[svn r20587] FS#306 and FS#4187 - Fixing character encoding issues in the "Messages" and "Social network" tools, part 1.

17 years ago · fa8317fc59
parent 44a3c9e976
commit fa8317fc59
16 changed files with 161 additions and 166 deletions
--- a/main/inc/lib/message.lib.php
+++ b/main/inc/lib/message.lib.php
@ -31,27 +31,27 @@ function inbox_display() {
 	if ($_SESSION['social_exist']===true) {
 		$redirect="#remote-tab-2";	
 		if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool')=='true') {
-			$success= api_convert_encoding(get_lang('SelectedMessagesDeleted'),'UTF-8',$charset).
+			$success= get_lang('SelectedMessagesDeleted').
 			"&nbsp
 			<br/><a href=\"".
 			"../social/index.php?$redirect\">".
-			api_convert_encoding(get_lang('BackToInbox'),'UTF-8',$charset).
+			get_lang('BackToInbox').
 			"</a>";
 		} else {
-			$success= api_convert_encoding(get_lang('SelectedMessagesDeleted'),'UTF-8',$charset).
+			$success= get_lang('SelectedMessagesDeleted').
 			"&nbsp
 			<br/><a href=\"".
 			"../social/index.php?$redirect\">".
-			api_convert_encoding(get_lang('BackToInbox'),'UTF-8',$charset).
+			get_lang('BackToInbox').
 			"</a>";				
 		}
 	} else {
-		$success= api_convert_encoding(get_lang('SelectedMessagesDeleted'),'UTF-8',$charset) .
+		$success= get_lang('SelectedMessagesDeleted').
 			"&nbsp
 			<br/><a href=\"".
 			"inbox.php\">".
-			api_convert_encoding(get_lang('BackToOutbox'),'UTF-8',$charset).
+			get_lang('BackToOutbox').
 			"</a>";
 	}
@ -62,11 +62,11 @@ function inbox_display() {
 			foreach ($_POST['id'] as $index => $message_id) {
 				MessageManager::delete_message_by_user_receiver(api_get_user_id(), $message_id);	
 			}
-			Display::display_normal_message($success,false);
+			Display::display_normal_message(api_xml_http_response_encode($success),false);
 			break;
 			case 'deleteone' :
 			MessageManager::delete_message_by_user_receiver(api_get_user_id(), $_GET['id']);
-			Display::display_confirmation_message($success,false);
+			Display::display_confirmation_message(api_xml_http_response_encode($success),false);
 			echo '<br/>';	
 			break;
 		}
@ -75,18 +75,12 @@ function inbox_display() {
 	// display sortable table with messages of the current user
 	$table = new SortableTable('messages', 'get_number_of_messages_mask', 'get_message_data_mask', 1);
 	$table->set_header(0, '', false,array ('style' => 'width:20px;'));
-	if ($request===true) {
+	$title=api_xml_http_response_encode(get_lang('Title'));
-		$title= api_convert_encoding(get_lang('Title'),'UTF-8',$charset);
+	$action=api_xml_http_response_encode(get_lang('Actions'));
-		$action=api_convert_encoding(get_lang('Actions'),'UTF-8',$charset);
+	$table->set_header(1,api_xml_http_response_encode(get_lang('Status')),false,array('style' => 'width:30px;'));
-	} else {
+	$table->set_header(2,api_xml_http_response_encode(get_lang('From')),false);
 		$title= get_lang('Title');
 		$action=get_lang('Actions');		
 	}
 	$table->set_header(1,api_convert_encoding(get_lang('Status'),'UTF-8',$charset) ,false,array ('style' => 'width:30px;'));
 	$table->set_header(2,api_convert_encoding(get_lang('From'),'UTF-8',$charset) ,false);
 	$table->set_header(3,$title,false);
-	$table->set_header(4,api_convert_encoding(get_lang('Date'),'UTF-8',$charset),false,array ('style' => 'width:150px;'));
+	$table->set_header(4,api_xml_http_response_encode(get_lang('Date')),false,array('style' => 'width:150px;'));
 	$table->set_header(5,$action,false,array ('style' => 'width:100px;'));
 echo '<div id="div_content_table_data">';
 	if ($request===true) {
@ -95,12 +89,12 @@ echo '<div id="div_content_table_data">';
 		$table->display();
 		echo '</form>';
 		if (get_number_of_messages_mask() > 0) {
-			echo '<a href="javascript:void(0)" onclick="selectall_cheks()">'.api_convert_encoding(get_lang('SelectAll'),'UTF-8',$charset) .'</a>&nbsp;&nbsp;&nbsp;';
+			echo '<a href="javascript:void(0)" onclick="selectall_cheks()">'.api_xml_http_response_encode(get_lang('SelectAll')).'</a>&nbsp;&nbsp;&nbsp;';
-			echo '<a href="javascript:void(0)" onclick="unselectall_cheks()">'.api_convert_encoding(get_lang('UnSelectAll'),'UTF-8',$charset) .'</a>&nbsp;&nbsp;&nbsp;';
+			echo '<a href="javascript:void(0)" onclick="unselectall_cheks()">'.api_xml_http_response_encode(get_lang('UnSelectAll')).'</a>&nbsp;&nbsp;&nbsp;';
-			echo '<input name="delete" type="button" value="'.api_convert_encoding(get_lang('DeleteSelectedMessages'),'UTF-8',$charset).'" onclick="submit_form(\'inbox\')"/>';
+			echo '<input name="delete" type="button" value="'.api_xml_http_response_encode(get_lang('DeleteSelectedMessages')).'" onclick="submit_form(\'inbox\')"/>';
 		}
 	} else {
-		$table->set_form_actions(array ('delete' => get_lang('DeleteSelectedMessages')));
+		$table->set_form_actions(array ('delete' => api_xml_http_response_encode(get_lang('DeleteSelectedMessages'))));
 		$table->display();
 	}
 echo '</div>';
@ -118,28 +112,28 @@ function outbox_display() {
 	if ($_SESSION['social_exist']===true) {
 		$redirect="#remote-tab-3";	
 		if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool')=='true') {
-			$success= api_convert_encoding(get_lang('SelectedMessagesDeleted'),'UTF-8',$charset).
+			$success= get_lang('SelectedMessagesDeleted').
 			"&nbsp
 			<br><a href=\"".
 			"../social/index.php?$redirect\">".
-			api_convert_encoding(get_lang('BackToOutbox'),'UTF-8',$charset).
+			get_lang('BackToOutbox').
 			"</a>";
 		}else {
-			$success= api_convert_encoding(get_lang('SelectedMessagesDeleted'),'UTF-8',$charset).
+			$success=get_lang('SelectedMessagesDeleted').
 			"&nbsp
 			<br><a href=\"".
 			"../social/index.php?$redirect\">".
-			api_convert_encoding(get_lang('BackToOutbox'),'UTF-8',$charset).
+			get_lang('BackToOutbox').
 			"</a>";				
 		}
 	} else {
-		$success= api_convert_encoding(get_lang('SelectedMessagesDeleted'),'UTF-8',$charset) .
+		$success= get_lang('SelectedMessagesDeleted').
 			"&nbsp
 			</b>".
 			"<br><a href=\"".
 			"outbox.php\">".
-			api_convert_encoding(get_lang('BackToOutbox'),'UTF-8',$charset).
+			get_lang('BackToOutbox').
 			"</a>";
 	}
 if (isset ($_REQUEST['action'])) {
@ -151,11 +145,11 @@ if (isset ($_REQUEST['action'])) {
 				MessageManager::delete_message_by_user_receiver(api_get_user_id(), $message_id);	
 			}
 		}		
-		Display::display_normal_message($success,false);
+		Display::display_normal_message(api_xml_http_response_encode($success),false);
 		break;
 		case 'deleteone' :
 		MessageManager::delete_message_by_user_receiver(api_get_user_id(), $_GET['id']);
-		Display::display_confirmation_message($success,false);
+		Display::display_confirmation_message(api_xml_http_response_encode($success),false);
 		echo '<br/>';	
 		break;
 	}
@ -163,18 +157,13 @@ if (isset ($_REQUEST['action'])) {
 // display sortable table with messages of the current user
 $table = new SortableTable('messages', 'get_number_of_messages_send_mask', 'get_message_data_send_mask', 1);
-if ($request===true) {
+$title=api_xml_http_response_encode(get_lang('Title'));
-		$title= api_convert_encoding(get_lang('Title'),'UTF-8',$charset);
+$action=api_xml_http_response_encode(get_lang('Actions'));
 		$action=api_convert_encoding(get_lang('Actions'),'UTF-8',$charset);
 } else {
 		$title=get_lang('Title');
 		$action=get_lang('Actions');		
 }
 $table->set_header(0, '', false,array ('style' => 'width:20px;'));
-$table->set_header(1, api_convert_encoding(get_lang('Status'),'UTF-8',$charset),false,array ('style' => 'width:30px;'));
+$table->set_header(1, api_xml_http_response_encode(get_lang('Status')),false,array ('style' => 'width:30px;'));
-$table->set_header(2, api_convert_encoding(get_lang('To'),'UTF-8',$charset),false);
+$table->set_header(2, api_xml_http_response_encode(get_lang('To')),false);
 $table->set_header(3, $title,false);
-$table->set_header(4, api_convert_encoding(get_lang('Date'),'UTF-8',$charset),false,array ('style' => 'width:150px;'));
+$table->set_header(4, api_xml_http_response_encode(get_lang('Date')),false,array ('style' => 'width:150px;'));
 $table->set_header(5,$action, false,array ('style' => 'width:100px;'));
 echo '<div id="div_content_table_data_sent">';
 	if ($request===true) {
@ -183,12 +172,12 @@ echo '<div id="div_content_table_data_sent">';
 		$table->display();
 		echo '</form>';
 		if (get_number_of_messages_send_mask() > 0) {
-			echo '<a href="javascript:void(0)" onclick="selectall_cheks()">'.api_convert_encoding(get_lang('SelectAll'),'UTF-8',$charset).'</a>&nbsp;&nbsp;&nbsp;';
+			echo '<a href="javascript:void(0)" onclick="selectall_cheks()">'.api_xml_http_response_encode(get_lang('SelectAll')).'</a>&nbsp;&nbsp;&nbsp;';
-			echo '<a href="javascript:void(0)" onclick="unselectall_cheks()">'.api_convert_encoding(get_lang('UnSelectAll'),'UTF-8',$charset).'</a>&nbsp;&nbsp;&nbsp;';
+			echo '<a href="javascript:void(0)" onclick="unselectall_cheks()">'.api_xml_http_response_encode(get_lang('UnSelectAll')).'</a>&nbsp;&nbsp;&nbsp;';
-			echo '<input name="delete" type="button" value="'.api_convert_encoding(get_lang('DeleteSelectedMessages'),'UTF-8',$charset).'" onclick="submit_form(\'outbox\')"/>';
+			echo '<input name="delete" type="button" value="'.api_xml_http_response_encode(get_lang('DeleteSelectedMessages')).'" onclick="submit_form(\'outbox\')"/>';
 		}
 	} else {
-		$table->set_form_actions(array ('delete' => get_lang('DeleteSelectedMessages')));
+		$table->set_form_actions(array ('delete' => api_xml_http_response_encode(get_lang('DeleteSelectedMessages'))));
 		$table->display();
 	}
 echo '</div>';
--- a/main/messages/inbox.php
+++ b/main/messages/inbox.php
@ -119,7 +119,7 @@ if (isset($_GET['form_reply']) || isset($_GET['form_delete'])) {
 			<br /><a href="../social/index.php?#remote-tab-2">'.
 			get_lang('BackToInbox').
 			'</a>';
-			Display::display_error_message($message_box,false);
+			Display::display_error_message(api_xml_http_response_encode($message_box),false);
 			exit;
 		}
 	} elseif (trim($info_delete[0])=='delete' ) {
@ -131,7 +131,7 @@ if (isset($_GET['form_reply']) || isset($_GET['form_delete'])) {
 			<br /><a href="../social/index.php?#remote-tab-2">'.
 			get_lang('BackToInbox').
 			'</a>';
-			Display::display_normal_message($message_box,false);
+			Display::display_normal_message(api_xml_http_response_encode($message_box),false);
 		    exit;
 	}
 }
@ -156,9 +156,9 @@ if ($request===false) {
 }
 $table_message = Database::get_main_table(TABLE_MESSAGE);
 echo '<div id="div_content_messages">&nbsp;&nbsp;';
-//api_display_tool_title(api_convert_encoding(get_lang('Inbox'),'UTF-8',$charset));
+//api_display_tool_title(api_xml_http_response_encode(get_lang('Inbox')));
 echo '<div class=actions>';
-echo '<a onclick="compose_and_show_message(\'show\',\'1\')" href="javascript:void(0)">'.Display::return_icon('message_new.png',api_convert_encoding(get_lang('ComposeMessage'),'UTF-8',$charset)).api_convert_encoding(get_lang('ComposeMessage'),'UTF-8',$charset).'</a>';
+echo '<a onclick="compose_and_show_message(\'show\',\'1\')" href="javascript:void(0)">'.Display::return_icon('message_new.png',api_xml_http_response_encode(get_lang('ComposeMessage'))).api_xml_http_response_encode(get_lang('ComposeMessage')).'</a>';
 echo '</div>';
 echo '</div>';
 if (!isset($_GET['del_msg'])) {
--- a/main/messages/message.class.php
+++ b/main/messages/message.class.php
@ -46,36 +46,36 @@ class MessageManager {
 		if ($_SESSION['social_exist']===true) {
 			$redirect="#remote-tab-2";	
 			if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool')=='true') {
-				$success=api_convert_encoding(get_lang('MessageSentTo'),'UTF-8',$charset).
+				$success=get_lang('MessageSentTo').
 				"&nbsp;<b>".
 				GetFullUserName($uid).
 				"</b>".
 				"<br><a href=\"".
 				"../social/index.php$redirect\">".
-				api_convert_encoding(get_lang('BackToInbox'),'UTF-8',$charset).
+				get_lang('BackToInbox').
 				"</a>";
 			}else {
-				$success= api_convert_encoding(get_lang('MessageSentTo'),'UTF-8',$charset).
+				$success= get_lang('MessageSentTo').
 				"&nbsp;<b>".
 				GetFullUserName($uid).
 				"</b>".
 				"<br><a href=\"".
 				"../social/index.php$redirect\">".
-				api_convert_encoding(get_lang('BackToInbox'),'UTF-8',$charset).
+				get_lang('BackToInbox').
 				"</a>";				
 			}
 		} else {
-			$success= api_convert_encoding(get_lang('MessageSentTo'),'UTF-8',$charset).
+			$success= get_lang('MessageSentTo').
 				"&nbsp;<b>".
 				GetFullUserName($uid).
 				"</b>".
 				"<br><a href=\"".
 				"inbox.php\">".
-				api_convert_encoding(get_lang('BackToInbox'),'UTF-8',$charset).
+				get_lang('BackToInbox').
 				"</a>";
 		}
-		Display::display_confirmation_message($success, false);
+		Display::display_confirmation_message(api_xml_http_response_encode($success), false);
 	}
 	/**
@ -157,17 +157,20 @@ class MessageManager {
 					$message[1] = Display::return_icon('mail.png',get_lang('UnReadMessage'));//Message without reading 
 				}
-				$message[2] = api_convert_encoding(GetFullUserName($result[1]),'UTF-8',$charset);
+				$message[2] = GetFullUserName($result[1]);
-				$message[3] = '<a onclick="get_action_url_and_show_messages(1,'.$result[0].')" href="javascript:void(0)">'.str_replace("\\","",api_convert_encoding($result[2],'UTF-8',$charset)).'</a>';
+				$message[3] = '<a onclick="get_action_url_and_show_messages(1,'.$result[0].')" href="javascript:void(0)">'.str_replace("\\","",$result[2]).'</a>';
 				$message[5] = '<a onclick="reply_to_messages(\'show\','.$result[0].',\'\')" href="javascript:void(0)">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).'</a>'.
-						  '&nbsp;&nbsp;<a onclick="delete_one_message('.$result[0].')" href="javascript:void(0)"  >'.Display::return_icon('message_delete.png',api_convert_encoding(get_lang('DeleteMessage'),'UTF-8',$charset)).'</a>';
+						  '&nbsp;&nbsp;<a onclick="delete_one_message('.$result[0].')" href="javascript:void(0)"  >'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';
 			} else {
 				$message[2] = GetFullUserName(($result[1]));
 				$message[3] = '<a href="view_message.php?id='.$result[0].'">'.$result[2].'</a>';
 				$message[5] = '<a href="new_message.php?re_id='.$result[0].'">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).'</a>'.
-						  '&nbsp;&nbsp;<a delete_one_message('.$result[0].') href="#inbox.php?action=deleteone&id='.$result[0].'">'.Display::return_icon('message_delete.png',api_convert_encoding(get_lang('DeleteMessage'),'UTF-8',$charset)).'</a>';	
+						  '&nbsp;&nbsp;<a delete_one_message('.$result[0].') href="#inbox.php?action=deleteone&id='.$result[0].'">'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';	
 			}
 			$message[4] = ($result[3]); //date stays the same
 			foreach($message as $key => $value) {
 				$message[$key] = api_xml_http_response_encode($value);
 			}
 			$message_list[] = $message;
 			$i++;
@ -280,16 +283,19 @@ class MessageManager {
 			   {
 			   		$message[1] = Display::return_icon('mail_send.png',get_lang('MessageSent'));//Message Sent
 			   }
-				$message[2] = api_convert_encoding(GetFullUserName($result[4]),'UTF-8',$charset);
+				$message[2] = GetFullUserName($result[4]);
-				$message[3] = '<a onclick="show_sent_message('.$result[0].')" href="javascript:void(0)">'.str_replace("\\","",api_convert_encoding($result[2],'UTF-8',$charset)).'</a>';
+				$message[3] = '<a onclick="show_sent_message('.$result[0].')" href="javascript:void(0)">'.str_replace("\\","",$result[2]).'</a>';
-				$message[5] = '&nbsp;&nbsp;<a onclick="delete_one_message_outbox('.$result[0].')" href="javascript:void(0)"  >'.Display::return_icon('message_delete.png',api_convert_encoding(get_lang('DeleteMessage'),'UTF-8',$charset)).'</a>';
+				$message[5] = '&nbsp;&nbsp;<a onclick="delete_one_message_outbox('.$result[0].')" href="javascript:void(0)"  >'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';
 			} else {
 				$message[2] = GetFullUserName($result[4]);
 				$message[3] = '<a onclick="show_sent_message ('.$result[0].')" href="#../messages/view_message.php?id_send='.$result[0].'">'.$result[2].'</a>';
 				$message[5] = '<a href="new_message.php?re_id='.$result[0].'">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).'</a>'.
-						  '&nbsp;&nbsp;<a href="outbox.php?action=deleteone&id='.$result[0].'"  onclick="javascript:if(!confirm('."'".addslashes(htmlentities(api_convert_encoding(get_lang('ConfirmDeleteMessage'),'UTF-8',$charset) ))."'".')) return false;">'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';
+						  '&nbsp;&nbsp;<a href="outbox.php?action=deleteone&id='.$result[0].'"  onclick="javascript:if(!confirm('."'".addslashes(htmlentities(get_lang('ConfirmDeleteMessage')))."'".')) return false;">'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';
 			}
 			$message[4] = $result[3]; //date stays the same
 			foreach($message as $key => $value) {
 				$message[$key] = api_xml_http_response_encode($value);
 			}
 			$message_list[] = $message;
 			$i++;
 		}
@ -330,13 +336,12 @@ class MessageManager {
 			if ($row[1]==$user_con[$i])
 				$band=1;	
 		if ($band==1 && !isset($_GET['id_send'])) {
-			$reply = '<a onclick="reply_to_messages(\'show\','.$_GET['id'].',\'\')" href="javascript:void(0)">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).get_lang('ReplyToMessage').'</a>';
+			$reply = '<a onclick="reply_to_messages(\'show\','.$_GET['id'].',\'\')" href="javascript:void(0)">'.Display::return_icon('message_reply.png',api_xml_http_response_encode(get_lang('ReplyToMessage'))).api_xml_http_response_encode(get_lang('ReplyToMessage')).'</a>';
 		}
 		echo '<div class=actions>';
-		echo '<a onclick="close_div_show(\'div_content_messages\')" href="javascript:void(0)">'.Display::return_icon('folder_up.gif',api_convert_encoding(get_lang('BackToInbox'),'UTF-8',$charset)
+		echo '<a onclick="close_div_show(\'div_content_messages\')" href="javascript:void(0)">'.Display::return_icon('folder_up.gif',api_xml_http_response_encode(get_lang('BackToInbox'))).api_xml_http_response_encode(get_lang('BackToInbox')).'</a>';
 ).api_convert_encoding(get_lang('BackToInbox'),'UTF-8',$charset).'</a>';
 		echo $reply; 
-		echo '<a onclick="delete_one_message('.$row[0].')" href="javascript:void(0)"  >'.Display::return_icon('message_delete.png',api_convert_encoding(get_lang('DeleteMessage'),'UTF-8',$charset)).''.api_convert_encoding(get_lang('DeleteMessage'),'UTF-8',$charset).'</a>';
+		echo '<a onclick="delete_one_message('.$row[0].')" href="javascript:void(0)"  >'.Display::return_icon('message_delete.png',api_xml_http_response_encode(get_lang('DeleteMessage'))).''.api_xml_http_response_encode(get_lang('DeleteMessage')).'</a>';
 		echo '</div><br />';
 		echo '
 		<table class="message_view_table" >
@ -346,13 +351,13 @@ class MessageManager {
 		      	<TABLE>      
 		            <TR>
 		              <TD width="100%">                              
-		                    <TR> <h1>'.str_replace("\\","",api_convert_encoding($row[5],'UTF-8',$charset)).'</h1></TR>
+		                    <TR> <h1>'.str_replace("\\","",api_xml_http_response_encode($row[5])).'</h1></TR>
 		              </TD>              		
 		              <TR>                       
-		              	<TD>'.api_convert_encoding(get_lang('From'),'UTF-8',$charset).'&nbsp;<b>'.GetFullUserName($row[1]).'</b> '.api_convert_encoding(strtolower(get_lang('To')),'UTF-8',$charset).'&nbsp;  <b>'.api_convert_encoding(GetFullUserName($row[2]),'UTF-8',$charset).'</b> </TD>
+		              	<TD>'.api_xml_http_response_encode(get_lang('From').'&nbsp;<b>'.GetFullUserName($row[1]).'</b> '.api_strtolower(get_lang('To')).'&nbsp;  <b>'.GetFullUserName($row[2])).'</b> </TD>
 		              </TR>                    
 		              <TR>
-		              <TD >'.api_convert_encoding(get_lang('Date'),'UTF-8',$charset).'&nbsp; '.$row[4].'</TD>                      
+		              <TD >'.api_xml_http_response_encode(get_lang('Date').'&nbsp; '.$row[4]).'</TD>                      
 		              </TR>              
 		            </TR>          
 		        </TABLE>	      		
@ -360,7 +365,7 @@ class MessageManager {
 		        <TABLE height=209 width="100%" bgColor=#ffffff>
 		          <TBODY>
 		            <TR>
-		              <TD vAlign=top>'.api_convert_encoding($row[6],'UTF-8',$charset).'</TD>
+		              <TD vAlign=top>'.api_xml_http_response_encode($row[6]).'</TD>
 		            </TR>
 		          </TBODY>
 		        </TABLE>
@ -384,8 +389,8 @@ class MessageManager {
 			if ($row[1]==$user_con[$i])
 				$band=1;	
 		echo '<div class=actions>';
-		echo '<a onclick="close_and_open_outbox()" href="javascript:void(0)">'.Display::return_icon('folder_up.gif',api_convert_encoding(get_lang('BackToOutbox'),'UTF-8',$charset)).api_convert_encoding(get_lang('BackToOutbox'),'UTF-8',$charset).'</a>';
+		echo '<a onclick="close_and_open_outbox()" href="javascript:void(0)">'.Display::return_icon('folder_up.gif',api_xml_http_response_encode(get_lang('BackToOutbox'))).api_xml_http_response_encode(get_lang('BackToOutbox')).'</a>';
-		echo '<a onclick="delete_one_message_outbox('.$row[0].')" href="javascript:void(0)"  >'.Display::return_icon('message_delete.png',api_convert_encoding(get_lang('DeleteMessage'),'UTF-8',$charset)).''.api_convert_encoding(get_lang('DeleteMessage'),'UTF-8',$charset).'</a>';
+		echo '<a onclick="delete_one_message_outbox('.$row[0].')" href="javascript:void(0)"  >'.Display::return_icon('message_delete.png',api_xml_http_response_encode(get_lang('DeleteMessage'))).api_xml_http_response_encode(get_lang('DeleteMessage')).'</a>';
 		echo '</div><br />';
 		echo '
 		<table class="message_view_table" >
@ -395,13 +400,13 @@ class MessageManager {
 		      	<TABLE>      
 		            <TR>
 		              <TD width="100%">                              
-		                    <TR> <h1>'.str_replace("\\","",api_convert_encoding($row[5],'UTF-8',$charset)).'</h1></TR>
+		                    <TR> <h1>'.str_replace("\\","",api_xml_http_response_encode($row[5])).'</h1></TR>
 		              </TD>              		
 		              <TR>                       
-		              	<TD>'.api_convert_encoding(get_lang('From'),'UTF-8',$charset).'&nbsp;<b>'.GetFullUserName($row[1]).'</b> '.api_convert_encoding(strtolower(get_lang('To')),'UTF-8',$charset).'&nbsp;  <b>'.api_convert_encoding(GetFullUserName($row[2]),'UTF-8',$charset).'</b> </TD>
+		              	<TD>'.api_xml_http_response_encode(get_lang('From').'&nbsp;<b>'.GetFullUserName($row[1]).'</b> '.api_strtolower(get_lang('To')).'&nbsp;  <b>'.GetFullUserName($row[2])).'</b> </TD>
 		              </TR>                    
 		              <TR>
-		              <TD >'.api_convert_encoding(get_lang('Date'),'UTF-8',$charset).'&nbsp; '.$row[4].'</TD>                      
+		              <TD >'.api_xml_http_response_encode(get_lang('Date').'&nbsp; '.$row[4]).'</TD>                      
 		              </TR>              
 		            </TR>          
 		        </TABLE>	      		
@ -409,7 +414,7 @@ class MessageManager {
 		        <TABLE height=209 width="100%" bgColor=#ffffff>
 		          <TBODY>
 		            <TR>
-		              <TD vAlign=top>'.api_convert_encoding($row[6],'UTF-8',$charset).'</TD>
+		              <TD vAlign=top>'.api_xml_http_response_encode($row[6]).'</TD>
 		            </TR>
 		          </TBODY>
 		        </TABLE>
--- a/main/messages/new_message.php
+++ b/main/messages/new_message.php
@ -1,4 +1,4 @@
-<?php // $Id: new_message.php 20460 2009-05-11 05:41:09Z ivantcholakov $
+<?php // $Id: new_message.php 20587 2009-05-13 12:26:56Z ivantcholakov $
 /*
 ==============================================================================
 	Dokeos - elearning and course management software
@ -51,7 +51,7 @@ require_once'../messages/message.class.php';
 require_once(api_get_path(LIBRARY_PATH).'/text.lib.php');
 require_once(api_get_path(LIBRARY_PATH).'/formvalidator/FormValidator.class.php');
 $request=api_is_xml_http_request();
-$nameTools=($request===true) ? api_convert_encoding(get_lang('Messages'),'UTF-8',$charset) : get_lang('Messages');
+$nameTools = api_xml_http_response_encode(get_lang('Messages'));
 /*
 -----------------------------------------------------------
 	Constants and variables
@ -100,7 +100,7 @@ $(document).ready(function (){
 });
 	</script>';	
-$nameTools=($request===true) ? api_convert_encoding(get_lang('ComposeMessage'),'UTF-8',$charset) : get_lang('ComposeMessage');
+$nameTools = api_xml_http_response_encode(get_lang('ComposeMessage'));
 $fck_attribute['Height'] = "150";
 $fck_attribute['Width'] = "95%";
 $fck_attribute['ToolbarSet'] = "Profil";
@ -128,11 +128,11 @@ function show_compose_reply_to_message ($message_id, $receiver_id) {
 	$row = Database::fetch_array($result);
 	if (!isset($row[1])) {
-		echo get_lang('InvalidMessageId');
+		echo api_xml_http_response_encode(get_lang('InvalidMessageId'));
 		die();
 	}
-	echo get_lang('To').':&nbsp;<strong>'.	GetFullUserName($row[1]).'</strong>';
+	echo api_xml_http_response_encode(get_lang('To').':&nbsp;<strong>'.	GetFullUserName($row[1]).'</strong>');
-	$default['title'] =api_convert_encoding(get_lang('EnterTitle'),'UTF-8',$charset);
+	$default['title'] = api_xml_http_response_encode(get_lang('EnterTitle'));
 	$default['user_list'] = $row[1];
 	manage_form($default);
 }
@ -140,7 +140,7 @@ function show_compose_reply_to_message ($message_id, $receiver_id) {
 function show_compose_to_user ($receiver_id) {
 	global $charset;
 	echo get_lang('To').':&nbsp;<strong>'.	GetFullUserName($receiver_id).'</strong>';
-	$default['title'] = api_convert_encoding(get_lang('EnterTitle'),'UTF-8',$charset);
+	$default['title'] = api_xml_http_response_encode(get_lang('EnterTitle'));
 	$default['user_list'] = $receiver_id;
 	manage_form($default);
 }
@ -155,25 +155,26 @@ function manage_form ($default, $select_from_user_list = null) {
 		$form = new FormValidator('compose_message');
 	}
 	if (isset($select_from_user_list)) {
-		$form->add_textfield('id_text_name',get_lang('SendMessageTo'),true,array('size' => 40,'id'=>'id_text_name','onclick'=>'send_request_and_search()','onmouseout'=>'list_search_hide ()'));
+		$form->add_textfield('id_text_name', api_xml_http_response_encode(get_lang('SendMessageTo')),true,array('size' => 40,'id'=>'id_text_name','onclick'=>'send_request_and_search()','onmouseout'=>'list_search_hide ()'));
-		$form->addRule('id_text_name', get_lang('ThisFieldIsRequired'), 'required');
+		$form->addRule('id_text_name', api_xml_http_response_encode(get_lang('ThisFieldIsRequired')), 'required');
 		$form->addElement('html','<div id="id_div_search" class="message-search">&nbsp;</div>');
 		$form->addElement('hidden','user_list',0,array('id'=>'user_list'));
 	} else {
 		if ($default['user_list']==0) {
-			$form->add_textfield('id_text_name',get_lang('SendMessageTo'),true,array('size' => 40,'id'=>'id_text_name','onclick'=>'send_request_and_search()','onmouseout'=>'list_search_hide ()'));
+			$form->add_textfield('id_text_name', api_xml_http_response_encode(get_lang('SendMessageTo')),true,array('size' => 40,'id'=>'id_text_name','onclick'=>'send_request_and_search()','onmouseout'=>'list_search_hide ()'));
-			$form->addRule('id_text_name', get_lang('ThisFieldIsRequired'), 'required');
+			$form->addRule('id_text_name', api_xml_http_response_encode(get_lang('ThisFieldIsRequired')), 'required');
 			$form->addElement('html','<div id="id_div_search" class="message-search">&nbsp;</div>');
 		}
 		$form->addElement('hidden','user_list',0,array('id'=>'user_list'));
 	}
-	$form->add_textfield('title', api_convert_encoding(get_lang('Title'),'UTF-8',$charset));
+	$form->add_textfield('title', api_xml_http_response_encode(get_lang('Title')));
 	$form->add_html_editor('content', '',false,false);
 	if (isset($_GET['re_id'])) {
 		$form->addElement('hidden','re_id',Security::remove_XSS($_GET['re_id']));
 		$form->addElement('hidden','save_form','save_form');
 	}
-	$form->addElement('submit', 'compose',api_convert_encoding(get_lang('Send'),'UTF-8',$charset));
+	$form->addElement('submit', 'compose', api_xml_http_response_encode(get_lang('Send')));
 	$form->setRequiredNote(api_xml_http_response_encode('<span class="form_required">*</span> <small>'.get_lang('ThisFieldIsRequired').'</small>'));
 	$form->setDefaults($default);
 	if ($form->validate()) {
 		$values = $form->exportValues();
@ -220,7 +221,7 @@ if ($request===false) {
 //api_display_tool_title($nameTools);
 echo '<div class=actions>';
-echo '<a onclick="close_div_show(\'div_content_messages\')" href="javascript:void(0)">'.Display::return_icon('folder_up.gif',api_convert_encoding(get_lang('BackToInbox'),'UTF-8',$charset)).api_convert_encoding(get_lang('BackToInbox'),'UTF-8',$charset).'</a>';
+echo '<a onclick="close_div_show(\'div_content_messages\')" href="javascript:void(0)">'.Display::return_icon('folder_up.gif',api_xml_http_response_encode(get_lang('BackToInbox'))).api_xml_http_response_encode(get_lang('BackToInbox')).'</a>';
 echo '</div>';
 if (!isset($_POST['compose'])) {
 	if(isset($_GET['re_id'])) {
@ -238,18 +239,18 @@ if (!isset($_POST['compose'])) {
 	}
 	if (isset($_GET['re_id'])) {
-		$default['title'] = api_convert_encoding($_POST['title'],'UTF-8',$charset);
+		$default['title'] = api_xml_http_response_encode($_POST['title']);
-		$default['content'] = api_convert_encoding($_POST['content'],'UTF-8',$charset);
+		$default['content'] = api_xml_http_response_encode($_POST['content']);
 		//$default['user_list'] = $_POST['user_list'];
 		manage_form($default);	
 	} else {
 		if ($restrict) {
-			$default['title'] = api_convert_encoding($_POST['title'],'UTF-8',$charset);
+			$default['title'] = api_xml_http_response_encode($_POST['title']);
-			$default['id_text_name'] = api_convert_encoding($_POST['id_text_name'],'UTF-8',$charset); 
+			$default['id_text_name'] = api_xml_http_response_encode($_POST['id_text_name']); 
 			$default['user_list'] = $_POST['user_list'];
 			manage_form($default);
 		} else {
-			Display::display_error_message(get_lang('ErrorSendingMessage'));		
+			Display::display_error_message(api_xml_http_response_encode(get_lang('ErrorSendingMessage')));		
 		}	
 	}
 }
--- a/main/messages/outbox.php
+++ b/main/messages/outbox.php
@ -107,13 +107,13 @@ if( trim($info_delete_outbox[0])=='delete' ) {
 			<br><a href="../social/index.php?#remote-tab-3">'.
 			get_lang('BackToOutbox').
 			'</a>';
-		Display::display_normal_message($message_box,false);
+		Display::display_normal_message(api_xml_http_response_encode($message_box),false);
 	    exit;	
 }
 /**************************************************************/
 $table_message = Database::get_main_table(TABLE_MESSAGE);
 echo '<div id="div_content_messages_sent">&nbsp;&nbsp;';
-//api_display_tool_title(api_convert_encoding(get_lang('Outbox'),'UTF-8',$charset));
+//api_display_tool_title(api_xml_http_response_encode(get_lang('Outbox')));
 echo '</div>';
 $user_sender_id=api_get_user_id();
 if ($_REQUEST['action']=='delete') {
--- a/main/messages/send_message.php
+++ b/main/messages/send_message.php
@ -43,28 +43,28 @@ $user_info=array();
 $user_info=api_get_user_info($user_id);
 if ($panel_id==2) {
 ?>
-    <td height="20"><?php //echo api_convert_encoding(get_lang('Info'),'UTF-8',$charset).' :'; ?></td>
+    <td height="20"><?php //echo api_xml_http_response_encode(get_lang('Info')).' :'; ?></td>
-    <td height="20"><?php //echo api_convert_encoding(get_lang('SocialUserInformationAttach'),'UTF-8',$charset); ?></td>
+    <td height="20"><?php //echo api_xml_http_response_encode(get_lang('SocialUserInformationAttach')); ?></td>
-    <td height="20"><?php echo api_convert_encoding(get_lang('WriteAMessage'),'UTF-8',$charset);  ?> :<br/><textarea id="txt_area_invite" rows="3" cols="25"></textarea></td>
+    <td height="20"><?php echo api_xml_http_response_encode(get_lang('WriteAMessage'));  ?> :<br/><textarea id="txt_area_invite" rows="3" cols="25"></textarea></td>
-    <td height="20"><input type="button" value="<?php echo api_convert_encoding(get_lang('SendInviteMessage'),'UTF-8',$charset); ?>" onclick="action_database_panel('4','<?php echo $user_id;?>')" /></td>
+    <td height="20"><input type="button" value="<?php echo api_xml_http_response_encode(get_lang('SendInviteMessage')); ?>" onclick="action_database_panel('4','<?php echo $user_id;?>')" /></td>
 <?php
 } 
 if ($panel_id==1) {
 ?>
-    <td height="20"><?php echo api_convert_encoding(get_lang('To'),'UTF-8',$charset); ?> &nbsp;:&nbsp;&nbsp;&nbsp;&nbsp;<?php echo api_convert_encoding($user_info['firstName'].' '.$user_info['lastName'],'UTF-8',$charset); ?></td>
+    <td height="20"><?php echo api_xml_http_response_encode(get_lang('To')); ?> &nbsp;:&nbsp;&nbsp;&nbsp;&nbsp;<?php echo api_xml_http_response_encode($user_info['firstName'].' '.$user_info['lastName']); ?></td>
-    <td height="20"><?php echo api_convert_encoding(get_lang('Subject'),'UTF-8',$charset); ?> :<br/><input id="txt_subject_id" type="text" style="width:200px;"></td>
+    <td height="20"><?php echo api_xml_http_response_encode(get_lang('Subject')); ?> :<br/><input id="txt_subject_id" type="text" style="width:200px;"></td>
-    <td height="20"><?php echo api_convert_encoding(get_lang('Message'),'UTF-8',$charset); ?> :<br/><textarea id="txt_area_invite" rows="3" cols="25"></textarea></td>
+    <td height="20"><?php echo api_xml_http_response_encode(get_lang('Message')); ?> :<br/><textarea id="txt_area_invite" rows="3" cols="25"></textarea></td>
-    <td height="20"><input type="button" value="<?php echo api_convert_encoding(get_lang('NewMessage'),'UTF-8',$charset); ?>" onclick="hide_display_message()" />&nbsp;&nbsp;&nbsp; <input type="button" value="<?php echo get_lang('SendMessage'); ?>" onclick="action_database_panel('5','<?php echo $user_id;?>')" /></td>
+    <td height="20"><input type="button" value="<?php echo api_xml_http_response_encode(get_lang('NewMessage')); ?>" onclick="hide_display_message()" />&nbsp;&nbsp;&nbsp; <input type="button" value="<?php echo api_xml_http_response_encode(get_lang('SendMessage')); ?>" onclick="action_database_panel('5','<?php echo $user_id;?>')" /></td>
 <?php
 } 
 if ($panel_id==3) {
 ?>
 <dl>
-	<dd><a href="javascript:void(0)" onclick="change_panel('2','<?php echo $user_id; ?>')"><?php echo api_convert_encoding(get_lang('SendInviteMessage'),'UTF-8',$charset); ?></a></dd>
+	<dd><a href="javascript:void(0)" onclick="change_panel('2','<?php echo $user_id; ?>')"><?php echo api_xml_http_response_encode(get_lang('SendInviteMessage')); ?></a></dd>
-	<dd><a href="javascript:void(0)" onclick="change_panel('1','<?php echo $user_id; ?>')"><?php echo api_convert_encoding(get_lang('SendMessage'),'UTF-8',$charset);?></a></dd>
+	<dd><a href="javascript:void(0)" onclick="change_panel('1','<?php echo $user_id; ?>')"><?php echo api_xml_http_response_encode(get_lang('SendMessage'));?></a></dd>
 </dl>
 <?php
-//	<dd><a href="main/social/index.php#remote-tab-5"> echo api_convert_encoding(get_lang('SocialSeeContacts'),'UTF-8',$charset);</a></dd>
+//	<dd><a href="main/social/index.php#remote-tab-5"> echo api_xml_http_response_encode(get_lang('SocialSeeContacts'));</a></dd>
 }
 if ($panel_id==4) {
--- a/main/messages/send_message_to_userfriend.inc.php
+++ b/main/messages/send_message_to_userfriend.inc.php
@ -33,7 +33,7 @@ if ( isset($_REQUEST['user_friend']) ) {
 			<img class="message-image-info" src="<?php echo $info_path_friend['dir'].$info_path_friend['file']; ?>"/>
 			<?php 
 			if ($panel != 1) {
-				echo '<br /><center>'.api_convert_encoding($info_user_friend['firstName'].' '.$info_user_friend['lastName'],'UTF-8',$charset).'</center>'; 					
+				echo '<br /><center>'.api_xml_http_response_encode($info_user_friend['firstName'].' '.$info_user_friend['lastName']).'</center>';
 			}
 			?>
 		</div>
@ -45,19 +45,19 @@ if ( isset($_REQUEST['user_friend']) ) {
 			if ($panel == 1) {
                //normal message
 		   		 $user_info=api_get_user_info($userfriend_id);
-		  		 echo api_convert_encoding(get_lang('To'),'UTF-8',$charset); ?> :&nbsp;&nbsp;&nbsp;&nbsp;<?php echo api_convert_encoding($user_info['firstName'].' '.$user_info['lastName'],'UTF-8',$charset); ?>
+		  		 echo api_xml_http_response_encode(get_lang('To')); ?> :&nbsp;&nbsp;&nbsp;&nbsp;<?php echo api_xml_http_response_encode($user_info['firstName'].' '.$user_info['lastName']); ?>
 		  		 <br/>
-		 		 <br/><?php echo api_convert_encoding(get_lang('Subject'),'UTF-8',$charset); ?> :<br/><input id="txt_subject_id" type="text" style="width:300px;"><br/>
+		 		 <br/><?php echo api_xml_http_response_encode(get_lang('Subject')); ?> :<br/><input id="txt_subject_id" type="text" style="width:300px;"><br/>
-		   		 <br/><?php echo api_convert_encoding(get_lang('Message'),'UTF-8',$charset); ?> :<br/><textarea id="txt_area_invite" rows="4" cols="41"></textarea>
+		   		 <br/><?php echo api_xml_http_response_encode(get_lang('Message')); ?> :<br/><textarea id="txt_area_invite" rows="4" cols="41"></textarea>
 		   		 <br /><br />		    	  
-		   		 <input type="button" value="<?php echo get_lang('SendMessage'); ?>" onclick="action_database_panel('5','<?php echo $userfriend_id;?>')" />
+		   		 <input type="button" value="<?php echo api_xml_http_response_encode(get_lang('SendMessage')); ?>" onclick="action_database_panel('5','<?php echo $userfriend_id;?>')" />
 <?php
 			} else {
                // friend invitation message
-				echo api_convert_encoding(get_lang('AddPersonalMessage'),'UTF-8',$charset);  ?> :<br/><br/>
+				echo api_xml_http_response_encode(get_lang('AddPersonalMessage'));  ?> :<br/><br/>
 				<textarea id="txt_area_invite" rows="5" cols="41"></textarea><br /><br />
-		    	<input type="button" value="<?php echo api_convert_encoding(get_lang('SocialAddToFriends'),'UTF-8',$charset); ?>" onclick="action_database_panel('4','<?php echo $userfriend_id;?>')" />
+		    	<input type="button" value="<?php echo api_xml_http_response_encode(get_lang('SocialAddToFriends')); ?>" onclick="action_database_panel('4','<?php echo $userfriend_id;?>')" />
 <?php					
 				}
 			}            
--- a/main/messages/view_message.php
+++ b/main/messages/view_message.php
@ -1,4 +1,4 @@
-<?php // $Id: view_message.php 20460 2009-05-11 05:41:09Z ivantcholakov $
+<?php // $Id: view_message.php 20587 2009-05-13 12:26:56Z ivantcholakov $
 /*
 ==============================================================================
 	Dokeos - elearning and course management software
@ -80,7 +80,7 @@ $request=api_is_xml_http_request();
 if ($request===false) {
 	Display::display_header('');
 }
-//api_display_tool_title(api_convert_encoding(get_lang('ReadMessage'),'UTF-8',$charset));
+//api_display_tool_title(api_xml_http_response_encode(get_lang('ReadMessage')));
 if (isset($_GET['id_send'])) {
 	MessageManager::show_message_box_sent();
 } else {
--- a/main/social/contacts.inc.php
+++ b/main/social/contacts.inc.php
@ -11,7 +11,7 @@ $this_section = SECTION_MYPROFILE;
 $_SESSION['this_section']=$this_section;
 //$list_path_friends=array();
 $request=api_is_xml_http_request();
-$language_variable=($request===true) ? api_convert_encoding(get_lang('Contacts'),'UTF-8',$charset) : get_lang('Contacts');
+$language_variable=api_xml_http_response_encode(get_lang('Contacts'));
 //api_display_tool_title($language_variable);
 $user_id=api_get_user_id();
@ -27,7 +27,7 @@ $image_path = UserManager::get_user_picture_path_by_id ($user_id,'web',false,tru
        echo '&nbsp;&nbsp;Dokeos&nbsp;&nbsp;-&nbsp;&nbsp;';
        $user_id=api_get_user_id();
        $user_info=api_get_user_info($user_id);
-        echo $name_user=api_convert_encoding($user_info['firstName'].' '.$user_info['lastName'],'UTF-8',$charset) ; 
+        echo $name_user=api_xml_http_response_encode($user_info['firstName'].' '.$user_info['lastName']) ; 
         ?></td>
        </tr>
    </table>
@ -37,7 +37,7 @@ $image_path = UserManager::get_user_picture_path_by_id ($user_id,'web',false,tru
    <td height="25" valign="top">
    <table width="100%" border="0" cellpadding="0" cellspacing="0" class="social-subtitle-search">
      <tr>
-        <td width="100%" height="25" valign="top" class="social-align-box">&nbsp;&nbsp;<?php echo api_convert_encoding(get_lang('Search'),'UTF-8',$charset) .'&nbsp;&nbsp; : &nbsp;&nbsp;'; ?><input class="social-search-image" type="text" class="search-image" id="id_search_image" name="id_search_image" value="" onkeyup="search_image_social(this)" /></td>
+        <td width="100%" height="25" valign="top" class="social-align-box">&nbsp;&nbsp;<?php echo api_xml_http_response_encode(get_lang('Search')) .'&nbsp;&nbsp; : &nbsp;&nbsp;'; ?><input class="social-search-image" type="text" class="search-image" id="id_search_image" name="id_search_image" value="" onkeyup="search_image_social(this)" /></td>
      </tr>
    </table></td>
  </tr>
@ -48,7 +48,7 @@ $image_path = UserManager::get_user_picture_path_by_id ($user_id,'web',false,tru
        <td width="100%" height="22" valign="top">
        <table width="100%" border="0" cellpadding="0" cellspacing="0" class="social-align-box">
          <tr>
-            <td width="100%" height="22" valign="top">&nbsp;&nbsp;<?php echo api_convert_encoding(get_lang('ContactsList'),'UTF-8',$charset); ?></td>
+            <td width="100%" height="22" valign="top">&nbsp;&nbsp;<?php echo api_xml_http_response_encode(get_lang('ContactsList')); ?></td>
              </tr>
        </table></td>
        </tr>
--- a/main/social/data_personal.inc.php
+++ b/main/social/data_personal.inc.php
@ -108,13 +108,13 @@ if (isset($_POST['load_ajax'])) {
 } else {
 	// normal behavior
 $request=api_is_xml_http_request();
-$language_variable=($request===true) ? api_convert_encoding(get_lang('PersonalData'),'UTF-8',$charset) : get_lang('PersonalData');
+$language_variable=api_xml_http_response_encode(get_lang('PersonalData'));
 //api_display_tool_title($language_variable);
 	echo '<div class="actions">';
-	echo '<a href="../auth/profile.php?show=1"">'.Display::return_icon('edit.gif',api_convert_encoding(get_lang('EditInformation'),'UTF-8',$charset)).'&nbsp;'.api_convert_encoding(get_lang('EditInformation'),'UTF-8',$charset).'</a>&nbsp;&nbsp;';
+	echo '<a href="../auth/profile.php?show=1"">'.Display::return_icon('edit.gif',api_xml_http_response_encode(get_lang('EditInformation'))).'&nbsp;'.api_xml_http_response_encode(get_lang('EditInformation')).'</a>&nbsp;&nbsp;';
 	if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool')=='true' && api_get_user_id()<>2 && api_get_user_id()<>0) {
-		echo '<a href="../social/profile.php?shared=true">'.Display::return_icon('shared_profile.png',api_convert_encoding(get_lang('ViewSharedProfile'),'UTF-8',$charset)).'&nbsp;'.api_convert_encoding(get_lang('ViewSharedProfile'),'UTF-8',$charset).'</a>';		
+		echo '<a href="../social/profile.php?shared=true">'.Display::return_icon('shared_profile.png',api_xml_http_response_encode(get_lang('ViewSharedProfile'))).'&nbsp;'.api_xml_http_response_encode(get_lang('ViewSharedProfile')).'</a>';		
 	}
 	echo '</div>';	
 	echo '<div id="profile_container" style="width:550px;display:block;">';
@ -122,18 +122,18 @@ $language_variable=($request===true) ? api_convert_encoding(get_lang('PersonalDa
 			echo '<img src='.$img_array['dir'].$img_array['file'].' />';
 		echo '</div>';	
 		echo '<div class="social-profile-info">';			
-			echo '<dt>'.api_convert_encoding(get_lang('UserName'),'UTF-8',$charset).'</dt>
+			echo '<dt>'.api_xml_http_response_encode(get_lang('UserName')).'</dt>
-			<dd>'. api_convert_encoding($user_info['username'],'UTF-8',$charset).'	</dd>';
+			<dd>'. api_xml_http_response_encode($user_info['username']).'	</dd>';
-			echo '<dt>'.api_convert_encoding(get_lang('FirstName'),'UTF-8',$charset).'</dt>
+			echo '<dt>'.api_xml_http_response_encode(get_lang('FirstName')).'</dt>
-			<dd>'. api_convert_encoding($user_info['firstname'],'UTF-8',$charset).'</dd>';
+			<dd>'. api_xml_http_response_encode($user_info['firstname']).'</dd>';
-			echo '<dt>'.api_convert_encoding(get_lang('LastName'),'UTF-8',$charset).'</dt>
+			echo '<dt>'.api_xml_http_response_encode(get_lang('LastName')).'</dt>
-			<dd>'. api_convert_encoding($user_info['lastname'],'UTF-8',$charset).'</dd>';
+			<dd>'. api_xml_http_response_encode($user_info['lastname']).'</dd>';
-			echo '<dt>'.api_convert_encoding(get_lang('OfficialCode'),'UTF-8',$charset).'</dt>	
+			echo '<dt>'.api_xml_http_response_encode(get_lang('OfficialCode')).'</dt>	
-			<dd>'. api_convert_encoding($user_info['official_code'],'UTF-8',$charset).'</dd>';
+			<dd>'. api_xml_http_response_encode($user_info['official_code']).'</dd>';
-			echo '<dt>'.api_convert_encoding(get_lang('Email'),'UTF-8',$charset).'</dt>
+			echo '<dt>'.api_xml_http_response_encode(get_lang('Email')).'</dt>
-			<dd>'. api_convert_encoding($user_info['email'],'UTF-8',$charset).'</dd>';
+			<dd>'. api_xml_http_response_encode($user_info['email']).'</dd>';
-			echo '<dt>'.api_convert_encoding(get_lang('Phone'),'UTF-8',$charset).'</dt>
+			echo '<dt>'.api_xml_http_response_encode(get_lang('Phone')).'</dt>
-			<dd>'. api_convert_encoding($user_info['phone'],'UTF-8',$charset).'</dd>';			
+			<dd>'. api_xml_http_response_encode($user_info['phone']).'</dd>';			
 		echo '</div>';
 	echo '</div>';	
 }
--- a/main/social/group_contact.inc.php
+++ b/main/social/group_contact.inc.php
@ -12,7 +12,7 @@ $_SESSION['this_section']=$this_section;
 $list_path_friends=array();
 $list_groups=array();
 $request=api_is_xml_http_request();
-$language_variable=($request===true) ? api_convert_encoding(get_lang('ContactsGroups'),'UTF-8',$charset) : get_lang('ContactsGroups');
+$language_variable=api_xml_http_response_encode(get_lang('ContactsGroups'));
 //api_display_tool_title($language_variable);
 $user_id=api_get_user_id();
 $list_groups=UserFriend::show_list_type_friends();
@ -24,10 +24,10 @@ for ($p=0;$p<count($list_groups);$p++) {
          <tr>
 		<th align="left" id="<?php echo 'td_'.$list_groups[$p]['id']; ?>" style="cursor:pointer" valign="top" onclick="toogle_function(this)">
-			<?php echo api_convert_encoding(get_lang($list_groups[$p]['title']),'UTF-8',$charset); ?>
+			<?php echo api_xml_http_response_encode(get_lang($list_groups[$p]['title'])); ?>
 		</th>
 	    <th width="30" align="center">
-    		<?php Display::display_icon('visible.gif',get_lang('ChangeVisibility'), array('id'=>'btn_'.$list_groups[$p]['id'])); ?>
+    		<?php Display::display_icon('visible.gif',api_xml_http_response_encode(get_lang('ChangeVisibility')), array('id'=>'btn_'.$list_groups[$p]['id'])); ?>
    		<input type="hidden" class="hidden" id="id_hd_dame" name="hd_dame" value="0" />
 	    </th>
        </tr>
@ -58,7 +58,7 @@ for ($p=0;$p<count($list_groups);$p++) {
 		while ($j<$number_of_images) {
 			if ($list_friends_file[$j]<>"") {
 				$user_info=api_get_user_info($list_friends_id[$j]);				
-				$user_name=api_convert_encoding($user_info['firstName'].' '.$user_info['lastName'],'UTF-8',$charset) ;
+				$user_name=api_xml_http_response_encode($user_info['firstName'].' '.$user_info['lastName']) ;
 				if($list_friends_file[$j]==='unknown.jpg') {
 					$big='';
 				} else {
@ -67,8 +67,8 @@ for ($p=0;$p<count($list_groups);$p++) {
 				$friends_profile = UserFriend::get_picture_user($list_friends_id[$j], $list_friends_file[$j], 92);
 				$friend_html.='<div id="div_'.$list_friends_id[$j].'" class="image_friend_network">' .
 							  '<a href="javascript:void(0)" onclick=load_thick("'.$list_friends_dir[$j].$big.$list_friends_file[$j].'","") title="" class="thickbox">' .
-							  '<span><center><img src="'.$friends_profile['file'].'" '.$friends_profile['style'].' id="imgfriend_'.$list_friends_id[$j].'" title="'.$user_name.'" /></center></span>'.
+							  '<span><center><img src="'.$friends_profile['file'].'" '.$friends_profile['style'].' id="imgfriend_'.$list_friends_id[$j].'" title="'.api_xml_http_response_encode($user_name).'" /></center></span>'.
-							  '<center class="friend">'.$user_name.'</center>'.
+							  '<center class="friend">'.api_xml_http_response_encode($user_name).'</center>'.
 							  '</a></div>';
 			}
 			$j++;
@ -77,7 +77,7 @@ for ($p=0;$p<count($list_groups);$p++) {
 	echo $friend_html; 
 		}  
 		else {
-			echo api_convert_encoding(get_lang('YouDontHaveContactsInThisGroup'),'UTF-8',$charset);
+			echo api_xml_http_response_encode(get_lang('YouDontHaveContactsInThisGroup'));
 		}
 		?>
 		</div>
--- a/main/social/qualify_contact.inc.php
+++ b/main/social/qualify_contact.inc.php
@ -49,7 +49,7 @@ $user_friend_relation=UserFriend::get_relation_between_contacts(api_get_user_id(
 	   	 	<td width="50%"><br/>	   	 		
 	   	 		<img src="<?php echo $img_user[1]; ?>" />
 	   	 		<?php
-	   	 		echo '<br /><br />'.$name_user=api_convert_encoding($user_info['firstName'].' '.$user_info['lastName'],'UTF-8',$charset) ; 
+	   	 		echo '<br /><br />'.$name_user=api_xml_http_response_encode($user_info['firstName'].' '.$user_info['lastName']); 
 	   	 		?>
 	   	 	</td>
 	   	 <td width="50%"><div align="left">
@ -63,16 +63,16 @@ for ($k=0;$k<$number_list;$k++) {
 	}
 	?>
-	<input <?php echo $check; ?> style="margin-left:50px" type="radio" class="radio" name="list_type_friend"  value="<?php echo $list_of_options[$k]['id']; ?>" />
+	<input <?php echo $check; ?> style="margin-left:50px" type="radio" class="radio" name="list_type_friend"  value="<?php echo api_xml_http_response_encode($list_of_options[$k]['id']); ?>" />
 	<?php 
-	echo  api_convert_encoding(get_lang($list_of_options[$k]['title']),'UTF-8',$charset); 
+	echo  api_xml_http_response_encode(get_lang($list_of_options[$k]['title'])); 
 	echo '<br/>';
 	?>
 	<?php
 }
 echo '<br/>';
 ?>
-<input  style="margin-left:50px" type="button" value="<?php echo api_convert_encoding(get_lang('AttachToGroup'),'UTF-8',$charset); ?>" onclick="set_qualify_friend()"/>
+<input  style="margin-left:50px" type="button" value="<?php echo api_xml_http_response_encode(get_lang('AttachToGroup')); ?>" onclick="set_qualify_friend()"/>
 			</div></td>
 			</td>
 		</tr>
--- a/main/social/register_friend.php
+++ b/main/social/register_friend.php
@ -30,21 +30,21 @@ if (isset($my_current_friend)) {
 	UserFriend::register_friend ($my_current_friend,$the_current_user_id,$relation_type);	
 	UserFriend::invitation_accepted ($my_current_friend,$the_current_user_id);
 	if (isset($is_my_friend)) {
-		echo get_lang('AddedContactToList');
+		echo api_xml_http_response_encode(get_lang('AddedContactToList'));
 	} else {
-		Display::display_normal_message(get_lang('AddedContactToList'));
+		Display::display_normal_message(api_xml_http_response_encode(get_lang('AddedContactToList')));
 	}
 }
 if (isset($my_denied_current_friend)) {
 	UserFriend::invitation_denied($my_denied_current_friend,$the_current_user_id);
-	Display::display_confirmation_message(get_lang('InvitationDenied'));	
+	Display::display_confirmation_message(api_xml_http_response_encode(get_lang('InvitationDenied')));	
 }
 if (isset($my_delete_friend)) {
 	UserFriend::removed_friend($my_delete_friend);
 }
 if(isset($friend_id_qualify) && isset($type_friend_qualify)) {
 	UserFriend::qualify_friend($friend_id_qualify,$type_friend_qualify);
-	echo get_lang('AttachContactsToGroupSuccesfuly');
+	echo api_xml_http_response_encode(get_lang('AttachContactsToGroupSuccesfuly'));
 }
-?>
+?>
--- a/main/social/select_friend_response.php
+++ b/main/social/select_friend_response.php
@ -8,8 +8,8 @@ $this_section = SECTION_MYPROFILE;
 $_SESSION['this_section']=$this_section;
 api_block_anonymous_users();
 $request=api_is_xml_http_request();
-$language_variable=($request===true) ? api_convert_encoding(get_lang('PendingInvitations'),'UTF-8',$charset) : get_lang('PendingInvitations');
+$language_variable=api_xml_http_response_encode(get_lang('PendingInvitations'));
-$language_comment=($request===true) ? api_convert_encoding(get_lang('SocialInvitesComment'),'UTF-8',$charset) : get_lang('SocialInvitesComment');
+$language_comment=api_xml_http_response_encode(get_lang('SocialInvitesComment'));
 //api_display_tool_title($language_variable);
 ?>
 <div id="id_response" align="center"></div>
@ -21,7 +21,7 @@ $list_get_invitation=UserFriend::get_list_invitation_of_friends_by_user_id($user
 $list_get_path_web=UserFriend::get_list_web_path_user_invitation_by_user_id($user_id);
 $number_loop=count($list_get_invitation);
 if ($number_loop==0) {
-	Display::display_normal_message(api_convert_encoding(get_lang('YouDontHaveInvites'),'UTF-8',$charset));
+	Display::display_normal_message(api_xml_http_response_encode(get_lang('YouDontHaveInvites')));
 }
 for ($i=0;$i<$number_loop;$i++) {
@ -32,7 +32,7 @@ for ($i=0;$i<$number_loop;$i++) {
    <td width="600" height="20" valign="top"><table width="100%" border="0"
 cellpadding="0" cellspacing="0" bgcolor="#9DACBF">
      <tr>
-        <td width="600" height="20" valign="top" style="padding:4px;"><div align="left"><b><?php echo mb_convert_encoding(get_lang('RequestContact'),'UTF-8',$charset); ?></b></div></td>
+        <td width="600" height="20" valign="top" style="padding:4px;"><div align="left"><b><?php echo api_xml_http_response_encode(get_lang('RequestContact')); ?></b></div></td>
        </tr>
    </table></td>
  </tr>
@ -64,7 +64,7 @@ cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
                                <?php 
                                $user_id=$list_get_invitation[$i]['user_sender_id'];
                                $user_info=api_get_user_info($user_id);
-                                echo api_convert_encoding($user_info['firstName'],'UTF-8',$charset) .' '.api_convert_encoding($user_info['lastName'],'UTF-8',$charset);
+                                echo api_xml_http_response_encode($user_info['firstName'].' '.$user_info['lastName']);
                                ?></td>
                                </tr>
                            </table></td>
@ -85,7 +85,7 @@ border="0" cellpadding="0" cellspacing="0">
                                <td width="500" height="22" valign="top" style="padding:2px;"><?php
                                $title=get_lang($list_get_invitation[$i]['title']);
                                $content=get_lang($list_get_invitation[$i]['content']);
-                                echo api_convert_encoding($title,'UTF-8',$charset).' : '.api_convert_encoding($content,'UTF-8',$charset);
+                                echo api_xml_http_response_encode($title.' : '.$content);
                                ?> </td>
                                </tr>
                            </table></td>
@ -93,7 +93,7 @@ border="0" cellpadding="0" cellspacing="0">
                          <tr>
                            <td height="61" valign="top" style="padding:2px;"><?php
                            $date=$list_get_invitation[$i]['send_date'];
-                            echo get_lang('DateSend').' : '.$date;
+                            echo api_xml_http_response_encode(get_lang('DateSend').' : '.$date);
                            ?></td>
                          </tr>
                      </table></td>
@ -105,8 +105,8 @@ border="0" cellpadding="0" cellspacing="0">
 cellpadding="0" cellspacing="0" bgcolor="#9DACBF">
              <tr>
                <td width="600" height="25" valign="top" style="padding:4px;"><div align="right">
-                  <input type="submit" name="btn_accepted" id="<?php echo "btn_accepted_".$user_id ?>" value="<?php echo api_convert_encoding(get_lang('Accept'),'UTF-8',$charset); ?>" onclick="javascript:register_friend(this)"  />
+                  <input type="submit" name="btn_accepted" id="<?php echo "btn_accepted_".$user_id ?>" value="<?php echo api_xml_http_response_encode(get_lang('Accept')); ?>" onclick="javascript:register_friend(this)"  />
-                  <input type="submit" name="btn_denied" id="<?php echo "btn_deniedst_".$user_id ?>" value="<?php echo api_convert_encoding(get_lang('Deny'),'UTF-8',$charset); ?>" onclick="javascript:denied_friend(this)" />
+                  <input type="submit" name="btn_denied" id="<?php echo "btn_deniedst_".$user_id ?>" value="<?php echo api_xml_http_response_encode(get_lang('Deny')); ?>" onclick="javascript:denied_friend(this)" />
                  </div></td>
                    </tr>
            </table></td>
--- a/main/social/select_options.php
+++ b/main/social/select_options.php
@ -17,8 +17,8 @@ if (api_get_setting('allow_social_tool')=='true') {
 }  
 $res=api_sql_query($sql,__FILE__,__LINE__);
 while ($row=Database::fetch_array($res,'ASSOC')) {
-	$html_form.='<option value="'.$row['id'].'">'.$row['name'].'</option>';	
+	$html_form.='<option value="'.$row['id'].'">'.api_xml_http_response_encode($row['name']).'</option>';	
 }
 $html_form.='</select>';
 echo $html_form;
-?>
+?>
--- a/main/social/show_search_image.inc.php
+++ b/main/social/show_search_image.inc.php
@ -63,7 +63,7 @@ if (count($list_path_friends)!=0) {
 		while ($j<$number_of_images) {
 			if ($list_friends_file[$j]<>"") {
 				$user_info=api_get_user_info($list_friends_id[$j]);
-				$user_name=api_convert_encoding($user_info['firstName'].' '.$user_info['lastName'],'UTF-8',$charset) ;
+				$user_name=api_xml_http_response_encode($user_info['firstName'].' '.$user_info['lastName']) ;
 				$friends_profile = UserFriend::get_picture_user($list_friends_id[$j], $list_friends_file[$j], 92);
 				$friend_html.='<div onMouseover="show_icon_delete(this)" onMouseout="hide_icon_delete(this)" class="image-social-content" id=div_'.$list_friends_id[$j].'  >
 				<span><center><img src="'.$friends_profile['file'].'" '.$friends_profile['style'].' id="imgfriend_'.$list_friends_id[$j].'" title="'.$user_name.'" onclick=load_thick(\'qualify_contact.inc.php?path_user="'.urlencode($list_friends_dir[$j].$list_friends_file[$j]).'&amp;id_user="'.$list_friends_id[$j].'"\',"") /></center></span>