diff --git a/ag/char_profil.php b/ag/char_profil.php
index 92a5735..79752f0 100644
--- a/ag/char_profil.php
+++ b/ag/char_profil.php
@@ -210,7 +210,7 @@ function stelledar($char_id,$user_ida,$name) {
 			<tr>
 				<th></th>
 				<th width="584" height="25" align="center">Normale K&auml;mpfe</th>
-				<th width="584" height="25" align="center">Clank&auml;mpfe</th>
+				<th width="584" height="25" align="center">Schatzsuche</th>
 			</tr>
 			<?php
 			//alle informationen zu den erlernten attacken auslesen
@@ -399,4 +399,4 @@ if ($_POST['submit']==1) {
 } else {
 	echo 'Leider wurde die Seite nicht korrekt aufgerufen! Rufen Sie die Seite bitte korrekt auf';
 }
-?>
\ No newline at end of file
+?>
diff --git a/ag/include/attackenset.inc.php b/ag/include/attackenset.inc.php
index 926acdc..1e34eb9 100644
--- a/ag/include/attackenset.inc.php
+++ b/ag/include/attackenset.inc.php
@@ -7,6 +7,8 @@
  */
 
 include_once (ROOT_PATH.'/include/defines.inc.php');
+include_once (ROOT_PATH.'/include/sqlwrapper.inc.php');
+
 
 //Set-Arten
 defineIfNotDefined('NORMALKAMPF', 1);
@@ -44,8 +46,9 @@ function getAttackSet($char_id, $type) {
 	if(!is_numeric($char_id) || !is_numeric($type)) {
 		return false;
 	}
-	$qry = mysql_query('SELECT attack_id, round FROM attackenset WHERE char_id = '.$char_id.' AND type = '.$type);
+	$qry = db_query('SELECT attack_id, round FROM attackenset WHERE char_id = '.$char_id.' AND type = '.$type);
 
+	$set = array();
 	while ($result = mysql_fetch_assoc($qry)) {
 		$set[$result['round']] = $result['attack_id'];
 	}
@@ -141,4 +144,4 @@ function validateAttackSet($attackSet) {
 	
 	return NULL;
 }
-?>
\ No newline at end of file
+?>
diff --git a/ag/include/clan_fights.inc.php b/ag/include/clan_fights.inc.php
index a8bf4cc..e543d00 100644
--- a/ag/include/clan_fights.inc.php
+++ b/ag/include/clan_fights.inc.php
@@ -28,8 +28,8 @@ defineIfNotDefined('DURATION_SURVIVAL_FIGHT', 15);
 defineIfNotDefined('MAX_COUNT_PARALLEL_CFS', 1);
 
 
-defineIfNotDefined('ATTACK_SET_DAVY_BACK_FIGHT', 2);
-defineIfNotDefined('ATTACK_SET_SURVIVAL', 2);
+defineIfNotDefined('ATTACK_SET_DAVY_BACK_FIGHT', 1);
+defineIfNotDefined('ATTACK_SET_SURVIVAL', 1);
 
 defineIfNotDefined('CLAN_EXP_FAKTOR_G', 1);
 
diff --git a/ag/include/kampf_wrapper.inc.php b/ag/include/kampf_wrapper.inc.php
index 8d8db5e..1e73e4f 100644
--- a/ag/include/kampf_wrapper.inc.php
+++ b/ag/include/kampf_wrapper.inc.php
@@ -7,7 +7,7 @@
  */
 
 include_once (ROOT_PATH . '/include/arena.inc.php');
-
+include_once (ROOT_PATH . '/include/sqlwrapper.inc.php');
 
 /**
  *
@@ -17,9 +17,13 @@ include_once (ROOT_PATH . '/include/arena.inc.php');
  */
 function convertLearnIDToAttackID (array $learnids, $char_id) {
 	$result = array();
+
 	$sql = 'SELECT id, at_id FROM lernen WHERE id IN ('.implode(',', $learnids).') AND besitzer = ' . $char_id;
 	//		echo $sql .'<br>';
 	$qry = mysql_query($sql);
+	if (!$qry) {
+		return array();
+	}
 	while($row = mysql_fetch_assoc($qry)) {
 		for($i=0;$i<count($learnids);$i++) {
 			if($learnids[$i] == $row['id']) {
diff --git a/ag/include/parse.inc.php b/ag/include/parse.inc.php
index a2e6cb0..8074523 100644
--- a/ag/include/parse.inc.php
+++ b/ag/include/parse.inc.php
@@ -327,7 +327,8 @@ function validateName($name){
 function validateURL($url){
 	$str = validateString($url);
 	$pos = strpos($str, 'http://');
-	if($str != 'design/bilder/avatare/noavart.gif' && ($pos === false || $pos != 0)){
+	$pos_ssl = strpos($str, 'https://');
+	if($str != 'design/bilder/avatare/noavart.gif' && ($pos === false || $pos != 0) && ($pos_ssl === false || $pos_ssl != 0)){
 		return '';
 	} else{
 		return $str;
diff --git a/ag/include/schatz.inc.php b/ag/include/schatz.inc.php
index b5a5262..b10b8da 100644
--- a/ag/include/schatz.inc.php
+++ b/ag/include/schatz.inc.php
@@ -13,6 +13,8 @@ include_once(ROOT_PATH.'/include/exp.inc.php');
 include_once(ROOT_PATH.'/include/sqlwrapper.inc.php');
 include_once(ROOT_PATH.'/include/random.inc.php');
 
+defineIfNotDefined('ATTACK_SET_SCHATZSUCHE', 2);
+
 
 function interruptSchatzSuche($charid){
 	mysql_query('Delete from quest_rounds where charid ='.$charid);
@@ -90,6 +92,9 @@ function monsterfight_neu($chara_1, $fight_monster, $std, $ort){
 		$char1_buffs = mysql_fetch_assoc(mysql_query('SELECT sum(i.hp) as hp, sum(i.mp) as mp, sum(i.starke) as starke, sum(i.verteidigung) as verteidigung, sum(i.speed) as speed FROM ware w LEFT JOIN item i ON(i.id=w.item_id) WHERE w.id IN (' . $chara_1['kampf_item'] . ')'));
 	}
 
+	// Retrieve the attack set for the treasure hunt!
+	$chara_1['attacken'] = implode(',', getAttackSet($chara_1['id'], ATTACK_SET_SCHATZSUCHE ));
+
 	$in_hp_max = explode(',', $chara_1['hp']);
 	$in_mp_max = explode(',', $chara_1['mp']);
 	$k_hp2[1] = $in_hp_max[1];
@@ -301,9 +306,9 @@ function monsterfight_neu($chara_1, $fight_monster, $std, $ort){
 		}
 	}
 	// Just wait (so users can not determinate the success of the SS by calculation time)
-	for(;$i<count($fight_monster);$i++){
-		usleep(mt_random_wrapper(200000,500000)); // sleep 0.2-0.5 sec/monster
-	}
+	#for(;$i<count($fight_monster);$i++){
+	#	usleep(mt_random_wrapper(200000,500000)); // sleep 0.2-0.5 sec/monster
+	#}
 	
 	####
 }
diff --git a/ag/irc.php b/ag/irc.php
index bddbd3c..d365673 100644
--- a/ag/irc.php
+++ b/ag/irc.php
@@ -1,9 +1,9 @@
 <?php
 
 if($user_ida['nickname'] != NULL) {
-	echo '<iframe src="http://webchat.quakenet.org/?nick='.preg_replace('#\s#', '_', $user_ida['nickname']).'&channels=animegame&uio=d4" width="647" height="600"></iframe>';
+	echo '<iframe src="https://webchat.quakenet.org/?nick='.preg_replace('#\s#', '_', $user_ida['nickname']).'&channels=animegame&uio=d4" width="647" height="600"></iframe>';
 } else {
-	echo '<iframe src="http://webchat.quakenet.org/?nick=anon_....&channels=animegame&uio=d4" width="647" height="600"></iframe>';
+	echo '<iframe src="https://webchat.quakenet.org/?nick=anon_....&channels=animegame&uio=d4" width="647" height="600"></iframe>';
 }
 
 
diff --git a/ag/rss.php b/ag/rss.php
index c4c2ea0..ad53211 100644
--- a/ag/rss.php
+++ b/ag/rss.php
@@ -25,13 +25,14 @@ $nachrichten = mysql_query('SELECT * FROM ff11_news order by id DESC LIMIT 10');
     {
                 $komments = mysql_fetch_assoc(mysql_query('SELECT count(id) as anzahl FROM ff11_komments WHERE news_id='.$row['id']));
                 $komments = $komments['anzahl'];
-        $text = htmlspecialchars($row['text']);
+	$betreff = preg_replace('#&#', 'und', $row['betreff']);
+        $text = $betreff;//htmlspecialchars($row['text']);
         $link = $GLOBALS['server_url_long'].'/index.php?as=news&id='.$row['id'].'';
         $link = htmlentities($link);
 
 ?>
     <item>
-    <title><?php echo preg_replace('#&#', 'und', $row['betreff']).' - Antworten ('.$komments.')'; ?></title>
+    <title><?php echo $betreff.' - Antworten ('.$komments.')'; ?></title>
     <link><?php echo $link; ?></link>
     <description><?php  echo $text; ?></description>
     <guid>
diff --git a/ag/schatz.php b/ag/schatz.php
index 3d7e794..d141560 100644
--- a/ag/schatz.php
+++ b/ag/schatz.php
@@ -70,7 +70,6 @@ $coords[0] = $char_ort['x_coord'];
 $coords[1] = $char_ort['y_coord'];
 
 if ($charm == 1) {
-
 	if (!semaphoreUP($ressource)) { // Blockiere alle Aktionen die der User gleichzeitig ausfuehren will (Ausgaben, Chars etc.) um Problemen vorzubeugen!!
 		displayErrorMessage(NULL, 'Verarbeitung gerade in Gange, bitte warten...', displayHistoryBackLink());
 		exit;
diff --git a/ag/sets.php b/ag/sets.php
index 5263439..a8d2306 100644
--- a/ag/sets.php
+++ b/ag/sets.php
@@ -117,7 +117,7 @@ function displaySets($user_ida) {
 		<tr>
 			<td><?php echo $set['item']['name']; ?></td>
 			<td><?php echo join(',', $deps); ?></td>
-			<td><button type="button" onclick="create_set(<?php echo $set['id']; ?>, '<?php echo $set['item']['name']; ?>');" <?php echo ($enable?'':'disabled="disabled"') ;?>>Erzeugen</button></td>
+			<td><button class="input" type="button" onclick="create_set(<?php echo $set['id']; ?>, '<?php echo $set['item']['name']; ?>');" <?php echo ($enable?'':'disabled="disabled"') ;?>>Erzeugen</button></td>
 		</tr>
 <?php
 	}