Index: branches/5.2.x/core/kernel/db/db_event_handler.php
===================================================================
diff -u -N -r15812 -r15856
--- branches/5.2.x/core/kernel/db/db_event_handler.php	(.../db_event_handler.php)	(revision 15812)
+++ branches/5.2.x/core/kernel/db/db_event_handler.php	(.../db_event_handler.php)	(revision 15856)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: db_event_handler.php 15812 2013-06-26 10:47:58Z alex $
+* @version	$Id: db_event_handler.php 15856 2013-07-02 14:56:00Z alex $
 * @package	In-Portal
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license      GNU/GPL
@@ -630,7 +630,7 @@
 			if ( MOD_REWRITE ) {
 				$redirect_params = Array (
 					'm_cat_id' => 0,
-					'next_template' => urlencode('external:' . $_SERVER['REQUEST_URI']),
+					'next_template' => kUtil::escape('external:' . $_SERVER['REQUEST_URI'], kUtil::ESCAPE_URL),
 				);
 			}
 			else {
@@ -1835,10 +1835,10 @@
 			$event->SetRedirectParam($event->getPrefixSpecial() . '_id', array_shift($ids));
 			$event->SetRedirectParam('pass', 'all,' . $event->getPrefixSpecial());
 
-			$simultaneous_edit_message = $this->Application->GetVar('_simultanious_edit_message');
+			$simultaneous_edit_message = $this->Application->GetVar('_simultaneous_edit_message');
 
 			if ( $simultaneous_edit_message ) {
-				$event->SetRedirectParam('_simultanious_edit_message', urlencode($simultaneous_edit_message));
+				$event->SetRedirectParam('_simultaneous_edit_message', kUtil::escape($simultaneous_edit_message, kUtil::ESCAPE_URL));
 			}
 		}
 
@@ -3517,7 +3517,7 @@
 			echo '<suggestions>';
 
 			foreach ($data as $item) {
-				echo '<item>' . htmlspecialchars($item, null, CHARSET) . '</item>';
+				echo '<item>' . kUtil::escape($item, kUtil::ESCAPE_HTML) . '</item>';
 			}
 
 			echo '</suggestions>';