
@@ -1,22 +1,23 @@
 <?php
 /**
- * InsertColumnsTag class
- * Models the <column> tag inside an XML Query file whose action is 'insert'
+ * Models the &lt;columns&gt; tag inside an XML Query file whose action is 'insert'
  *
- * @author Arnia Software
- * @package /classes/xml/xmlquery/tags/column
+ * @author Corina Udrescu (corina.udrescu@arnia.ro)
+ * @package classes\xml\xmlquery\tags\column
  * @version 0.1
  */
 class InsertColumnsTag
 {
 	/**
 	 * Column list
+	 *
 	 * @var array value is InsertColumnTag object
 	 */
 	var $columns;
 
 	/**
-	 * constructor
+	 * Constructor
+	 *
 	 * @param array|string $xml_columns
 	 * @return void
 	 */
@@ -39,6 +40,7 @@ class InsertColumnsTag
 
 	/**
 	 * InsertColumnTag object to string
+	 *
 	 * @return string
 	 */
 	function toString()
@@ -55,6 +57,7 @@ class InsertColumnsTag
 
 	/**
 	 * Return argument list
+	 *
 	 * @return array
 	 */
 	function getArguments()
diff --git a/classes/xml/xmlquery/tags/column/SelectColumnTag.class.php b/classes/xml/xmlquery/tags/column/SelectColumnTag.class.php
index abf314df0..2295d88bf 100644
--- a/classes/xml/xmlquery/tags/column/SelectColumnTag.class.php
+++ b/classes/xml/xmlquery/tags/column/SelectColumnTag.class.php
@@ -1,27 +1,30 @@
 <?php
 /**
- * SelectColumnTag
- * Models the <column> tag inside an XML Query file whose action is 'select'
+ * Models the &lt;column&gt; tag inside an XML Query file whose action is 'select'
  *
- * @author Arnia Software
- * @package /classes/xml/xmlquery/tags/column
+ * @author Corina Udrescu (corina.udrescu@arnia.ro)
+ * @package classes\xml\xmlquery\tags\column
  * @version 0.1
  */
 class SelectColumnTag extends ColumnTag
 {
 	/**
-	 * alias
+	 * Column alias
+	 *
 	 * @var string
 	 */
 	var $alias;
+
 	/**
-	 * click count status
+	 * Click count status
+	 *
 	 * @var bool
 	 */
 	var $click_count;
 
 	/**
-	 * constructor
+	 * Constructor
+	 *
 	 * @param string|object $column
 	 * @return void
 	 */
@@ -43,15 +46,27 @@ class SelectColumnTag extends ColumnTag
 		}
 	}
 
+	/**
+	 * Returns the string to be output in the cache file
+	 *
+	 * A select column tag in an XML query can be used for:
+	 * <ul>
+	 *   <li> a star expression: SELECT *
+	 *   <li> a click count expression: SELECT + UPDATE
+	 *   <li> any other select expression (column name, function call etc). </li>
+	 * </ul>
+	 *
+	 * @return string
+	 */
 	function getExpressionString()
 	{
 		if($this->name == '*') return "new StarExpression()";
 		if($this->click_count)
-			return sprintf('new ClickCountExpression(%s, %s, $args->%s)', $this->name, $this->alias,$this->click_count);
+			return sprintf('new ClickCountExpression(\'%s\', %s, $args->%s)', $this->name, $this->alias ? '\'' . $this->alias . '\'' : "''",$this->click_count);
 		if(strpos($this->name, '$') === 0)
 			return sprintf('new SelectExpression($args->%s)', substr($this->name, 1));
 		$dbParser = DB::getParser();
-		return sprintf('new SelectExpression(\'%s\'%s)', $this->name, $this->alias ? ', \''.$dbParser->escape($this->alias) .'\'': '');	
+		return sprintf('new SelectExpression(\'%s\'%s)', $this->name, $this->alias ? ', \''.$dbParser->escape($this->alias) .'\'': '');
 	}
 }
 /* End of file SelectColumnTag.class.php */
diff --git a/classes/xml/xmlquery/tags/column/SelectColumnsTag.class.php b/classes/xml/xmlquery/tags/column/SelectColumnsTag.class.php
index 9fb702234..c30a92664 100644
--- a/classes/xml/xmlquery/tags/column/SelectColumnsTag.class.php
+++ b/classes/xml/xmlquery/tags/column/SelectColumnsTag.class.php
@@ -1,22 +1,25 @@
 <?php
 /**
- * SelectColumnTag class
+ * Models the &lt;columns&gt; tag inside an XML Query file whose action is 'select'
  *
- * @author Arnia Software
- * @package /classes/xml/xmlquery/tags/column
+ * @author Corina Udrescu (corina.udrescu@arnia.ro)
+ * @package classes\xml\xmlquery\tags\column
  * @version 0.1
  */
 class SelectColumnsTag
 {
 	/**
 	 * Column list
+	 *
 	 * @var array value is SelectColumnTag object
 	 */
 	var $columns;
 
 	/**
-	 * constructor
-	 * @param Xml_Node_ $xml_columns
+	 * Constructor
+	 *
+	 * @param $xml_columns_tag
+	 * @internal param \Xml_Node_ $xml_columns
 	 * @return void
 	 */
 	function SelectColumnsTag($xml_columns_tag)
@@ -52,12 +55,13 @@ class SelectColumnsTag
 
 		foreach($xml_queries as $column)
 		{
-			$this->columns[] = new QueryTag($column, true);
+			$this->columns[] = new QueryTag($column, TRUE);
 		}
 	}
 
 	/**
-	 * SelectColumnTag object to string
+	 * Returns the string to be output in the cache file
+	 *
 	 * @return string
 	 */
 	function toString()
@@ -77,6 +81,7 @@ class SelectColumnsTag
 
 	/**
 	 * Return argument list
+	 *
 	 * @return array
 	 */
 	function getArguments()
diff --git a/classes/xml/xmlquery/tags/column/UpdateColumnTag.class.php b/classes/xml/xmlquery/tags/column/UpdateColumnTag.class.php
index 3831ac5b6..c80b93dbe 100644
--- a/classes/xml/xmlquery/tags/column/UpdateColumnTag.class.php
+++ b/classes/xml/xmlquery/tags/column/UpdateColumnTag.class.php
@@ -1,46 +1,55 @@
 <?php
 /**
- * UpdateColumnTag
- * Models the <column> tag inside an XML Query file whose action is 'update'
+ * Models the &lt;column&gt; tag inside an XML Query file whose action is 'update'
  *
- * @author Arnia Software
- * @package /classes/xml/xmlquery/tags/column
+ * @author Corina Udrescu (corina.udrescu@arnia.ro)
+ * @package classes\xml\xmlquery\tags\column
  * @version 0.1
  */
 class UpdateColumnTag extends ColumnTag
 {
 	/**
-	 * argument
+	 * Argument
+	 *
 	 * @var QueryArgument object
 	 */
 	var $argument;
+
 	/**
-	 * default value
+	 * Default value
+	 *
 	 * @var string
 	 */
 	var $default_value;
 
 	/**
-	 * constructor
+	 * Constructor
+	 *
 	 * @param object $column
 	 * @return void
 	 */
 	function UpdateColumnTag($column)
 	{
 		parent::ColumnTag($column->attrs->name);
+
 		$dbParser = DB::getParser();
 		$this->name = $dbParser->parseColumnName($this->name);
+
 		if($column->attrs->var)
 			$this->argument = new QueryArgument($column);
 		else
 		{
-			if(strpos($column->attrs->default, '.') !== false)
+			if(strpos($column->attrs->default, '.') !== FALSE)
+			{
 				$this->default_value = "'" . $dbParser->parseColumnName($column->attrs->default) . "'";
+			}
 			else
 			{
 				$default_value = new DefaultValue($this->name, $column->attrs->default);
 				if($default_value->isOperation())
-					$this->argument = new QueryArgument($column, true);
+				{
+					$this->argument = new QueryArgument($column, TRUE);
+				}
 				//else $this->default_value = $dbParser->parseColumnName($column->attrs->default);
 				else
 				{
@@ -58,6 +67,11 @@ class UpdateColumnTag extends ColumnTag
 		}
 	}
 
+	/**
+	 * Returns the string to be output in the cache file
+	 *
+	 * @return string
+	 */
 	function getExpressionString()
 	{
 		if($this->argument)
@@ -74,6 +88,11 @@ class UpdateColumnTag extends ColumnTag
 		}
 	}
 
+	/**
+	 * Returns the Argument associated with this update statement
+	 *
+	 * @return QueryArgument
+	 */
 	function getArgument()
 	{
 		return $this->argument;
diff --git a/classes/xml/xmlquery/tags/column/UpdateColumnsTag.class.php b/classes/xml/xmlquery/tags/column/UpdateColumnsTag.class.php
index 95915fecf..99f481983 100644
--- a/classes/xml/xmlquery/tags/column/UpdateColumnsTag.class.php
+++ b/classes/xml/xmlquery/tags/column/UpdateColumnsTag.class.php
@@ -1,23 +1,24 @@
 <?php
 /**
- * UpdateColumnsTag
- * Models the <column> tag inside an XML Query file whose action is 'update'
+ * Models the &lt;columns&gt; tag inside an XML Query file whose action is 'update'
  *
- * @author Arnia Software
- * @package /classes/xml/xmlquery/tags/column
+ * @author Corina Udrescu (corina.udrescu@arnia.ro)
+ * @package classes\xml\xmlquery\tags\column
  * @version 0.1
  */
 class UpdateColumnsTag
 {
 	/**
 	 * Column list
+	 *
 	 * @var array value is UpdateColumnTag object
 	 */
 	var $columns;
 
 	/**
-	 * constructor
-	 * @param array|string $xml_columns
+	 * Constructor
+	 *
+	 * @param array|object $xml_columns
 	 * @return void
 	 */
 	function UpdateColumnsTag($xml_columns)
@@ -34,7 +35,8 @@ class UpdateColumnsTag
 	}
 
 	/**
-	 * UpdateColumnTag object to string
+	 * Returns the string to be output in the cache file
+	 *
 	 * @return string
 	 */
 	function toString()
@@ -51,6 +53,7 @@ class UpdateColumnsTag
 
 	/**
 	 * Return argument list
+	 *
 	 * @return array
 	 */
 	function getArguments()
diff --git a/config/func.inc.php b/config/func.inc.php
index 9f0822f6b..26a0c0e78 100644
--- a/config/func.inc.php
+++ b/config/func.inc.php
@@ -845,7 +845,7 @@ function removeHackTag($content)
 	purifierHtml($content);
 
 	// change the specific tags to the common texts
-	$content = preg_replace('@<(\/?(?:html|body|head|title|meta|base|link|script|style|applet)(/*)[\w\s>])@i', '&lt;$1', $content);
+	$content = preg_replace('@<(\/?(?:html|body|head|title|meta|base|link|script|style|applet)(/*).*?>)@i', '&lt;$1', $content);
 
 	/**
 	 * Remove codes to abuse the admin session in src by tags of imaages and video postings
@@ -853,7 +853,7 @@ function removeHackTag($content)
 	 */
 	$content = preg_replace_callback('@<(/?)([a-z]+[0-9]?)((?>"[^"]*"|\'[^\']*\'|[^>])*?\b(?:on[a-z]+|data|style|background|href|(?:dyn|low)?src)\s*=[\s\S]*?)(/?)($|>|<)@i', 'removeSrcHack', $content);
 
-	// xmp tag ?•ì�¸ ë°?추ê?
+	// xmp tag ?뺤씤 è«??°ë¶½?
 	$content = checkXmpTag($content);
 	return $content;
 }
@@ -887,7 +887,7 @@ function removeSrcHack($match)
 {
 	$tag = strtolower($match[2]);
 
-	// xmp tag ?•ë¦¬
+	// xmp tag ?뺣�
 	if($tag=='xmp') return "<{$match[1]}xmp>";
 	if($match[1]) return $match[0];
 	if($match[4]) $match[4] = ' '.$match[4];
@@ -1223,6 +1223,38 @@ function requirePear()
 	}
 }
 
+	function checkCSRF()
+	{
+		if($_SERVER['REQUEST_METHOD'] != 'POST')
+		{
+			return false;
+		}
+
+		$defaultUrl = Context::getDefaultUrl();
+		$referer = parse_url($_SERVER["HTTP_REFERER"]);
+
+		$oModuleModel = &getModel('module');
+		$siteModuleInfo = $oModuleModel->getDefaultMid();
+
+		if($siteModuleInfo->site_srl == 0)
+		{
+			if(!strstr(strtolower($defaultUrl), strtolower($referer['host'])))
+			{
+				return false;
+			}
+		}
+		else
+		{
+			$virtualSiteInfo = $oModuleModel->getSiteInfo($siteModuleInfo->site_srl);
+			if(strtolower($virtualSiteInfo->domain) != strtolower(Context::get('vid'))  && !strstr(strtolower($virtualSiteInfo->domain), strtolower($referer['host'])))
+			{
+				return false;
+			}
+		}
+
+		return true;
+	}
+
 /**
  * Print raw html header
  *
diff --git a/layouts/xe_official/conf/info.xml b/layouts/xe_official/conf/info.xml
index ec6292084..1355aedce 100644
--- a/layouts/xe_official/conf/info.xml
+++ b/layouts/xe_official/conf/info.xml
@@ -210,7 +210,7 @@
             <title xml:lang="ge">Top Menü</title>
             <title xml:lang="ru">Верхнее меню</title>
             <title xml:lang="es">Menú Principal</title>
-	    	<title xml:lang="vi">Menu trên</title>
+            <title xml:lang="vi">Menu trên</title>
             <title xml:lang="tr">Ana Menü</title>
         </menu>
     </menus>
diff --git a/modules/comment/comment.item.php b/modules/comment/comment.item.php
index 85e962287..0ff09d931 100644
--- a/modules/comment/comment.item.php
+++ b/modules/comment/comment.item.php
@@ -353,7 +353,7 @@ class commentItem extends Object
 		if(!$this->get('uploaded_count')) return;
 
 		$oFileModel = &getModel('file');
-		$file_list = $oFileModel->getFiles($this->comment_srl, $is_admin);
+		$file_list = $oFileModel->getFiles($this->comment_srl, array(), 'file_srl', true);
 		return $file_list;
 	}
 
diff --git a/modules/document/document.admin.view.php b/modules/document/document.admin.view.php
index 502ed992b..d6bafabe8 100644
--- a/modules/document/document.admin.view.php
+++ b/modules/document/document.admin.view.php
@@ -62,6 +62,9 @@ class documentAdminView extends document
 		Context::set('status_name_list', $statusNameList);
 		Context::set('page_navigation', $output->page_navigation);
 
+		$oSecurity = new Security();
+		$oSecurity->encodeHTML('document_list..variables.');
+
 		// set a search option used in the template
 		$count_search_option = count($this->search_option);
 		for($i=0;$i<$count_search_option;$i++)
diff --git a/modules/document/document.controller.php b/modules/document/document.controller.php
index 870db351a..4db99cde7 100644
--- a/modules/document/document.controller.php
+++ b/modules/document/document.controller.php
@@ -184,6 +184,11 @@ class documentController extends document
 	 */
 	function insertDocument($obj, $manual_inserted = false, $isRestore = false, $isLatest = true)
 	{
+		if(!checkCSRF())
+		{
+			return new Object(-1, 'msg_invalid_request');
+		}
+
 		// begin transaction
 		$oDB = &DB::getInstance();
 		$oDB->begin();
@@ -327,6 +332,11 @@ class documentController extends document
 	 */
 	function updateDocument($source_obj, $obj)
 	{
+		if(!checkCSRF())
+		{
+			return new Object(-1, 'msg_invalid_request');
+		}
+
 		if(!$source_obj->document_srl || !$obj->document_srl) return new Object(-1,'msg_invalied_request');
 		if(!$obj->status && $obj->is_secret == 'Y') $obj->status = 'SECRET';
 		if(!$obj->status) $obj->status = 'PUBLIC';
@@ -1975,6 +1985,11 @@ class documentController extends document
 		set_time_limit(0);
 		if(!Context::get('is_logged')) return new Object(-1,'msg_not_permitted');
 
+		if(!checkCSRF())
+		{
+			return new Object(-1, 'msg_invalid_request');
+		}
+
 		$type = Context::get('type');
 		$target_module = Context::get('target_module');
 		$module_srl = Context::get('module_srl');
diff --git a/modules/document/document.item.php b/modules/document/document.item.php
index bdce923a1..46acfac95 100644
--- a/modules/document/document.item.php
+++ b/modules/document/document.item.php
@@ -754,7 +754,7 @@ class documentItem extends Object
 		if($this->get('uploaded_count'))
 		{
 			$oFileModel = &getModel('file');
-			$file_list = $oFileModel->getFiles($this->document_srl);
+			$file_list = $oFileModel->getFiles($this->document_srl, array(), 'file_srl', true);
 			if(count($file_list))
 			{
 				foreach($file_list as $file)
@@ -910,7 +910,7 @@ class documentItem extends Object
 		if(!$this->uploadedFiles[$sortIndex])
 		{
 			$oFileModel = &getModel('file');
-			$this->uploadedFiles[$sortIndex] = $oFileModel->getFiles($this->document_srl, array(), $sortIndex);
+			$this->uploadedFiles[$sortIndex] = $oFileModel->getFiles($this->document_srl, array(), $sortIndex, true);
 		}
 
 		return $this->uploadedFiles[$sortIndex];
diff --git a/modules/editor/tpl/js/uploader.js b/modules/editor/tpl/js/uploader.js
index f1a2d6f78..0e64fe10b 100755
--- a/modules/editor/tpl/js/uploader.js
+++ b/modules/editor/tpl/js/uploader.js
@@ -142,7 +142,7 @@ function _true(){ return true };
 
 defaultHandlers = {
 	onFileQueued : _true,
-	onFileQueueError : function(flie, errorCode, message) {
+	onFileQueueError : function(file, errorCode, message) {
 		try {
 			switch(errorCode) {
 				case SWFUpload.QUEUE_ERROR.QUEUE_LIMIT_EXCEEDED :
diff --git a/modules/file/file.model.php b/modules/file/file.model.php
index 269327242..c3624885b 100644
--- a/modules/file/file.model.php
+++ b/modules/file/file.model.php
@@ -188,10 +188,11 @@ class fileModel extends file
 	 * @param string $sortIndex The column that used as sort index
 	 * @return array Returns array of object that contains file information. If no result returns null.
 	 */
-	function getFiles($upload_target_srl, $columnList = array(), $sortIndex = 'file_srl')
+	function getFiles($upload_target_srl, $columnList = array(), $sortIndex = 'file_srl', $ckValid = false)
 	{
 		$args->upload_target_srl = $upload_target_srl;
 		$args->sort_index = $sortIndex;
+		if($ckValid) $args->isvalid = 'Y';
 		$output = executeQuery('file.getFiles', $args, $columnList);
 		if(!$output->data) return;
 
diff --git a/modules/file/queries/getFiles.xml b/modules/file/queries/getFiles.xml
index 66ef5e905..d0e326fb3 100644
--- a/modules/file/queries/getFiles.xml
+++ b/modules/file/queries/getFiles.xml
@@ -4,6 +4,7 @@
     </tables>
     <conditions>
         <condition operation="equal" column="upload_target_srl" var="upload_target_srl" filter="number" notnull="notnull" />
+		<condition operation="equal" column="isvalid" var="isvalid" pipe="and" />
     </conditions>
     <navigation>
         <index var="sort_index" defualt="source_filename" order="asc" />
diff --git a/modules/install/install.admin.controller.php b/modules/install/install.admin.controller.php
index 2a2c7ede7..c6063dee4 100644
--- a/modules/install/install.admin.controller.php
+++ b/modules/install/install.admin.controller.php
@@ -188,7 +188,7 @@ class installAdminController extends install
 		foreach($ftp_info as $key => $val)
 		{
 			if(!$val) continue;
-			if(preg_match('/(<\?|<\?php|\?>)/xsm', preg_replace('/\s/', '', $val)))
+			if(preg_match('/(<\?|<\?php|\?>|fputs|fopen|fwrite|fgets|fread|\/\*|\*\/|chr\()/xsm', preg_replace('/\s/', '', $val)))
 			{
 				continue;
 			}
diff --git a/modules/integration_search/skins/default/header.html b/modules/integration_search/skins/default/header.html
index 7fd8abccb..7b040e228 100644
--- a/modules/integration_search/skins/default/header.html
+++ b/modules/integration_search/skins/default/header.html
@@ -11,8 +11,6 @@
         <!--%import("white.css")-->
     <!--@end-->
 
-    <!--%import("is.js")-->
-
     <div id="spot">
         <form action="{getUrl()}" method="post" class="search" id="fo_is" no-error-return-url="true" >
             <input type="hidden" name="mid" value="{$mid}" />
diff --git a/modules/member/member.admin.controller.php b/modules/member/member.admin.controller.php
index e37856a8b..92977bb86 100644
--- a/modules/member/member.admin.controller.php
+++ b/modules/member/member.admin.controller.php
@@ -636,6 +636,18 @@ class memberAdminController extends member
 		{
 			$args->default_value = '';
 		}
+
+		// Check ID duplicated
+		$oMemberModel = &getModel('member');
+		$config = $oMemberModel->getMemberConfig();
+		foreach($config->signupForm as $item) 
+		{
+			if($item->name == $args->column_name)
+			{
+				if($args->member_join_form_srl && $args->member_join_form_srl == $item->member_join_form_srl) continue;
+				return new Object(-1,'msg_exists_user_id');
+			}
+		}
 		// Fix if member_join_form_srl exists. Add if not exists.
 		$isInsert;
 		if(!$args->member_join_form_srl)
diff --git a/modules/member/member.admin.model.php b/modules/member/member.admin.model.php
index 2c5269245..aee945e9a 100644
--- a/modules/member/member.admin.model.php
+++ b/modules/member/member.admin.model.php
@@ -265,6 +265,16 @@ class memberAdminModel extends member
 			Context::set('formInfo', $output->data);
 		}
 
+		$oMemberModel = &getModel('member');
+		$config = $oMemberModel->getMemberConfig();
+		foreach($config->signupForm as $item) 
+		{
+			$list[] = $item->name;
+		}
+
+		$id_list = implode(',',$list);
+		Context::set('id_list',$id_list);
+
 		$oTemplate = &TemplateHandler::getInstance();
 		$tpl = $oTemplate->compile($this->module_path.'tpl', 'insert_join_form');
 
diff --git a/modules/member/member.controller.php b/modules/member/member.controller.php
index 39259a6fa..cfd40f775 100644
--- a/modules/member/member.controller.php
+++ b/modules/member/member.controller.php
@@ -1072,7 +1072,7 @@ class memberController extends member
 		}
 		// Get content of the email to send a member
 		Context::set('auth_args', $auth_args);
-		Context::set('member_info', $member_info);
+		Context::set('memberInfo', $member_info);
 
 		$oModuleModel = &getModel('module');
 		$member_config = $oModuleModel->getModuleConfig('member');
@@ -1134,7 +1134,7 @@ class memberController extends member
 		if(!$output->data || !$output->data[0]->auth_key)  return new Object(-1, 'msg_invalid_request');
 		$auth_info = $output->data[0];
 		// Get content of the email to send a member
-		Context::set('member_info', $memberInfo);
+		Context::set('memberInfo', $memberInfo);
 		$oModuleModel = &getModel('module');
 		$member_config = $oModuleModel->getModuleConfig('member');
 		if(!$member_config->skin) $member_config->skin = "default";
diff --git a/modules/member/queries/getMemberInfoByEmailAddress.xml b/modules/member/queries/getMemberInfoByEmailAddress.xml
index 14ab0f645..3f672c07e 100644
--- a/modules/member/queries/getMemberInfoByEmailAddress.xml
+++ b/modules/member/queries/getMemberInfoByEmailAddress.xml
@@ -6,6 +6,6 @@
         <column name="*" />
     </columns>
     <conditions>
-        <condition operation="equal" column="email_address" var="email_address" notnull="notnull" />
+        <condition operation="equal" column="lower(email_address)" var="email_address" notnull="notnull" />
     </conditions>
 </query>
diff --git a/modules/member/tpl/insert_join_form.html b/modules/member/tpl/insert_join_form.html
index ca3218fac..e8765a448 100644
--- a/modules/member/tpl/insert_join_form.html
+++ b/modules/member/tpl/insert_join_form.html
@@ -1,3 +1,5 @@
+<input type="hidden" name="join_form_id_list" value="{$id_list}" />
+<input type="hidden" name="old_column_id" value="{$formInfo->column_name}" />
 	<input type="hidden" name="member_join_form_srl" value="{$formInfo->member_join_form_srl}" />
 	<div class="x_modal-header">
 		<h1>{$lang->cmd_input_extend_form}</h1>
diff --git a/modules/member/tpl/js/signup_config.js b/modules/member/tpl/js/signup_config.js
index 5fd78c499..d9bca0f2e 100644
--- a/modules/member/tpl/js/signup_config.js
+++ b/modules/member/tpl/js/signup_config.js
@@ -191,5 +191,18 @@ jQuery(function($){
 			// add sticky class 
 		}
 	});
+	
+	$('#userDefine form').submit(function(e) {
+		var id_list = $(this).find('input[name=join_form_id_list]').val();
+		var id_list_arr = id_list.split(',');
+
+		var column_id = $(this).find('input[name=column_id]').val();
+		var old_column_id = $(this).find('input[name=old_column_id]').val();
+		if($.inArray(column_id, id_list_arr) > -1 && column_id != old_column_id) {
+			alert(xe.lang.msg_exists_user_id);
+			return false;
+		}
+		else return true;
+	});
 
 });
diff --git a/modules/member/tpl/signup_config.html b/modules/member/tpl/signup_config.html
index ac77d81ee..533fced94 100644
--- a/modules/member/tpl/signup_config.html
+++ b/modules/member/tpl/signup_config.html
@@ -7,6 +7,7 @@
 	xe.lang.cmd_delete = '{$lang->cmd_delete}';
 	xe.lang.msg_null_prohibited_id = '{$lang->msg_null_prohibited_id}';
 	xe.lang.msg_null_prohibited_nick_name = '{$lang->msg_null_prohibited_nick_name}';
+	xe.lang.msg_exists_user_id= '{$lang->msg_exists_user_id}';
 </script>
 <form action="./" class="x_form-horizontal" method="post">
 	<input type="hidden" name="module" value="member" />
diff --git a/modules/menu/menu.admin.controller.php b/modules/menu/menu.admin.controller.php
index 5a372e59d..0bfc03a9a 100644
--- a/modules/menu/menu.admin.controller.php
+++ b/modules/menu/menu.admin.controller.php
@@ -1610,6 +1610,7 @@ class menuAdminController extends menu
 		$xml_buff = sprintf(
 			'<?php '.
 			'define(\'__ZBXE__\', true); '.
+			'define(\'__XE__\', true); '.
 			'require_once(\''.FileHandler::getRealPath('./config/config.inc.php').'\'); '.
 			'$oContext = &Context::getInstance(); '.
 			'$oContext->init(); '.
@@ -1631,6 +1632,7 @@ class menuAdminController extends menu
 		$php_buff = sprintf(
 			'<?php '.
 			'if(!defined("__ZBXE__")) exit(); '.
+			'if(!defined("__XE__")) exit(); '.
 			'%s; '.
 			'%s; '.
 			'$menu->list = array(%s); '.
diff --git a/modules/widget/widget.controller.php b/modules/widget/widget.controller.php
index b6d1ce678..ff00f36ff 100644
--- a/modules/widget/widget.controller.php
+++ b/modules/widget/widget.controller.php
@@ -127,7 +127,7 @@ class widgetController extends widget
 				if(in_array($group_srl, $manager_group)) $is_admin = true;
 			}
 		}
-		if(!$is_admin && !$is_logged && $logged_info->is_admin != 'Y' && !$oModuleModel->isSiteAdmin($logged_info) && !(is_array($page_info->admin_id) && in_array($logged_infoi->user_id, $page_info->admin_id))) return new Object(-1,'msg_not_permitted');
+		if(!$is_admin && !$is_logged && $logged_info->is_admin != 'Y' && !$oModuleModel->isSiteAdmin($logged_info) && !(is_array($page_info->admin_id) && in_array($logged_info->user_id, $page_info->admin_id))) return new Object(-1,'msg_not_permitted');
 		// Enter post
 		$oDocumentModel = &getModel('document');
 		$oDocumentController = &getController('document');
@@ -185,7 +185,7 @@ class widgetController extends widget
 				if(in_array($group_srl, $manager_group)) $is_admin = true;
 			}
 		}
-		if(!$is_admin && !$is_logged && $logged_info->is_admin != 'Y' && !$oModuleModel->isSiteAdmin($logged_info) && !(is_array($page_info->admin_id) && in_array($logged_infoi->user_id, $page_info->admin_id))) return new Object(-1,'msg_not_permitted');
+		if(!$is_admin && !$is_logged && $logged_info->is_admin != 'Y' && !$oModuleModel->isSiteAdmin($logged_info) && !(is_array($page_info->admin_id) && in_array($logged_info->user_id, $page_info->admin_id))) return new Object(-1,'msg_not_permitted');
 
 		$output = $oDocumentAdminController->copyDocumentModule(array($oDocument->get('document_srl')), $oDocument->get('module_srl'),0);
 		if(!$output->toBool()) return $output;
@@ -225,7 +225,7 @@ class widgetController extends widget
 				if(in_array($group_srl, $manager_group)) $is_admin = true;
 			}
 		}
-		if(!$is_admin && !$is_logged && $logged_info->is_admin != 'Y' && !$oModuleModel->isSiteAdmin($logged_info) && !(is_array($page_info->admin_id) && in_array($logged_infoi->user_id, $page_info->admin_id))) return new Object(-1,'msg_not_permitted');
+		if(!$is_admin && !$is_logged && $logged_info->is_admin != 'Y' && !$oModuleModel->isSiteAdmin($logged_info) && !(is_array($page_info->admin_id) && in_array($logged_info->user_id, $page_info->admin_id))) return new Object(-1,'msg_not_permitted');
 
 		$output = $oDocumentController->deleteDocument($oDocument->get('document_srl'), true);
 		if(!$output->toBool()) return $output;
diff --git a/tests/classes/db/config/config.inc.php b/tests/classes/db/config/config.inc.php
index f2c8c8ee0..2c1a5106c 100644
--- a/tests/classes/db/config/config.inc.php
+++ b/tests/classes/db/config/config.inc.php
@@ -36,6 +36,7 @@
     require_once(_XE_PATH_.'classes/db/queryparts/expression/InsertExpression.class.php');
     require_once(_XE_PATH_.'classes/db/queryparts/expression/UpdateExpression.class.php');
     require_once(_XE_PATH_.'classes/db/queryparts/expression/UpdateExpressionWithoutArgument.class.php');
+	require_once(_XE_PATH_.'classes/db/queryparts/expression/ClickCountExpression.class.php');
     require_once(_XE_PATH_.'classes/db/queryparts/table/Table.class.php');
     require_once(_XE_PATH_.'classes/db/queryparts/table/JoinTable.class.php');
     require_once(_XE_PATH_.'classes/db/queryparts/table/CubridTableWithHint.class.php');
diff --git a/tests/classes/db/db/DBTest.php b/tests/classes/db/db/DBTest.php
index c8e1a6b2c..fe8f28ad6 100644
--- a/tests/classes/db/db/DBTest.php
+++ b/tests/classes/db/db/DBTest.php
@@ -20,8 +20,12 @@ class DBTest extends PHPUnit_Framework_TestCase {
                         $querySql = $db->{$methodName}($output);
 
                         // Remove whitespaces, tabs and all
-                        $querySql = Helper::cleanString($querySql);
-                        $expected = Helper::cleanString($expected);
+						if(is_a($querySql, 'Object'))
+						{
+							$querySql = $querySql->getMessage();
+						}
+						$querySql = Helper::cleanString($querySql);
+						$expected = Helper::cleanString($expected);
                 }
                 $this->assertEquals($expected, $querySql);
         }
diff --git a/tests/classes/db/db/xml_query/cubrid/CubridSelectTest.php b/tests/classes/db/db/xml_query/cubrid/CubridSelectTest.php
index aef54a3dd..44c3c6bf2 100644
--- a/tests/classes/db/db/xml_query/cubrid/CubridSelectTest.php
+++ b/tests/classes/db/db/xml_query/cubrid/CubridSelectTest.php
@@ -439,6 +439,17 @@
 			$argsString = '$args->package_srl = 18325662;';
 			$expectedArgs = array(18325662);
 			$this->_testPreparedQuery($xml_file, $argsString, $expected, 'getSelectSql', $expectedArgs);
-		}				
+		}
+
+		/**
+		 * Issue 1431 - xml click count error
+		 */
+		function testClickCount()
+		{
+			$xml_file = _TEST_PATH_ . "db/xml_query/mysql/data/click_count.xml";
+			$argsString = '$args->incr_expose_count = true;';
+			$expected = 'select INCR("expose_count") from "xe_modules" as "modules"';
+			$this->_test($xml_file, $argsString, $expected);
+		}
 
 	}
\ No newline at end of file
diff --git a/tests/classes/db/db/xml_query/cubrid/data/click_count.xml b/tests/classes/db/db/xml_query/cubrid/data/click_count.xml
new file mode 100644
index 000000000..3dd210b09
--- /dev/null
+++ b/tests/classes/db/db/xml_query/cubrid/data/click_count.xml
@@ -0,0 +1,8 @@
+<query id="getNewestDocuments" action="select">
+    <tables>
+        <table name="modules" />
+    </tables>
+    <columns>
+        <column name="expose_count" click_count="incr_expose_count"/>
+    </columns>
+</query>
\ No newline at end of file
diff --git a/tests/classes/db/db/xml_query/mysql/MysqlSelectTest.php b/tests/classes/db/db/xml_query/mysql/MysqlSelectTest.php
index 11741a2eb..28d2266fd 100644
--- a/tests/classes/db/db/xml_query/mysql/MysqlSelectTest.php
+++ b/tests/classes/db/db/xml_query/mysql/MysqlSelectTest.php
@@ -380,4 +380,37 @@ class MysqlSelectTest extends MysqlTest {
                         limit 5";
         $this->_test($xml_file, $argsString, $expected);
     }
-}
\ No newline at end of file
+
+	/**
+	 * Add support for CAST / CONVERT function
+	 */
+	function testCast()
+	{
+		$xml_file = _TEST_PATH_ . "db/xml_query/mysql/data/cast.xml";
+		$argsString = '';
+		$expected = "select cast(`document_srl` as unsigned integer) from `xe_documents` as `documents`";
+		$this->_test($xml_file, $argsString, $expected);
+	}
+
+	/**
+	 * Add support for CAST / CONVERT function
+	 */
+	function testConvert()
+	{
+		$xml_file = _TEST_PATH_ . "db/xml_query/mysql/data/convert.xml";
+		$argsString = '';
+		$expected = "select convert(`document_srl`, unsigned integer) from `xe_documents` as `documents`";
+		$this->_test($xml_file, $argsString, $expected);
+	}
+
+	/**
+	 * Issue 1431 - xml click count error
+	 */
+	function testClickCount()
+	{
+		$xml_file = _TEST_PATH_ . "db/xml_query/mysql/data/click_count.xml";
+		$argsString = '$args->incr_expose_count = true;';
+		$expected = "select `expose_count` from `xe_modules` as `modules`";
+		$this->_test($xml_file, $argsString, $expected);
+	}
+}
diff --git a/tests/classes/db/db/xml_query/mysql/data/cast.xml b/tests/classes/db/db/xml_query/mysql/data/cast.xml
new file mode 100644
index 000000000..9049dbe1b
--- /dev/null
+++ b/tests/classes/db/db/xml_query/mysql/data/cast.xml
@@ -0,0 +1,8 @@
+<query id="getDocumentListWithinComment" action="select">
+    <tables>
+        <table name="documents" alias="documents" />
+    </tables>
+    <columns>
+        <column name="CAST(document_srl as UNSIGNED INTEGER)" />
+    </columns>
+</query>
diff --git a/tests/classes/db/db/xml_query/mysql/data/click_count.xml b/tests/classes/db/db/xml_query/mysql/data/click_count.xml
new file mode 100644
index 000000000..3dd210b09
--- /dev/null
+++ b/tests/classes/db/db/xml_query/mysql/data/click_count.xml
@@ -0,0 +1,8 @@
+<query id="getNewestDocuments" action="select">
+    <tables>
+        <table name="modules" />
+    </tables>
+    <columns>
+        <column name="expose_count" click_count="incr_expose_count"/>
+    </columns>
+</query>
\ No newline at end of file
diff --git a/tests/classes/db/db/xml_query/mysql/data/convert.xml b/tests/classes/db/db/xml_query/mysql/data/convert.xml
new file mode 100644
index 000000000..96d982717
--- /dev/null
+++ b/tests/classes/db/db/xml_query/mysql/data/convert.xml
@@ -0,0 +1,8 @@
+<query id="getDocumentListWithinComment" action="select">
+    <tables>
+        <table name="documents" alias="documents" />
+    </tables>
+    <columns>
+        <column name="CONVERT(document_srl, UNSIGNED INTEGER)" />
+    </columns>
+</query>
diff --git a/tests/classes/frontendfile/FrontEndFileHandlerTest.php b/tests/classes/frontendfile/FrontEndFileHandlerTest.php
index 7b5fad97f..69852c667 100644
--- a/tests/classes/frontendfile/FrontEndFileHandlerTest.php
+++ b/tests/classes/frontendfile/FrontEndFileHandlerTest.php
@@ -4,6 +4,7 @@ if(!defined('__XE__')) require dirname(__FILE__).'/../../Bootstrap.php';
 
 require_once _XE_PATH_.'classes/handler/Handler.class.php';
 require_once _XE_PATH_.'classes/frontendfile/FrontEndFileHandler.class.php';
+require_once _XE_PATH_.'classes/file/FileHandler.class.php';
 
 
 class FrontEndFileHandlerTest extends PHPUnit_Framework_TestCase
@@ -16,12 +17,12 @@ class FrontEndFileHandlerTest extends PHPUnit_Framework_TestCase
 		$handler = new FrontEndFileHandler();
 
 		// js(head)
-		$handler->loadFile(array('./common/js/jquery.js'));
+		$handler->loadFile(array('./common/js/jquery.min.js'));
 		$handler->loadFile(array('./common/js/js_app.js'));
 		$handler->loadFile(array('./common/js/common.js'));
 		$handler->loadFile(array('./common/js/xml_handler.js'));
 		$handler->loadFile(array('./common/js/xml_js_filter.js'));
-		
+
 		$expected[] = array('file' => '/xe/common/js/jquery.js', 'targetie' => '');
 		$expected[] = array('file' => '/xe/common/js/js_app.js', 'targetie' => '');
 		$expected[] = array('file' => '/xe/common/js/common.js', 'targetie' => '');