diff --git a/cgi-bin/webnotes/db.py b/cgi-bin/webnotes/db.py
index aae4d5b02d..8d175e317e 100644
--- a/cgi-bin/webnotes/db.py
+++ b/cgi-bin/webnotes/db.py
@@ -15,9 +15,6 @@ class Database:
 		self.host = host or 'localhost'
 		self.user = user or getattr(defs, 'default_db_name', '')
 
-		# password can be empty string
-		self.password = password==None and getattr(defs, 'db_password', '') or password
-
 		if ac_name:
 			self.user = self.get_db_login(ac_name) or defs.default_db_name
 		
@@ -28,6 +25,8 @@ class Database:
 		self.in_transaction = 0
 		self.transaction_writes = 0
 		self.testing_tables = []
+
+		self.password = self.get_db_password(ac_name, password)
 		
 		self.connect()
 		if self.user != 'root':
@@ -36,6 +35,27 @@ class Database:
 		if webnotes.logger:
 			webnotes.logger.debug('Database object initialized for:%s',self.user)
 
+	def get_db_password(self, db_name, password):
+		"""
+			Return db password. order of importance:
+			
+				1. password
+				2. defs.get_db_password()
+				3. defs.db_password
+		"""
+		# password can be empty string
+		if password:
+			return password
+		
+		if hasattr(defs, 'get_db_password'):
+			return defs.get_db_password(db_name)
+
+		if hasattr(defs, 'db_password'):
+			return defs.db_password
+
+		else: 
+			return ''
+			
 	def get_db_login(self, ac_name):
 		return getattr(defs,'db_name_map').get(ac_name, getattr(defs,'default_db_name'))
 
diff --git a/cgi-bin/webnotes/handler.py b/cgi-bin/webnotes/handler.py
index 760a96e8e4..f432c91ff8 100755
--- a/cgi-bin/webnotes/handler.py
+++ b/cgi-bin/webnotes/handler.py
@@ -410,17 +410,14 @@ else:
 	except: # python 2.4
 		import simplejson as json
 	
-	try:
-		str_out = json.dumps(webnotes.response)
-	except:
-		str_out = str(webnotes.response).replace(', None', ', ""')
+	str_out = json.dumps(webnotes.response)
 	
-	if acceptsGzip and len(str_out)>512:
+	if acceptsGzip and 1 and len(str_out)>512:
 		out_buf = compressBuf(str_out)
 		print "Content-Encoding: gzip"
 		print "Content-Length: %d" % (len(out_buf))
 		
-	print "Content-Type: text/html; Charset: ISO-8859-1"
+	print "Content-Type: text/html; charset: utf-8"
 	
 	# if there ar additional cookies defined during the request, add them here
 	if webnotes.cookies or webnotes.add_cookies: 
diff --git a/cgi-bin/webnotes/install_lib/install.py b/cgi-bin/webnotes/install_lib/install.py
index c270b2059c..68c9fbd2fa 100755
--- a/cgi-bin/webnotes/install_lib/install.py
+++ b/cgi-bin/webnotes/install_lib/install.py
@@ -98,9 +98,17 @@ class Installer:
 
 		webnotes.conn.commit()
 
-	#
-	# main script to create a database from
-	#
+	def get_db_password(self, db_name):
+		"""
+			Get the db_password by method
+		"""
+		import webnotes.defs
+		if hasattr(webnotes.defs, 'get_db_password'):
+			return webnotes.defs.get_db_password(db_name)
+		if hasattr(webnotes.defs, 'db_password'):
+			return webnotes.defs.db_password
+		return ''
+
 	def import_from_db(self, target, source_path='', password = 'admin', verbose=0):
 		"""
 		a very simplified version, just for the time being..will eventually be deprecated once the framework stabilizes.
diff --git a/cgi-bin/webnotes/model/db_schema.py b/cgi-bin/webnotes/model/db_schema.py
index 0ab2de0b78..e1e02058d2 100644
--- a/cgi-bin/webnotes/model/db_schema.py
+++ b/cgi-bin/webnotes/model/db_schema.py
@@ -358,7 +358,7 @@ class DbManager:
 		mysql = mysql_path and os.path.join(mysql_path, 'mysql') or 'mysql'
 		
 		try:
-			ret = os.system("%s -u root -p%s %s < %s"%(mysql, root_password.replace(" ", "\ "), target, source))
+			ret = os.system("%s -u root -p%s %s < %s"%(mysql, root_password.replace(" ", "\ "), target.replace("$", "\$"), source))
 		except Exception,e:
 			raise e
 
diff --git a/cgi-bin/webnotes/model/doclist.py b/cgi-bin/webnotes/model/doclist.py
index 2da46a795e..c8df02660a 100644
--- a/cgi-bin/webnotes/model/doclist.py
+++ b/cgi-bin/webnotes/model/doclist.py
@@ -62,12 +62,17 @@ class DocList:
 			self.doc, self.children = self.docs[0], self.docs[1:]
 
 		else:
+			self.doc = None
 			self.children = []
 			for d in self.docs:
 				if d.name == docname:
 					self.doc = d
 				else:
 					self.children.append(d)
+					
+			# catch all if no self.doc
+			if not self.doc:
+				self.doc, self.children = self.docs[0], self.docs[1:]
 	
 	def make_obj(self):
 		"""
diff --git a/cgi-bin/webnotes/profile.py b/cgi-bin/webnotes/profile.py
index 3fe1eec59d..b74fa08e5c 100644
--- a/cgi-bin/webnotes/profile.py
+++ b/cgi-bin/webnotes/profile.py
@@ -177,21 +177,35 @@ class Profile:
 		"""
 		conn = webnotes.conn
 		from webnotes.utils import cstr
+		import json
+
 	
 		# get list of child tables, so we know what not to add in the recent list
 		child_tables = [t[0] for t in conn.sql('select name from tabDocType where istable = 1')]
 		
 		if not (dt in ['Print Format', 'Start Page', 'Event', 'ToDo Item', 'Search Criteria']) and not webnotes.is_testing and not (dt in child_tables):
-			r = cstr(webnotes.conn.sql("select recent_documents from tabProfile where name=%s", self.name)[0][0] or '')
-			new_str = cstr(dt)+'~~~'+cstr(dn) + '\n'
-			if new_str in r:
-				r = r.replace(new_str, '')
+			r = webnotes.conn.sql("select recent_documents from tabProfile where name=%s", self.name)[0][0] or ''
 
-			self.recent = new_str + r
 			
-			if len(self.recent.split('\n')) > 50:
-				self.recent = '\n'.join(self.recent.split('\n')[:50])
+			# clear old style (to be removed)
+			if '~~' in r: r = ''
 			
+			rdl = json.loads(r or '[]')
+			new_rd = [dt, dn]
+			
+			# clear if exists
+			for i in range(len(rdl)):
+				rd = rdl[i]
+				if rd==new_rd:
+					del rdl[i]
+					break
+
+			rdl.append(new_rd)
+			if len(rdl) > 20:
+				rdl = rdl[:20]
+			
+			self.recent = json.dumps(rdl)
+						
 			webnotes.conn.sql("update tabProfile set recent_documents=%s where name=%s", (self.recent, self.name))
 			
 	def load_profile(self):
diff --git a/cgi-bin/webnotes/utils/__init__.py b/cgi-bin/webnotes/utils/__init__.py
index f8156046c2..1376ed7d41 100644
--- a/cgi-bin/webnotes/utils/__init__.py
+++ b/cgi-bin/webnotes/utils/__init__.py
@@ -287,19 +287,13 @@ def cstr(s):
 	"""	
 	Convert to string
 	"""
-	if s==None: 
+	if type(s) in (str, unicode):
+		return s
+	elif s==None: 
 		return ''
 	else:
-		if hasattr(s, 'encode'):
-			try:
-				s = s.encode('utf-8', 'ignore')
-			except:
-				pass
-		try:
-			return unicode(s)
-		except UnicodeDecodeError:
-			return unicode(s, 'utf-8')
-
+		return str(s)
+		
 def str_esc_quote(s):
 	"""
 	Escape quotes
diff --git a/js/form.compressed.js b/js/form.compressed.js
index 41980e4ee4..64ea3993ac 100644
--- a/js/form.compressed.js
+++ b/js/form.compressed.js
@@ -181,7 +181,7 @@ _f.Frm.prototype.savedoc=function(save_action,onsave,onerr){this.error_in_sectio
 _f.Frm.prototype.saveupdate=function(){this.save('Update');}
 _f.Frm.prototype.savesubmit=function(){var answer=confirm("Permanently Submit "+this.docname+"?");if(answer)this.save('Submit');}
 _f.Frm.prototype.savecancel=function(){var answer=confirm("Permanently Cancel "+this.docname+"?");if(answer)this.save('Cancel');}
-_f.Frm.prototype.savetrash=function(){var me=this;var answer=confirm("Permanently Delete "+this.docname+"? This action cannot be reversed");if(answer){$c('webnotes.model.delete_doc',{dt:this.doctype,dn:this.docname},function(r,rt){if(r.message=='okay'){delete locals[me.doctype][me.docname];if(page_body.wntoolbar)page_body.wntoolbar.rdocs.remove(me.doctype,me.docname);nav_obj.show_last_open();}})}}
+_f.Frm.prototype.savetrash=function(){var me=this;var answer=confirm("Permanently Delete "+this.docname+"? This action cannot be reversed");if(answer){$c('webnotes.model.delete_doc',{dt:this.doctype,dn:this.docname},function(r,rt){if(r.message=='okay'){LocalDB.delete_doc(me.doctype,me.docname);if(page_body.wntoolbar)page_body.wntoolbar.rdocs.remove(me.doctype,me.docname);nav_obj.show_last_open();}})}}
 _f.Frm.prototype.amend_doc=function(){if(!this.fields_dict['amended_from']){alert('"amended_from" field must be present to do an amendment.');return;}
 var me=this;var fn=function(newdoc){newdoc.amended_from=me.docname;if(me.fields_dict&&me.fields_dict['amendment_date'])
 newdoc.amendment_date=dateutil.obj_to_str(new Date());}
@@ -428,7 +428,7 @@ $c_get_values=function(args,doc,dt,dn,user_callback){var call_back=function(r,rt
 refresh_field(fl[i],dn,args.table_field);else
 refresh_field(fl[i]);}}
 $c('webnotes.widgets.form.get_fields',args,call_back);}
-get_server_fields=function(method,arg,table_field,doc,dt,dn,allow_edit,call_back){if(!allow_edit)freeze('Fetching Data...');$c('runserverobj',args={'method':method,'docs':compress_doclist([doc]),'arg':arg},function(r,rt){if(r.message){var d=locals[dt][dn];var field_dict=eval('var a='+r.message+';a');for(var key in field_dict){d[key]=field_dict[key];if(table_field)refresh_field(key,d.name,table_field);else refresh_field(key);}}
+get_server_fields=function(method,arg,table_field,doc,dt,dn,allow_edit,call_back){if(!allow_edit)freeze('Fetching Data...');$c('runserverobj',args={'method':method,'docs':compress_doclist([doc]),'arg':arg},function(r,rt){if(r.message){var d=locals[dt][dn];var field_dict=r.message;for(var key in field_dict){d[key]=field_dict[key];if(table_field)refresh_field(key,d.name,table_field);else refresh_field(key);}}
 if(call_back){doc=locals[doc.doctype][doc.name];call_back(doc,dt,dn);}
 if(!allow_edit)unfreeze();});}
 set_multiple=function(dt,dn,dict,table_field){var d=locals[dt][dn];for(var key in dict){d[key]=dict[key];if(table_field)refresh_field(key,d.name,table_field);else refresh_field(key);}}
@@ -495,4 +495,4 @@ wn.widgets.form.file_upload_done=function(doctype,docname,fileid,filename,at_id,
 fl.push(filename+','+fileid)
 doc.file_list=fl.join('\n');}
 else
-doc.file_list=filename+','+fileid;doc.modified=new_timestamp;var frm=frms[doctype];frm.attachments.dialog.hide();msgprint('File Uploaded Sucessfully.');frm.refresh();}
\ No newline at end of file
+doc.file_list=filename+','+fileid;doc.modified=new_timestamp;var frm=frms[doctype];frm.attachments.dialog.hide();msgprint('File Uploaded Sucessfully.');frm.refresh();}
diff --git a/js/utils/handler.js b/js/utils/handler.js
index 0d7425ed8e..b7621d0651 100644
--- a/js/utils/handler.js
+++ b/js/utils/handler.js
@@ -42,7 +42,7 @@ function $c(command, args, fn, on_timeout, no_spinner, freeze_msg) {
 			var rtxt = req.responseText;
 						
 			try { 
-				var r = eval("var a="+rtxt+";a"); 
+				var r = JSON.parse(rtxt); 
 			} catch(e) { 
 				alert('Handler Exception:' + rtxt);
 				return; 
@@ -366,4 +366,4 @@ function resume_session() {
 
 		return $;
 	};
-})(jQuery);
\ No newline at end of file
+})(jQuery);
diff --git a/js/webpage/wntoolbar.js b/js/webpage/wntoolbar.js
index 7fbfede1f4..b7bc287a50 100644
--- a/js/webpage/wntoolbar.js
+++ b/js/webpage/wntoolbar.js
@@ -104,23 +104,27 @@ function WNToolbar(parent) {
 			if(it)$dh(it);
 			if(pscript.on_recent_update)pscript.on_recent_update();
 		}
-		// add menu items
-		var rlist = profile.recent.split('\n');
-		var m = rlist.length;
-		if(m>15)m=15;
-		for (var i=0;i<m;i++) {
-			var t = rlist[i].split('~~~');
-			if(t[1]) {
-				var dt = t[0]; var dn = t[1];
-				this.rdocs.add(dt, dn, 0);
-			}
-		}
 
 		this.rename_notify = function(dt, old, name) {
 			me.rdocs.remove(dt, old);
 			me.rdocs.add(dt, name, 1);
 		}
 		rename_observers.push(this);
+
+		// add menu items
+		try{ var rlist = JSON.parse(profile.recent); }
+		catch(e) { return; /*old style-do nothing*/ }
+		
+		var m = rlist.length;
+		if(m>15)m=15;
+		for (var i=0;i<m;i++) {
+			var rd = rlist[i]
+			if(rd[1]) {
+				var dt = rd[0]; var dn = rd[1];
+				this.rdocs.add(dt, dn, 0);
+			}
+		}
+
 	}
 	
 	// Tools
diff --git a/js/widgets/form/clientscriptAPI.js b/js/widgets/form/clientscriptAPI.js
index ccf64c58c4..f8f37ab06a 100644
--- a/js/widgets/form/clientscriptAPI.js
+++ b/js/widgets/form/clientscriptAPI.js
@@ -24,8 +24,7 @@ get_server_fields = function(method, arg, table_field, doc, dt, dn, allow_edit,
 	function(r, rt) {
 		if (r.message)  {
 			var d = locals[dt][dn];
-			var field_dict = eval('var a='+r.message+';a');
-
+			var field_dict = r.message;
 			for(var key in field_dict) {
 				d[key] = field_dict[key];
 				if (table_field) refresh_field(key, d.name, table_field);
diff --git a/js/widgets/form/form.js b/js/widgets/form/form.js
index 207f45f841..0202f92e03 100644
--- a/js/widgets/form/form.js
+++ b/js/widgets/form/form.js
@@ -1118,7 +1118,7 @@ _f.Frm.prototype.savetrash = function() {
 		$c('webnotes.model.delete_doc', {dt:this.doctype, dn:this.docname}, function(r,rt) {
 			if(r.message=='okay') {
 				// delete from locals
-				delete locals[me.doctype][me.docname];
+				LocalDB.delete_doc(me.doctype, me.docname);
 				
 				// delete from recent
 				if(page_body.wntoolbar) page_body.wntoolbar.rdocs.remove(me.doctype, me.docname);
diff --git a/js/wnf.compressed.js b/js/wnf.compressed.js
index 8fa42260d1..17aa300567 100644
--- a/js/wnf.compressed.js
+++ b/js/wnf.compressed.js
@@ -250,7 +250,7 @@ unfreeze();return false;}}
 var pending_req=0;function newHttpReq(){if(!isIE)
 var r=new XMLHttpRequest();else if(window.ActiveXObject)
 var r=new ActiveXObject("Microsoft.XMLHTTP");return r;}
-function $c(command,args,fn,on_timeout,no_spinner,freeze_msg){var req=newHttpReq();ret_fn=function(){if(checkResponse(req,on_timeout,no_spinner,freeze_msg)){if(!no_spinner)hide_loading();var rtxt=req.responseText;try{var r=eval("var a="+rtxt+";a");}catch(e){alert('Handler Exception:'+rtxt);return;}
+function $c(command,args,fn,on_timeout,no_spinner,freeze_msg){var req=newHttpReq();ret_fn=function(){if(checkResponse(req,on_timeout,no_spinner,freeze_msg)){if(!no_spinner)hide_loading();var rtxt=req.responseText;try{var r=JSON.parse(rtxt);}catch(e){alert('Handler Exception:'+rtxt);return;}
 if(freeze_msg)unfreeze();if(!validate_session(r,rtxt))return;if(r.exc){errprint(r.exc);};if(r.server_messages){msgprint(r.server_messages);};if(r.docs){LocalDB.sync(r.docs);}
 saveAllowed=true;if(fn)fn(r,rtxt);}}
 req.onreadystatechange=ret_fn;req.open("POST",outUrl,true);req.setRequestHeader("ENCTYPE","multipart/form-data");req.setRequestHeader("Content-Type","application/x-www-form-urlencoded; charset=UTF-8");args['cmd']=command;req.send(makeArgString(args));if(!no_spinner)set_loading();if(freeze_msg)freeze(freeze_msg,1);}
@@ -973,9 +973,11 @@ var tdn=dn;var rec_label='<table style="width: 100%" cellspacing=0><tr>'
 +'<td style="width: 50%; text-decoration: underline; color: #22B; padding: 2px;">'+tdn+'</td>'
 +'<td style="font-size: 11px;">'+get_doctype_label(dt)+'</td></tr></table>';var mi=me.menu.add_item('Recent',rec_label,fn,on_top);mi.dt=dt;mi.dn=dn;this.items[dt+'-'+dn]=mi;if(pscript.on_recent_update)pscript.on_recent_update();}}
 this.rdocs.remove=function(dt,dn){var it=me.rdocs.items[dt+'-'+dn];if(it)$dh(it);if(pscript.on_recent_update)pscript.on_recent_update();}
-var rlist=profile.recent.split('\n');var m=rlist.length;if(m>15)m=15;for(var i=0;i<m;i++){var t=rlist[i].split('~~~');if(t[1]){var dt=t[0];var dn=t[1];this.rdocs.add(dt,dn,0);}}
 this.rename_notify=function(dt,old,name){me.rdocs.remove(dt,old);me.rdocs.add(dt,name,1);}
-rename_observers.push(this);}
+rename_observers.push(this);try{var rlist=JSON.parse(profile.recent);}
+catch(e){return;}
+var m=rlist.length;if(m>15)m=15;for(var i=0;i<m;i++){var rd=rlist[i]
+if(rd[1]){var dt=rd[0];var dn=rd[1];this.rdocs.add(dt,dn,0);}}}
 this.setup_help=function(){me.menu.add_top_menu('Tools',function(){},"sprite-tools");this.menu.add_item('Tools','Error Console',function(){err_console.show();});this.menu.add_item('Tools','Clear Cache',function(){$c('webnotes.session_cache.clear',{},function(r,rt){show_alert(r.message);})});if(has_common(user_roles,['Administrator','System Manager'])){this.menu.add_item('Tools','Download Backup',function(){me.download_backup();});}
 this.menu.add_item('Tools','Web Notes Framework',function(){show_about();});}
 this.setup_new=function(){me.menu.add_top_menu('New',function(){me.show_new();},'sprite-new');me.show_new=function(){if(!me.new_dialog){var d=new Dialog(240,140,"Create a new record");d.make_body([['HTML','Select'],['Button','Go',function(){me.new_dialog.hide();new_doc(me.new_sel.inp.value);}]]);d.onshow=function(){me.new_sel.inp.focus();}