Index: branches/5.3.x/core/kernel/utility/http_query.php
===================================================================
diff -u -N -r15698 -r15902
--- branches/5.3.x/core/kernel/utility/http_query.php	(.../http_query.php)	(revision 15698)
+++ branches/5.3.x/core/kernel/utility/http_query.php	(.../http_query.php)	(revision 15902)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: http_query.php 15698 2013-02-19 11:33:17Z alex $
+* @version	$Id: http_query.php 15902 2013-07-12 15:37:15Z alex $
 * @package	In-Portal
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license      GNU/GPL
@@ -655,7 +655,8 @@
 				}
 
 				if (!$this->Application->isAdmin) {
-					$value = htmlspecialchars($value, null, CHARSET);
+					// TODO: always escape output instead of input
+					$value = kUtil::escape($value, kUtil::ESCAPE_HTML);
 				}
 
 				$array[$key] = $value;
@@ -819,6 +820,6 @@
 			}
 		}
 
-		return $_SERVER['REMOTE_ADDR'];
+		return isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';
 	}
 }