diff --git a/inc/admin_functions.inc.php b/inc/admin_functions.inc.php
index 26e3ee3e..05131fd5 100644
--- a/inc/admin_functions.inc.php
+++ b/inc/admin_functions.inc.php
@@ -51,13 +51,6 @@ $hesk_settings['possible_ticket_list'] = array(
     'time_worked' => $hesklang['ts'],
 );
 
-// Also possible to display all custom fields
-for ($i = 1; $i <= 20; $i++) {
-    if ($hesk_settings['custom_fields']['custom' . $i]['use']) {
-        $hesk_settings['possible_ticket_list']['custom' . $i] = $hesk_settings['custom_fields']['custom' . $i]['name'];
-    }
-}
-
 /*** FUNCTIONS ***/
 
 
@@ -393,8 +386,8 @@ function hesk_autoLogin($noredirect = 0)
     /* Check username */
     $result = hesk_dbQuery('SELECT * FROM `' . $hesk_settings['db_pfix'] . "users` WHERE `user` = '" . hesk_dbEscape($user) . "' LIMIT 1");
     if (hesk_dbNumRows($result) != 1) {
-        setcookie('hesk_username', '');
-        setcookie('hesk_p', '');
+        hesk_setcookie('hesk_username', '');
+        hesk_setcookie('hesk_p', '');
         header('Location: '.$url);
         exit();
     }
@@ -403,8 +396,8 @@ function hesk_autoLogin($noredirect = 0)
 
     /* Check password */
     if ($hash != hesk_Pass2Hash($res['pass'] . strtolower($user) . $res['pass'])) {
-        setcookie('hesk_username', '');
-        setcookie('hesk_p', '');
+        hesk_setcookie('hesk_username', '');
+        hesk_setcookie('hesk_p', '');
         header('Location: '.$url);
         exit();
     }
@@ -437,8 +430,8 @@ function hesk_autoLogin($noredirect = 0)
     }
 
     /* Renew cookies */
-    setcookie('hesk_username', "$user", strtotime('+1 year'));
-    setcookie('hesk_p', "$hash", strtotime('+1 year'));
+    hesk_setcookie('hesk_username', "$user", strtotime('+1 year'));
+    hesk_setcookie('hesk_p', "$hash", strtotime('+1 year'));
 
     /* Close any old tickets here so Cron jobs aren't necessary */
     if ($hesk_settings['autoclose']) {
@@ -646,7 +639,8 @@ function hesk_formatDate($dt, $from_database = true)
 
 function hesk_jsString($str)
 {
-    $str = str_replace(array('\'', '<br />'), array('\\\'', ''), $str);
+    $str  = addslashes($str);
+    $str  = str_replace('<br />' , '' , $str);
     $from = array("/\r\n|\n|\r/", '/\<a href="mailto\:([^"]*)"\>([^\<]*)\<\/a\>/i', '/\<a href="([^"]*)" target="_blank"\>([^\<]*)\<\/a\>/i');
     $to = array("\\r\\n' + \r\n'", "$1", "$1");
     return preg_replace($from, $to, $str);