diff --git a/htdocs/admin/events.php b/htdocs/admin/events.php
index 65a03adc4f1..c3b9b372915 100644
--- a/htdocs/admin/events.php
+++ b/htdocs/admin/events.php
@@ -28,14 +28,26 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/agenda.lib.php';
 require_once DOL_DOCUMENT_ROOT.'/core/class/events.class.php';
 
 
-if (!$user->admin)
-accessforbidden();
+if (!$user->admin) {
+	accessforbidden();
+}
 
 // Load translation files required by the page
 $langs->loadLangs(array("users", "admin", "other"));
 
 $action = GETPOST('action', 'aZ09');
+$contextpage = GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : 'myobjectlist'; // To manage different context of search
+$optioncss  = GETPOST('optioncss', 'aZ'); // Option for the css output (always '' except when 'print')
 
+// Load variable for pagination
+$limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit;
+$sortfield = GETPOST('sortfield', 'alpha');
+$sortorder = GETPOST('sortorder', 'alpha');
+$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
+if (empty($page) || $page < 0 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha')) { $page = 0; }     // If $page is not defined, or '' or -1 or if we click on clear filters
+$offset = $limit * $page;
+$pageprev = $page - 1;
+$pagenext = $page + 1;
 
 $securityevent = new Events($db);
 $eventstolog = $securityevent->eventstolog;
@@ -44,6 +56,7 @@ $eventstolog = $securityevent->eventstolog;
 /*
  *	Actions
  */
+
 if ($action == "save")
 {
 	$i = 0;
@@ -67,6 +80,12 @@ if ($action == "save")
  * View
  */
 
+$form = new Form($db);
+
+$varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage;
+$selectedfields = '';
+$selectedfields .= $form->showCheckAddButtons('checkforselect', 1);
+
 $wikihelp = 'EN:Setup_Security|FR:Paramétrage_Sécurité|ES:Configuración_Seguridad';
 llxHeader('', $langs->trans("Audit"), $wikihelp);
 
@@ -85,9 +104,10 @@ $head = security_prepare_head();
 
 dol_fiche_head($head, 'audit', $langs->trans("Security"), -1);
 
-print "<table class=\"noborder\" width=\"100%\">";
+print '<table class="noborder" width="100%">';
 print "<tr class=\"liste_titre\">";
-print "<td colspan=\"2\">".$langs->trans("LogEvents")."</td>";
+print getTitleFieldOfList("LogEvents", 0, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, '')."\n";
+print getTitleFieldOfList($selectedfields, 0, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'center maxwidthsearch ')."\n";
 print "</tr>\n";
 // Loop on each event type
 foreach ($eventstolog as $key => $arr)
@@ -96,10 +116,10 @@ foreach ($eventstolog as $key => $arr)
 	{
 		print '<tr class="oddeven">';
 		print '<td>'.$arr['id'].'</td>';
-		print '<td>';
+		print '<td class="center">';
 		$key = 'MAIN_LOGEVENTS_'.$arr['id'];
 		$value = $conf->global->$key;
-		print '<input class="oddeven" type="checkbox" name="'.$key.'" value="1"'.($value ? ' checked' : '').'>';
+		print '<input class="oddeven checkforselect" type="checkbox" name="'.$key.'" value="1"'.($value ? ' checked' : '').'>';
 		print '</td></tr>'."\n";
 	}
 }
@@ -109,7 +129,7 @@ dol_fiche_end();
 
 print '<div class="center">';
 print "<input type=\"submit\" name=\"save\" class=\"button\" value=\"".$langs->trans("Save")."\">";
-print "</div>";
+print '</div>';
 
 print "</form>\n";
 
diff --git a/htdocs/admin/perms.php b/htdocs/admin/perms.php
index 60bd157d283..0486edebeec 100644
--- a/htdocs/admin/perms.php
+++ b/htdocs/admin/perms.php
@@ -203,7 +203,7 @@ if ($result)
             // Show break line
             print '<tr class="oddeven trforbreak">';
             print '<td class="maxwidthonsmartphone tdoverflowonsmartphone">';
-            print img_object('', $picto, 'class="pictoobjectwidth"').' '.$objMod->getName();
+            print img_object('', $picto, 'class="pictoobjectwidth paddingright"').' '.$objMod->getName();
             print '<a name="'.$objMod->getName().'"></a>';
             print '</td>';
            	print '<td>&nbsp;</td>';
@@ -218,8 +218,6 @@ if ($result)
 
         // Picto and label of module
         print '<td class="maxwidthonsmartphone tdoverflowonsmartphone">';
-		//print img_object('', $picto, 'class="pictoobjectwidth"').' '.$objMod->getName();
-        //print '<a name="'.$objMod->getName().'">&nbsp;</a>';
 		print '</td>';
 
 		// Tick
diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php
index 965bca72824..f59e57d3516 100644
--- a/htdocs/core/class/html.form.class.php
+++ b/htdocs/core/class/html.form.class.php
@@ -7788,7 +7788,7 @@ class Form
             $(document).ready(function() {
             	$("#checkallactions'.$id.'").click(function() {
                     if($(this).is(\':checked\')){
-                        console.log("We check all");
+                        console.log("We check all '.$cssclass.'");
                 		$(".'.$cssclass.'").prop(\'checked\', true).trigger(\'change\');
                     }
                     else
diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang
index 88e18c62943..0ea2940911b 100644
--- a/htdocs/langs/en_US/errors.lang
+++ b/htdocs/langs/en_US/errors.lang
@@ -236,6 +236,7 @@ ErrorBatchNoFoundForProductInWarehouse=No lot/serial found for product "%s" in w
 ErrorBatchNoFoundEnoughQuantityForProductInWarehouse=No enough quantity for this lot/serial for product "%s" in warehouse "%s".
 ErrorOnlyOneFieldForGroupByIsPossible=Only 1 field for the 'Group by' is possible (others are discarded)
 ErrorTooManyDifferentValueForSelectedGroupBy=Found too many different value (more than <b>%s</b>) for the field '<b>%s</b>', so we can't user it as a 'Group by' for graphics. The field 'Group By' has been removed. May be you wanted to use it as an X-Axis ?
+ErrorReplaceStringEmpty=Error, the string to replace into is empty
 # Warnings
 WarningParamUploadMaxFileSizeHigherThanPostMaxSize=Your PHP parameter upload_max_filesize (%s) is higher than PHP parameter post_max_size (%s). This is not a consistent setup.
 WarningPasswordSetWithNoAccount=A password was set for this member. However, no user account was created. So this password is stored but can't be used to login to Dolibarr. It may be used by an external module/interface but if you don't need to define any login nor password for a member, you can disable option "Manage a login for each member" from Member module setup. If you need to manage a login but don't need any password, you can keep this field empty to avoid this warning. Note: Email can also be used as a login if the member is linked to a user.
diff --git a/htdocs/website/index.php b/htdocs/website/index.php
index 629e4b91584..c724ab4e3cf 100644
--- a/htdocs/website/index.php
+++ b/htdocs/website/index.php
@@ -369,7 +369,11 @@ if (($action == 'replacesite' || $action == 'replacesiteconfirm') && ! $searchke
 if ($massaction == 'replace')
 {
 	$replacestring = GETPOST('replacestring', 'alphanohtml');
-	if (! $replacestring) {
+
+	if (empty($user->rights->website->writephp)) {
+		setEventMessages("NotAllowedToAddDynamicContent", null, 'errors');
+	}
+	elseif (! $replacestring) {
 		setEventMessages("ErrorReplaceStringEmpty", null, 'errors');
 	}
 	else {
@@ -3531,12 +3535,8 @@ if ($action == 'replacesite' || $action == 'replacesiteconfirm' || $massaction =
 			$permissiontodelete = 0;
 
 			// List of mass actions available
-			$arrayofmassactions = array(
-				//'validate'=>$langs->trans("Validate"),
-				//'generate_doc'=>$langs->trans("ReGeneratePDF"),
-				//'builddoc'=>$langs->trans("PDFMerge"),
-				'replace'=>$langs->trans("Replace"),
-			);
+			$arrayofmassactions = array();
+			if ($user->rights->website->writephp) $arrayofmassactions['replace'] = $langs->trans("Replace");
 			if ($permissiontodelete) $arrayofmassactions['predelete'] = '<span class="fa fa-trash paddingrightonly"></span>'.$langs->trans("Delete");
 			if (GETPOST('nomassaction', 'int') || in_array($massaction, array('presend', 'predelete'))) $arrayofmassactions = array();
 			$massactionbutton = $form->selectMassAction('', $arrayofmassactions);