diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index a1bb85ad1c..47db9dc0f4 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -733,7 +733,7 @@ class acp_users
 						{
 							$sql_ary += array(
 								'user_email'		=> $update_email,
-								'user_email_hash'	=> crc32(strtolower($update_email)) . strlen($update_email)
+								'user_email_hash'	=> crc32($update_email) . strlen($update_email)
 							);
 
 							add_log('user', $user_id, 'LOG_USER_UPDATE_EMAIL', $user_row['username'], $user_row['user_email'], $update_email);
diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php
index d4034d7019..5216185d96 100644
--- a/phpBB/includes/functions_convert.php
+++ b/phpBB/includes/functions_convert.php
@@ -1181,6 +1181,12 @@ function restore_config($schema)
 
 		if ($config_value !== '')
 		{
+			// Most are...
+			if (is_string($config_value))
+			{
+				$config_value = utf8_htmlspecialchars($config_value);
+			}
+
 			set_config($config_name, $config_value);
 		}
 	}
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index e9297d490f..6ef3e01056 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -145,7 +145,7 @@ function user_add($user_row, $cp_data = false)
 		'user_password'		=> (isset($user_row['user_password'])) ? $user_row['user_password'] : '',
 		'user_pass_convert'	=> 0,
 		'user_email'		=> strtolower($user_row['user_email']),
-		'user_email_hash'	=> (int) crc32(strtolower($user_row['user_email'])) . strlen($user_row['user_email']),
+		'user_email_hash'	=> crc32(strtolower($user_row['user_email'])) . strlen($user_row['user_email']),
 		'group_id'			=> $user_row['group_id'],
 		'user_type'			=> $user_row['user_type'],
 	);
@@ -1332,7 +1332,7 @@ function validate_email($email)
 	{
 		$sql = 'SELECT user_email_hash
 			FROM ' . USERS_TABLE . "
-			WHERE user_email_hash = " . crc32($email) . strlen($email);
+			WHERE user_email_hash = " . (crc32($email) . strlen($email));
 		$result = $db->sql_query($sql);
 		$row = $db->sql_fetchrow($result);
 		$db->sql_freeresult($result);
diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php
index 8fd30020a1..4d8fc449a0 100644
--- a/phpBB/install/database_update.php
+++ b/phpBB/install/database_update.php
@@ -627,6 +627,24 @@ if (version_compare($current_version, '3.0.b4', '<='))
 		WHERE module_class = 'acp' AND module_mode = 'version_check' AND module_auth = 'acl_a_'";
 	_sql($sql, $errored, $error_ary);
 
+	// Because the email hash could have been calculated wrongly, we will update it for every user.
+	// Since this is not used in a live environment there are not much... not used in a live environment, yes!
+	$sql = 'SELECT user_id, user_email
+		FROM ' . USERS_TABLE;
+	$result = $db->sql_query($sql);
+
+	while ($row = $db->sql_fetchrow($result))
+	{
+		if ($row['user_email'])
+		{
+			$sql = 'UPDATE ' . USERS_TABLE . '
+				SET user_email_hash = ' . (crc32($row['user_email']) . strlen($row['user_email'])) . '
+				WHERE user_id = ' . $row['user_id'];
+			_sql($sql, $errored, $error_ary);
+		}
+	}
+	$db->sql_freeresult($result);
+
 	$no_updates = false;
 }
 
diff --git a/phpBB/install/install_install.php b/phpBB/install/install_install.php
index 7bfecd1685..b6bf1dd03d 100755
--- a/phpBB/install/install_install.php
+++ b/phpBB/install/install_install.php
@@ -1277,7 +1277,7 @@ class install_install extends module
 				WHERE config_name = 'newest_username'",
 
 			'UPDATE ' . $table_prefix . "users
-				SET username = '" . $db->sql_escape($admin_name) . "', user_password='" . $db->sql_escape(md5($admin_pass1)) . "', user_ip = '" . $db->sql_escape($user_ip) . "', user_lang = '" . $db->sql_escape($default_lang) . "', user_email='" . $db->sql_escape($board_email1) . "', user_dateformat='" . $db->sql_escape($lang['default_dateformat']) . "', user_email_hash = " . (int) (crc32(strtolower($board_email1)) . strlen($board_email1)) . ", username_clean = '" . $db->sql_escape(utf8_clean_string($admin_name)) . "'
+				SET username = '" . $db->sql_escape($admin_name) . "', user_password='" . $db->sql_escape(md5($admin_pass1)) . "', user_ip = '" . $db->sql_escape($user_ip) . "', user_lang = '" . $db->sql_escape($default_lang) . "', user_email='" . $db->sql_escape($board_email1) . "', user_dateformat='" . $db->sql_escape($lang['default_dateformat']) . "', user_email_hash = " . (crc32($board_email1) . strlen($board_email1)) . ", username_clean = '" . $db->sql_escape(utf8_clean_string($admin_name)) . "'
 				WHERE username = 'Admin'",
 
 			'UPDATE ' . $table_prefix . "moderator_cache