diff --git a/main/inc/lib/formvalidator/Rule/allowed_tags.inc.php b/main/inc/lib/formvalidator/Rule/allowed_tags.inc.php
index 44a9593a62..4aec5b8482 100755
--- a/main/inc/lib/formvalidator/Rule/allowed_tags.inc.php
+++ b/main/inc/lib/formvalidator/Rule/allowed_tags.inc.php
@@ -681,22 +681,25 @@ unset($allowed_tags_anonymous['object']);
 
 // HTMLPURIFIER-COMPATIBLE SETTINGS
 
-function kses_to_htmlpurifier($allowed_tags) {
-    $result[0] = array();
-    $result[1] = array();
+function convert_kses_to_htmlpurifier($allowed_tags) {
+    $allowed_html = array();
     foreach ($allowed_tags as $key1 => & $value1) {
         $result[0][] = $key1;
         if (count($value1) > 0) {
+            $attr = array();
             foreach ($value1 as $key2 => & $value2) {
-                $result[1][] = $key1.'.'.$key2;
+                $attr[] = $key2;
             }
+            $allowed_html[] = $key1.'['.implode('|', $attr).']';
+        } else {
+            $allowed_html[] = $key1;
         }
     }
-    return $result;
+    return implode(',', $allowed_html);
 }
 
-global $tag_student, $attribute_student, $tag_teacher, $attribute_teacher, $tag_anonymous, $attribute_anonymous;
+global $allowed_html_student, $allowed_html_teacher, $allowed_html_anonymous;
 
-list($tag_student, $attribute_student) = kses_to_htmlpurifier(array_merge($allowed_tags_student, $allowed_tags_student_full_page));
-list($tag_teacher, $attribute_teacher) = kses_to_htmlpurifier(array_merge($allowed_tags_teacher, $allowed_tags_teacher_full_page));
-list($tag_anonymous, $attribute_anonymous) = kses_to_htmlpurifier(array_merge($allowed_tags_anonymous, $allowed_tags_anonymous_full_page));
+$allowed_html_student = convert_kses_to_htmlpurifier(array_merge($allowed_tags_student, $allowed_tags_student_full_page));
+$allowed_html_teacher = convert_kses_to_htmlpurifier(array_merge($allowed_tags_teacher, $allowed_tags_teacher_full_page));
+$allowed_html_anonymous = convert_kses_to_htmlpurifier(array_merge($allowed_tags_anonymous, $allowed_tags_anonymous_full_page));
diff --git a/main/inc/lib/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php b/main/inc/lib/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php
old mode 100755
new mode 100644
index feeacc7780..6da2e78315
--- a/main/inc/lib/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php
+++ b/main/inc/lib/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php
@@ -88,14 +88,8 @@ class HTMLPurifier_DefinitionCache_Serializer extends
      * @todo Make protected
      */
     public function generateBaseDirectoryPath($config) {
-    	$directory_in_garbage= api_get_path(SYS_ARCHIVE_PATH).'Serializer';
-    	//add directory Serializer, in choose not exist
-    	if (!file_exists($directory_in_garbage)) {
-    		mkdir($directory_in_garbage,0777);
-    	}
-        $base = $config->get('Cache.SerializerPath');//archive/Serializer
-       // $base = is_null($base) ? HTMLPURIFIER_PREFIX . '/HTMLPurifier/DefinitionCache/Serializer' : $base;
-        $base = is_null($base) ? $directory_in_garbage : $base;
+        $base = $config->get('Cache.SerializerPath');
+        $base = is_null($base) ? HTMLPURIFIER_PREFIX . '/HTMLPurifier/DefinitionCache/Serializer' : $base;
         return $base;
     }
 
diff --git a/main/inc/lib/security.lib.php b/main/inc/lib/security.lib.php
index 82f48707a1..a4051a200e 100755
--- a/main/inc/lib/security.lib.php
+++ b/main/inc/lib/security.lib.php
@@ -243,30 +243,32 @@ class Security {
         }
         static $purifier = array();
         if (!isset($purifier[$user_status])) {
+            $cache_dir = api_get_path(SYS_ARCHIVE_PATH).'Serializer';
+            if (!file_exists($cache_dir)) {
+                mkdir($cache_dir, 0777);
+            }
             $config = HTMLPurifier_Config::createDefault();
+            $config->set('Cache.SerializerPath', $cache_dir);
             $config->set('Core.Encoding', api_get_system_encoding());
             $config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
             $config->set('HTML.TidyLevel', 'light');
             $config->set('Core.ConvertDocumentToFragment', false);
             $config->set('Core.RemoveProcessingInstructions', true);
             if ($user_status == STUDENT) {
-                global $tag_student, $attribute_student;
+                global $allowed_html_student;
+                $config->set('HTML.Allowed', $allowed_html_student);
                 $config->set('HTML.SafeEmbed', true);
                 $config->set('HTML.SafeObject', true);
                 $config->set('Filter.YouTube', true);
-                $config->set('HTML.AllowedElements', $tag_student);
-                $config->set('HTML.AllowedAttributes', $attribute_student);
             } elseif ($user_status == COURSEMANAGER) {
-                global $tag_teacher, $attribute_teacher;
+                global $allowed_html_teacher;
+                $config->set('HTML.Allowed', $allowed_html_teacher);
                 $config->set('HTML.SafeEmbed', true);
                 $config->set('HTML.SafeObject', true);
                 $config->set('Filter.YouTube', true);
-                $config->set('HTML.AllowedElements', $tag_teacher);
-                $config->set('HTML.AllowedAttributes', $attribute_teacher);
             } else {
-                global $tag_anonymous,$attribute_anonymous;
-                $config->set('HTML.AllowedElements', $tag_anonymous);
-                $config->set('HTML.AllowedAttributes', $attribute_anonymous);
+                global $allowed_html_anonymous;
+                $config->set('HTML.Allowed', $allowed_html_anonymous);
             }
             $config->set('CSS.AllowImportant', true);
             $config->set('CSS.AllowTricky', true); // We need the css definition display: none;