diff --git a/htdocs/commande/fiche.php b/htdocs/commande/fiche.php
index 2a501f10f73..9cc8da95d51 100644
--- a/htdocs/commande/fiche.php
+++ b/htdocs/commande/fiche.php
@@ -1,34 +1,34 @@
 <?php
 /* Copyright (C) 2003-2006	Rodolphe Quiedeville	<rodolphe@quiedeville.org>
  * Copyright (C) 2004-2013	Laurent Destailleur		<eldy@users.sourceforge.net>
- * Copyright (C) 2005		Marc Barilley / Ocebo	<marc@ocebo.com>
- * Copyright (C) 2005-2013	Regis Houssin			<regis.houssin@capnetworks.com>
- * Copyright (C) 2006		Andre Cianfarani		<acianfa@free.fr>
- * Copyright (C) 2010-2013	Juanjo Menent			<jmenent@2byte.es>
- * Copyright (C) 2011		Philippe Grand			<philippe.grand@atoo-net.com>
- * Copyright (C) 2012		Christophe Battarel		<christophe.battarel@altairis.fr>
- * Copyright (C) 2012		Marcos García			<marcosgdf@gmail.com>
- * Copyright (C) 2013		Florian Henry			<florian.henry@open-concept.pro>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
+* Copyright (C) 2005		Marc Barilley / Ocebo	<marc@ocebo.com>
+* Copyright (C) 2005-2013	Regis Houssin			<regis.houssin@capnetworks.com>
+* Copyright (C) 2006		Andre Cianfarani		<acianfa@free.fr>
+* Copyright (C) 2010-2013	Juanjo Menent			<jmenent@2byte.es>
+* Copyright (C) 2011		Philippe Grand			<philippe.grand@atoo-net.com>
+* Copyright (C) 2012		Christophe Battarel		<christophe.battarel@altairis.fr>
+* Copyright (C) 2012		Marcos García			<marcosgdf@gmail.com>
+* Copyright (C) 2013		Florian Henry			<florian.henry@open-concept.pro>
+*
+* This program is free software; you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation; either version 3 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
 
 /**
  *	\file       htdocs/commande/fiche.php
- *	\ingroup    commande
- *	\brief      Page to show customer order
- */
+*	\ingroup    commande
+*	\brief      Page to show customer order
+*/
 
 require '../main.inc.php';
 require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
@@ -541,7 +541,7 @@ else if ($action == 'setnote_public' && $user->rights->commande->creer)
 
 else if ($action == 'setnote_private' && $user->rights->commande->creer)
 {
-	$result=$object->update_note_rivate(dol_html_entity_decode(GETPOST('note_private'), ENT_QUOTES));
+	$result=$object->update_note(dol_html_entity_decode(GETPOST('note_private'), ENT_QUOTES), '_private');
 	if ($result < 0) dol_print_error($db,$object->error);
 }
 
@@ -1121,7 +1121,7 @@ else if ($action == 'print_file' AND $user->rights->printipp->use)
 {
 	require_once DOL_DOCUMENT_ROOT.'/core/class/dolprintipp.class.php';
 	$printer = new dolPrintIPP($db,$conf->global->PRINTIPP_HOST,$conf->global->PRINTIPP_PORT,$user->login,$conf->global->PRINTIPP_USER,$conf->global->PRINTIPP_PASSWORD);
-    $printer->print_file(GETPOST('file','alpha'),GETPOST('printer','alpha'));
+	$printer->print_file(GETPOST('file','alpha'),GETPOST('printer','alpha'));
 }
 
 else if ($action == 'update_extras')
@@ -2135,49 +2135,24 @@ else
 		$reshook=$hookmanager->executeHooks('formObjectOptions',$parameters,$object,$action);    // Note that $action and $object may have been modified by hook
 		if (empty($reshook) && ! empty($extrafields->attribute_label))
 		{
-
-			if ($action == 'edit_extras')
-			{
-				print '<form enctype="multipart/form-data" action="'.$_SERVER["PHP_SELF"].'" method="post" name="formsoc">';
-				print '<input type="hidden" name="action" value="update_extras">';
-				print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
-				print '<input type="hidden" name="id" value="'.$object->id.'">';
-			}
-
-			// TODO : use showOptionals($extrafields) function
-			foreach($extrafields->attribute_label as $key=>$label)
-			{
-				$value=(isset($_POST["options_".$key])?$_POST["options_".$key]:$object->array_options["options_".$key]);
-				if ($extrafields->attribute_type[$key] == 'separate')
-				{
-					print $extrafields->showSeparator($key);
-				}
-				else
-				{
-					print '<tr><td';
-					if (! empty($extrafields->attribute_required[$key])) print ' class="fieldrequired"';
-					print '>'.$label.'</td><td colspan="3">';
-
-					// Convert date into timestamp format
-					if (in_array($extrafields->attribute_type[$key],array('date','datetime')))
-					{
-						$value = isset($_POST["options_".$key])?dol_mktime($_POST["options_".$key."hour"], $_POST["options_".$key."min"], 0, $_POST["options_".$key."month"], $_POST["options_".$key."day"], $_POST["options_".$key."year"]):$object->array_options['options_'.$key];
-					}
-
-					if ($action == 'edit_extras' &&  $user->rights->propal->creer)
-					{
-						print $extrafields->showInputField($key,$value);
-					}
-					else
-					{
-						print $extrafields->showOutputField($key,$value);
-					}
-					print '</td></tr>'."\n";
-				}
-			}
-
 			if(count($extrafields->attribute_label) > 0) {
 
+				if ($action == 'edit_extras')
+				{
+					print '<form enctype="multipart/form-data" action="'.$_SERVER["PHP_SELF"].'" method="post" name="formsoc">';
+					print '<input type="hidden" name="action" value="update_extras">';
+					print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
+					print '<input type="hidden" name="id" value="'.$object->id.'">';
+				}
+
+
+				if ($action == 'edit_extras' &&  $user->rights->propal->creer) {
+					print $object->showOptionals($extrafields,'edit');
+				}
+				else {
+					print $object->showOptionals($extrafields);
+				}
+
 				if ($action == 'edit_extras' && $user->rights->propal->creer)
 				{
 					print '<tr><td></td><td>';
@@ -2307,7 +2282,7 @@ else
 
 		/*
 		 * Boutons actions
-		 */
+		*/
 		if ($action != 'presend')
 		{
 			if ($user->societe_id == 0 && $action <> 'editline')
@@ -2447,7 +2422,7 @@ else
 
 			/*
 			 * Documents generes
-			 */
+			*/
 			$comref = dol_sanitizeFileName($object->ref);
 			$file = $conf->commande->dir_output . '/' . $comref . '/' . $comref . '.pdf';
 			$relativepath = $comref.'/'.$comref.'.pdf';
@@ -2461,7 +2436,7 @@ else
 
 			/*
 			 * Linked object block
-			 */
+			*/
 			$somethingshown=$object->showLinkedObjectBlock();
 
 			print '</div><div class="fichehalfright"><div class="ficheaddleft">';
@@ -2473,7 +2448,7 @@ else
 			$somethingshown=$formactions->showactions($object,'order',$socid);
 
 			//print '</td></tr></table>';
-            print '</div></div></div>';
+			print '</div></div></div>';
 		}
 
 
diff --git a/htdocs/contrat/note.php b/htdocs/contrat/note.php
index ee66e4583f7..c8edf493f63 100644
--- a/htdocs/contrat/note.php
+++ b/htdocs/contrat/note.php
@@ -50,7 +50,7 @@ $object->fetch($id,$ref);
 
 if ($action == 'setnote_public' && $user->rights->contrat->creer)
 {
-	$result=$object->update_note(dol_html_entity_decode(dol_htmlcleanlastbr(GETPOST('note_public')), ENT_QUOTES),'_pubic');
+	$result=$object->update_note(dol_html_entity_decode(dol_htmlcleanlastbr(GETPOST('note_public')), ENT_QUOTES),'_public');
 	if ($result < 0) dol_print_error($db,$object->error);
 }
 
diff --git a/htdocs/core/lib/usergroups.lib.php b/htdocs/core/lib/usergroups.lib.php
index b9f12ca3f6c..10099ab7feb 100644
--- a/htdocs/core/lib/usergroups.lib.php
+++ b/htdocs/core/lib/usergroups.lib.php
@@ -78,14 +78,15 @@ function user_prepare_head($object)
 	    $head[$h][2] = 'clicktodial';
         $h++;
     }
-
+    
     // Show more tabs from modules
     // Entries must be declared in modules descriptor with line
     // $this->tabs = array('entity:+tabname:Title:@mymodule:/mymodule/mypage.php?id=__ID__');   to add new tab
     // $this->tabs = array('entity:-tabname);   												to remove a tab
     complete_head_from_modules($conf,$langs,$object,$head,$h,'user');
-
-    if (! empty($user->societe_id))
+	
+    //Info on users is visible only by internal user
+    if (empty($user->societe_id))
     {
     	$head[$h][0] = DOL_URL_ROOT.'/user/note.php?id='.$object->id;
     	$head[$h][1] = $langs->trans("Note");
diff --git a/htdocs/fichinter/fiche.php b/htdocs/fichinter/fiche.php
index 70fed335c93..0684c4695ce 100644
--- a/htdocs/fichinter/fiche.php
+++ b/htdocs/fichinter/fiche.php
@@ -386,7 +386,7 @@ else if ($action == 'setnote_public' && $user->rights->ficheinter->creer)
 else if ($action == 'setnote_private' && $user->rights->ficheinter->creer)
 {
     $object->fetch($id);
-    $result=$object->update_note(dol_html_entity_decode(GETPOST('note_private'), ENT_QUOTES));
+    $result=$object->update_note(dol_html_entity_decode(GETPOST('note_private'), ENT_QUOTES), '_private');
     if ($result < 0) dol_print_error($db,$object->error);
 }
 
diff --git a/htdocs/fourn/commande/note.php b/htdocs/fourn/commande/note.php
index 7d4fa0cd496..9e629414b63 100644
--- a/htdocs/fourn/commande/note.php
+++ b/htdocs/fourn/commande/note.php
@@ -54,9 +54,9 @@ if ($action == 'setnote_public' && $user->rights->fournisseur->commande->creer)
     $result=$object->update_note(dol_html_entity_decode(GETPOST('note_public'), ENT_QUOTES),'_public');
     if ($result < 0) dol_print_error($db,$object->error);
 }
-elseif ($action == 'setnote' && $user->rights->fournisseur->commande->creer)
+elseif ($action == 'setnote_private' && $user->rights->fournisseur->commande->creer)
 {
-    $result=$object->update_note(dol_html_entity_decode(GETPOST('note'), ENT_QUOTES));
+    $result=$object->update_note(dol_html_entity_decode(GETPOST('note_private'), ENT_QUOTES), '_private');
     if ($result < 0) dol_print_error($db,$object->error);
 }
 
diff --git a/htdocs/install/default.css b/htdocs/install/default.css
index b5f8773db75..d6c354e092c 100644
--- a/htdocs/install/default.css
+++ b/htdocs/install/default.css
@@ -61,10 +61,10 @@ padding: 0px 0px 0px 0px;
 margin: 0px 0px 0px 0px;
 }
 
-input[type=text] {
+input[type=text], input[type=password] {
     border: 1px solid #ACBCBB;
 }
-input[type=text]:focus, textarea:focus, select:focus {
+input[type=text]:focus, input[type=password]:focus, textarea:focus, select:focus {
     border: 1px solid #ACBCBB;
 	box-shadow: 0 0 5px #C091AF;
 }
diff --git a/htdocs/install/fileconf.php b/htdocs/install/fileconf.php
index 5e58d07d28c..7a8e1ad1ee9 100644
--- a/htdocs/install/fileconf.php
+++ b/htdocs/install/fileconf.php
@@ -406,7 +406,7 @@ if (! empty($force_install_message))
 	<tr class="hidesqlite">
 		<td class="label" valign="top"><b><?php echo $langs->trans("Password"); ?></b>
 		</td>
-		<td class="label" valign="top"><input type="text" id="db_pass" autocomplete="off"
+		<td class="label" valign="top"><input type="password" id="db_pass" autocomplete="off"
 			name="db_pass"
 			value="<?php
 			//$autofill=((! empty($dolibarr_main_db_pass))?$dolibarr_main_db_pass:$force_install_databasepass);
@@ -460,7 +460,7 @@ if (! empty($force_install_message))
 	<tr class="hidesqlite hideroot">
 		<td class="label" valign="top"><b><?php echo $langs->trans("Password"); ?></b>
 		</td>
-		<td class="label" valign="top"><input type="text" autocomplete="off"
+		<td class="label" valign="top"><input type="password" autocomplete="off"
 			id="db_pass_root" name="db_pass_root" class="needroot"
 			value="<?php
 			$autofill=((! empty($db_pass_root))?$db_pass_root:$force_install_databaserootpass);
diff --git a/htdocs/product/fiche.php b/htdocs/product/fiche.php
index e8775f44621..143ed6e9551 100644
--- a/htdocs/product/fiche.php
+++ b/htdocs/product/fiche.php
@@ -693,7 +693,7 @@ else
         print '</td></tr>';
 
         // Label
-        print '<tr><td class="fieldrequired">'.$langs->trans("Label").'</td><td><input name="libelle" size="40" value="'.GETPOST('libelle').'"></td></tr>';
+        print '<tr><td class="fieldrequired">'.$langs->trans("Label").'</td><td><input name="libelle" size="40" maxlength="255" value="'.GETPOST('libelle').'"></td></tr>';
 
         // On sell
         print '<tr><td class="fieldrequired">'.$langs->trans("Status").' ('.$langs->trans("Sell").')</td><td>';
@@ -866,7 +866,7 @@ else
             print '<tr><td width="15%" class="fieldrequired">'.$langs->trans("Ref").'</td><td colspan="2"><input name="ref" size="40" maxlength="32" value="'.$object->ref.'"></td></tr>';
 
             // Label
-            print '<tr><td class="fieldrequired">'.$langs->trans("Label").'</td><td colspan="2"><input name="libelle" size="40" value="'.$object->libelle.'"></td></tr>';
+            print '<tr><td class="fieldrequired">'.$langs->trans("Label").'</td><td colspan="2"><input name="libelle" size="40" maxlength="255" value="'.$object->libelle.'"></td></tr>';
 
             // Status
             print '<tr><td class="fieldrequired">'.$langs->trans("Status").' ('.$langs->trans("Sell").')</td><td colspan="2">';
diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php
index f5af9518de1..321936ad6a9 100644
--- a/htdocs/projet/class/project.class.php
+++ b/htdocs/projet/class/project.class.php
@@ -1048,7 +1048,7 @@ class Project extends CommonObject
 				}
 
 				$this->db->begin();
-				$res=$clone_project->update_note(dol_html_entity_decode($clone_project->note_private, ENT_QUOTES));
+				$res=$clone_project->update_note(dol_html_entity_decode($clone_project->note_private, ENT_QUOTES), '_private');
 				if ($res < 0)
 				{
 					$this->error.=$clone_project->error;
diff --git a/htdocs/projet/class/task.class.php b/htdocs/projet/class/task.class.php
index 0adc21eb6cc..ac29870106b 100644
--- a/htdocs/projet/class/task.class.php
+++ b/htdocs/projet/class/task.class.php
@@ -1064,7 +1064,7 @@ class Task extends CommonObject
 				}
 
 				$this->db->begin();
-				$res=$clone_task->update_note(dol_html_entity_decode($clone_task->note_private, ENT_QUOTES));
+				$res=$clone_task->update_note(dol_html_entity_decode($clone_task->note_private, ENT_QUOTES), '_private');
 				if ($res < 0)
 				{
 					$this->error.=$clone_task->error;
diff --git a/htdocs/projet/note.php b/htdocs/projet/note.php
index 26eafbc16d2..dddab2a5e79 100644
--- a/htdocs/projet/note.php
+++ b/htdocs/projet/note.php
@@ -63,7 +63,7 @@ if ($action == 'setnote_public' && $user->rights->projet->creer)
 if ($action == 'setnote_private' && $user->rights->projet->creer)
 {
 	$object->fetch($id);
-	$result=$object->update_note(dol_html_entity_decode(GETPOST('note_private'), ENT_QUOTES));
+	$result=$object->update_note(dol_html_entity_decode(GETPOST('note_private'), ENT_QUOTES), '_private');
 	if ($result < 0) dol_print_error($db,$object->error);
 }
 
diff --git a/htdocs/projet/tasks/note.php b/htdocs/projet/tasks/note.php
index 9931bde0510..1b6bebeb9d5 100644
--- a/htdocs/projet/tasks/note.php
+++ b/htdocs/projet/tasks/note.php
@@ -93,7 +93,7 @@ if ($action == 'setnote_public' && ! empty($permission))
 
 else if ($action == 'setnote_private' && ! empty($permission))
 {
-    $result=$object->update_note(dol_html_entity_decode(GETPOST('note_private'), ENT_QUOTES));
+    $result=$object->update_note(dol_html_entity_decode(GETPOST('note_private'), ENT_QUOTES), '_private');
     if ($result < 0) dol_print_error($db,$object->error);
 }
 
diff --git a/htdocs/user/note.php b/htdocs/user/note.php
index 421d30cbc7a..5ccd23f3042 100644
--- a/htdocs/user/note.php
+++ b/htdocs/user/note.php
@@ -58,7 +58,7 @@ if ($action == 'update' && $user->rights->user->user->creer && ! $_POST["cancel"
 {
 	$db->begin();
 
-	$res=$fuser->update_note($_POST["note"],$user);
+	$res=$fuser->update_note(dol_html_entity_decode(GETPOST('note'), ENT_QUOTES));
 	if ($res < 0)
 	{
 		$mesg='<div class="error">'.$adh->error.'</div>';