diff --git a/htdocs/contact/class/contact.class.php b/htdocs/contact/class/contact.class.php
index 58356a5f386..d9b69e35fcf 100644
--- a/htdocs/contact/class/contact.class.php
+++ b/htdocs/contact/class/contact.class.php
@@ -2,7 +2,7 @@
 /* Copyright (C) 2002-2004 Rodolphe Quiedeville        <rodolphe@quiedeville.org>
  * Copyright (C) 2004      Benoit Mortier              <benoit.mortier@opensides.be>
  * Copyright (C) 2004-2010 Laurent Destailleur         <eldy@users.sourceforge.net>
- * Copyright (C) 2005-2008 Regis Houssin               <regis@dolibarr.fr>
+ * Copyright (C) 2005-2012 Regis Houssin               <regis@dolibarr.fr>
  * Copyright (C) 2007      Franky Van Liedekerke       <franky.van.liedekerker@telenet.be>
  * Copyright (C) 2008      Raphael Bertrand (Resultic) <raphael.bertrand@resultic.fr>
  *
@@ -534,7 +534,6 @@ class Contact extends CommonObject
 				$this->mail				= $obj->email;
 
 				$this->birthday			= $this->db->jdate($obj->birthday);
-				$this->birthday_alert 	= $obj->birthday_alert;
 				$this->note				= $obj->note;
 				$this->default_lang		= $obj->default_lang;
 				$this->user_id			= $obj->user_id;
diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php
index 42a6119c611..044fbd74443 100644
--- a/htdocs/core/class/html.form.class.php
+++ b/htdocs/core/class/html.form.class.php
@@ -3690,7 +3690,7 @@ class Form
             }
             else
             {
-                if ($conf->gravatar->enabled && $email)
+                if (! empty($conf->gravatar->enabled) && $email)
                 {
                     global $dolibarr_main_url_root;
                     $ret.='<!-- Put link to gravatar -->';
diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index 11a335a39b2..d81d3a3e006 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -1177,19 +1177,22 @@ function dol_print_phone($phone,$country="FR",$cid=0,$socid=0,$addlink=0,$separ=
 
     if (! empty($addlink))
     {
-        if ($conf->clicktodial->enabled)
+        if (! empty($conf->clicktodial->enabled))
         {
             if (empty($user->clicktodial_loaded)) $user->fetch_clicktodial();
 
             if (empty($conf->global->CLICKTODIAL_URL)) $urlmask='ErrorClickToDialModuleNotConfigured';
             else $urlmask=$conf->global->CLICKTODIAL_URL;
+            $clicktodial_poste=(! empty($user->clicktodial_poste)?urlencode($user->clicktodial_poste):'');
+            $clicktodial_login=(! empty($user->clicktodial_login)?urlencode($user->clicktodial_login):'');
+            $clicktodial_password=(! empty($user->clicktodial_password)?urlencode($user->clicktodial_password):'');
             // This line is for backward compatibility
-            $url = sprintf($urlmask, urlencode($phone), urlencode($user->clicktodial_poste), urlencode($user->clicktodial_login), urlencode($user->clicktodial_password));
+            $url = sprintf($urlmask, urlencode($phone), $clicktodial_poste, $clicktodial_login, $clicktodial_password);
             // Thoose lines are for substitution
-            $substitarray=array('__PHONEFROM__'=>urlencode($user->clicktodial_poste),
+            $substitarray=array('__PHONEFROM__'=>$clicktodial_poste,
 			               		'__PHONETO__'=>urlencode($phone),
-						   		'__LOGIN__'=>urlencode($user->clicktodial_login),
-			               		'__PASS__'=>urlencode($user->clicktodial_password));
+						   		'__LOGIN__'=>$clicktodial_login,
+			               		'__PASS__'=>$clicktodial_password);
             $url = make_substitutions($url, $substitarray);
             $newphonesav=$newphone;
             $newphone ='<a href="'.$url.'"';
diff --git a/htdocs/core/lib/usergroups.lib.php b/htdocs/core/lib/usergroups.lib.php
index 6a3d45892bf..0848580ad7a 100644
--- a/htdocs/core/lib/usergroups.lib.php
+++ b/htdocs/core/lib/usergroups.lib.php
@@ -49,7 +49,7 @@ function user_prepare_head($object)
     $head[$h][2] = 'user';
     $h++;
 
-	if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE)
+	if (! empty($conf->ldap->enabled) && ! empty($conf->global->LDAP_SYNCHRO_ACTIVE))
 	{
 		$langs->load("ldap");
 	    $head[$h][0] = DOL_URL_ROOT.'/user/ldap.php?id='.$object->id;
@@ -71,7 +71,7 @@ function user_prepare_head($object)
     $head[$h][2] = 'guisetup';
     $h++;
 
-    if ($conf->clicktodial->enabled)
+    if (! empty($conf->clicktodial->enabled))
     {
         $head[$h][0] = DOL_URL_ROOT.'/user/clicktodial.php?id='.$object->id;
         $head[$h][1] = $langs->trans("ClickToDial");
@@ -85,7 +85,7 @@ function user_prepare_head($object)
     // $this->tabs = array('entity:-tabname:Title:@mymodule:conditiontoshow:/mymodule/mypage.php?id=__ID__');   to remove a tab
     complete_head_from_modules($conf,$langs,$object,$head,$h,'user');
 
-    if (! $user->societe_id)
+    if (! empty($user->societe_id))
     {
     	$head[$h][0] = DOL_URL_ROOT.'/user/note.php?id='.$object->id;
     	$head[$h][1] = $langs->trans("Note");
@@ -120,7 +120,7 @@ function group_prepare_head($object)
     $head[$h][2] = 'group';
     $h++;
 
-	if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE)
+	if (! empty($conf->ldap->enabled) && ! empty($conf->global->LDAP_SYNCHRO_ACTIVE))
 	{
 		$langs->load("ldap");
 	    $head[$h][0] = DOL_URL_ROOT.'/user/group/ldap.php?id='.$object->id;
@@ -166,7 +166,7 @@ function show_theme($fuser,$edit=0,$foruserprofile=false)
     }
 
     $selected_theme=$conf->global->MAIN_THEME;
-    if (! empty($fuser)) $selected_theme=$fuser->conf->MAIN_THEME;
+    if (! empty($fuser->conf->MAIN_THEME)) $selected_theme=$fuser->conf->MAIN_THEME;
 
     $colspan=2;
     if ($foruserprofile) $colspan=4;
diff --git a/htdocs/core/modules/DolibarrModules.class.php b/htdocs/core/modules/DolibarrModules.class.php
index 54386047e45..c98aff33804 100644
--- a/htdocs/core/modules/DolibarrModules.class.php
+++ b/htdocs/core/modules/DolibarrModules.class.php
@@ -900,7 +900,7 @@ abstract class DolibarrModules
         if ($resql)
         {
             $obj=$this->db->fetch_object($resql);
-            if ($obj->value)
+            if (! empty($obj->value) && ! empty($this->rights))
             {
                 // Si module actif
                 foreach ($this->rights as $key => $value)
diff --git a/htdocs/langs/ca_ES/contracts.lang b/htdocs/langs/ca_ES/contracts.lang
index 36a951891cb..08af34a7784 100644
--- a/htdocs/langs/ca_ES/contracts.lang
+++ b/htdocs/langs/ca_ES/contracts.lang
@@ -39,6 +39,7 @@ ConfirmCloseService=Esteu segur de voler tancar aquest servei?
 ValidateAContract=Validar un contracte
 ActivateService=Activar el servei
 ConfirmActivateService=Esteu segur de voler activar aquest servei en data %s?
+RefContract=Ref. contracte
 DateContract=Data contracte
 DateServiceActivate=Data activació del servei
 DateServiceUnactivate=Data desactivació del servei
diff --git a/htdocs/langs/ca_ES/install.lang b/htdocs/langs/ca_ES/install.lang
index 02e7366f001..02e98c0a52c 100644
--- a/htdocs/langs/ca_ES/install.lang
+++ b/htdocs/langs/ca_ES/install.lang
@@ -155,7 +155,11 @@ MigrationShippingDelivery2=Actualització de les dades expedicions 2
 MigrationFinished=Acabada l'actualització
 LastStepDesc=<strong>Últim pas</strong>: Indiqueu aquí el compte i la contrasenya del primer usuari que fareu servir per connectar-se a l'aplicació. No perdi aquests identificadors, és el compte que permet administrar la resta.
 ActivateModule=Activació del mòdul %s
-#########=
+LinkedElementsInvalidDeleted=han estat eliminats <b>%s</b> enllaços invàlids
+NothingToDelete=No s'ha trobat enllaços invàlids
+SourceType=Origen
+TargetType=Destí
+#########
 # upgrade=
 MigrationFixData=Correcció de dades desnormalitzades
 MigrationOrder=Migració de dades de les comandes clients
diff --git a/htdocs/langs/es_ES/contracts.lang b/htdocs/langs/es_ES/contracts.lang
index 0509a2951ae..e81f133a31f 100644
--- a/htdocs/langs/es_ES/contracts.lang
+++ b/htdocs/langs/es_ES/contracts.lang
@@ -39,6 +39,7 @@ ConfirmCloseService=¿Está seguro de querer cerrar este servicio?
 ValidateAContract=Validar un contrato
 ActivateService=Activar el servicio
 ConfirmActivateService=¿Está seguro de querer activar este servicio en fecha %s?
+RefContract=Ref. contrato
 DateContract=Fecha contrato
 DateServiceActivate=Fecha activación del servicio
 DateServiceUnactivate=Fecha desactivación del servicio
diff --git a/htdocs/langs/es_ES/install.lang b/htdocs/langs/es_ES/install.lang
index 3e344427cca..52882e9b7c5 100644
--- a/htdocs/langs/es_ES/install.lang
+++ b/htdocs/langs/es_ES/install.lang
@@ -155,6 +155,10 @@ MigrationShippingDelivery2=Actualización de los datos de expediciones 2
 MigrationFinished=Actualización terminada
 LastStepDesc=<strong>Último paso</strong>: Indique aquí la cuenta y la contraseña del primer usuario que usted utilizará para conectarse a la aplicación. No pierda estos identificadores, es la cuenta que permite administrar el resto.
 ActivateModule=Activación del módulo %s
+LinkedElementsInvalidDeleted=han sido eliminados <b>%s</b> enlaces inválidos
+NothingToDelete=No se han encontrado enlaces inválidos
+SourceType=Origen
+TargetType=Destino
 #########
 # upgrade
 MigrationFixData=Corrección de datos desnormalizados
diff --git a/htdocs/user/class/usergroup.class.php b/htdocs/user/class/usergroup.class.php
index 48b388bd971..4ec4d7fbed7 100644
--- a/htdocs/user/class/usergroup.class.php
+++ b/htdocs/user/class/usergroup.class.php
@@ -1,7 +1,7 @@
 <?php
 /* Copyright (c) 2005      Rodolphe Quiedeville <rodolphe@quiedeville.org>
  * Copyright (c) 2005-2012 Laurent Destailleur  <eldy@users.sourceforge.net>
- * Copyright (c) 2005-2011 Regis Houssin        <regis@dolibarr.fr>
+ * Copyright (c) 2005-2012 Regis Houssin        <regis@dolibarr.fr>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -437,7 +437,7 @@ class UserGroup extends CommonObject
 			return;
 		}
 
-		if ($this->all_permissions_are_loaded)
+		if (! empty($this->all_permissions_are_loaded))
 		{
 			// Si les permissions ont deja ete chargees, on quitte
 			return;
diff --git a/htdocs/user/clicktodial.php b/htdocs/user/clicktodial.php
index 606dda9c780..bac1632013e 100644
--- a/htdocs/user/clicktodial.php
+++ b/htdocs/user/clicktodial.php
@@ -1,6 +1,7 @@
 <?php
-/* Copyright (C) 2005      Rodolphe Quiedeville <rodolphe@quiedeville.org>
- * Copyright (C) 2005-2012 Laurent Destailleur  <eldy@users.sourceforge.net>
+/* Copyright (C) 2005		Rodolphe Quiedeville	<rodolphe@quiedeville.org>
+ * Copyright (C) 2005-2012	Laurent Destailleur		<eldy@users.sourceforge.net>
+ * Copyright (C) 2012		Regis Houssin			<regis@dolibarr.fr>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -133,17 +134,17 @@ if ($id)
 
         print '<tr><td width="25%" valign="top">ClickToDial '.$langs->trans("Login").'</td>';
         print '<td class="valeur">';
-        print '<input name="login" value="'.$fuser->clicktodial_login.'"></td>';
+        print '<input name="login" value="'.(! empty($fuser->clicktodial_login)?$fuser->clicktodial_login:'').'"></td>';
 		print '</tr>';
 
         print '<tr><td width="25%" valign="top">ClickToDial '.$langs->trans("Password").'</td>';
         print '<td class="valeur">';
-        print '<input name="password" value="'.$fuser->clicktodial_password.'"></td>';
+        print '<input name="password" value="'.(! empty($fuser->clicktodial_password)?$fuser->clicktodial_password:'').'"></td>';
         print "</tr>\n";
 
         print '<tr><td width="25%" valign="top">ClickToDial '.$langs->trans("IdPhoneCaller").'</td>';
         print '<td class="valeur">';
-        print '<input name="poste" value="'.$fuser->clicktodial_poste.'"></td>';
+        print '<input name="poste" value="'.(! empty($fuser->clicktodial_poste)?$fuser->clicktodial_poste:'').'"></td>';
         print "</tr>\n";
 
 		print '<tr><td colspan="2" align="center"><input class="button" type="submit" value="'.$langs->trans("Save").'">';
@@ -158,7 +159,7 @@ if ($id)
 
         print '<table class="border" width="100%">';
 
-        if ($user->admin)
+        if (! empty($user->admin))
         {
         	print "<tr>".'<td width="25%" valign="top">ClickToDial URL</td>';
         	print '<td class="valeur">';
@@ -172,13 +173,13 @@ if ($id)
         	print '</tr>';
         }
         print '<tr><td width="25%" valign="top">ClickToDial '.$langs->trans("Login").'</td>';
-        print '<td class="valeur">'.$fuser->clicktodial_login.'</td>';
+        print '<td class="valeur">'.(! empty($fuser->clicktodial_login)?$fuser->clicktodial_login:'').'</td>';
         print '</tr>';
         print '<tr><td width="25%" valign="top">ClickToDial '.$langs->trans("Password").'</td>';
-        print '<td class="valeur">'.preg_replace('/./','*',$fuser->clicktodial_password).'</a></td>';
+        print '<td class="valeur">'.preg_replace('/./','*',(! empty($fuser->clicktodial_password)?$fuser->clicktodial_password:'')).'</a></td>';
         print "</tr>\n";
         print '<tr><td width="25%" valign="top">ClickToDial '.$langs->trans("IdPhoneCaller").'</td>';
-        print '<td class="valeur">'.$fuser->clicktodial_poste.'</td>';
+        print '<td class="valeur">'.(! empty($fuser->clicktodial_poste)?$fuser->clicktodial_poste:'').'</td>';
         print "</tr></table>\n";
     }
 
@@ -189,7 +190,7 @@ if ($id)
      */
     print '<div class="tabsAction">';
 
-    if ($user->admin && $action <> 'edit')
+    if (! empty($user->admin) && $action <> 'edit')
     {
         print '<a class="butAction" href="clicktodial.php?id='.$fuser->id.'&amp;action=edit">'.$langs->trans("Modify").'</a>';
     }
diff --git a/htdocs/user/fiche.php b/htdocs/user/fiche.php
index 780422e8246..8d5418636bc 100644
--- a/htdocs/user/fiche.php
+++ b/htdocs/user/fiche.php
@@ -32,26 +32,28 @@ require_once(DOL_DOCUMENT_ROOT."/user/class/usergroup.class.php");
 require_once(DOL_DOCUMENT_ROOT."/contact/class/contact.class.php");
 require_once(DOL_DOCUMENT_ROOT."/core/lib/images.lib.php");
 require_once(DOL_DOCUMENT_ROOT."/core/lib/usergroups.lib.php");
-if ($conf->ldap->enabled) require_once(DOL_DOCUMENT_ROOT."/core/class/ldap.class.php");
-if ($conf->adherent->enabled) require_once(DOL_DOCUMENT_ROOT."/adherents/class/adherent.class.php");
+if (! empty($conf->ldap->enabled)) require_once(DOL_DOCUMENT_ROOT."/core/class/ldap.class.php");
+if (! empty($conf->adherent->enabled)) require_once(DOL_DOCUMENT_ROOT."/adherents/class/adherent.class.php");
 if (! empty($conf->multicompany->enabled)) dol_include_once("/multicompany/class/actions_multicompany.class.php");
 
 $id			= GETPOST('id','int');
-$action		= GETPOST("action");
+$action		= GETPOST('action','alpha');
+$confirm	= GETPOST('confirm','alpha');
+$subaction	= GETPOST('subaction','alpha');
 $group		= GETPOST("group","int",3);
-$confirm	= GETPOST("confirm");
+$message='';
 
 // Define value to know what current user can do on users
-$canadduser=($user->admin || $user->rights->user->user->creer);
-$canreaduser=($user->admin || $user->rights->user->user->lire);
-$canedituser=($user->admin || $user->rights->user->user->creer);
-$candisableuser=($user->admin || $user->rights->user->user->supprimer);
+$canadduser=(! empty($user->admin) || $user->rights->user->user->creer);
+$canreaduser=(! empty($user->admin) || $user->rights->user->user->lire);
+$canedituser=(! empty($user->admin) || $user->rights->user->user->creer);
+$candisableuser=(! empty($user->admin) || $user->rights->user->user->supprimer);
 $canreadgroup=$canreaduser;
 $caneditgroup=$canedituser;
 if (! empty($conf->global->MAIN_USE_ADVANCED_PERMS))
 {
-    $canreadgroup=($user->admin || $user->rights->user->group_advance->read);
-    $caneditgroup=($user->admin || $user->rights->user->group_advance->write);
+    $canreadgroup=(! empty($user->admin) || $user->rights->user->group_advance->read);
+    $caneditgroup=(! empty($user->admin) || $user->rights->user->group_advance->write);
 }
 // Define value to know what current user can do on properties of edited user
 if ($id)
@@ -87,14 +89,14 @@ $form = new Form($db);
 /**
  * Actions
  */
-if ($_GET["subaction"] == 'addrights' && $canedituser)
+if ($subaction == 'addrights' && $canedituser)
 {
     $edituser = new User($db);
     $edituser->fetch($id);
     $edituser->addrights($_GET["rights"]);
 }
 
-if ($_GET["subaction"] == 'delrights' && $canedituser)
+if ($subaction == 'delrights' && $canedituser)
 {
     $edituser = new User($db);
     $edituser->fetch($id);
@@ -116,8 +118,6 @@ if ($action == 'confirm_enable' && $confirm == "yes" && $candisableuser)
 {
     if ($id <> $user->id)
     {
-        $message='';
-
         $edituser = new User($db);
         $edituser->fetch($id);
 
@@ -162,7 +162,6 @@ if ($action == 'confirm_delete' && $confirm == "yes" && $candisableuser)
 // Action ajout user
 if ($action == 'add' && $canadduser)
 {
-    $message="";
     if (! $_POST["nom"])
     {
         $message='<div class="error">'.$langs->trans("NameNotDefined").'</div>';
@@ -286,8 +285,6 @@ if ($action == 'update' && ! $_POST["cancel"])
 
     if ($caneditfield)	// Case we can edit all field
     {
-        $message="";
-
         if (! $_POST["nom"])
         {
             $message='<div class="error">'.$langs->trans("NameNotDefined").'</div>';
@@ -539,7 +536,9 @@ if (($action == 'create') || ($action == 'adduserldap'))
     print "<br>";
     print "<br>";
 
-    if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE == 'ldap2dolibarr')
+    dol_htmloutput_errors($message);
+
+    if (! empty($conf->ldap->enabled) && (isset($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE == 'ldap2dolibarr'))
     {
         /*
          * Affiche formulaire d'ajout d'un compte depuis LDAP
@@ -589,40 +588,35 @@ if (($action == 'create') || ($action == 'adduserldap'))
         {
             $message='<div class="error">'.$ldap->error.'</div>';
         }
-    }
 
-    dol_htmloutput_errors($message);
-
-    if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE == 'ldap2dolibarr')
-    {
         // Si la liste des users est rempli, on affiche la liste deroulante
         if (is_array($liste))
         {
-            print "\n\n<!-- Form liste LDAP debut -->\n";
+        	print "\n\n<!-- Form liste LDAP debut -->\n";
 
-            print '<form name="add_user_ldap" action="'.$_SERVER["PHP_SELF"].'" method="post">';
-            print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
-            print '<table width="100%" class="border"><tr>';
-            print '<td width="160">';
-            print $langs->trans("LDAPUsers");
-            print '</td>';
-            print '<td>';
-            print '<input type="hidden" name="action" value="adduserldap">';
-            print $form->selectarray('users', $liste, '', 1);
-            print '</td><td align="center">';
-            print '<input type="submit" class="button" value="'.$langs->trans('Get').'">';
-            print '</td></tr></table>';
-            print '</form>';
+        	print '<form name="add_user_ldap" action="'.$_SERVER["PHP_SELF"].'" method="post">';
+        	print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
+        	print '<table width="100%" class="border"><tr>';
+        	print '<td width="160">';
+        	print $langs->trans("LDAPUsers");
+        	print '</td>';
+        	print '<td>';
+        	print '<input type="hidden" name="action" value="adduserldap">';
+        	print $form->selectarray('users', $liste, '', 1);
+        	print '</td><td align="center">';
+        	print '<input type="submit" class="button" value="'.$langs->trans('Get').'">';
+        	print '</td></tr></table>';
+        	print '</form>';
 
-            print "\n<!-- Form liste LDAP fin -->\n\n";
-            print '<br>';
+        	print "\n<!-- Form liste LDAP fin -->\n\n";
+        	print '<br>';
         }
     }
 
-    print '<form action="fiche.php" method="post" name="createuser">';
+    print '<form action="'.$_SERVER['PHP_SELF'].'" method="POST" name="createuser">';
     print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
     print '<input type="hidden" name="action" value="add">';
-    if ($ldap_sid) print '<input type="hidden" name="ldap_sid" value="'.$ldap_sid.'">';
+    if (! empty($ldap_sid)) print '<input type="hidden" name="ldap_sid" value="'.$ldap_sid.'">';
     print '<input type="hidden" name="entity" value="'.$conf->entity.'">';
 
     print '<table class="border" width="100%">';
@@ -632,52 +626,52 @@ if (($action == 'create') || ($action == 'adduserldap'))
     // Nom
     print '<td valign="top" width="160"><span class="fieldrequired">'.$langs->trans("Lastname").'</span></td>';
     print '<td>';
-    if ($ldap_nom)
+    if (! empty($ldap_nom))
     {
         print '<input type="hidden" name="nom" value="'.$ldap_nom.'">';
         print $ldap_nom;
     }
     else
     {
-        print '<input size="30" type="text" name="nom" value="'.$_POST["nom"].'">';
+        print '<input size="30" type="text" name="nom" value="'.GETPOST('nom').'">';
     }
     print '</td></tr>';
 
     // Prenom
     print '<tr><td valign="top">'.$langs->trans("Firstname").'</td>';
     print '<td>';
-    if ($ldap_prenom)
+    if (! empty($ldap_prenom))
     {
         print '<input type="hidden" name="prenom" value="'.$ldap_prenom.'">';
         print $ldap_prenom;
     }
     else
     {
-        print '<input size="30" type="text" name="prenom" value="'.$_POST["prenom"].'">';
+        print '<input size="30" type="text" name="prenom" value="'.GETPOST('prenom').'">';
     }
     print '</td></tr>';
 
     // Login
     print '<tr><td valign="top"><span class="fieldrequired">'.$langs->trans("Login").'</span></td>';
     print '<td>';
-    if ($ldap_login)
+    if (! empty($ldap_login))
     {
         print '<input type="hidden" name="login" value="'.$ldap_login.'">';
         print $ldap_login;
     }
-    elseif ($ldap_loginsmb)
+    elseif (! empty($ldap_loginsmb))
     {
         print '<input type="hidden" name="login" value="'.$ldap_loginsmb.'">';
         print $ldap_loginsmb;
     }
     else
     {
-        print '<input size="20" maxsize="24" type="text" name="login" value="'.$_POST["login"].'">';
+        print '<input size="20" maxsize="24" type="text" name="login" value="'.GETPOST('login').'">';
     }
     print '</td></tr>';
 
     $generated_password='';
-    if (! $ldap_sid)    // ldap_sid is for activedirectory
+    if (empty($ldap_sid))    // ldap_sid is for activedirectory
     {
         require_once(DOL_DOCUMENT_ROOT."/core/lib/security2.lib.php");
         $generated_password=getRandomPassword('');
@@ -687,13 +681,13 @@ if (($action == 'create') || ($action == 'adduserldap'))
     // Mot de passe
     print '<tr><td valign="top">'.$langs->trans("Password").'</td>';
     print '<td>';
-    if ($ldap_sid)
+    if (! empty($ldap_sid))
     {
         print 'Mot de passe du domaine';
     }
     else
     {
-        if ($ldap_pass)
+        if (! empty($ldap_pass))
         {
             print '<input type="hidden" name="password" value="'.$ldap_pass.'">';
             print preg_replace('/./i','*',$ldap_pass);
@@ -707,15 +701,15 @@ if (($action == 'create') || ($action == 'adduserldap'))
     print '</td></tr>';
 
     // Administrateur
-    if ($user->admin)
+    if (! empty($user->admin))
     {
         print '<tr><td valign="top">'.$langs->trans("Administrator").'</td>';
         print '<td>';
-        print $form->selectyesno('admin',$_POST["admin"],1);
+        print $form->selectyesno('admin',GETPOST('admin'),1);
 
         if (! empty($conf->multicompany->enabled) && ! $user->entity && empty($conf->multicompany->transverse_mode))
         {
-            if ($conf->use_javascript_ajax)
+            if (! empty($conf->use_javascript_ajax))
             {
                 print '<script type="text/javascript">
 							$(function() {
@@ -774,63 +768,63 @@ if (($action == 'create') || ($action == 'adduserldap'))
     // Tel
     print '<tr><td valign="top">'.$langs->trans("PhonePro").'</td>';
     print '<td>';
-    if ($ldap_phone)
+    if (! empty($ldap_phone))
     {
         print '<input type="hidden" name="office_phone" value="'.$ldap_phone.'">';
         print $ldap_phone;
     }
     else
     {
-        print '<input size="20" type="text" name="office_phone" value="'.$_POST["office_phone"].'">';
+        print '<input size="20" type="text" name="office_phone" value="'.GETPOST('office_phone').'">';
     }
     print '</td></tr>';
 
     // Tel portable
     print '<tr><td valign="top">'.$langs->trans("PhoneMobile").'</td>';
     print '<td>';
-    if ($ldap_mobile)
+    if (! empty($ldap_mobile))
     {
         print '<input type="hidden" name="user_mobile" value="'.$ldap_mobile.'">';
         print $ldap_mobile;
     }
     else
     {
-        print '<input size="20" type="text" name="user_mobile" value="'.$_POST["user_mobile"].'">';
+        print '<input size="20" type="text" name="user_mobile" value="'.GETPOST('user_mobile').'">';
     }
     print '</td></tr>';
 
     // Fax
     print '<tr><td valign="top">'.$langs->trans("Fax").'</td>';
     print '<td>';
-    if ($ldap_fax)
+    if (! empty($ldap_fax))
     {
         print '<input type="hidden" name="office_fax" value="'.$ldap_fax.'">';
         print $ldap_fax;
     }
     else
     {
-        print '<input size="20" type="text" name="office_fax" value="'.$_POST["office_fax"].'">';
+        print '<input size="20" type="text" name="office_fax" value="'.GETPOST('office_fax').'">';
     }
     print '</td></tr>';
 
     // EMail
-    print '<tr><td valign="top"'.($conf->global->USER_MAIL_REQUIRED?' class="fieldrequired"':'').'>'.$langs->trans("EMail").'</td>';
+    print '<tr><td valign="top"'.(! empty($conf->global->USER_MAIL_REQUIRED)?' class="fieldrequired"':'').'>'.$langs->trans("EMail").'</td>';
     print '<td>';
-    if ($ldap_mail)
+    if (! empty($ldap_mail))
     {
         print '<input type="hidden" name="email" value="'.$ldap_mail.'">';
         print $ldap_mail;
     }
     else
     {
-        print '<input size="40" type="text" name="email" value="'.$_POST["email"].'">';
+        print '<input size="40" type="text" name="email" value="'.GETPOST('email').'">';
     }
     print '</td></tr>';
 
     // Signature
     print '<tr><td valign="top">'.$langs->trans("Signature").'</td>';
     print '<td>';
-    print '<textarea rows="'.ROWS_5.'" cols="90" name="signature">'.$_POST["signature"].'</textarea>';
+    print '<textarea rows="'.ROWS_5.'" cols="90" name="signature">'.GETPOST('signature').'</textarea>';
     print '</td></tr>';
 
     // Note
@@ -845,14 +839,16 @@ if (($action == 'create') || ($action == 'adduserldap'))
     // Autres caracteristiques issus des autres modules
 
     // Module Webcalendar
-    if ($conf->webcalendar->enabled)
+    // TODO external module
+    if (! empty($conf->webcalendar->enabled))
     {
         print "<tr>".'<td valign="top">'.$langs->trans("LoginWebcal").'</td>';
         print '<td><input size="30" type="text" name="webcal_login" value="'.$_POST["webcal_login"].'"></td></tr>';
     }
 
     // Module Phenix
-    if ($conf->phenix->enabled)
+    // TODO external module
+    if (! empty($conf->phenix->enabled))
     {
         print "<tr>".'<td valign="top">'.$langs->trans("LoginPenix").'</td>';
         print '<td><input size="30" type="text" name="phenix_login" value="'.$_POST["phenix_login"].'"></td></tr>';
@@ -880,7 +876,7 @@ else
 
         // Connexion ldap
         // pour recuperer passDoNotExpire et userChangePassNextLogon
-        if ($conf->ldap->enabled && $fuser->ldap_sid)
+        if (! empty($conf->ldap->enabled) && ! empty($fuser->ldap_sid))
         {
             $ldap = new Ldap();
             $result=$ldap->connect_bind();
@@ -991,10 +987,10 @@ else
             print '</tr>'."\n";
 
             $rowspan=14;
-            if ($conf->societe->enabled) $rowspan++;
-            if ($conf->adherent->enabled) $rowspan++;
-            if ($conf->webcalendar->enabled) $rowspan++;
-            if ($conf->phenix->enabled) $rowspan+=2;
+            if (! empty($conf->societe->enabled)) $rowspan++;
+            if (! empty($conf->adherent->enabled)) $rowspan++;
+            if (! empty($conf->webcalendar->enabled)) $rowspan++;	// TODO external module
+            if (! empty($conf->phenix->enabled)) $rowspan+=2;		// TODO external module
 
             // Lastname
             print '<tr><td valign="top">'.$langs->trans("Lastname").'</td>';
@@ -1014,7 +1010,7 @@ else
 
             // Login
             print '<tr><td valign="top">'.$langs->trans("Login").'</td>';
-            if ($fuser->ldap_sid && $fuser->statut==0)
+            if (! empty($fuser->ldap_sid) && $fuser->statut==0)
             {
                 print '<td class="error">'.$langs->trans("LoginAccountDisableInDolibarr").'</td>';
             }
@@ -1026,7 +1022,7 @@ else
 
             // Password
             print '<tr><td valign="top">'.$langs->trans("Password").'</td>';
-            if ($fuser->ldap_sid)
+            if (! empty($fuser->ldap_sid))
             {
                 if ($passDoNotExpire)
                 {
@@ -1147,7 +1143,7 @@ else
             print "</tr>\n";
 
 
-            if (preg_match('/myopenid/',$conf->authmode))
+            if (isset($conf->authmode) && preg_match('/myopenid/',$conf->authmode))
             {
                 print '<tr><td valign="top">'.$langs->trans("url_openid").'</td>';
                 print '<td>'.$fuser->openid.'</td>';
@@ -1156,7 +1152,8 @@ else
             // Autres caracteristiques issus des autres modules
 
             // Module Webcalendar
-            if ($conf->webcalendar->enabled)
+            // TODO external module
+            if (! empty($conf->webcalendar->enabled))
             {
                 $langs->load("other");
                 print '<tr><td valign="top">'.$langs->trans("LoginWebcal").'</td>';
@@ -1165,7 +1162,8 @@ else
             }
 
             // Module Phenix
-            if ($conf->phenix->enabled)
+            // TODO external module
+            if (! empty($conf->phenix->enabled))
             {
                 $langs->load("other");
                 print '<tr><td valign="top">'.$langs->trans("LoginPhenix").'</td>';
@@ -1177,11 +1175,11 @@ else
             }
 
             // Company / Contact
-            if ($conf->societe->enabled)
+            if (! empty($conf->societe->enabled))
             {
                 print '<tr><td valign="top">'.$langs->trans("LinkToCompanyContact").'</td>';
                 print '<td>';
-                if ($fuser->societe_id > 0)
+                if (isset($fuser->societe_id) && $fuser->societe_id > 0)
                 {
                     $societe = new Societe($db);
                     $societe->fetch($fuser->societe_id);
@@ -1191,7 +1189,7 @@ else
                 {
                     print $langs->trans("ThisUserIsNot");
                 }
-                if ($fuser->contact_id)
+                if (! empty($fuser->contact_id))
                 {
                     $contact = new Contact($db);
                     $contact->fetch($fuser->contact_id);
@@ -1204,7 +1202,7 @@ else
             }
 
             // Module Adherent
-            if ($conf->adherent->enabled)
+            if (! empty($conf->adherent->enabled))
             {
                 $langs->load("members");
                 print '<tr><td valign="top">'.$langs->trans("LinkedToDolibarrMember").'</td>';
@@ -1315,15 +1313,15 @@ else
                 $usergroup=new UserGroup($db);
                 $groupslist = $usergroup->listGroupsForUser($fuser->id);
 
-                if (! empty($groupslist))
+                if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode))
                 {
-                    if( ! ($conf->multicompany->enabled && $conf->multicompany->transverse_mode))
-                    {
-                        foreach($groupslist as $groupforuser)
-                        {
-                            $exclude[]=$groupforuser->id;
-                        }
-                    }
+                	if (! empty($groupslist))
+                	{
+                		foreach($groupslist as $groupforuser)
+                		{
+                			$exclude[]=$groupforuser->id;
+                		}
+                	}
                 }
 
                 if ($caneditgroup)
@@ -1402,15 +1400,19 @@ else
                         		{
                         			$mc->getInfo($group_entity);
                         			print ($nb > 0 ? ', ' : '').$mc->label;
+                        			print '<a href="'.$_SERVER['PHP_SELF'].'?id='.$fuser->id.'&amp;action=removegroup&amp;group='.$group->id.'&amp;entity='.$group_entity.'">';
+                        			print img_delete($langs->trans("RemoveFromGroup"));
+                        			print '</a>';
                         			$nb++;
                         		}
                         	}
                         }
                         print '<td align="right">';
-                        if ($caneditgroup)
+                        if ($caneditgroup && empty($conf->multicompany->transverse_mode))
                         {
-                            print '<a href="'.$_SERVER['PHP_SELF'].'?id='.$fuser->id.'&amp;action=removegroup&amp;group='.$group->id.'&amp;entity='.$group->usergroup_entity.'">';
+                            print '<a href="'.$_SERVER['PHP_SELF'].'?id='.$fuser->id.'&amp;action=removegroup&amp;group='.$group->id.'">';
                             print img_delete($langs->trans("RemoveFromGroup"));
+                            print '</a>';
                         }
                         else
                         {
@@ -1429,14 +1431,12 @@ else
             }
         }
 
-
         /*
          * Fiche en mode edition
          */
 
         if ($action == 'edit' && ($canedituser || ($user->id == $fuser->id)))
         {
-
             print '<form action="'.$_SERVER['PHP_SELF'].'?id='.$fuser->id.'" method="POST" name="updateuser" enctype="multipart/form-data">';
             print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
             print '<input type="hidden" name="action" value="update">';
@@ -1445,10 +1445,10 @@ else
 
             $rowspan=12;
 
-            if ($conf->societe->enabled) $rowspan++;
-            if ($conf->adherent->enabled) $rowspan++;
-            if ($conf->webcalendar->enabled) $rowspan++;
-            if ($conf->phenix->enabled) $rowspan+=2;
+            if (! empty($conf->societe->enabled)) $rowspan++;
+            if (! empty($conf->adherent->enabled)) $rowspan++;
+            if (! empty($conf->webcalendar->enabled)) $rowspan++;	// TODO external module
+            if (! empty($conf->phenix->enabled)) $rowspan+=2;		// TODO external module
 
             print '<tr><td width="25%" valign="top">'.$langs->trans("Ref").'</td>';
             print '<td colspan="2">';
@@ -1650,7 +1650,7 @@ else
             // Tel pro
             print "<tr>".'<td valign="top">'.$langs->trans("PhonePro").'</td>';
             print '<td>';
-            if ($caneditfield  && !$fuser->ldap_sid)
+            if ($caneditfield  && empty($fuser->ldap_sid))
             {
                 print '<input size="20" type="text" name="office_phone" class="flat" value="'.$fuser->office_phone.'">';
             }
@@ -1664,7 +1664,7 @@ else
             // Tel mobile
             print "<tr>".'<td valign="top">'.$langs->trans("PhoneMobile").'</td>';
             print '<td>';
-            if ($caneditfield && !$fuser->ldap_sid)
+            if ($caneditfield && empty($fuser->ldap_sid))
             {
                 print '<input size="20" type="text" name="user_mobile" class="flat" value="'.$fuser->user_mobile.'">';
             }
@@ -1678,7 +1678,7 @@ else
             // Fax
             print "<tr>".'<td valign="top">'.$langs->trans("Fax").'</td>';
             print '<td>';
-            if ($caneditfield  && !$fuser->ldap_sid)
+            if ($caneditfield  && empty($fuser->ldap_sid))
             {
                 print '<input size="20" type="text" name="office_fax" class="flat" value="'.$fuser->office_fax.'">';
             }
@@ -1690,9 +1690,9 @@ else
             print '</td></tr>';
 
             // EMail
-            print "<tr>".'<td valign="top"'.($conf->global->USER_MAIL_REQUIRED?' class="fieldrequired"':'').'>'.$langs->trans("EMail").'</td>';
+            print "<tr>".'<td valign="top"'.(! empty($conf->global->USER_MAIL_REQUIRED)?' class="fieldrequired"':'').'>'.$langs->trans("EMail").'</td>';
             print '<td>';
-            if ($caneditfield  && !$fuser->ldap_sid)
+            if ($caneditfield  && empty($fuser->ldap_sid))
             {
                 print '<input size="40" type="text" name="email" class="flat" value="'.$fuser->email.'">';
             }
@@ -1710,7 +1710,7 @@ else
             print '</td></tr>';
 
             // openid
-            if (preg_match('/myopenid/',$conf->authmode))
+            if (isset($conf->authmode) && preg_match('/myopenid/',$conf->authmode))
             {
                 print "<tr>".'<td valign="top">'.$langs->trans("url_openid").'</td>';
                 print '<td>';
@@ -1735,7 +1735,8 @@ else
             // Autres caracteristiques issus des autres modules
 
             // Module Webcalendar
-            if ($conf->webcalendar->enabled)
+            // TODO external module
+            if (! empty($conf->webcalendar->enabled))
             {
                 $langs->load("other");
                 print "<tr>".'<td valign="top">'.$langs->trans("LoginWebcal").'</td>';
@@ -1746,7 +1747,8 @@ else
             }
 
             // Module Phenix
-            if ($conf->phenix->enabled)
+            // TODO external module
+            if (! empty($conf->phenix->enabled))
             {
                 $langs->load("other");
                 print "<tr>".'<td valign="top">'.$langs->trans("LoginPhenix").'</td>';
@@ -1762,7 +1764,7 @@ else
             }
 
             // Company / Contact
-            if ($conf->societe->enabled)
+            if (! empty($conf->societe->enabled))
             {
                 print '<tr><td width="25%" valign="top">'.$langs->trans("LinkToCompanyContact").'</td>';
                 print '<td>';
@@ -1787,7 +1789,7 @@ else
             }
 
             // Module Adherent
-            if ($conf->adherent->enabled)
+            if (! empty($conf->adherent->enabled))
             {
                 $langs->load("members");
                 print '<tr><td width="25%" valign="top">'.$langs->trans("LinkedToDolibarrMember").'</td>';
@@ -1820,12 +1822,11 @@ else
             print '</div>';
         }
 
-        $ldap->close;
+		if (! empty($conf->ldap->enabled) && ! empty($fuser->ldap_sid)) $ldap->close;
     }
 }
 
-$db->close();
 
 llxFooter();
-
+$db->close();
 ?>
diff --git a/htdocs/user/group/fiche.php b/htdocs/user/group/fiche.php
index 72186008c3c..f347d52b83a 100644
--- a/htdocs/user/group/fiche.php
+++ b/htdocs/user/group/fiche.php
@@ -47,6 +47,7 @@ $id=GETPOST('id', 'int');
 $action=GETPOST('action', 'alpha');
 $confirm=GETPOST('confirm', 'alpha');
 $userid=GETPOST('user', 'int');
+$message='';
 
 // Security check
 $result = restrictedArea($user, 'user', $id, 'usergroup&usergroup', 'user');
@@ -85,7 +86,6 @@ if ($action == 'add')
 {
     if ($caneditperms)
     {
-        $message="";
         if (! $_POST["nom"])
         {
             $message='<div class="error">'.$langs->trans("NameNotDefined").'</div>';
@@ -140,8 +140,8 @@ if ($action == 'adduser' || $action =='removeuser')
 
 			$edituser = new User($db);
 			$edituser->fetch($userid);
-			if ($action == 'adduser')    $result=$edituser->SetInGroup($object->id,($conf->multicompany->transverse_mode?GETPOST("entity"):$object->entity));
-			if ($action == 'removeuser') $result=$edituser->RemoveFromGroup($object->id,($conf->multicompany->transverse_mode?GETPOST("entity"):$object->entity));
+			if ($action == 'adduser')    $result=$edituser->SetInGroup($object->id,(! empty($conf->multicompany->transverse_mode)?GETPOST('entity','int'):$object->entity));
+			if ($action == 'removeuser') $result=$edituser->RemoveFromGroup($object->id,(! empty($conf->multicompany->transverse_mode)?GETPOST('entity','int'):$object->entity));
 
             if ($result > 0)
             {
@@ -166,8 +166,6 @@ if ($action == 'update')
 {
     if ($caneditperms)
     {
-        $message="";
-
         $db->begin();
 
         $object->fetch($id);
@@ -177,7 +175,7 @@ if ($action == 'update')
 		$object->nom	= trim($_POST["group"]);
 		$object->note	= dol_htmlcleanlastbr($_POST["note"]);
 
-		if ($conf->multicompany->enabled && ! empty($conf->multicompany->transverse_mode)) $object->entity = 0;
+		if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) $object->entity = 0;
 		else $object->entity = $_POST["entity"];
 
         $ret=$object->update();
@@ -352,15 +350,15 @@ else
             // On selectionne les users qui ne sont pas deja dans le groupe
             $exclude = array();
 
-            if (! empty($object->members))
+            if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode))
             {
-                if (! ($conf->multicompany->enabled && $conf->multicompany->transverse_mode))
-                {
-                    foreach($object->members as $useringroup)
-                    {
-                        $exclude[]=$useringroup->id;
-                    }
-                }
+            	if (! empty($object->members))
+            	{
+            		foreach($object->members as $useringroup)
+            		{
+            			$exclude[]=$useringroup->id;
+            		}
+            	}
             }
 
             if ($caneditperms)
@@ -428,7 +426,7 @@ else
             		print '</td>';
             		print '<td>'.$useringroup->lastname.'</td>';
             		print '<td>'.$useringroup->firstname.'</td>';
-            		if (! empty($conf->multicompany->enabled) && $conf->entity == 1)
+            		if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode) && $conf->entity == 1 && $user->admin && ! $user->entity)
             		{
             			print '<td class="valeur">';
             			if (! empty($useringroup->usergroup_entity))
@@ -438,6 +436,9 @@ else
             				{
             					$mc->getInfo($group_entity);
             					print ($nb > 0 ? ', ' : '').$mc->label;
+            					print '<a href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=removeuser&amp;user='.$useringroup->id.'&amp;entity='.$group_entity.'">';
+            					print img_delete($langs->trans("RemoveFromGroup"));
+            					print '</a>';
             					$nb++;
             				}
             			}
@@ -445,10 +446,11 @@ else
             		}
             		print '<td align="center">'.$useringroup->getLibStatut(3).'</td>';
             		print '<td align="right">';
-            		if ($user->admin)
+            		if (! empty($user->admin) && empty($conf->multicompany->enabled))
             		{
-            			print '<a href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=removeuser&amp;user='.$useringroup->id.'&amp;entity='.$useringroup->usergroup_entity.'">';
+            			print '<a href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=removeuser&amp;user='.$useringroup->id.'">';
             			print img_delete($langs->trans("RemoveFromGroup"));
+            			print '</a>';
             		}
             		else
             		{
diff --git a/htdocs/user/group/index.php b/htdocs/user/group/index.php
index fd2857452d0..33c7952a158 100644
--- a/htdocs/user/group/index.php
+++ b/htdocs/user/group/index.php
@@ -1,7 +1,7 @@
 <?php
 /* Copyright (C) 2002-2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
  * Copyright (C) 2004-2011 Laurent Destailleur  <eldy@users.sourceforge.net>
- * Copyright (C) 2005-2011 Regis Houssin        <regis@dolibarr.fr>
+ * Copyright (C) 2005-2012 Regis Houssin        <regis@dolibarr.fr>
  * Copyright (C) 2011      Herve Prot           <herve.prot@symeos.com>
  *
  * This program is free software; you can redistribute it and/or modify
@@ -34,6 +34,7 @@ if (! empty($conf->global->MAIN_USE_ADVANCED_PERMS))
 $langs->load("users");
 
 $sall=GETPOST("sall");
+$search_group=GETPOST('search_group');
 
 $sortfield = GETPOST("sortfield",'alpha');
 $sortorder = GETPOST("sortorder",'alpha');
@@ -66,7 +67,7 @@ else
 {
 	$sql.= " WHERE g.entity IN (0,".$conf->entity.")";
 }
-if ($_POST["search_group"])
+if ($search_group)
 {
     $sql .= " AND (g.nom LIKE '%".$db->escape($_POST["search_group"])."%' OR g.note LIKE '%".$db->escape($_POST["search_group"])."%')";
 }
@@ -124,8 +125,7 @@ else
     dol_print_error($db);
 }
 
-$db->close();
 
 llxFooter();
-
+$db->close();
 ?>
diff --git a/htdocs/user/group/perms.php b/htdocs/user/group/perms.php
index f84b37e3ca5..efc308b45d4 100644
--- a/htdocs/user/group/perms.php
+++ b/htdocs/user/group/perms.php
@@ -258,7 +258,7 @@ if ($id)
             $obj = $db->fetch_object($result);
 
             // Si la ligne correspond a un module qui n'existe plus (absent de includes/module), on l'ignore
-            if (! $modules[$obj->module])
+            if (empty($modules[$obj->module]))
             {
                 $i++;
                 continue;
diff --git a/htdocs/user/home.php b/htdocs/user/home.php
index 62a4cf6b637..234fc3191de 100644
--- a/htdocs/user/home.php
+++ b/htdocs/user/home.php
@@ -1,6 +1,6 @@
 <?php
 /* Copyright (C) 2005-2011 Laurent Destailleur  <eldy@users.sourceforge.net>
- * Copyright (C) 2005-2011 Regis Houssin        <regis@dolibarr.fr>
+ * Copyright (C) 2005-2012 Regis Houssin        <regis@dolibarr.fr>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -99,7 +99,7 @@ $sql = "SELECT u.rowid, u.name, u.firstname, u.admin, u.login, u.fk_societe, u.d
 $sql.= " s.nom, s.canvas";
 $sql.= " FROM ".MAIN_DB_PREFIX."user as u";
 $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON u.fk_societe = s.rowid";
-if(! empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->multicompany->transverse_mode || ($user->admin && ! $user->entity)))
+if (! empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->multicompany->transverse_mode || ($user->admin && ! $user->entity)))
 {
 	$sql.= " WHERE u.entity IS NOT NULL";
 }
@@ -127,7 +127,7 @@ if ($resql)
 
 		print "<tr $bc[$var]>";
 		print '<td><a href="'.DOL_URL_ROOT.'/user/fiche.php?id='.$obj->rowid.'">'.img_object($langs->trans("ShowUser"),"user").' '.$obj->firstname.' '.$obj->name.'</a>';
-		if ($conf->global->MAIN_MODULE_MULTICOMPANY && $obj->admin && ! $obj->entity)
+		if (! empty($conf->multicompany->enabled) && $obj->admin && ! $obj->entity)
 		{
 			print img_picto($langs->trans("SuperAdministrator"),'redstar');
 		}
@@ -168,7 +168,7 @@ if ($resql)
 		print '</td>';
 		print '<td align="right">'.dol_print_date($db->jdate($obj->datec),'dayhour').'</td>';
         print '<td align="right">';
-        $fuserstatic->id=$obj->id;
+        $fuserstatic->id=$obj->rowid;
         $fuserstatic->statut=$obj->statut;
         print $fuserstatic->getLibStatut(3);
         print '</td>';
diff --git a/htdocs/user/index.php b/htdocs/user/index.php
index b9f520a60d3..b6ed67baece 100644
--- a/htdocs/user/index.php
+++ b/htdocs/user/index.php
@@ -1,7 +1,7 @@
 <?php
 /* Copyright (C) 2002-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
  * Copyright (C) 2004-2011 Laurent Destailleur  <eldy@users.sourceforge.net>
- * Copyright (C) 2005-2011 Regis Houssin        <regis@dolibarr.fr>
+ * Copyright (C) 2005-2012 Regis Houssin        <regis@dolibarr.fr>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -37,6 +37,7 @@ $socid=0;
 if ($user->societe_id > 0) $socid = $user->societe_id;
 
 $sall=GETPOST('sall','alpha');
+$search_user=GETPOST('search_user','alpha');
 
 $sortfield = GETPOST("sortfield",'alpha');
 $sortorder = GETPOST("sortorder",'alpha');
@@ -69,7 +70,7 @@ $sql.= " u.ldap_sid, u.statut, u.entity,";
 $sql.= " s.nom, s.canvas";
 $sql.= " FROM ".MAIN_DB_PREFIX."user as u";
 $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON u.fk_societe = s.rowid";
-if(! empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->multicompany->transverse_mode || ($user->admin && ! $user->entity)))
+if(! empty($conf->multicompany->enabled) && $conf->entity == 1 && (! empty($conf->multicompany->transverse_mode) || (! empty($user->admin) && empty($user->entity))))
 {
 	$sql.= " WHERE u.entity IS NOT NULL";
 }
@@ -78,9 +79,9 @@ else
 	$sql.= " WHERE u.entity IN (0,".$conf->entity.")";
 }
 if (!empty($socid)) $sql.= " AND u.fk_societe = ".$socid;
-if ($_POST["search_user"])
+if ($search_user)
 {
-    $sql.= " AND (u.login like '%".$_POST["search_user"]."%' OR u.name like '%".$_POST["search_user"]."%' OR u.firstname like '%".$_POST["search_user"]."%')";
+    $sql.= " AND (u.login like '%".$search_user."%' OR u.name like '%".$search_user."%' OR u.firstname like '%".$search_user."%')";
 }
 if ($sall) $sql.= " AND (u.login like '%".$db->escape($sall)."%' OR u.name like '%".$db->escape($sall)."%' OR u.firstname like '%".$db->escape($sall)."%' OR u.email like '%".$db->escape($sall)."%' OR u.note like '%".$db->escape($sall)."%')";
 $sql.=$db->order($sortfield,$sortorder);
diff --git a/htdocs/user/param_ihm.php b/htdocs/user/param_ihm.php
index c58e6a7cb6a..446f41c75aa 100644
--- a/htdocs/user/param_ihm.php
+++ b/htdocs/user/param_ihm.php
@@ -36,7 +36,7 @@ $langs->load("languages");
 $canreaduser=($user->admin || $user->rights->user->user->lire);
 
 $id = GETPOST('id','int');
-$action = GETPOST('action');
+$action = GETPOST('action','alpha');
 
 if ($id)
 {
@@ -143,7 +143,7 @@ print "</tr>\n";
 print '</table><br>';
 
 
-if ($_GET["action"] == 'edit')
+if ($action == 'edit')
 {
     print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
     print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
@@ -164,21 +164,21 @@ if ($_GET["action"] == 'edit')
     print $s?$s.' ':'';
     print ($conf->global->MAIN_LANG_DEFAULT=='auto'?$langs->trans("AutoDetectLang"):$langs->trans("Language_".$conf->global->MAIN_LANG_DEFAULT));
     print '</td>';
-    print '<td align="left" nowrap="nowrap" width="20%"><input '.$bc[$var].' name="check_MAIN_LANG_DEFAULT" type="checkbox" '.($fuser->conf->MAIN_LANG_DEFAULT?" checked":"");
+    print '<td align="left" nowrap="nowrap" width="20%"><input '.$bc[$var].' name="check_MAIN_LANG_DEFAULT" type="checkbox" '.(! empty($fuser->conf->MAIN_LANG_DEFAULT)?" checked":"");
     print ! empty($dolibarr_main_demo)?' disabled="disabled"':'';	// Disabled for demo
     print '> '.$langs->trans("UsePersonalValue").'</td>';
     print '<td>';
-    print $formadmin->select_language($fuser->conf->MAIN_LANG_DEFAULT,'main_lang_default',1);
+    print $formadmin->select_language((! empty($fuser->conf->MAIN_LANG_DEFAULT)?$fuser->conf->MAIN_LANG_DEFAULT:''),'main_lang_default',1);
     print '</td></tr>';
 
     // Taille max des listes
     $var=!$var;
     print '<tr '.$bc[$var].'><td>'.$langs->trans("MaxSizeList").'</td>';
     print '<td>'.$conf->global->MAIN_SIZE_LISTE_LIMIT.'</td>';
-    print '<td align="left" nowrap="nowrap" width="20%"><input '.$bc[$var].' name="check_SIZE_LISTE_LIMIT" type="checkbox" '.($fuser->conf->MAIN_SIZE_LISTE_LIMIT?" checked":"");
+    print '<td align="left" nowrap="nowrap" width="20%"><input '.$bc[$var].' name="check_SIZE_LISTE_LIMIT" type="checkbox" '.(! empty($fuser->conf->MAIN_SIZE_LISTE_LIMIT)?" checked":"");
     print ! empty($dolibarr_main_demo)?' disabled="disabled"':'';	// Disabled for demo
     print '> '.$langs->trans("UsePersonalValue").'</td>';
-    print '<td><input class="flat" name="main_size_liste_limit" size="4" value="' . $fuser->conf->SIZE_LISTE_LIMIT . '"></td></tr>';
+    print '<td><input class="flat" name="main_size_liste_limit" size="4" value="' . (! empty($fuser->conf->SIZE_LISTE_LIMIT)?$fuser->conf->SIZE_LISTE_LIMIT:'') . '"></td></tr>';
 
     print '</table><br>';
 
@@ -207,20 +207,20 @@ else
     print '<td>';
     $s=picto_from_langcode($conf->global->MAIN_LANG_DEFAULT);
     print ($s?$s.' ':'');
-    print ($conf->global->MAIN_LANG_DEFAULT=='auto'?$langs->trans("AutoDetectLang"):$langs->trans("Language_".$conf->global->MAIN_LANG_DEFAULT));
+    print (isset($conf->global->MAIN_LANG_DEFAULT) && $conf->global->MAIN_LANG_DEFAULT=='auto'?$langs->trans("AutoDetectLang"):$langs->trans("Language_".$conf->global->MAIN_LANG_DEFAULT));
     print '</td>';
-    print '<td align="left" nowrap="nowrap" width="20%"><input '.$bc[$var].' type="checkbox" disabled '.($fuser->conf->MAIN_LANG_DEFAULT?" checked":"").'> '.$langs->trans("UsePersonalValue").'</td>';
+    print '<td align="left" nowrap="nowrap" width="20%"><input '.$bc[$var].' type="checkbox" disabled '.(! empty($fuser->conf->MAIN_LANG_DEFAULT)?" checked":"").'> '.$langs->trans("UsePersonalValue").'</td>';
     print '<td>';
-    $s=picto_from_langcode($fuser->conf->MAIN_LANG_DEFAULT);
+    $s=(isset($fuser->conf->MAIN_LANG_DEFAULT) ? picto_from_langcode($fuser->conf->MAIN_LANG_DEFAULT) : '');
     print ($s?$s.' ':'');
-    print ($fuser->conf->MAIN_LANG_DEFAULT=='auto'?$langs->trans("AutoDetectLang"):($fuser->conf->MAIN_LANG_DEFAULT?$langs->trans("Language_".$fuser->conf->MAIN_LANG_DEFAULT):''));
+    print (isset($fuser->conf->MAIN_LANG_DEFAULT) && $fuser->conf->MAIN_LANG_DEFAULT=='auto'?$langs->trans("AutoDetectLang"):(! empty($fuser->conf->MAIN_LANG_DEFAULT)?$langs->trans("Language_".$fuser->conf->MAIN_LANG_DEFAULT):''));
     print '</td></tr>';
 
     $var=!$var;
     print '<tr '.$bc[$var].'><td>'.$langs->trans("MaxSizeList").'</td>';
-    print '<td>'.$conf->global->MAIN_SIZE_LISTE_LIMIT.'</td>';
-    print '<td align="left" nowrap="nowrap" width="20%"><input '.$bc[$var].' type="checkbox" disabled '.($fuser->conf->MAIN_SIZE_LISTE_LIMIT?" checked":"").'> '.$langs->trans("UsePersonalValue").'</td>';
-    print '<td>' . $fuser->conf->MAIN_SIZE_LISTE_LIMIT . '</td></tr>';
+    print '<td>'.(! empty($conf->global->MAIN_SIZE_LISTE_LIMIT)?$conf->global->MAIN_SIZE_LISTE_LIMIT:'&nbsp;').'</td>';
+    print '<td align="left" nowrap="nowrap" width="20%"><input '.$bc[$var].' type="checkbox" disabled '.(! empty($fuser->conf->MAIN_SIZE_LISTE_LIMIT)?" checked":"").'> '.$langs->trans("UsePersonalValue").'</td>';
+    print '<td>' . (! empty($fuser->conf->MAIN_SIZE_LISTE_LIMIT)?$fuser->conf->MAIN_SIZE_LISTE_LIMIT:'&nbsp;') . '</td></tr>';
 
     print '</table><br>';
 
@@ -237,7 +237,7 @@ else
     }
     else
     {
-        if ($user->id == $fuser->id || $user->admin)       // Si utilisateur edite = utilisateur courant (pas besoin de droits particulier car il s'agit d'une page de modif d'output et non de données) ou si admin
+        if ($user->id == $fuser->id || ! empty($user->admin))       // Si utilisateur edite = utilisateur courant (pas besoin de droits particulier car il s'agit d'une page de modif d'output et non de données) ou si admin
         {
             print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&amp;id='.$fuser->id.'">'.$langs->trans("Modify").'</a>';
         }
@@ -251,7 +251,7 @@ else
 
 }
 
-$db->close();
 
 llxFooter();
+$db->close();
 ?>
diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php
index 93eb28b4056..b38940dd35f 100644
--- a/htdocs/user/perms.php
+++ b/htdocs/user/perms.php
@@ -52,7 +52,7 @@ if (! empty($conf->global->MAIN_USE_ADVANCED_PERMS))
 
 // Security check
 $socid=0;
-if ($user->societe_id > 0) $socid = $user->societe_id;
+if (isset($user->societe_id) && $user->societe_id > 0) $socid = $user->societe_id;
 $feature2 = (($socid && $user->rights->user->self->creer)?'':'user');
 if ($user->id == $id && (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || $user->rights->user->self_advance->readperms))	// A user can always read its own card if not advanced perms enabled, or if he has advanced perms
 {
@@ -276,19 +276,20 @@ if ($result)
     $num = $db->num_rows($result);
     $i = 0;
     $var = True;
+    $oldmod='';
 
     while ($i < $num)
     {
         $obj = $db->fetch_object($result);
 
         // Si la ligne correspond a un module qui n'existe plus (absent de includes/module), on l'ignore
-        if (! $modules[$obj->module])
+        if (empty($modules[$obj->module]))
         {
             $i++;
             continue;
         }
 
-        if ($oldmod <> $obj->module)
+        if (isset($obj->module) && ($oldmod <> $obj->module))
         {
             $oldmod = $obj->module;
             $var = !$var;
@@ -297,7 +298,7 @@ if ($result)
             $objMod=$modules[$obj->module];
             $picto=($objMod->picto?$objMod->picto:'generic');
 
-            if ($caneditperms && (! $objMod->rights_admin_allowed || ! $fuser->admin))
+            if ($caneditperms && (empty($objMod->rights_admin_allowed) || empty($fuser->admin)))
             {
                 // On affiche ligne pour modifier droits
                 print '<tr '. $bc[$var].'>';