diff --git a/ModuleInstall/ModuleScanner.php b/ModuleInstall/ModuleScanner.php
index efa5982eb9f..919c9fb2049 100755
--- a/ModuleInstall/ModuleScanner.php
+++ b/ModuleInstall/ModuleScanner.php
@@ -212,6 +212,7 @@ class ModuleScanner
         'call_user_func',
         'call_user_func_array',
         'create_function',
+        'phpinfo',
 
 
     //mutliple files per function call
@@ -575,6 +576,7 @@ public function isPHPFile($contents)
             // found <?, it's PHP
             return true;
         }
+
         return false;
     }
 
@@ -588,13 +590,14 @@ public function scanFile($file)
     {
         $issues = array();
         if (!$this->isValidExtension($file)) {
-            $issues[] = translate('ML_INVALID_EXT');
+            $issues[] = translate('ML_INVALID_EXT', 'Administration');
             $this->issues['file'][$file] = $issues;
             return $issues;
         }
         if ($this->isConfigFile($file)) {
-            $issues[] = translate('ML_OVERRIDE_CORE_FILES');
+            $issues[] = translate('ML_OVERRIDE_CORE_FILES', 'Administration');
             $this->issues['file'][$file] = $issues;
+
             return $issues;
         }
         $contents = file_get_contents($file);
@@ -609,7 +612,7 @@ public function scanFile($file)
             if (is_string($token[0])) {
                 switch ($token[0]) {
                     case '`':
-                        $issues['backtick'] = translate('ML_INVALID_FUNCTION') . " '`'";
+                        $issues['backtick'] = translate('ML_INVALID_FUNCTION', 'Administration') . " '`'";
                         // no break
                     case '(':
                         if ($checkFunction) {
@@ -625,9 +628,15 @@ public function scanFile($file)
                     case T_WHITESPACE: break;
                     case T_EVAL:
                         if (in_array('eval', $this->blackList) && !in_array('eval', $this->blackListExempt)) {
-                            $issues[]= translate('ML_INVALID_FUNCTION') . ' eval()';
+                            $issues[]= translate('ML_INVALID_FUNCTION', 'Administration') . ' eval()';
                         }
                         break;
+                    case T_ECHO:
+                        $issues[]= translate('ML_INVALID_FUNCTION', 'Administration') . ' echo';
+                        break;
+                    case T_EXIT:
+                        $issues[]= translate('ML_INVALID_FUNCTION', 'Administration') . ' exit / die';
+                        break;
                     case T_STRING:
                         $token[1] = strtolower($token[1]);
                         if ($lastToken !== false && $lastToken[0] == T_NEW) {
@@ -651,20 +660,20 @@ public function scanFile($file)
                                 // check static blacklist for methods
                                 if (!empty($this->methodsBlackList[$token[1]])) {
                                     if ($this->methodsBlackList[$token[1]] == '*') {
-                                        $issues[]= translate('ML_INVALID_METHOD') . ' ' .$token[1].  '()';
+                                        $issues[]= translate('ML_INVALID_METHOD', 'Administration') . ' ' .$token[1].  '()';
                                         break;
                                     }
                                     if ($lastToken[0] == T_DOUBLE_COLON && $index > 2 && $tokens[$index-2][0] == T_STRING) {
                                         $classname = strtolower($tokens[$index-2][1]);
                                         if (in_array($classname, $this->methodsBlackList[$token[1]])) {
-                                            $issues[]= translate('ML_INVALID_METHOD') . ' ' .$classname . '::' . $token[1]. '()';
+                                            $issues[]= translate('ML_INVALID_METHOD', 'Administration') . ' ' .$classname . '::' . $token[1]. '()';
                                             break;
                                         }
                                     }
                                 }
                                 //this is a method call, check the black list
                                 if (in_array($token[1], $this->methodsBlackList)) {
-                                    $issues[]= translate('ML_INVALID_METHOD') . ' ' .$token[1].  '()';
+                                    $issues[]= translate('ML_INVALID_METHOD', 'Administration') . ' ' .$token[1].  '()';
                                 }
                                 break;
                             }
@@ -680,7 +689,7 @@ public function scanFile($file)
                         // no break
                     case T_VARIABLE:
                         $checkFunction = true;
-                        $possibleIssue = translate('ML_INVALID_FUNCTION') . ' ' .  $token[1] . '()';
+                        $possibleIssue = translate('ML_INVALID_FUNCTION', 'Administration') . ' ' .  $token[1] . '()';
                         break;
 
                     default:
@@ -865,18 +874,13 @@ public function scanPackage($path)
     /**
      *This function will take all issues of the current instance and print them to the screen
      **/
-    public function displayIssues($package='Package')
+    public function displayIssues($package = 'Package')
     {
-        echo '<h2>'.str_replace('{PACKAGE}', $package, translate('ML_PACKAGE_SCANNING')). '</h2><BR><h2 class="error">' . translate('ML_INSTALLATION_FAILED') . '</h2><br><p>' .str_replace('{PACKAGE}', $package, translate('ML_PACKAGE_NOT_CONFIRM')). '</p><ul><li>'. translate('ML_OBTAIN_NEW_PACKAGE') . '<li>' . translate('ML_RELAX_LOCAL').
-'</ul></p><br>' . translate('ML_SUGAR_LOADING_POLICY') .  ' <a href=" http://kb.sugarcrm.com/custom/module-loader-restrictions-for-sugar-open-cloud/">' . translate('ML_SUITE_KB') . '</a>.'.
-'<br>' . translate('ML_AVAIL_RESTRICTION'). ' <a href=" http://developers.sugarcrm.com/wordpress/2009/08/14/module-loader-restrictions/">' . translate('ML_SUITE_DZ') .  '</a>.<br><br>';
-
-
-        foreach ($this->issues as $type=>$issues) {
-            echo '<div class="error"><h2>'. ucfirst($type) .' ' .  translate('ML_ISSUES') . '</h2> </div>';
+        foreach ($this->issues as $type => $issues) {
+            echo '<h2 class="error">' . ucfirst($type) . ' ' . translate('ML_ISSUES', 'Administration') . '</h2>';
             echo '<div id="details' . $type . '" >';
-            foreach ($issues as $file=>$issue) {
-                $file = str_replace($this->pathToModule . '/', '', $file);
+            foreach ($issues as $file => $issue) {
+                $file = preg_replace('/.*\//', '', $file);
                 echo '<div style="position:relative;left:10px"><b>' . $file . '</b></div><div style="position:relative;left:20px">';
                 if (is_array($issue)) {
                     foreach ($issue as $i) {
@@ -892,6 +896,36 @@ public function displayIssues($package='Package')
         echo "<br><input class='button' onclick='document.location.href=\"index.php?module=Administration&action=UpgradeWizard&view=module\"' type='button' value=\"" . translate('LBL_UW_BTN_BACK_TO_MOD_LOADER') . "\" />";
     }
 
+    /**
+     *This function will take all issues of the current instance and add them to a string
+     **/
+    public function getIssuesLog($package = 'Package')
+    {
+        $message = '';
+
+        foreach ($this->issues as $type => $issues) {
+            $message .= '<h2 class="error">' . ucfirst($type) . ' ' . translate('ML_ISSUES',
+                    'Administration') . '</h2>';
+            $message .= '<div id="details' . $type . '" >';
+            foreach ($issues as $file => $issue) {
+                $file = preg_replace('/.*\//', '', $file);
+                $message .= '<div style="position:relative;left:10px"><b>' . $file . '</b></div><div style="position:relative;left:20px">';
+                if (is_array($issue)) {
+                    foreach ($issue as $i) {
+                        $message .= "$i<br>";
+                    }
+                } else {
+                    $message .= "$issue<br>";
+                }
+                $message .= "</div>";
+            }
+            $message .= '</div>';
+        }
+
+        return $message;
+    }
+
+
     /**
      * Lock config settings
      */
@@ -911,7 +945,7 @@ public function checkConfig($file)
     {
         $config_hash_after = md5(serialize($GLOBALS['sugar_config']));
         if ($config_hash_after != $this->config_hash) {
-            $this->issues['file'][$file] = array(translate('ML_CONFIG_OVERRIDE'));
+            $this->issues['file'][$file] = array(translate('ML_CONFIG_OVERRIDE', 'Administration'));
             return $this->issues;
         }
         return false;
diff --git a/README.md b/README.md
index 5f0cce5d5fa..5b8b2e7eac0 100755
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
   <img width="180px" height="41px" src="https://suitecrm.com/wp-content/uploads/2017/12/logo.png" align="right" />
 </a>
 
-# SuiteCRM 7.10.34
+# SuiteCRM 7.10.35
 
 [![Build Status](https://travis-ci.org/salesagility/SuiteCRM.svg?branch=7.10.x)](https://travis-ci.org/salesagility/SuiteCRM)
 [![codecov](https://codecov.io/gh/salesagility/SuiteCRM/branch/7.10.x/graph/badge.svg)](https://codecov.io/gh/salesagility/SuiteCRM/branch/7.10.x)
diff --git a/download.php b/download.php
index 41444d0855c..4b225630081 100755
--- a/download.php
+++ b/download.php
@@ -206,7 +206,7 @@
                 $mime_type = 'application/octet-stream';
             break;
         }
-        
+
         if ($doQuery && isset($query)) {
             $rs = DBManagerFactory::getInstance()->query($query);
             $row = DBManagerFactory::getInstance()->fetchByAssoc($rs);
@@ -261,7 +261,14 @@
             }
         } else {
             header('Content-type: ' . $mime_type);
-            if (isset($_REQUEST['preview']) && $_REQUEST['preview'] === 'yes' && $mime_type !== 'text/html') {
+
+            $showPreview = false;
+
+            if (in_array($row['file_ext'], $sugar_config['allowed_preview'], true)) {
+                $showPreview = isset($_REQUEST['preview']) && $_REQUEST['preview'] === 'yes' && $mime_type !== 'text/html';
+            }
+
+            if ($showPreview === true) {
                 header('Content-Disposition: inline; filename="' . $name . '";');
             } else {
                 header('Content-Disposition: attachment; filename="' . $name . '";');
@@ -281,8 +288,8 @@
 
         ob_start();
         echo clean_file_output(file_get_contents($download_location), $mime_type);
-        
+
         $output = ob_get_contents();
         ob_end_clean();
-        
+
         echo $output;
diff --git a/files.md5 b/files.md5
index 8440b4fbf7e..30c21eb3f71 100755
--- a/files.md5
+++ b/files.md5
@@ -1,5 +1,5 @@
 <?php
-// created: 2021-11-19 17:00:00
+// created: 2021-12-15 17:00:00
 $md5_string = array (
   './Api/Core/Config/ApiConfig.php' => '69a1e7b3d7755a2a63499a16ddae81cf',
   './Api/Core/Config/slim.php' => 'b134e68765e6a1403577e2a5a06322b8',
@@ -102,7 +102,7 @@ $md5_string = array (
   './HandleAjaxCall.php' => '954cebdd8ea2ab1e5c03658b184322fd',
   './LICENSE.txt' => 'd3f150e4a5bed444763ebe8a81742a95',
   './ModuleInstall/ModuleInstaller.php' => '201e25734f64c614751832be8764d4ea',
-  './ModuleInstall/ModuleScanner.php' => '235afbf95be7b4e038bca439533b368d',
+  './ModuleInstall/ModuleScanner.php' => '5bd029e1955c5c243ce4cc567cc99367',
   './ModuleInstall/PackageManager/ListViewPackages.php' => 'c2b39c260c2f379abcf241217160029a',
   './ModuleInstall/PackageManager/PackageController.php' => 'b4b62aeec877007d5a904b7e7406f908',
   './ModuleInstall/PackageManager/PackageManager.php' => '94c11752b9ab8bcec3f77ed59cdd7422',
@@ -115,7 +115,7 @@ $md5_string = array (
   './ModuleInstall/PackageManager/tpls/PackageManagerLicense.tpl' => 'df5e267d1df5ce08fb9406e42d5b4816',
   './ModuleInstall/PackageManager/tpls/PackageManagerScripts.tpl' => '98e396c0aa57329731fda19c790fffb2',
   './ModuleInstall/extensions.php' => '87596ad3f28a39c996a5551cad3b5cab',
-  './README.md' => '2945c7eb2a50df410d9bbcfd65a3e2ef',
+  './README.md' => 'd001bd0256d3fd89ebf9775386fdc5b4',
   './RoboFile.php' => '045b82c1df69553824d0e4ffcce6e03c',
   './SugarSecurity.php' => '47e316b2d408e8c5192c8ea4a4f921b3',
   './TreeData.php' => '32873e20cb5fd33f9d1cdaf18c3cac5c',
@@ -522,7 +522,7 @@ $md5_string = array (
   './data/SugarBean.php' => '570930b7f8bc50c1d063ebb6c8ac170b',
   './deprecated.php' => 'f5f507fd6314f38d29c97e2cc2c62239',
   './dictionary.php' => 'b7c1370fb75a2940c04db74627c4462c',
-  './download.php' => 'f2d366039d134ac463ff1e75634ce509',
+  './download.php' => '1d337efcbfc68d524faab8c4460e107a',
   './emailmandelivery.php' => 'e079e094dd3d4e361670a179f50b1fdd',
   './export.php' => 'a7364fa8acd13057d4b77f596d9fdb39',
   './ical_server.php' => '36acd0eb4bdabcdb8c70497b5cc79d16',
@@ -3910,17 +3910,17 @@ $md5_string = array (
   './modules/AOW_Processed/metadata/subpanels/default.php' => 'a854bad4c87fee3ae01b971e88041b66',
   './modules/AOW_Processed/vardefs.php' => 'b8116bafbeac63b860466832c444da40',
   './modules/AOW_Processed/views/view.list.php' => '38e5458ec6e3b5cc188c165ac1af2b2b',
-  './modules/AOW_WorkFlow/AOW_WorkFlow.php' => '2f5ffcb6572a91220039cbd22e3bbabf',
+  './modules/AOW_WorkFlow/AOW_WorkFlow.php' => '5268c7af05df606e2dd9de53da1fc41f',
   './modules/AOW_WorkFlow/Dashlets/AOW_WorkFlowDashlet/AOW_WorkFlowDashlet.meta.php' => '307d5c5c4e36070f26fcd7019a7c3ce7',
   './modules/AOW_WorkFlow/Dashlets/AOW_WorkFlowDashlet/AOW_WorkFlowDashlet.php' => '9df3265e560ec57ed8bfaffca5335b66',
   './modules/AOW_WorkFlow/Menu.php' => 'bda4b71d876e065f7661bce4a91bde57',
   './modules/AOW_WorkFlow/aow_utils.php' => '0f06117126fbfe5cc6fa498a6ddbb4b8',
   './modules/AOW_WorkFlow/controller.php' => '8c09b64fd23731850eeece646584a375',
-  './modules/AOW_WorkFlow/language/en_us.lang.php' => 'd3f5d7f63df072fe0d79bc5385dadbbf',
+  './modules/AOW_WorkFlow/language/en_us.lang.php' => '3257fefa8880da77ef4c90c08fab9dad',
   './modules/AOW_WorkFlow/metadata/SearchFields.php' => '125fca8f181fd8c4fbb159fd71096bd7',
   './modules/AOW_WorkFlow/metadata/dashletviewdefs.php' => '113c2f1f0cd10818f564704bcca7c14c',
-  './modules/AOW_WorkFlow/metadata/detailviewdefs.php' => 'ccf1b5c10936884a44e2f155ab71afeb',
-  './modules/AOW_WorkFlow/metadata/editviewdefs.php' => 'af6bae5b500c168cee317f9f166a0a2a',
+  './modules/AOW_WorkFlow/metadata/detailviewdefs.php' => 'd585f5d2191dc56f4f8bf2e9e218e45d',
+  './modules/AOW_WorkFlow/metadata/editviewdefs.php' => '28914aa96a091ec183728f71006ae689',
   './modules/AOW_WorkFlow/metadata/listviewdefs.php' => '9068575782d803d94517c12954fb0a0e',
   './modules/AOW_WorkFlow/metadata/metafiles.php' => '7584c90c84e8a96b21d38eb28d5eeeb9',
   './modules/AOW_WorkFlow/metadata/popupdefs.php' => '63d9d82f9a867498d239b8774366302c',
@@ -3928,7 +3928,7 @@ $md5_string = array (
   './modules/AOW_WorkFlow/metadata/searchdefs.php' => 'b87c0f0ee913106deaee64b8f53dce54',
   './modules/AOW_WorkFlow/metadata/subpaneldefs.php' => '622ff373a39724c4555fe77dac4f4466',
   './modules/AOW_WorkFlow/metadata/subpanels/default.php' => 'ad81319c7fcbcf54e938a93c865e1b57',
-  './modules/AOW_WorkFlow/vardefs.php' => '627e2c280f00bb5350b6d275da79af70',
+  './modules/AOW_WorkFlow/vardefs.php' => 'c82a06b7557d68cfbc6d44461bddf86f',
   './modules/Accounts/Account.js' => '363f97788fd67766e867ac749a6272bf',
   './modules/Accounts/Account.php' => '889a6c753277a839fb7961d8d8ca5a4e',
   './modules/Accounts/AccountFormBase.php' => '03eb01512d8cec01a5022a25db83be5d',
@@ -4797,7 +4797,7 @@ $md5_string = array (
   './modules/EmailMan/Forms.php' => 'd939f3555ef708f533a77c77b696ccd8',
   './modules/EmailMan/Menu.php' => '9fec01e70c034091a9fe652a61407886',
   './modules/EmailMan/action_view_map.php' => 'e4b8e3c021d90ed66c74caa7e1f8e4c5',
-  './modules/EmailMan/controller.php' => '3af2309adb15b87358d1c08b35a7d280',
+  './modules/EmailMan/controller.php' => '6a79f210b78331386f738a2d6e1a1c78',
   './modules/EmailMan/field_arrays.php' => '46faacb2ea303c961a1871ea613a455f',
   './modules/EmailMan/language/en_us.lang.php' => 'ba2d83e744656eeb3aae03f3dc5c0396',
   './modules/EmailMan/metadata/SearchFields.php' => '16ab0bf5917fd13e2bb8dd99c3444dd8',
@@ -4901,7 +4901,7 @@ $md5_string = array (
   './modules/Emails/include/ComposeView/ComposeView.tpl' => '1ec29fbb9803c24e5ed8a12155668e58',
   './modules/Emails/include/ComposeView/ComposeViewBlank.tpl' => '22365ce6727ffb560e5ad3fc187f13f2',
   './modules/Emails/include/ComposeView/ComposeViewToolbar.tpl' => '656b26827857375278124e4610b9ff06',
-  './modules/Emails/include/ComposeView/EmailsComposeView.js' => '5c836fdc4d36bb39c6b027f13f9724db',
+  './modules/Emails/include/ComposeView/EmailsComposeView.js' => '5be2c694952733d64dbf75a208534f28',
   './modules/Emails/include/DetailView/EmailsDetailView.php' => 'f95937f398f37afe3927ecc035b8b743',
   './modules/Emails/include/DetailView/EmailsDraftDetailView.php' => 'baafca815e89a4c0ec3df8b6192552ea',
   './modules/Emails/include/DetailView/EmailsNonImportedDetailView.php' => 'ef9ecbcf65fa6f03e32f94b6a9805b2f',
@@ -5574,12 +5574,12 @@ $md5_string = array (
   './modules/OAuth2Clients/js/PasswordCredentialsValidation.js' => 'd20b36468c15522c07606ddfe6204c64',
   './modules/OAuth2Clients/language/en_us.lang.php' => '41cc684474703a8d6f1c7ba76b4a900f',
   './modules/OAuth2Clients/metadata/SearchFields.php' => '0c30055d8ac347f228fe8fd18891c01e',
-  './modules/OAuth2Clients/metadata/detailcredentialsviewdefs.php' => 'cfcc4106c19bbd7820f20b93ef92f831',
-  './modules/OAuth2Clients/metadata/detailpasswordviewdefs.php' => '05bad4c0938bd89a725a95219d4b7ca3',
-  './modules/OAuth2Clients/metadata/detailviewdefs.php' => '752ef40916c7b1da82415063ece8638b',
-  './modules/OAuth2Clients/metadata/editcredentialsviewdefs.php' => 'ff8140e9404e2baacd2d7328e0bd0aeb',
-  './modules/OAuth2Clients/metadata/editpasswordviewdefs.php' => '37d0505b27bba6fb6fe79378187f1a94',
-  './modules/OAuth2Clients/metadata/editviewdefs.php' => '087f5db2a82577312f2d7a384ede2ec6',
+  './modules/OAuth2Clients/metadata/detailcredentialsviewdefs.php' => '7b697367c75b861cc31f3908c891a424',
+  './modules/OAuth2Clients/metadata/detailpasswordviewdefs.php' => 'a0ff587a982ccb98c693a95083d12c37',
+  './modules/OAuth2Clients/metadata/detailviewdefs.php' => '06a24351d5c0c05134efb22a779562ef',
+  './modules/OAuth2Clients/metadata/editcredentialsviewdefs.php' => '4d247876f3ba72caea12bf2218313357',
+  './modules/OAuth2Clients/metadata/editpasswordviewdefs.php' => '03e345601ae7834a3db7eeeb23b50173',
+  './modules/OAuth2Clients/metadata/editviewdefs.php' => 'e5f20eb75f4f9c90ebed7e913cea5dca',
   './modules/OAuth2Clients/metadata/listviewdefs.php' => '4282034fa7a8316948346787d4641c65',
   './modules/OAuth2Clients/metadata/metafiles.php' => '41cd83567c02ce1a8edc8634307f5cdd',
   './modules/OAuth2Clients/metadata/popupdefs.php' => '7a2066ca250a032afb73d2feb5026d5a',
@@ -5677,8 +5677,8 @@ $md5_string = array (
   './modules/OutboundEmailAccounts/language/en_us.lang.php' => '9b9becdbac51bb11ec5009007f7aa682',
   './modules/OutboundEmailAccounts/metadata/SearchFields.php' => 'b1d3821e188938066156f0c85d4e37fe',
   './modules/OutboundEmailAccounts/metadata/dashletviewdefs.php' => '93e262245007ffc79f1ff9938e8bbac9',
-  './modules/OutboundEmailAccounts/metadata/detailviewdefs.php' => '464e6ae2faa0d79b72999ca462dd9fa9',
-  './modules/OutboundEmailAccounts/metadata/editviewdefs.php' => 'c52ee86e9832d7c210134710d98396d6',
+  './modules/OutboundEmailAccounts/metadata/detailviewdefs.php' => '948df4801e3d229ea4bac06e247fd643',
+  './modules/OutboundEmailAccounts/metadata/editviewdefs.php' => 'f28a1bf18ca13bcfe8229c1d5fa6eee4',
   './modules/OutboundEmailAccounts/metadata/listviewdefs.php' => 'b55ab9fcc7b7fe5dc24847570f53c5c6',
   './modules/OutboundEmailAccounts/metadata/metafiles.php' => 'd163cfdaa7fa3d697326f798bbcc6867',
   './modules/OutboundEmailAccounts/metadata/popupdefs.php' => '3464601d89e63838c93f7bfcd2142eec',
@@ -5704,7 +5704,7 @@ $md5_string = array (
   './modules/Project/SubPanelView.php' => 'af95a6ef52973f660100c71164dd42fe',
   './modules/Project/action_view_map.php' => 'bfb14b59f2e972e576ab76d3d5aceac0',
   './modules/Project/chart.php' => 'a7372c5e93317f570c4570b7bd34f71e',
-  './modules/Project/controller.php' => 'f7a1625bad7e30c8407b26eabca31f26',
+  './modules/Project/controller.php' => 'a8bd59dc59f9cf503d21cf16514d59e3',
   './modules/Project/css/style.css' => 'f46ccefd03710380a8079bede95341ce',
   './modules/Project/css/style_chart.css' => '233f2a964aeed0a7a4db10aaa8397a5b',
   './modules/Project/delete_project_tasks.php' => '1c2dab740529a1e5a2fbc0e0ce7965d9',
@@ -6254,7 +6254,7 @@ $md5_string = array (
   './modules/UpgradeWizard/upgradeMetaHelper.php' => '800c97e8653bba6168392cb7fb1aeb2c',
   './modules/UpgradeWizard/upgradeTimeCounter.php' => 'dd3927b75efa08402bd0e2062140ce8c',
   './modules/UpgradeWizard/upgradeWizard.js' => 'f9257d89ca94aacd912a1e5b9a8016b8',
-  './modules/UpgradeWizard/upload.php' => 'dfa84b530eea7d4cf027aa69be29b470',
+  './modules/UpgradeWizard/upload.php' => 'f18f412726b4dcbb2c436d7f2e7aa6c3',
   './modules/UpgradeWizard/uw_ajax.php' => 'dc6dd5c6491829bdff9ad33b5f6162ee',
   './modules/UpgradeWizard/uw_emptyFunctions.php' => '78d1a2e170174830b7dd1522db706828',
   './modules/UpgradeWizard/uw_files.php' => 'acff8db8712e3f892d46e6dcdcf13fbc',
@@ -6577,7 +6577,7 @@ $md5_string = array (
   './soap.php' => 'e28988c2e0b8e2c484587b537a710525',
   './sugar_version.json' => 'bdfbcefae2f9af559bef6a36367df7bb',
   './sugar_version.php' => 'db7b6c8d51f87879fce1e6172eedfbed',
-  './suitecrm_version.php' => '8038561cf0d7daf2f4434655fa3e4661',
+  './suitecrm_version.php' => 'efb3eed2d1d827d27740c8128423d089',
   './themes/SuiteP/css/Dawn/color-palette.scss' => 'f85621a6c8b0cd015a8c4703e83e519b',
   './themes/SuiteP/css/Dawn/icons.scss' => 'd59f8c5855e7a8df09542a663835a196',
   './themes/SuiteP/css/Dawn/style.css' => '96e228603dfc1458e19c4d07013f2ef3',
@@ -9492,4 +9492,4 @@ $md5_string = array (
   './themes/default/less/wells.less' => '07cc7d04d7f7f344742f23886cbe5683',
   './vCard.php' => '3f5273501c464563e5b1247be28b69de',
   './vcal_server.php' => 'ce4752597ba62a99f791c467339d2500',
-);
\ No newline at end of file
+);
diff --git a/modules/Project/controller.php b/modules/Project/controller.php
index 62cedd7b27b..bc9247d3dcb 100755
--- a/modules/Project/controller.php
+++ b/modules/Project/controller.php
@@ -484,11 +484,13 @@ public function action_Tooltips()
     {
         global $mod_strings;
 
-        $start_date = $_REQUEST['start_date'];
-        $end_date = $_REQUEST['end_date'];
-        $resource_id = $_REQUEST['resource_id'];
+        $db = DBManagerFactory::getInstance();
+
+        $start_date = $db->quote($_REQUEST['start_date']);
+        $end_date = $db->quote($_REQUEST['end_date']);
+        $resource_id = $db->quote($_REQUEST['resource_id']);
 
-        $projects = explode(",", $_REQUEST['projects']);
+        $projects = explode(",", $db->quote($_REQUEST['projects']));
         $project_where = "";
         if (count($projects) > 1 || $projects[0] != '') {
             $project_where = " AND project_id IN( '" . implode("','", $projects) . "' )";
diff --git a/modules/UpgradeWizard/upload.php b/modules/UpgradeWizard/upload.php
index f977a8fdd16..e32fe4d7703 100755
--- a/modules/UpgradeWizard/upload.php
+++ b/modules/UpgradeWizard/upload.php
@@ -118,12 +118,32 @@
             $manifest_file = extractManifest($tempFile);
 
             if (is_file($manifest_file)) {
-                require_once($manifest_file);
+
+                //SCAN THE MANIFEST FILE TO MAKE SURE NO COPIES OR ANYTHING ARE HAPPENING IN IT
+                require_once __DIR__ . '/../../ModuleInstall/ModuleScanner.php';
+
+                $ms = new ModuleScanner();
+                $ms->lockConfig();
+                $fileIssues = $ms->scanFile($manifest_file);
+                if (!empty($fileIssues)) {
+                    $out .= '<h2>' . translate('ML_MANIFEST_ISSUE', 'Administration') . '</h2><br>';
+                    $out .= $ms->getIssuesLog();
+                    break;
+                }
+
+                list($manifest, $installdefs) = MSLoadManifest($manifest_file);
+                if ($ms->checkConfig($manifest_file)) {
+                    $out .= '<h2>' . translate('ML_MANIFEST_ISSUE', 'Administration') . '</h2><br>';
+                    $out .= $ms->getIssuesLog();
+                    break;
+                }
+
                 $error = validate_manifest($manifest);
                 if (!empty($error)) {
                     $out = "<b><span class='error'>{$error}</span></b><br />";
                     break;
                 }
+
                 $upgrade_zip_type = $manifest['type'];
 
                 // exclude the bad permutations
diff --git a/suitecrm_version.php b/suitecrm_version.php
index 27f24fe70e4..a0edbac5c83 100755
--- a/suitecrm_version.php
+++ b/suitecrm_version.php
@@ -3,5 +3,5 @@
     die('Not A Valid Entry Point');
 }
 
-$suitecrm_version = '7.10.34';
-$suitecrm_timestamp = '2021-11-19 17:00:00';
+$suitecrm_version = '7.10.35';
+$suitecrm_timestamp = '2021-12-14 17:00:00';