#66 install php version check

#16 install rewrite module usable check
#48 htmlspecialchars function params add

modules/communication/communication.controller.php

@@ -162,7 +162,7 @@ class communicationController extends communication
 	function sendMessage($sender_srl, $receiver_srl, $title, $content, $sender_log = TRUE)
 	{
 		$content = removeHackTag($content);
-		$title = htmlspecialchars($title);
+		$title = htmlspecialchars($title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
 
 		// messages to save in the sendor's message box
 		$sender_args = new stdClass();
@@ -606,7 +606,7 @@ class communicationController extends communication
 		$args->friend_group_srl = trim(Context::get('friend_group_srl'));
 		$args->member_srl = $logged_info->member_srl;
 		$args->title = Context::get('title');
-		$args->title = htmlspecialchars($args->title);
+		$args->title = htmlspecialchars($args->title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
 
 		if(!$args->title)
 		{
@@ -682,7 +682,7 @@ class communicationController extends communication
 		$args->friend_group_srl = Context::get('friend_group_srl');
 		$args->member_srl = $logged_info->member_srl;
 		$args->title = Context::get('title');
-		$args->title = htmlspecialchars($args->title);
+		$args->title = htmlspecialchars($args->title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
 
 		if(!$args->title)
 		{

modules/communication/m.skins/default/send_message.html

@@ -14,7 +14,7 @@
 	<input type="hidden" name="is_popup" value="Y" />
 	<input type="hidden" name="act" value="procCommunicationSendMessage" />
 	<input type="hidden" name="receiver_srl" value="{$receiver_info->member_srl}" />
-	<input type="hidden" name="source_content" value="{htmlspecialchars($source_message->content)}" />
+	<input type="hidden" name="source_content" value="{htmlspecialchars($source_message->content, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}" />
 	<input type="hidden" name="content" value="" />
 	<input type="hidden" name="xe_validator_id" value="modules/communication/m.skins/default/send_message/1" />
 	<ul>

modules/communication/skins/default/add_friend_group.html

@@ -18,11 +18,11 @@
 		<input type="hidden" name="xe_validator_id" value="modules/communication/skins/default/add_friend_group/1" />
 		<div class="control-group">
 			<label for="title" class="control-label">{$lang->msg_insert_group_name}</label>
-			<div class="controls"><input name="title" id="title" type="text" value="{htmlspecialchars($friend_group->title)}"/></div>
+			<div class="controls"><input name="title" id="title" type="text" value="{htmlspecialchars($friend_group->title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}"/></div>
 		</div>
 		<div class="btnArea">
 			<input cond="$friend_group->friend_group_srl" type="submit" value="{$lang->cmd_modify}" class="btn btn-inverse" />
 			<input cond="!$friend_group->friend_group_srl" type="submit" value="{$lang->cmd_insert}" class="btn btn-inverse" />
 		</div>
 	</form>
-</div>
+</div>

modules/communication/skins/default/new_message.html

@@ -11,7 +11,7 @@
 		<!--@end-->
 		<tr>
 			<th scope="row">{$lang->title}</th>
-			<td>{htmlspecialchars($message->title)}</td>
+			<td>{htmlspecialchars($message->title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}</td>
 		</tr>
 		<tr>
 			<td colspan="2" class="xe_content">{$message->content}</td>

modules/communication/skins/default/send_message.html

@@ -8,7 +8,7 @@
 	<form ruleset="sendMessage" action="./" method="post">
 		<input type="hidden" name="module" value="communication" />
 		<input type="hidden" name="act" value="procCommunicationSendMessage" />
-		<input type="hidden" name="content" value="{htmlspecialchars($source_message->content)}" />
+		<input type="hidden" name="content" value="{htmlspecialchars($source_message->content, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}" />
 		<input type="hidden" name="receiver_srl" value="{$receiver_info->member_srl}" />
 		<input type="hidden" name="xe_validator_id" value="modules/communication/skins/default/send_message/1" />
 		<table class="table table-striped table-hover">