diff --git a/pandora_console/godmode/setup/setup.php b/pandora_console/godmode/setup/setup.php
index 56c8be9aaa..4d55762d8c 100644
--- a/pandora_console/godmode/setup/setup.php
+++ b/pandora_console/godmode/setup/setup.php
@@ -51,6 +51,7 @@ if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_us
 }
 // Load enterprise extensions
 enterprise_include_once ('include/functions_setup.php');
+enterprise_include_once ('include/functions_io.php');
 enterprise_include_once ('godmode/setup/setup.php');
 
 /*
diff --git a/pandora_console/godmode/setup/setup_general.php b/pandora_console/godmode/setup/setup_general.php
index 8209cefd11..cb8511130b 100644
--- a/pandora_console/godmode/setup/setup_general.php
+++ b/pandora_console/godmode/setup/setup_general.php
@@ -53,7 +53,7 @@ $table->data[0][1] = html_print_select_from_sql (
 $table->data[1][0] = __('Remote config directory') .
 	ui_print_help_tip (__("Directory where agent remote configuration is stored."), true);
 
-$table->data[1][1] = html_print_input_text ('remote_config', $config["remote_config"], '', 30, 100, true);
+$table->data[1][1] = html_print_input_text ('remote_config', io_safe_output($config["remote_config"]), '', 30, 100, true);
 
 $table->data[6][0] = __('Auto login (hash) password');
 $table->data[6][1] = html_print_input_text ('loginhash_pwd', $config["loginhash_pwd"], '', 15, 15, true);
@@ -72,7 +72,7 @@ $table->data[11][1] = __('Yes').'   '.html_print_radio_button_ext
 $table->data[11][1] .= __('No').'   '.html_print_radio_button ('https', 0, '', $config["https"], true);
 
 $table->data[14][0] = __('Attachment store') . ui_print_help_tip (__("Directory where temporary data is stored."), true);
-$table->data[14][1] = html_print_input_text ('attachment_store', $config["attachment_store"], '', 50, 255, true);
+$table->data[14][1] = html_print_input_text ('attachment_store', io_safe_output($config["attachment_store"]), '', 50, 255, true);
 
 $table->data[15][0] = __('IP list with API access') . ui_print_help_icon ("ip_api_list", true);
 if (isset($_POST["list_ACL_IPs_for_API"])) {
diff --git a/pandora_console/godmode/setup/setup_visuals.php b/pandora_console/godmode/setup/setup_visuals.php
index 7caacc2ce9..b95ad63fe7 100644
--- a/pandora_console/godmode/setup/setup_visuals.php
+++ b/pandora_console/godmode/setup/setup_visuals.php
@@ -179,7 +179,7 @@ $row++;
 
 $table->data[$row][0] = __('Font path');
 $fonts = load_fonts();
-$table->data[$row][1] = html_print_select($fonts, 'fontpath', $config["fontpath"], '', '', 0, true);
+$table->data[$row][1] = html_print_select($fonts, 'fontpath', io_safe_output($config["fontpath"]), '', '', 0, true);
 
 $row++;
 
diff --git a/pandora_console/include/functions_config.php b/pandora_console/include/functions_config.php
index daf6bd4eae..37975e597d 100644
--- a/pandora_console/include/functions_config.php
+++ b/pandora_console/include/functions_config.php
@@ -51,7 +51,7 @@ function config_update_value ($token, $value) {
 	
 	if (!isset ($config[$token])) {
 		$config[$token] = $value;
-		return (bool) config_create_value ($token, $value);
+		return (bool) config_create_value ($token, io_safe_input($value));
 	}
 	
 	/* If it has not changed */
@@ -59,9 +59,10 @@ function config_update_value ($token, $value) {
 		return true;
 	
 	$config[$token] = $value;
+	$value = io_safe_output($value);
 	
 	$result = db_process_sql_update ('tconfig', 
-		array ('value' => $value),
+		array ('value' => io_safe_input($value)),
 		array ('token' => $token));
 	
 	if ($result === 0)
@@ -119,7 +120,7 @@ function config_update_config () {
 				case 'general':
 					if (!config_update_value ('language', (string) get_parameter ('language')))
 						$error_update[] = __('Language code for Pandora');
-					if (!config_update_value ('remote_config', io_safe_input((string) get_parameter ('remote_config'))))
+					if (!config_update_value ('remote_config', (string) get_parameter ('remote_config')))
 						$error_update[] = __('Remote config directory');
 					if (!config_update_value ('loginhash_pwd', (string) get_parameter ('loginhash_pwd')))
 						$error_update[] = __('Auto login (hash) password');
@@ -130,7 +131,7 @@ function config_update_config () {
 						$error_update[] = __('Automatic check for updates');
 					if (!config_update_value ('https', (bool) get_parameter ('https')))
 						$error_update[] = __('Enforce https');
-					if (!config_update_value ('attachment_store', io_safe_input((string) get_parameter ('attachment_store'))))
+					if (!config_update_value ('attachment_store', (string) get_parameter ('attachment_store')))
 						$error_update[] = __('Attachment store');
 					if (!config_update_value ('list_ACL_IPs_for_API', (string) get_parameter('list_ACL_IPs_for_API')))
 						$error_update[] = __('IP list with API access');
@@ -405,7 +406,7 @@ function config_update_config () {
 						$error_update[] = __('Show QR code header');
 					if (!config_update_value ('status_images_set', (string) get_parameter ('status_images_set')))
 						$error_update[] = __('Status icon set');
-					if (!config_update_value ('fontpath', io_safe_input((string) get_parameter ('fontpath'))))
+					if (!config_update_value ('fontpath', (string) get_parameter ('fontpath')))
 						$error_update[] = __('Font path');
 					if (!config_update_value ('font_size', get_parameter('font_size')))
 						$error_update[] = __('Font size');
@@ -443,7 +444,7 @@ function config_update_config () {
 						$error_update[] = __('Fixed menu');
 					if (!config_update_value ('paginate_module', get_parameter('paginate_module')))
 						$error_update[] = __('Paginate module');
-					if (!config_update_value ('graphviz_bin_dir', io_safe_input(get_parameter('graphviz_bin_dir'))))
+					if (!config_update_value ('graphviz_bin_dir', get_parameter('graphviz_bin_dir')))
 						$error_update[] = __('Custom graphviz directory');
 					if (!config_update_value ('networkmap_max_width', get_parameter('networkmap_max_width')))
 						$error_update[] = __('Networkmap max width');
@@ -533,7 +534,7 @@ function config_update_config () {
 					$error_update[] = __('Name resolution for IP address');
 				break;
 			case 'log':
-				if (!config_update_value ('log_dir', io_safe_input(get_parameter('log_dir'))))
+				if (!config_update_value ('log_dir', get_parameter('log_dir')))
 					$error_update[] = __('Netflow max lifetime');
 				if (!config_update_value ('log_max_lifetime', (int)get_parameter('log_max_lifetime')))
 					$error_update[] = __('Log max lifetime');
@@ -815,14 +816,14 @@ function config_process_config () {
 		//after the first uses.
 		if (!is_dir($config['attachment_store'])) {
 			config_update_value('attachment_store',
-				io_safe_input($config['homedir']) . '/attachment');
+				$config['homedir'] . '/attachment');
 		}
 	}
 	
 	
 	if (!isset ($config['fontpath'])) {
 		config_update_value('fontpath',
-			io_safe_input($config['homedir']) . '/include/fonts/smallfont.ttf');
+			$config['homedir'] . '/include/fonts/smallfont.ttf');
 	}
 	
 	if (!isset ($config['style'])) {
@@ -1368,7 +1369,7 @@ function config_check () {
 			'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
 	}
 	
-	$fontpath = io_safe_output(db_get_value_filter('value', 'tconfig', array('token' => 'fontpath')));
+	$fontpath = io_safe_output( db_get_value_filter('value', 'tconfig', array('token' => 'fontpath')) );
 	if (($fontpath == "") OR (!file_exists ($fontpath))) {
 		$config["alert_cnt"]++;
 		$_SESSION["alert_msg"] .= ui_print_error_message(
@@ -1468,11 +1469,20 @@ function config_check () {
 			'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
 	}
 	
-	if (preg_match("/system/", $PHPdisable_functions) or preg_match("/exec/", $PHPdisable_functions)) {
+	if ( preg_match("/system\b/", $PHPdisable_functions) ) {
 		$config["alert_cnt"]++;
 		$_SESSION["alert_msg"] .= ui_print_info_message(
 			array('title' => __("Problems with disable functions in PHP.INI"),
-			'message' => __("Variable disable_functions containts functions system() or exec(), in PHP configuration file (php.ini)"). '<br /><br />' . 
+			'message' => __("Variable disable_functions containts functions system(), in PHP configuration file (php.ini)"). '<br /><br />' . 
+			__('Please, change it on your PHP configuration file (php.ini) or contact with administrator (Dont forget restart apache process after changes)'),
+			'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
+	}
+	
+	if ( preg_match("/exec\b/", $PHPdisable_functions) ) {
+		$config["alert_cnt"]++;
+		$_SESSION["alert_msg"] .= ui_print_info_message(
+			array('title' => __("Problems with disable functions in PHP.INI"),
+			'message' => __("Variable disable_functions containts functions exec(), in PHP configuration file (php.ini)"). '<br /><br />' . 
 			__('Please, change it on your PHP configuration file (php.ini) or contact with administrator (Dont forget restart apache process after changes)'),
 			'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
 	}