I didn't new before, but function "htmlspecialchars" not only escapes text to be safe for usage inside a HTML/XML, but also converts it's encoding to ISO-8859-1 (PHP 5.3.x and below).
As a result any UTF-8 encoded string will be encoded into ISO-8859-1 (after escaping) and all special symbols (e.g. resulted from pasting text from Microsoft Word) would have incorrect encoding, when presented back to user who has UTF-8 encoding on a page.
In PHP 5.4 and up default charset for this function is UTF-8.
As a fix I propose to pass CHARSET constant's value explicitly in each call of htmlspecialchars function across all In-Portal and it's modules.