1. Bug #0000182: In-Portal Security Checks and Updates (part 1). 2. No path in includes inside site configs, for fckeditor.php. 3. "download_license" step removed from install step presets.
1. Fixes #0000209: Escape and Limit all Environment variables passed in GET. 2. We already escape anything, that goes from request to database queries to prevent sql injections. 3. Add check for "../" (prevents going outside In-Portal directory) and for whitespace like symbols (makes sure, that ".tpl" is always added at the end of template name) in template names.