Merge remote-tracking branch 'Dolibarr/13.0' into 13

2020-12-28 17:42:47 +01:00 · 2020-12-28 17:42:47 +01:00 · 7ed10d64c4
commit 7ed10d64c4
parent 69c99063b2 b7cd27e76a
40 changed files with 549 additions and 281 deletions
--- a/dev/dolibarr_changes.txt
+++ b/dev/dolibarr_changes.txt
@ -50,6 +50,13 @@ Replace call to serialize_val with no bugged value
 * In all files, replace constructor names into __construct. Replace also parent::constructor_name with parent::__construct
 * Line 4222 of file nusoap.php
 		$rev = array();
 		preg_match('/\$Revision: ([^ ]+)/', $this->revision, $rev);
 		$this->outgoing_headers[] = "X-SOAP-Server: $this->title/$this->version (".(isset($rev[1]) ? $rev[1] : '').")";
 TCPDF:
--- a/htdocs/accountancy/bookkeeping/balance.php
+++ b/htdocs/accountancy/bookkeeping/balance.php
@ -314,7 +314,6 @@ if ($action != 'export_csv')
 		if (empty($accountingaccountstatic->account_number)) {
 			$link = '<a href="'.DOL_URL_ROOT.'/accountancy/admin/card.php?action=create&accountingaccount='.length_accountg($line->numero_compte).'">'.img_edit_add().'</a>';
 		}
 		print '<tr class="oddeven">';
 		if (!empty($show_subgroup))
 		{
@ -343,6 +342,7 @@ if ($action != 'export_csv')
 			}
 		}
 		print '<tr class="oddeven">';
 		print '<td>'.$accounting_account.'</td>';
 		print '<td class="nowraponall right">'.price($opening_balance).'</td>';
 		print '<td class="nowraponall right">'.price($line->debit).'</td>';
--- a/htdocs/admin/agenda_reminder.php
+++ b/htdocs/admin/agenda_reminder.php
@ -187,14 +187,14 @@ print '<td class="center">&nbsp;</td>'."\n";
 print '<td class="right">'."\n";
 if (empty($conf->global->AGENDA_REMINDER_BROWSER)) {
-	if (! getIsHTTPS()) {
+	if (!isHTTPS()) {
 		$langs->load("errors");
 		print img_warning($langs->trans("WarningAvailableOnlyForHTTPSServers"), '', 'valignmiddle size15x').' ';
 	}
 	print '<a class="valignmiddle" href="'.$_SERVER['PHP_SELF'].'?action=set_AGENDA_REMINDER_BROWSER&amp;token='.newToken().'">'.img_picto($langs->trans('Disabled'), 'switch_off').'</a>';
 	print '</td></tr>'."\n";
 } else {
-	if (! getIsHTTPS()) {
+	if (!isHTTPS()) {
 		$langs->load("errors");
 		print img_warning($langs->trans("WarningAvailableOnlyForHTTPSServers"), '', 'valignmiddle size15x').' ';
 	}
--- a/htdocs/comm/mailing/cibles.php
+++ b/htdocs/comm/mailing/cibles.php
@ -499,7 +499,7 @@ if ($object->fetch($id) >= 0)
 	    // Fix/update nbemail on emailing record if it differs (may happen if user edit lines from database directly)
 	    if (empty($asearchcriteriahasbeenset)) {
-	    	if ($nbtotalofrecords != $object->email) {
+	    	if ($nbtotalofrecords != $object->nbemail) {
 	    		dol_syslog("We found a difference in nb of record in target table and the property ->nbemail, we fix ->nbemail");
 	    		//print "nbemail=".$object->nbemail." nbtotalofrecords=".$nbtotalofrecords;
 	    		$resultrefresh = $object->refreshNbOfTargets();
--- a/htdocs/comm/mailing/class/mailing.class.php
+++ b/htdocs/comm/mailing/class/mailing.class.php
@ -603,12 +603,15 @@ class Mailing extends CommonObject
 				if (! $resqlupdate) {
 					$this->error = $this->db->lasterror();
 					return -1;
 				} else {
 					$this->nbemail = (int) $nbforupdate;
 				}
 			}
 		} else {
 			$this->error = $this->db->lasterror();
 			return -1;
 		}
 		return 1;
 	}
--- a/htdocs/core/class/notify.class.php
+++ b/htdocs/core/class/notify.class.php
@ -129,7 +129,7 @@ class Notify
 		if (is_array($listofnotiftodo)) {
 			$i = 0;
-			foreach ($listofnotiftodo as $key => $val) {
+			foreach ($listofnotiftodo as $val) {
 				if ($i) {
 					$texte .= ', ';
 				} else {
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@ -2909,7 +2909,7 @@ function getUserRemoteIP()
 *
 * @return	boolean		True if user is using HTTPS
 */
-function getIsHTTPS()
+function isHTTPS()
 {
 	$isSecure = false;
 	if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') {
--- a/htdocs/core/lib/ws.lib.php
+++ b/htdocs/core/lib/ws.lib.php
@ -29,7 +29,7 @@
 *  @param	array	$authentication     Array with authentication informations ('login'=>,'password'=>,'entity'=>,'dolibarrkey'=>)
 *  @param 	int		$error				Number of errors
 *  @param  string	$errorcode			Error string code
- *  @param  string	$errorlabel		Error string label
+ *  @param  string	$errorlabel			Error string label
 *  @return User						Return user object identified by login/pass/entity into authentication array
 */
 function check_authentication($authentication, &$error, &$errorcode, &$errorlabel)
--- a/htdocs/core/modules/modCommande.class.php
+++ b/htdocs/core/modules/modCommande.class.php
@ -263,6 +263,7 @@ class modCommande extends DolibarrModules
 		$this->export_sql_end[$r] .= ' WHERE c.fk_soc = s.rowid AND c.rowid = cd.fk_commande';
 		$this->export_sql_end[$r] .= ' AND c.entity IN ('.getEntity('commande').')';
 		if (empty($user->rights->societe->client->voir)) $this->export_sql_end[$r] .= ' AND sc.fk_user = '.(empty($user) ? 0 : $user->id);
 		// Imports
 		//--------
 		$r = 0;
--- a/htdocs/core/modules/modExpedition.class.php
+++ b/htdocs/core/modules/modExpedition.class.php
@ -306,7 +306,7 @@ class modExpedition extends DolibarrModules
 		}
 		$this->export_sql_end[$r] .= ' WHERE c.fk_soc = s.rowid AND c.rowid = ed.fk_expedition AND ed.fk_origin_line = cd.rowid';
 		$this->export_sql_end[$r] .= ' AND c.entity IN ('.getEntity('expedition').')';
-		if (empty($user->rights->societe->client->voir)) $this->export_sql_end[$r] .= ' AND sc.fk_user = '.$user->id;
+		if (empty($user->rights->societe->client->voir)) $this->export_sql_end[$r] .= ' AND sc.fk_user = '.(empty($user) ? 0 : $user->id);
 	}
--- a/htdocs/core/modules/modFacture.class.php
+++ b/htdocs/core/modules/modFacture.class.php
@ -291,7 +291,7 @@ class modFacture extends DolibarrModules
 		$this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product_extrafields as extra3 on p.rowid = extra3.fk_object';
 		$this->export_sql_end[$r] .= ' WHERE f.fk_soc = s.rowid AND f.rowid = fd.fk_facture';
 		$this->export_sql_end[$r] .= ' AND f.entity IN ('.getEntity('invoice').')';
-		if (isset($user) && empty($user->rights->societe->client->voir)) $this->export_sql_end[$r] .= ' AND sc.fk_user = '.$user->id;
+		if (empty($user->rights->societe->client->voir)) $this->export_sql_end[$r] .= ' AND sc.fk_user = '.(empty($user) ? 0 : $user->id);
 		$r++;
@ -371,7 +371,7 @@ class modFacture extends DolibarrModules
 		$this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank_account as ba ON ba.rowid = b.fk_account';
 		$this->export_sql_end[$r] .= ' WHERE f.fk_soc = s.rowid';
 		$this->export_sql_end[$r] .= ' AND f.entity IN ('.getEntity('invoice').')';
-		if (isset($user) && empty($user->rights->societe->client->voir)) $this->export_sql_end[$r] .= ' AND sc.fk_user = '.$user->id;
+		if (empty($user->rights->societe->client->voir)) $this->export_sql_end[$r] .= ' AND sc.fk_user = '.(empty($user) ? 0 : $user->id);
 		$r++;
 	}
--- a/htdocs/core/modules/modPropale.class.php
+++ b/htdocs/core/modules/modPropale.class.php
@ -254,7 +254,7 @@ class modPropale extends DolibarrModules
 		$this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product_extrafields as extra3 on p.rowid = extra3.fk_object';
 		$this->export_sql_end[$r] .= ' WHERE c.fk_soc = s.rowid AND c.rowid = cd.fk_propal';
 		$this->export_sql_end[$r] .= ' AND c.entity IN ('.getEntity('propal').')';
-		if (empty($user->rights->societe->client->voir)) $this->export_sql_end[$r] .= ' AND sc.fk_user = '.$user->id;
+		if (empty($user->rights->societe->client->voir)) $this->export_sql_end[$r] .= ' AND sc.fk_user = '.(empty($user) ? 0 : $user->id);
 		// Imports
 		//--------
--- a/htdocs/core/modules/modReception.class.php
+++ b/htdocs/core/modules/modReception.class.php
@ -231,7 +231,7 @@ class modReception extends DolibarrModules
 		}
 		$this->export_sql_end[$r] .= ' WHERE c.fk_soc = s.rowid AND c.rowid = ed.fk_reception AND ed.fk_commandefourndet = cd.rowid';
 		$this->export_sql_end[$r] .= ' AND c.entity IN ('.getEntity('reception').')';
-		if (empty($user->rights->societe->client->voir)) $this->export_sql_end[$r] .= ' AND sc.fk_user = '.$user->id;
+		if (empty($user->rights->societe->client->voir)) $this->export_sql_end[$r] .= ' AND sc.fk_user = '.(empty($user) ? 0 : $user->id);
 	}
--- a/htdocs/ecm/class/ecmdirectory.class.php
+++ b/htdocs/ecm/class/ecmdirectory.class.php
@ -345,7 +345,7 @@ class EcmDirectory extends CommonObject
 		$sql .= " t.date_c as date_c,";
 		$sql .= " t.tms as date_m";
 		$sql .= " FROM ".MAIN_DB_PREFIX."ecm_directories as t";
-		$sql .= " WHERE t.rowid = ".$id;
+		$sql .= " WHERE t.rowid = ".((int) $id);
 		dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
 		$resql = $this->db->query($sql);
--- a/htdocs/ecm/dir_card.php
+++ b/htdocs/ecm/dir_card.php
@ -54,7 +54,7 @@ $pagenext = $page + 1;
 if (!$sortorder) $sortorder = "ASC";
 if (!$sortfield) $sortfield = "name";
-$section = GETPOST("section", 'alpha') ?GETPOST("section", 'alpha') : GETPOST("relativedir", 'alpha');
+$section = GETPOST("section", 'alpha') ? GETPOST("section", 'alpha') : GETPOST("relativedir", 'alpha');
 if (!$section)
 {
 	dol_print_error('', "ErrorSectionParamNotDefined");
@ -66,15 +66,15 @@ $ecmdir = new EcmDirectory($db);
 if ($module == 'ecm')
 {
 	// $section should be an int except if it is dir not yet created into EcmDirectory
 	$result = $ecmdir->fetch($section);
-	if (!$result > 0)
+	if ($result > 0) {
-	{
+		$relativepath = $ecmdir->getRelativePath();
-		dol_print_error($db, $ecmdir->error);
+		$upload_dir = $conf->ecm->dir_output.'/'.$relativepath;
-		exit;
+	} else {
 		$relativepath = $section;
 		$upload_dir = $conf->ecm->dir_output.'/'.$relativepath;
 	}
 	$relativepath = $ecmdir->getRelativePath();
 	$upload_dir = $conf->ecm->dir_output.'/'.$relativepath;
 } else // For example $module == 'medias'
 {
 	$relativepath = $section;
@ -143,28 +143,23 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes')
 }
 // Remove dir
-if ($action == 'confirm_deletedir' && $confirm == 'yes')
+if ($action == 'confirm_deletedir' && $confirm == 'yes') {
 {
 	$backtourl = DOL_URL_ROOT."/ecm/index.php";
-	if ($module == 'medias')
+	if ($module == 'medias') {
 	{
 		$backtourl = DOL_URL_ROOT."/website/index.php?file_manager=1";
 	}
 	$deletedirrecursive = (GETPOST('deletedirrecursive', 'alpha') == 'on' ? 1 : 0);
-	if ($module == 'ecm')
+	if ($module == 'ecm' && $ecmdir->id > 0) {	// If manual ECM and directory is indexed into database
 	{
 		// Fetch was already done
 		$result = $ecmdir->delete($user, 'all', $deletedirrecursive);
-		if ($result <= 0)
+		if ($result <= 0) {
 		{
 			$langs->load('errors');
 			setEventMessages($langs->trans($ecmdir->error, $ecmdir->label), null, 'errors');
 		}
 	} else {
-		if ($deletedirrecursive)
+		if ($deletedirrecursive) {
 		{
 			$resbool = dol_delete_dir_recursive($upload_dir, 0, 1);
 		} else {
 			$resbool = dol_delete_dir($upload_dir, 1);
@ -176,8 +171,7 @@ if ($action == 'confirm_deletedir' && $confirm == 'yes')
 			$result = 0;
 		}
 	}
-	if ($result > 0)
+	if ($result > 0) {
 	{
 		header("Location: ".$backtourl);
 		exit;
 	}
@ -269,10 +263,9 @@ if ($action == 'update' && !GETPOST('cancel', 'alpha'))
 }
-
+/*
-/*******************************************************************
+ * View
-* View
+ */
 ********************************************************************/
 $form = new Form($db);
@ -281,9 +274,7 @@ $extrafields = new ExtraFields($db);
 // fetch optionals attributes and labels
 $extrafields->fetch_name_optionals_label($object->table_element);
-
+if ($module == 'ecm' && $ecmdir->id > 0) {
 if ($module == 'ecm')
 {
 	$object->fetch($ecmdir->id);
 }
@ -323,24 +314,27 @@ if ($module == 'ecm')
 	$result = 1;
 	$i = 0;
 	$tmpecmdir = new EcmDirectory($db); // Need to create a new one
-	$tmpecmdir->fetch($ecmdir->id);
+	if ($ecmdir->id > 0) {
-	while ($tmpecmdir && $result > 0)
+		$tmpecmdir->fetch($ecmdir->id);
-	{
+		while ($tmpecmdir && $result > 0)
 		$tmpecmdir->ref = $tmpecmdir->label;
 		if ($i == 0 && $action == 'edit')
 		{
-			$s = '<input type="text" name="label" class="minwidth300" maxlength="32" value="'.$tmpecmdir->label.'">';
+			$tmpecmdir->ref = $tmpecmdir->label;
-		} else $s = $tmpecmdir->getNomUrl(1).$s;
+			if ($i == 0 && $action == 'edit')
-		if ($tmpecmdir->fk_parent)
+			{
-		{
+				$s = '<input type="text" name="label" class="minwidth300" maxlength="32" value="'.$tmpecmdir->label.'">';
-			$s = ' -> '.$s;
+			} else $s = $tmpecmdir->getNomUrl(1).$s;
-			$result = $tmpecmdir->fetch($tmpecmdir->fk_parent);
+			if ($tmpecmdir->fk_parent)
-		} else {
+			{
-			$tmpecmdir = 0;
+				$s = ' -> '.$s;
 				$result = $tmpecmdir->fetch($tmpecmdir->fk_parent);
 			} else {
 				$tmpecmdir = 0;
 			}
 			$i++;
 		}
-		$i++;
+	} else {
 		$s .= join(' -> ', explode('/', $section));
 	}
 	$morehtmlref = '<a href="'.DOL_URL_ROOT.'/ecm/index.php">'.$langs->trans("ECMRoot").'</a> -> '.$s;
 }
 if ($module == 'medias')
@ -393,9 +387,11 @@ if ($module == 'ecm')
 	print '</td></tr>';
 	print '<tr><td class="titlefield">'.$langs->trans("ECMCreationUser").'</td><td>';
-	$userecm = new User($db);
+	if ($ecmdir->fk_user_c > 0) {
-	$userecm->fetch($ecmdir->fk_user_c);
+		$userecm = new User($db);
-	print $userecm->getNomUrl(1);
+		$userecm->fetch($ecmdir->fk_user_c);
 		print $userecm->getNomUrl(1);
 	}
 	print '</td></tr>';
 }
 print '<tr><td class="titlefield">'.$langs->trans("ECMCreationDate").'</td><td>';
--- a/htdocs/ecm/file_card.php
+++ b/htdocs/ecm/file_card.php
@ -65,7 +65,7 @@ if (!$section)
 	dol_print_error('', 'Error, section parameter missing');
 	exit;
 }
-$urlfile = GETPOST("urlfile");
+$urlfile = (string) dol_sanitizePathName(GETPOST("urlfile"));
 if (!$urlfile)
 {
 	dol_print_error('', "ErrorParamNotDefined");
--- a/htdocs/includes/nusoap/lib/nusoap.php
+++ b/htdocs/includes/nusoap/lib/nusoap.php
@ -4219,8 +4219,10 @@ class nusoap_server extends nusoap_base {
        	$payload .= $this->getDebugAsXMLComment();
        }
 		$this->outgoing_headers[] = "Server: $this->title Server v$this->version";
-		preg_match('/\$Revisio' . 'n: ([^ ]+)/', $this->revision, $rev);
+		// @CHANGE Fix for php8
-		$this->outgoing_headers[] = "X-SOAP-Server: $this->title/$this->version (".$rev[1].")";
+		$rev = array();
 		preg_match('/\$Revision: ([^ ]+)/', $this->revision, $rev);
 		$this->outgoing_headers[] = "X-SOAP-Server: $this->title/$this->version (".(isset($rev[1]) ? $rev[1] : '').")";
 		// Let the Web server decide about this
 		//$this->outgoing_headers[] = "Connection: Close\r\n";
 		$payload = $this->getHTTPBody($payload);
--- a/htdocs/install/upgrade2.php
+++ b/htdocs/install/upgrade2.php
@ -4332,6 +4332,14 @@ function migrate_reload_modules($db, $langs, $conf, $listofmodule = array(), $fo
 				$mod->remove('noboxes');
 				$mod->init($reloadmode);
 			}
 		} elseif ($moduletoreload == 'MAIN_MODULE_EXTERNALSITE') {
 			dolibarr_install_syslog("upgrade2::migrate_reload_modules Reactivate ExternalSite module");
 			$res = @include_once DOL_DOCUMENT_ROOT.'/core/modules/modExternalSite.class.php';
 			if ($res) {
 				$mod = new modExternalSite($db);
 				$mod->remove('noboxes');
 				$mod->init($reloadmode);
 			}
 		} elseif ($moduletoreload == 'MAIN_MODULE_SOCIETE') {
 			dolibarr_install_syslog("upgrade2::migrate_reload_modules Reactivate Societe module");
 			$res = @include_once DOL_DOCUMENT_ROOT.'/core/modules/modSociete.class.php';
--- a/htdocs/langs/en_US/modulebuilder.lang
+++ b/htdocs/langs/en_US/modulebuilder.lang
@ -40,6 +40,7 @@ PageForCreateEditView=PHP page to create/edit/view a record
 PageForAgendaTab=PHP page for event tab
 PageForDocumentTab=PHP page for document tab
 PageForNoteTab=PHP page for note tab
 PageForContactTab=PHP page for contact tab
 PathToModulePackage=Path to zip of module/application package
 PathToModuleDocumentation=Path to file of module/application documentation (%s)
 SpaceOrSpecialCharAreNotAllowed=Spaces or special characters are not allowed.
@ -105,7 +106,7 @@ TryToUseTheModuleBuilder=If you have knowledge of SQL and PHP, you may use the n
 SeeTopRightMenu=See <span class="fa fa-bug"></span> on the top right menu
 AddLanguageFile=Add language file
 YouCanUseTranslationKey=You can use here a key that is the translation key found into language file (see tab "Languages")
-DropTableIfEmpty=(Delete table if empty)
+DropTableIfEmpty=(Destroy table if empty)
 TableDoesNotExists=The table %s does not exists
 TableDropped=Table %s deleted
 InitStructureFromExistingTable=Build the structure array string of an existing table
@ -138,4 +139,5 @@ ForeignKey=Foreign key
 TypeOfFieldsHelp=Type of fields:<br>varchar(99), double(24,8), real, text, html, datetime, timestamp, integer, integer:ClassName:relativepath/to/classfile.class.php[:1[:filter]] ('1' means we add a + button after the combo to create the record, 'filter' can be 'status=1 AND fk_user = __USER_ID AND entity IN (__SHARED_ENTITIES__)' for example)
 AsciiToHtmlConverter=Ascii to HTML converter
 AsciiToPdfConverter=Ascii to PDF converter
-TableNotEmptyDropCanceled=Table not empty. Drop has been canceled.
+TableNotEmptyDropCanceled=Table not empty. Drop has been canceled.
 ModuleBuilderNotAllowed=The module builder is available but not allowed to your user.
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@ -1125,20 +1125,20 @@ if (!function_exists("llxHeader"))
 	/**
 	 *	Show HTML header HTML + BODY + Top menu + left menu + DIV
 	 *
-	 * @param 	string 	$head				Optionnal head lines
+	 * @param 	string 			$head				Optionnal head lines
-	 * @param 	string 	$title				HTML title
+	 * @param 	string 			$title				HTML title
-	 * @param	string	$help_url			Url links to help page
+	 * @param	string			$help_url			Url links to help page
-	 * 		                            	Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage
+	 * 		                            			Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage
-	 *                                  	For other external page: http://server/url
+	 *                                  			For other external page: http://server/url
-	 * @param	string	$target				Target to use on links
+	 * @param	string			$target				Target to use on links
-	 * @param 	int    	$disablejs			More content into html header
+	 * @param 	int    			$disablejs			More content into html header
-	 * @param 	int    	$disablehead		More content into html header
+	 * @param 	int    			$disablehead		More content into html header
-	 * @param 	array  	$arrayofjs			Array of complementary js files
+	 * @param 	array|string  	$arrayofjs			Array of complementary js files
-	 * @param 	array  	$arrayofcss			Array of complementary css files
+	 * @param 	array|string  	$arrayofcss			Array of complementary css files
-	 * @param	string	$morequerystring	Query string to add to the link "print" to get same parameters (use only if autodetect fails)
+	 * @param	string			$morequerystring	Query string to add to the link "print" to get same parameters (use only if autodetect fails)
-	 * @param   string  $morecssonbody      More CSS on body tag.
+	 * @param   string  		$morecssonbody      More CSS on body tag. For example 'classforhorizontalscrolloftabs'.
-	 * @param	string	$replacemainareaby	Replace call to main_area() by a print of this string
+	 * @param	string			$replacemainareaby	Replace call to main_area() by a print of this string
-	 * @param	int		$disablenofollow	Disable the "nofollow" on page
+	 * @param	int				$disablenofollow	Disable the "nofollow" on page
 	 * @return	void
 	 */
 	function llxHeader($head = '', $title = '', $help_url = '', $target = '', $disablejs = 0, $disablehead = 0, $arrayofjs = '', $arrayofcss = '', $morequerystring = '', $morecssonbody = '', $replacemainareaby = '', $disablenofollow = 0)
--- a/htdocs/modulebuilder/index.php
+++ b/htdocs/modulebuilder/index.php
@ -57,8 +57,8 @@ $modulename = dol_sanitizeFileName(GETPOST('modulename', 'alpha'));
 $objectname = dol_sanitizeFileName(GETPOST('objectname', 'alpha'));
 // Security check
-if (empty($conf->modulebuilder->enabled)) accessforbidden('ModuleBuilderNotAllowed');
+if (empty($conf->modulebuilder->enabled)) accessforbidden();
-if (!$user->admin && empty($conf->global->MODULEBUILDER_FOREVERYONE)) accessforbidden('ModuleBuilderNotAllowed');
+if (!$user->admin && empty($conf->global->MODULEBUILDER_FOREVERYONE)) accessforbidden($langs->trans('ModuleBuilderNotAllowed'));
 // Dir for custom dirs
@ -226,12 +226,15 @@ if ($dirins && $action == 'initmodule' && $modulename)
 		// Delete dir and files that can be generated in sub tabs later if we need them (we want a minimal module first)
 		dol_delete_dir_recursive($destdir.'/build/doxygen');
 		dol_delete_dir_recursive($destdir.'/core/modules/mailings');
 		dol_delete_dir_recursive($destdir.'/core/modules/'.strtolower($modulename).'');
 		dol_delete_dir_recursive($destdir.'/core/tpl');
 		dol_delete_dir_recursive($destdir.'/core/triggers');
 		dol_delete_dir_recursive($destdir.'/doc');
 		dol_delete_dir_recursive($destdir.'/.tx');
 		dol_delete_dir_recursive($destdir.'/core/boxes');
 		dol_delete_file($destdir.'/admin/myobject_extrafields.php');
 		dol_delete_file($destdir.'/sql/data.sql');
 		dol_delete_file($destdir.'/sql/update_x.x.x-y.y.y.sql');
@ -902,9 +905,11 @@ if ($dirins && $action == 'initobject' && $module && $objectname)
 		$filetogenerate = array(
 			'myobject_card.php'=>strtolower($objectname).'_card.php',
 			'myobject_note.php'=>strtolower($objectname).'_note.php',
 			'myobject_contact.php'=>strtolower($objectname).'_contact.php',
 			'myobject_document.php'=>strtolower($objectname).'_document.php',
 			'myobject_agenda.php'=>strtolower($objectname).'_agenda.php',
 			'myobject_list.php'=>strtolower($objectname).'_list.php',
 			'admin/myobject_extrafields.php'=>'admin/'.strtolower($objectname).'_extrafields.php',
 			'lib/mymodule_myobject.lib.php'=>'lib/'.strtolower($module).'_'.strtolower($objectname).'.lib.php',
 			//'test/phpunit/MyObjectTest.php'=>'test/phpunit/'.strtolower($objectname).'Test.php',
 			'sql/llx_mymodule_myobject.sql'=>'sql/llx_'.strtolower($module).'_'.strtolower($objectname).'.sql',
@ -1332,9 +1337,11 @@ if ($dirins && $action == 'confirm_deleteobject' && $objectname)
 		$filetodelete = array(
 			'myobject_card.php'=>strtolower($objectname).'_card.php',
 			'myobject_note.php'=>strtolower($objectname).'_note.php',
 			'myobject_contact.php'=>strtolower($objectname).'_contact.php',
 			'myobject_document.php'=>strtolower($objectname).'_document.php',
 			'myobject_agenda.php'=>strtolower($objectname).'_agenda.php',
 			'myobject_list.php'=>strtolower($objectname).'_list.php',
 			'admin/myobject_extrafields.php'=>'admin/'.strtolower($objectname).'_extrafields.php',
 			'lib/mymodule_myobject.lib.php'=>'lib/'.strtolower($module).'_'.strtolower($objectname).'.lib.php',
 			'test/phpunit/MyObjectTest.php'=>'test/phpunit/'.strtolower($objectname).'Test.php',
 			'sql/llx_mymodule_myobject.sql'=>'sql/llx_'.strtolower($module).'_'.strtolower($objectname).'.sql',
@ -1772,7 +1779,7 @@ if ($module == 'initmodule')
 	print $langs->trans("EnterNameOfModuleToDeleteDesc").'<br><br>';
 	print '<input type="text" name="module" placeholder="'.dol_escape_htmltag($langs->trans("ModuleKey")).'" value="">';
-	print '<input type="submit" class="buttonDelete" value="'.$langs->trans("Delete").'"'.($dirins ? '' : ' disabled="disabled"').'>';
+	print '<input type="submit" class="button smallpaddingimp" value="'.$langs->trans("Delete").'"'.($dirins ? '' : ' disabled="disabled"').'>';
 	print '</form>';
 } elseif (!empty($module)) {
 	// Tabs for module
@ -2309,7 +2316,7 @@ if ($module == 'initmodule')
 				print $langs->trans("EnterNameOfObjectToDeleteDesc").'<br><br>';
 				print '<input type="text" name="objectname" value="'.dol_escape_htmltag($modulename).'" placeholder="'.dol_escape_htmltag($langs->trans("ObjectKey")).'">';
-				print '<input type="submit" class="buttonDelete" name="delete" value="'.dol_escape_htmltag($langs->trans("Delete")).'"'.($dirins ? '' : ' disabled="disabled"').'>';
+				print '<input type="submit" class="button smallpaddingimp" name="delete" value="'.dol_escape_htmltag($langs->trans("Delete")).'"'.($dirins ? '' : ' disabled="disabled"').'>';
 				print '</form>';
 			} else {
 				// tabobj = module
@ -2336,6 +2343,7 @@ if ($module == 'initmodule')
 						$pathtodocument = strtolower($module).'/'.strtolower($tabobj).'_document.php';
 						$pathtolist     = strtolower($module).'/'.strtolower($tabobj).'_list.php';
 						$pathtonote     = strtolower($module).'/'.strtolower($tabobj).'_note.php';
 						$pathtocontact  = strtolower($module).'/'.strtolower($tabobj).'_contact.php';
 						$pathtophpunit  = strtolower($module).'/test/phpunit/'.strtolower($tabobj).'Test.php';
 						$pathtosql      = strtolower($module).'/sql/llx_'.strtolower($module).'_'.strtolower($tabobj).'.sql';
 						$pathtosqlextra = strtolower($module).'/sql/llx_'.strtolower($module).'_'.strtolower($tabobj).'_extrafields.sql';
@ -2354,6 +2362,7 @@ if ($module == 'initmodule')
 						$realpathtodocument = $dirread.'/'.$pathtodocument;
 						$realpathtolist     = $dirread.'/'.$pathtolist;
 						$realpathtonote     = $dirread.'/'.$pathtonote;
 						$realpathtocontact  = $dirread.'/'.$pathtocontact;
 						$realpathtophpunit  = $dirread.'/'.$pathtophpunit;
 						$realpathtosql      = $dirread.'/'.$pathtosql;
 						$realpathtosqlextra = $dirread.'/'.$pathtosqlextra;
@ -2377,34 +2386,31 @@ if ($module == 'initmodule')
 						print ' <a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=editfile&format=php&file='.urlencode($pathtoclass).'">'.img_picto($langs->trans("Edit"), 'edit').'</a>';
 						print '<br>';
 						print '<span class="fa fa-file-o"></span> '.$langs->trans("ApiClassFile").' : <strong>'.($realpathtoapi ? '' : '<strike>').$pathtoapi.($realpathtoapi ? '' : '</strike>').'</strong>';
-						if ($realpathtoapi)
+						if (dol_is_file($realpathtoapi)) {
 						{
 							print ' <a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=editfile&format=php&file='.urlencode($pathtoapi).'">'.img_picto($langs->trans("Edit"), 'edit').'</a>';
 		   					print ' ';
 		   					print '<a class="reposition editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=confirm_removefile&file='.urlencode($pathtoapi).'">'.img_picto($langs->trans("Delete"), 'delete').'</a>';
 		   					print ' &nbsp; ';
 		   					if (empty($conf->global->$const_name))	// If module is not activated
 		   					{
-		   						print '<a href="#" target="apiexplorer" title="'.$langs->trans("ModuleMustBeEnabled", $module).'"><strike>'.$langs->trans("GoToApiExplorer").'</strike></a>';
+		   						print '<a href="#" class="classfortooltip" target="apiexplorer" title="'.$langs->trans("ModuleMustBeEnabled", $module).'"><strike>'.$langs->trans("GoToApiExplorer").'</strike></a>';
 		   					} else {
 		   						print '<a href="'.DOL_URL_ROOT.'/api/index.php/explorer/" target="apiexplorer">'.$langs->trans("GoToApiExplorer").'</a>';
 		   					}
 						} else {
 							//print '<span class="opacitymedium">'.$langs->trans("FileNotYetGenerated").'</span> ';
-							print '<a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initapi&format=php&file='.urlencode($pathtoapi).'"><input type="button" class="button buttongen" value="'.$langs->trans("Generate").'"></a>';
+							print '<a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initapi&format=php&file='.urlencode($pathtoapi).'"><input type="button" class="button smallpaddingimp" value="'.$langs->trans("Generate").'"></a>';
 						}
 						// PHPUnit
 						print '<br>';
 						print '<span class="fa fa-file-o"></span> '.$langs->trans("TestClassFile").' : <strong>'.($realpathtophpunit ? '' : '<strike>').$pathtophpunit.($realpathtophpunit ? '' : '</strike>').'</strong>';
-
+						if (dol_is_file($realpathtophpunit)) {
 						if ($realpathtophpunit)
 						{
 							print ' <a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=editfile&format=php&file='.urlencode($pathtophpunit).'">'.img_picto($langs->trans("Edit"), 'edit').'</a>';
 							print ' ';
 							print '<a class="reposition editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=confirm_removefile&file='.urlencode($pathtophpunit).'">'.img_picto($langs->trans("Delete"), 'delete').'</a>';
 						} else {
 							//print '<span class="opacitymedium">'.$langs->trans("FileNotYetGenerated").'</span> ';
-							print '<a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initphpunit&format=php&file='.urlencode($pathtophpunit).'"><input type="button" class="button buttongen" value="'.$langs->trans("Generate").'"></a>';
+							print '<a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initphpunit&format=php&file='.urlencode($pathtophpunit).'"><input type="button" class="button smallpaddingimp" value="'.$langs->trans("Generate").'"></a>';
 						}
 						print '<br>';
@ -2431,24 +2437,24 @@ if ($module == 'initmodule')
 						//print ' &nbsp; <a href="'.$_SERVER["PHP_SELF"].'">'.$langs->trans("RunSql").'</a>';
 						print '<br>';
 						print '<span class="fa fa-file-o"></span> '.$langs->trans("SqlFileExtraFields").' : <strong>'.($realpathtosqlextra ? '' : '<strike>').$pathtosqlextra.($realpathtosqlextra ? '' : '</strike>').'</strong>';
-						if ($realpathtosqlextra)
+						if (dol_is_file($realpathtosqlextra) && dol_is_file($realpathtosqlextrakey)) {
 						{
 							print ' <a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=editfile&file='.urlencode($pathtosqlextra).'">'.img_picto($langs->trans("Edit"), 'edit').'</a>';
 							print ' ';
 							print '<a class="reposition editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=confirm_removefile&file='.urlencode($pathtosqlextra).'">'.img_picto($langs->trans("Delete"), 'delete').'</a>';
 							print ' &nbsp; ';
 							print '<a class="reposition editfielda" href="'.$_SERVER["PHP_SELF"].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=droptableextrafields">'.$langs->trans("DropTableIfEmpty").'</a>';
 						} else {
-							print '<a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initsqlextrafields&format=sql&file='.urlencode($pathtosqlextra).'"><input type="button" class="button buttongen" value="'.$langs->trans("Generate").'"></a>';
+							print '<a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initsqlextrafields&format=sql&file='.urlencode($pathtosqlextra).'"><input type="button" class="button smallpaddingimp" value="'.$langs->trans("Generate").'"></a>';
 						}
 						//print ' &nbsp; <a href="'.$_SERVER["PHP_SELF"].'">'.$langs->trans("RunSql").'</a>';
 						print '<br>';
 						print '<span class="fa fa-file-o"></span> '.$langs->trans("SqlFileKeyExtraFields").' : <strong>'.($realpathtosqlextrakey ? '' : '<strike>').$pathtosqlextrakey.($realpathtosqlextrakey ? '' : '</strike>').'</strong>';
-						if ($realpathtosqlextrakey)
+						if (dol_is_file($realpathtosqlextra) && dol_is_file($realpathtosqlextrakey)) {
 						{
 							print ' <a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=editfile&format=sql&file='.urlencode($pathtosqlextrakey).'">'.img_picto($langs->trans("Edit"), 'edit').'</a>';
 							print ' ';
 							print '<a class="reposition editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=confirm_removefile&file='.urlencode($pathtosqlextrakey).'">'.img_picto($langs->trans("Delete"), 'delete').'</a>';
 						} else {
 							print '<a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initsqlextrafields&format=sql&file='.urlencode($pathtosqlextra).'"><input type="button" class="button smallpaddingimp" value="'.$langs->trans("Generate").'"></a>';
 						}
 						//print ' &nbsp; <a href="'.$_SERVER["PHP_SELF"].'">'.$langs->trans("RunSql").'</a>';
 						print '<br>';
@ -2463,30 +2469,34 @@ if ($module == 'initmodule')
 						print '<span class="fa fa-file-o"></span> '.$langs->trans("PageForCreateEditView").' : <strong><a href="'.$urlofcard.'?action=create" target="_test">'.($realpathtocard ? '' : '<strike>').$pathtocard.($realpathtocard ? '' : '</strike>').'?action=create</a></strong>';
 						print ' <a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=editfile&format=php&file='.urlencode($pathtocard).'">'.img_picto($langs->trans("Edit"), 'edit').'</a>';
 						print '<br>';
-						print '<span class="fa fa-file-o"></span> '.$langs->trans("PageForAgendaTab").' : <strong>'.($realpathtoagenda ? '' : '<strike>').$pathtoagenda.($realpathtoagenda ? '' : '</strike>').'</strong>';
+						print '<span class="fa fa-file-o"></span> '.$langs->trans("PageForContactTab").' : <strong>'.($realpathtocontact ? '' : '<strike>').$pathtocontact.($realpathtocontact ? '' : '</strike>').'</strong>';
-						print ' <a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=editfile&format=php&file='.urlencode($pathtoagenda).'">'.img_picto($langs->trans("Edit"), 'edit').'</a>';
+						print ' <a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=editfile&format=php&file='.urlencode($pathtocontact).'">'.img_picto($langs->trans("Edit"), 'edit').'</a>';
-						if ($realpathtoagenda)
+						if (dol_is_file($realpathtocontact)) {
 						{
 							print ' ';
-							print '<a class="reposition editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=confirm_removefile&file='.urlencode($pathtoagenda).'">'.img_picto($langs->trans("Delete"), 'delete').'</a>';
+							print '<a class="reposition editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=confirm_removefile&file='.urlencode($pathtocontact).'">'.img_picto($langs->trans("Delete"), 'delete').'</a>';
 						}
 						print '<br>';
 						print '<span class="fa fa-file-o"></span> '.$langs->trans("PageForDocumentTab").' : <strong>'.($realpathtodocument ? '' : '<strike>').$pathtodocument.($realpathtodocument ? '' : '</strike>').'</strong>';
 						print ' <a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=editfile&format=php&file='.urlencode($pathtodocument).'">'.img_picto($langs->trans("Edit"), 'edit').'</a>';
-						if ($realpathtodocument)
+						if (dol_is_file($realpathtodocument)) {
 						{
 							print ' ';
 							print '<a class="reposition editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=confirm_removefile&file='.urlencode($pathtodocument).'">'.img_picto($langs->trans("Delete"), 'delete').'</a>';
 						}
 						print '<br>';
 						print '<span class="fa fa-file-o"></span> '.$langs->trans("PageForNoteTab").' : <strong>'.($realpathtonote ? '' : '<strike>').$pathtonote.($realpathtonote ? '' : '</strike>').'</strong>';
 						print ' <a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=editfile&format=php&file='.urlencode($pathtonote).'">'.img_picto($langs->trans("Edit"), 'edit').'</a>';
-						if ($realpathtonote)
+						if (dol_is_file($realpathtonote)) {
 						{
 							print ' ';
 							print '<a class="reposition editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=confirm_removefile&file='.urlencode($pathtonote).'">'.img_picto($langs->trans("Delete"), 'delete').'</a>';
 						}
 						print '<br>';
 						print '<span class="fa fa-file-o"></span> '.$langs->trans("PageForAgendaTab").' : <strong>'.($realpathtoagenda ? '' : '<strike>').$pathtoagenda.($realpathtoagenda ? '' : '</strike>').'</strong>';
 						print ' <a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=editfile&format=php&file='.urlencode($pathtoagenda).'">'.img_picto($langs->trans("Edit"), 'edit').'</a>';
 						if (dol_is_file($realpathtoagenda)) {
 							print ' ';
 							print '<a class="reposition editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&tabobj='.$tabobj.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=confirm_removefile&file='.urlencode($pathtoagenda).'">'.img_picto($langs->trans("Delete"), 'delete').'</a>';
 						}
 						print '<br>';
 						/* This is already on Tab CLI
 						print '<br>';
@ -2533,8 +2543,7 @@ if ($module == 'initmodule')
 							print '<input type="hidden" name="module" value="'.dol_escape_htmltag($module.($forceddirread ? '@'.$dirread : '')).'">';
 							print '<input type="hidden" name="tabobj" value="'.dol_escape_htmltag($tabobj).'">';
-							print '<input class="button buttongen" type="submit" name="regenerateclasssql" value="'.$langs->trans("RegenerateClassAndSql").'">';
+							print '<input class="button smallpaddingimp" type="submit" name="regenerateclasssql" value="'.$langs->trans("RegenerateClassAndSql").'">';
 							//print '<input class="button buttongen" type="submit" name="regeneratemissing" value="'.$langs->trans("RegenerateMissingFiles").'">';
 							print '<br><br>';
 							print load_fiche_titre($langs->trans("ObjectProperties"), '', '');
@ -3073,7 +3082,7 @@ if ($module == 'initmodule')
 					print '<a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=confirm_removefile&format='.$format.'&file='.urlencode($pathtohook).'">'.img_picto($langs->trans("Delete"), 'delete').'</a></td>';
 				} else {
 					print '<span class="opacitymedium">'.$langs->trans("FileNotYetGenerated").'</span>';
-					print '<a href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=inithook&format=php&file='.urlencode($pathtohook).'"><input type="button" class="button buttongen" value="'.$langs->trans("Generate").'"></a></td>';
+					print '<a href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=inithook&format=php&file='.urlencode($pathtohook).'"><input type="button" class="button smallpaddingimp" value="'.$langs->trans("Generate").'"></a></td>';
 					print '<td></td>';
 				}
 				print '</tr>';
@ -3139,7 +3148,7 @@ if ($module == 'initmodule')
 				} else {
 					print '<tr><td>';
 					print '<span class="fa fa-file-o"></span> '.$langs->trans("NoTrigger");
-					print '<a href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=inittrigger&format=php"><input type="button" class="button buttongen" value="'.$langs->trans("Generate").'"></a></td>';
+					print '<a href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=inittrigger&format=php"><input type="button" class="button smallpaddingimp" value="'.$langs->trans("Generate").'"></a></td>';
 					print '<td></td>';
 					print '</tr>';
 				}
@ -3190,7 +3199,7 @@ if ($module == 'initmodule')
 					print '</td><td><a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=confirm_removefile&format='.$format.'&file='.urlencode($pathtohook).'">'.img_picto($langs->trans("Delete"), 'delete').'</a></td>';
 				} else {
 					print '<span class="opacitymedium">'.$langs->trans("FileNotYetGenerated").'</span>';
-					print '</td><td><a href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initcss&format=php&file='.urlencode($pathtohook).'"><input type="button" class="button buttongen" value="'.$langs->trans("Generate").'"></a></td>';
+					print '</td><td><a href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initcss&format=php&file='.urlencode($pathtohook).'"><input type="button" class="button smallpaddingimp" value="'.$langs->trans("Generate").'"></a></td>';
 				}
 				print '</tr>';
 			} else {
@ -3238,7 +3247,7 @@ if ($module == 'initmodule')
 					print '</td><td><a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=confirm_removefile&format='.$format.'&file='.urlencode($pathtohook).'">'.img_picto($langs->trans("Delete"), 'delete').'</a></td>';
 				} else {
 					print '<span class="opacitymedium">'.$langs->trans("FileNotYetGenerated").'</span>';
-					print '</td><td><a href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initjs&format=php&file='.urlencode($pathtohook).'"><input type="button" class="button buttongen" value="'.$langs->trans("Generate").'"></a></td>';
+					print '</td><td><a href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initjs&format=php&file='.urlencode($pathtohook).'"><input type="button" class="button smallpaddingimp" value="'.$langs->trans("Generate").'"></a></td>';
 				}
 				print '</tr>';
 			} else {
@ -3292,7 +3301,7 @@ if ($module == 'initmodule')
 					}
 				} else {
 					print '<tr><td><span class="fa fa-file-o"></span> '.$langs->trans("NoWidget");
-					print '</td><td><a href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initwidget&format=php"><input type="button" class="button buttongen" value="'.$langs->trans("Generate").'"></a>';
+					print '</td><td><a href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initwidget&format=php"><input type="button" class="button smallpaddingimp" value="'.$langs->trans("Generate").'"></a>';
 					print '</td></tr>';
 				}
 				print '</table>';
@ -3374,7 +3383,7 @@ if ($module == 'initmodule')
 					}
 				} else {
 					print '<tr><td><span class="fa fa-file-o"></span> '.$langs->trans("NoCLIFile");
-					print '</td><td><a href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initcli&format=php"><input type="button" class="button buttongen" value="'.$langs->trans("Generate").'"></a>';
+					print '</td><td><a href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initcli&format=php"><input type="button" class="button smallpaddingimp" value="'.$langs->trans("Generate").'"></a>';
 					print '</td></tr>';
 				}
 				print '</table>';
@ -3412,7 +3421,7 @@ if ($module == 'initmodule')
 			if ($action != 'editfile' || empty($file))
 			{
-				print '<span class="opacitymedium">'.$langs->trans("CronJobDefDesc", '<a href="'.DOL_URL_ROOT.'/cron/list.php">'.$langs->transnoentities('CronList').'</a>').'</span><br>';
+				print '<span class="opacitymedium">'.str_replace('{s1}', '<a href="'.DOL_URL_ROOT.'/cron/list.php">'.$langs->transnoentities('CronList').'</a>', $langs->trans("CronJobDefDesc", '{s1}')).'</span><br>';
 				print '<br>';
 				print '<span class="fa fa-file-o"></span> '.$langs->trans("DescriptorFile").' : <strong>'.$pathtofile.'</strong>';
@ -3547,7 +3556,7 @@ if ($module == 'initmodule')
 				} else {
 					print '<tr><td>';
 					print '<span class="fa fa-file-o"></span> '.$langs->trans("FileNotYetGenerated");
-					print '</td><td><a href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initdoc&format=php"><input type="button" class="button buttongen" value="'.$langs->trans("Generate").'"></a></td>';
+					print '</td><td><a href="'.$_SERVER['PHP_SELF'].'?tab='.$tab.'&module='.$module.($forceddirread ? '@'.$dirread : '').'&action=initdoc&format=php"><input type="button" class="button smallpaddingimp" value="'.$langs->trans("Generate").'"></a></td>';
 					print '</tr>';
 				}
 				print '</table>';
--- a/htdocs/modulebuilder/template/admin/myobject_extrafields.php
+++ b/htdocs/modulebuilder/template/admin/myobject_extrafields.php
@ -26,9 +26,22 @@
 *		\brief      Page to setup extra fields of myobject
 */
-require '../main.inc.php';
+// Load Dolibarr environment
-require_once DOL_DOCUMENT_ROOT.'/core/lib/bom.lib.php';
+$res = 0;
 // Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined)
 if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php";
 // Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME
 $tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1;
 while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { $i--; $j--; }
 if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php";
 if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php";
 // Try main.inc.php using relative path
 if (!$res && file_exists("../../main.inc.php")) $res = @include "../../main.inc.php";
 if (!$res && file_exists("../../../main.inc.php")) $res = @include "../../../main.inc.php";
 if (!$res) die("Include of main fails");
 require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php';
 require_once '../lib/mymodule.lib.php';
 // Load translation files required by the page
 $langs->loadLangs(array('mymodule@mymodule', 'admin'));
--- a/htdocs/modulebuilder/template/core/modules/modMyModule.class.php
+++ b/htdocs/modulebuilder/template/core/modules/modMyModule.class.php
@ -46,23 +46,31 @@ class modMyModule extends DolibarrModules
 		// Id for module (must be unique).
 		// Use here a free id (See in Home -> System information -> Dolibarr for list of used modules id).
 		$this->numero = 500000; // TODO Go on page https://wiki.dolibarr.org/index.php/List_of_modules_id to reserve an id number for your module
 		// Key text used to identify module (for permissions, menus, etc...)
 		$this->rights_class = 'mymodule';
 		// Family can be 'base' (core modules),'crm','financial','hr','projects','products','ecm','technic' (transverse modules),'interface' (link with external tools),'other','...'
 		// It is used to group modules by family in module setup page
 		$this->family = "other";
 		// Module position in the family on 2 digits ('01', '10', '20', ...)
 		$this->module_position = '90';
 		// Gives the possibility for the module, to provide his own family info and position of this family (Overwrite $this->family and $this->module_position. Avoid this)
 		//$this->familyinfo = array('myownfamily' => array('position' => '01', 'label' => $langs->trans("MyOwnFamily")));
 		// Module label (no space allowed), used if translation string 'ModuleMyModuleName' not found (MyModule is name of module).
 		$this->name = preg_replace('/^mod/i', '', get_class($this));
 		// Module description, used if translation string 'ModuleMyModuleDesc' not found (MyModule is name of module).
 		$this->description = "MyModuleDescription";
 		// Used only if file README.md and README-LL.md not found.
 		$this->descriptionlong = "MyModule description (Long)";
 		// Author
 		$this->editor_name = 'Editor name';
 		$this->editor_url = 'https://www.example.com';
 		// Possible values for version are: 'development', 'experimental', 'dolibarr', 'dolibarr_deprecated' or a version string like 'x.y.z'
 		$this->version = '1.0';
 		// Url to the file with your last numberversion of this module
@ -70,10 +78,13 @@ class modMyModule extends DolibarrModules
 		// Key used in llx_const table to save module status enabled/disabled (where MYMODULE is value of property name of module in uppercase)
 		$this->const_name = 'MAIN_MODULE_'.strtoupper($this->name);
 		// Name of image file used for this module.
 		// If file is in theme/yourtheme/img directory under name object_pictovalue.png, use this->picto='pictovalue'
 		// If file is in module/img directory under name object_pictovalue.png, use this->picto='pictovalue@module'
 		// To use a supported fa-xxx css style of font awesome, use this->picto='xxx'
 		$this->picto = 'generic';
 		// Define some features supported by module (triggers, login, substitutions, menus, css, etc...)
 		$this->module_parts = array(
 			// Set this to 1 if module has its own trigger directory (core/triggers)
@ -113,11 +124,14 @@ class modMyModule extends DolibarrModules
 			// Set this to 1 if features of module are opened to external users
 			'moduleforexternal' => 0,
 		);
 		// Data directories to create when module is enabled.
 		// Example: this->dirs = array("/mymodule/temp","/mymodule/subdir");
 		$this->dirs = array("/mymodule/temp");
 		// Config pages. Put here list of php page, stored into mymodule/admin directory, to use to setup module.
 		$this->config_page_url = array("setup.php@mymodule");
 		// Dependencies
 		// A condition to hide module
 		$this->hidden = false;
@ -125,9 +139,15 @@ class modMyModule extends DolibarrModules
 		$this->depends = array();
 		$this->requiredby = array(); // List of module class names as string to disable if this one is disabled. Example: array('modModuleToDisable1', ...)
 		$this->conflictwith = array(); // List of module class names as string this module is in conflict with. Example: array('modModuleToDisable1', ...)
 		// The language file dedicated to your module
 		$this->langfiles = array("mymodule@mymodule");
 		// Prerequisites
 		$this->phpmin = array(5, 5); // Minimum version of PHP required by module
 		$this->need_dolibarr_version = array(11, -3); // Minimum version of Dolibarr required by module
 		// Messages at activation
 		$this->warnings_activation = array(); // Warning to show when we activate module. array('always'='text') or array('FR'='textfr','ES'='textes'...)
 		$this->warnings_activation_ext = array(); // Warning to show when we activate an external module. array('always'='text') or array('FR'='textfr','ES'='textes'...)
 		//$this->automatic_activation = array('FR'=>'MyModuleWasAutomaticallyActivatedBecauseOfYourCountryChoice');
--- a/htdocs/modulebuilder/template/myobject_contact.php
+++ b/htdocs/modulebuilder/template/myobject_contact.php
@ -0,0 +1,203 @@
 <?php
 /* Copyright (C) 2007-2017 Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) ---Put here your own copyright and developer email---
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <https://www.gnu.org/licenses/>.
 */
 /**
 *  \file       htdocs/modulebuilder/template/myobject_contact.php
 *  \ingroup    mymodule
 *  \brief      Tab for contacts linked to MyObject
 */
 // Load Dolibarr environment
 $res = 0;
 // Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined)
 if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php";
 // Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME
 $tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1;
 while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { $i--; $j--; }
 if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php";
 if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php";
 // Try main.inc.php using relative path
 if (!$res && file_exists("../main.inc.php")) $res = @include "../main.inc.php";
 if (!$res && file_exists("../../main.inc.php")) $res = @include "../../main.inc.php";
 if (!$res && file_exists("../../../main.inc.php")) $res = @include "../../../main.inc.php";
 if (!$res) die("Include of main fails");
 require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php';
 require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';
 dol_include_once('/mymodule/class/myobject.class.php');
 dol_include_once('/mymodule/lib/mymodule_myobject.lib.php');
 // Load translation files required by the page
 $langs->loadLangs(array("mymodule@mymodule", "companies", "other", "mails"));
 $id     = (GETPOST('id') ?GETPOST('id', 'int') : GETPOST('facid', 'int')); // For backward compatibility
 $ref    = GETPOST('ref', 'alpha');
 $lineid = GETPOST('lineid', 'int');
 $socid  = GETPOST('socid', 'int');
 $action = GETPOST('action', 'aZ09');
 // Initialize technical objects
 $object = new MyObject($db);
 $extrafields = new ExtraFields($db);
 $diroutputmassaction = $conf->mymodule->dir_output.'/temp/massgeneration/'.$user->id;
 $hookmanager->initHooks(array('myobjectcontact', 'globalcard')); // Note that conf->hooks_modules contains array
 // Fetch optionals attributes and labels
 $extrafields->fetch_name_optionals_label($object->table_element);
 // Load object
 include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once  // Must be include, not include_once. Include fetch and fetch_thirdparty but not fetch_optionals
 // Security check - Protection if external user
 //if ($user->socid > 0) accessforbidden();
 //if ($user->socid > 0) $socid = $user->socid;
 //$result = restrictedArea($user, 'mymodule', $object->id);
 $permission = $user->rights->mymodule->myobject->write;
 /*
 * Add a new contact
 */
 if ($action == 'addcontact' && $permission)
 {
 	$contactid = (GETPOST('userid') ? GETPOST('userid', 'int') : GETPOST('contactid', 'int'));
 	$typeid = (GETPOST('typecontact') ? GETPOST('typecontact') : GETPOST('type'));
 	$result = $object->add_contact($contactid, $typeid, GETPOST("source", 'aZ09'));
 	if ($result >= 0)
 	{
 		header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id);
 		exit;
 	} else {
 		if ($object->error == 'DB_ERROR_RECORD_ALREADY_EXISTS')
 		{
 			$langs->load("errors");
 			setEventMessages($langs->trans("ErrorThisContactIsAlreadyDefinedAsThisType"), null, 'errors');
 		} else {
 			setEventMessages($object->error, $object->errors, 'errors');
 		}
 	}
 } // Toggle the status of a contact
 elseif ($action == 'swapstatut' && $permission)
 {
 	$result = $object->swapContactStatus(GETPOST('ligne'));
 } // Deletes a contact
 elseif ($action == 'deletecontact' && $permission)
 {
 	$result = $object->delete_contact($lineid);
 	if ($result >= 0)
 	{
 		header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id);
 		exit;
 	} else {
 		dol_print_error($db);
 	}
 }
 /*
 * View
 */
 $title = $langs->trans('MyObject')." - ".$langs->trans('ContactsAddresses');
 $help_url = '';
 //$help_url='EN:Module_Third_Parties|FR:Module_Tiers|ES:Empresas';
 llxHeader('', $title, $help_url);
 $form = new Form($db);
 $formcompany = new FormCompany($db);
 $contactstatic = new Contact($db);
 $userstatic = new User($db);
 /* *************************************************************************** */
 /*                                                                             */
 /* View and edit mode                                                         */
 /*                                                                             */
 /* *************************************************************************** */
 if ($object->id)
 {
 	/*
 	 * Show tabs
 	 */
 	$head = myobjectPrepareHead($object);
 	print dol_get_fiche_head($head, 'contact', $langs->trans("MyObject"), -1, $object->picto);
 	$linkback = '<a href="'.dol_buildpath('/mymodule/myobject_list.php', 1).'?restore_lastsearch_values=1'.(!empty($socid) ? '&socid='.$socid : '').'">'.$langs->trans("BackToList").'</a>';
 	$morehtmlref = '<div class="refidno">';
 	/*
 	 // Ref customer
 	 $morehtmlref.=$form->editfieldkey("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', 0, 1);
 	 $morehtmlref.=$form->editfieldval("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', null, null, '', 1);
 	 // Thirdparty
 	 $morehtmlref.='<br>'.$langs->trans('ThirdParty') . ' : ' . (is_object($object->thirdparty) ? $object->thirdparty->getNomUrl(1) : '');
 	 // Project
 	 if (! empty($conf->projet->enabled))
 	 {
 	 $langs->load("projects");
 	 $morehtmlref.='<br>'.$langs->trans('Project') . ' ';
 	 if ($permissiontoadd)
 	 {
 	 if ($action != 'classify')
 	 //$morehtmlref.='<a class="editfielda" href="' . $_SERVER['PHP_SELF'] . '?action=classify&amp;id=' . $object->id . '">' . img_edit($langs->transnoentitiesnoconv('SetProject')) . '</a> : ';
 	 $morehtmlref.=' : ';
 	 if ($action == 'classify') {
 	 //$morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'projectid', 0, 0, 1, 1);
 	 $morehtmlref.='<form method="post" action="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'">';
 	 $morehtmlref.='<input type="hidden" name="action" value="classin">';
 	 $morehtmlref.='<input type="hidden" name="token" value="'.newToken().'">';
 	 $morehtmlref.=$formproject->select_projects($object->socid, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1);
 	 $morehtmlref.='<input type="submit" class="button valignmiddle" value="'.$langs->trans("Modify").'">';
 	 $morehtmlref.='</form>';
 	 } else {
 	 $morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1);
 	 }
 	 } else {
 	 if (! empty($object->fk_project)) {
 	 $proj = new Project($db);
 	 $proj->fetch($object->fk_project);
 	 $morehtmlref .= ': '.$proj->getNomUrl();
 	 } else {
 	 $morehtmlref .= '';
 	 }
 	 }
 	 }*/
 	$morehtmlref .= '</div>';
 	dol_banner_tab($object, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref, '', 0, '', '', 1);
 	print dol_get_fiche_end();
 	print '<br>';
 	// Contacts lines (modules that overwrite templates must declare this into descriptor)
 	$dirtpls = array_merge($conf->modules_parts['tpl'], array('/core/tpl'));
 	foreach ($dirtpls as $reldir)
 	{
 		$res = @include dol_buildpath($reldir.'/contacts.tpl.php');
 		if ($res) break;
 	}
 }
 // End of page
 llxFooter();
 $db->close();
--- a/htdocs/product/class/product.class.php
+++ b/htdocs/product/class/product.class.php
@ -2395,7 +2395,7 @@ class Product extends CommonObject
 	public function load_stats_mo($socid = 0)
 	{
 		// phpcs:enable
-		global $user, $hookmanager;
+		global $user, $hookmanager, $action;
 		$error = 0;
@ -2408,7 +2408,7 @@ class Product extends CommonObject
 			$sql .= " SUM(mp.qty) as qty";
 			$sql .= " FROM ".MAIN_DB_PREFIX."mrp_mo as c";
 			$sql .= " INNER JOIN ".MAIN_DB_PREFIX."mrp_production as mp ON mp.fk_mo=c.rowid";
-			if (!$user->rights->societe->client->voir && !$socid) {
+			if (empty($user->rights->societe->client->voir) && !$socid) {
 				$sql .= "INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc=c.fk_soc AND sc.fk_user = ".$user->id;
 			}
 			$sql .= " WHERE ";
@ -2527,14 +2527,14 @@ class Product extends CommonObject
 		$sql .= " FROM ".MAIN_DB_PREFIX."propaldet as pd";
 		$sql .= ", ".MAIN_DB_PREFIX."propal as p";
 		$sql .= ", ".MAIN_DB_PREFIX."societe as s";
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql .= " WHERE p.rowid = pd.fk_propal";
 		$sql .= " AND p.fk_soc = s.rowid";
 		$sql .= " AND p.entity IN (".getEntity('propal').")";
 		$sql .= " AND pd.fk_product = ".$this->id;
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		//$sql.= " AND pr.fk_statut != 0";
@ -2593,23 +2593,26 @@ class Product extends CommonObject
 	public function load_stats_proposal_supplier($socid = 0)
 	{
 		// phpcs:enable
-		global $conf, $user, $hookmanager;
+		global $conf, $user, $hookmanager, $action;
 		$sql = "SELECT COUNT(DISTINCT p.fk_soc) as nb_suppliers, COUNT(DISTINCT p.rowid) as nb,";
 		$sql .= " COUNT(pd.rowid) as nb_rows, SUM(pd.qty) as qty";
 		$sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposaldet as pd";
 		$sql .= ", ".MAIN_DB_PREFIX."supplier_proposal as p";
 		$sql .= ", ".MAIN_DB_PREFIX."societe as s";
-		if (!$user->rights->societe->client->voir && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql .= " WHERE p.rowid = pd.fk_supplier_proposal";
 		$sql .= " AND p.fk_soc = s.rowid";
 		$sql .= " AND p.entity IN (".getEntity('supplier_proposal').")";
 		$sql .= " AND pd.fk_product = ".$this->id;
-		if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		//$sql.= " AND pr.fk_statut != 0";
-		if ($socid > 0) {    $sql .= " AND p.fk_soc = ".$socid;
+		if ($socid > 0) {
 			$sql .= " AND p.fk_soc = ".$socid;
 		}
 		$result = $this->db->query($sql);
@ -2651,21 +2654,21 @@ class Product extends CommonObject
 		$sql .= " FROM ".MAIN_DB_PREFIX."commandedet as cd";
 		$sql .= ", ".MAIN_DB_PREFIX."commande as c";
 		$sql .= ", ".MAIN_DB_PREFIX."societe as s";
-		if (!$user->rights->societe->client->voir && !$socid && !$forVirtualStock) {
+		if (empty($user->rights->societe->client->voir) && !$socid && !$forVirtualStock) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql .= " WHERE c.rowid = cd.fk_commande";
 		$sql .= " AND c.fk_soc = s.rowid";
 		$sql .= " AND c.entity IN (".getEntity($forVirtualStock && !empty($conf->global->STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE) ? 'stock' : 'commande').")";
 		$sql .= " AND cd.fk_product = ".$this->id;
-		if (!$user->rights->societe->client->voir && !$socid && !$forVirtualStock) {
+		if (empty($user->rights->societe->client->voir) && !$socid && !$forVirtualStock) {
 			$sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		if ($socid > 0) {
 			$sql .= " AND c.fk_soc = ".$socid;
 		}
 		if ($filtrestatut <> '') {
-			$sql .= " AND c.fk_statut in (".$filtrestatut.")";
+			$sql .= " AND c.fk_statut in (".$this->db->sanitize($filtrestatut).")";
 		}
 		$result = $this->db->query($sql);
@ -2744,28 +2747,28 @@ class Product extends CommonObject
 	public function load_stats_commande_fournisseur($socid = 0, $filtrestatut = '', $forVirtualStock = 0)
 	{
 		// phpcs:enable
-		global $conf, $user, $hookmanager;
+		global $conf, $user, $hookmanager, $action;
 		$sql = "SELECT COUNT(DISTINCT c.fk_soc) as nb_suppliers, COUNT(DISTINCT c.rowid) as nb,";
 		$sql .= " COUNT(cd.rowid) as nb_rows, SUM(cd.qty) as qty";
 		$sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseurdet as cd";
 		$sql .= ", ".MAIN_DB_PREFIX."commande_fournisseur as c";
 		$sql .= ", ".MAIN_DB_PREFIX."societe as s";
-		if (!$user->rights->societe->client->voir && !$socid && !$forVirtualStock) {
+		if (empty($user->rights->societe->client->voir) && !$socid && !$forVirtualStock) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql .= " WHERE c.rowid = cd.fk_commande";
 		$sql .= " AND c.fk_soc = s.rowid";
 		$sql .= " AND c.entity IN (".getEntity($forVirtualStock && !empty($conf->global->STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE) ? 'stock' : 'supplier_order').")";
 		$sql .= " AND cd.fk_product = ".$this->id;
-		if (!$user->rights->societe->client->voir && !$socid && !$forVirtualStock) {
+		if (empty($user->rights->societe->client->voir) && !$socid && !$forVirtualStock) {
 			$sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		if ($socid > 0) {
 			$sql .= " AND c.fk_soc = ".$socid;
 		}
 		if ($filtrestatut != '') {
-			$sql .= " AND c.fk_statut in (".$filtrestatut.")"; // Peut valoir 0
+			$sql .= " AND c.fk_statut in (".$this->db->sanitize($filtrestatut).")"; // Peut valoir 0
 		}
 		$result = $this->db->query($sql);
@ -2809,7 +2812,7 @@ class Product extends CommonObject
 		$sql .= ", ".MAIN_DB_PREFIX."commande as c";
 		$sql .= ", ".MAIN_DB_PREFIX."expedition as e";
 		$sql .= ", ".MAIN_DB_PREFIX."societe as s";
-		if (!$user->rights->societe->client->voir && !$socid && !$forVirtualStock) {
+		if (empty($user->rights->societe->client->voir) && !$socid && !$forVirtualStock) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql .= " WHERE e.rowid = ed.fk_expedition";
@ -2818,16 +2821,16 @@ class Product extends CommonObject
 		$sql .= " AND e.entity IN (".getEntity($forVirtualStock && !empty($conf->global->STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE) ? 'stock' : 'expedition').")";
 		$sql .= " AND ed.fk_origin_line = cd.rowid";
 		$sql .= " AND cd.fk_product = ".$this->id;
-		if (!$user->rights->societe->client->voir && !$socid && !$forVirtualStock) {
+		if (empty($user->rights->societe->client->voir) && !$socid && !$forVirtualStock) {
 			$sql .= " AND e.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		if ($socid > 0) {
 			$sql .= " AND e.fk_soc = ".$socid;
 		}
 		if ($filtrestatut <> '') {
-			$sql .= " AND c.fk_statut in (".$filtrestatut.")";
+			$sql .= " AND c.fk_statut IN (".$this->db->sanitize($filtrestatut).")";
 		}
-		if (!empty($filterShipmentStatus)) $sql .= " AND e.fk_statut IN (".$filterShipmentStatus.")";
+		if (!empty($filterShipmentStatus)) $sql .= " AND e.fk_statut IN (".$this->db->sanitize($filterShipmentStatus).")";
 		$result = $this->db->query($sql);
 		if ($result) {
@ -2881,24 +2884,28 @@ class Product extends CommonObject
 	public function load_stats_reception($socid = 0, $filtrestatut = '', $forVirtualStock = 0)
 	{
 		// phpcs:enable
-		global $conf, $user, $hookmanager;
+		global $conf, $user, $hookmanager, $action;
 		$sql = "SELECT COUNT(DISTINCT cf.fk_soc) as nb_suppliers, COUNT(DISTINCT cf.rowid) as nb,";
 		$sql .= " COUNT(fd.rowid) as nb_rows, SUM(fd.qty) as qty";
 		$sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur_dispatch as fd";
 		$sql .= ", ".MAIN_DB_PREFIX."commande_fournisseur as cf";
 		$sql .= ", ".MAIN_DB_PREFIX."societe as s";
-		if (!$user->rights->societe->client->voir && !$socid && !$forVirtualStock) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
+		if (empty($user->rights->societe->client->voir) && !$socid && !$forVirtualStock) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql .= " WHERE cf.rowid = fd.fk_commande";
 		$sql .= " AND cf.fk_soc = s.rowid";
 		$sql .= " AND cf.entity IN (".getEntity($forVirtualStock && !empty($conf->global->STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE) ? 'stock' : 'supplier_order').")";
 		$sql .= " AND fd.fk_product = ".$this->id;
-		if (!$user->rights->societe->client->voir && !$socid && !$forVirtualStock) { $sql .= " AND cf.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
+		if (empty($user->rights->societe->client->voir) && !$socid && !$forVirtualStock) {
 			$sql .= " AND cf.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
-		if ($socid > 0) {    $sql .= " AND cf.fk_soc = ".$socid;
+		if ($socid > 0) {
 			$sql .= " AND cf.fk_soc = ".$socid;
 		}
-		if ($filtrestatut <> '') { $sql .= " AND cf.fk_statut in (".$filtrestatut.")";
+		if ($filtrestatut <> '') {
 			$sql .= " AND cf.fk_statut IN (".$this->db->sanitize($filtrestatut).")";
 		}
 		$result = $this->db->query($sql);
@ -2939,20 +2946,20 @@ class Product extends CommonObject
 		$sql .= " FROM ".MAIN_DB_PREFIX."mrp_production as mp";
 		$sql .= ", ".MAIN_DB_PREFIX."mrp_mo as m";
 		$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = m.fk_soc";
-		if (!$user->rights->societe->client->voir && !$socid && !$forVirtualStock) {
+		if (empty($user->rights->societe->client->voir) && !$socid && !$forVirtualStock) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql .= " WHERE m.rowid = mp.fk_mo";
 		$sql .= " AND m.entity IN (".getEntity($forVirtualStock && !empty($conf->global->STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE) ? 'stock' : 'mrp').")";
 		$sql .= " AND mp.fk_product = ".$this->id;
-		if (!$user->rights->societe->client->voir && !$socid && !$forVirtualStock) {
+		if (empty($user->rights->societe->client->voir) && !$socid && !$forVirtualStock) {
 			$sql .= " AND m.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		if ($socid > 0) {
 			$sql .= " AND m.fk_soc = ".$socid;
 		}
 		if ($filtrestatut <> '') {
-			$sql .= " AND m.status in (".$filtrestatut.")";
+			$sql .= " AND m.status IN (".$this->db->sanitize($filtrestatut).")";
 		}
 		$sql .= " GROUP BY role";
@ -3026,14 +3033,14 @@ class Product extends CommonObject
 		$sql .= " FROM ".MAIN_DB_PREFIX."contratdet as cd";
 		$sql .= ", ".MAIN_DB_PREFIX."contrat as c";
 		$sql .= ", ".MAIN_DB_PREFIX."societe as s";
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql .= " WHERE c.rowid = cd.fk_contrat";
 		$sql .= " AND c.fk_soc = s.rowid";
 		$sql .= " AND c.entity IN (".getEntity('contract').")";
 		$sql .= " AND cd.fk_product = ".$this->id;
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		//$sql.= " AND c.statut != 0";
@ -3098,14 +3105,14 @@ class Product extends CommonObject
 		$sql .= " FROM ".MAIN_DB_PREFIX."facturedet as fd";
 		$sql .= ", ".MAIN_DB_PREFIX."facture as f";
 		$sql .= ", ".MAIN_DB_PREFIX."societe as s";
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql .= " WHERE f.rowid = fd.fk_facture";
 		$sql .= " AND f.fk_soc = s.rowid";
 		$sql .= " AND f.entity IN (".getEntity('invoice').")";
 		$sql .= " AND fd.fk_product = ".$this->id;
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		//$sql.= " AND f.fk_statut != 0";
@ -3163,21 +3170,21 @@ class Product extends CommonObject
 	public function load_stats_facture_fournisseur($socid = 0)
 	{
 		// phpcs:enable
-		global $conf, $user, $hookmanager;
+		global $conf, $user, $hookmanager, $action;
 		$sql = "SELECT COUNT(DISTINCT f.fk_soc) as nb_suppliers, COUNT(DISTINCT f.rowid) as nb,";
 		$sql .= " COUNT(fd.rowid) as nb_rows, SUM(fd.qty) as qty";
 		$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn_det as fd";
 		$sql .= ", ".MAIN_DB_PREFIX."facture_fourn as f";
 		$sql .= ", ".MAIN_DB_PREFIX."societe as s";
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql .= " WHERE f.rowid = fd.fk_facture_fourn";
 		$sql .= " AND f.fk_soc = s.rowid";
 		$sql .= " AND f.entity IN (".getEntity('facture_fourn').")";
 		$sql .= " AND fd.fk_product = ".$this->id;
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		//$sql.= " AND f.fk_statut != 0";
@ -3302,7 +3309,7 @@ class Product extends CommonObject
 		if ($filteronproducttype >= 0) {
 			$sql .= ", ".MAIN_DB_PREFIX."product as p";
 		}
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql .= " WHERE f.rowid = d.fk_facture";
@ -3312,11 +3319,11 @@ class Product extends CommonObject
 			$sql .= " AND d.fk_product > 0";
 		}
 		if ($filteronproducttype >= 0) {
-			$sql .= " AND p.rowid = d.fk_product AND p.fk_product_type =".$filteronproducttype;
+			$sql .= " AND p.rowid = d.fk_product AND p.fk_product_type = ".((int) $filteronproducttype);
 		}
 		$sql .= " AND f.fk_soc = s.rowid";
 		$sql .= " AND f.entity IN (".getEntity('invoice').")";
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		if ($socid > 0) {
@ -3355,7 +3362,7 @@ class Product extends CommonObject
 		if ($filteronproducttype >= 0) {
 			$sql .= ", ".MAIN_DB_PREFIX."product as p";
 		}
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql .= " WHERE f.rowid = d.fk_facture_fourn";
@ -3365,11 +3372,11 @@ class Product extends CommonObject
 			$sql .= " AND d.fk_product > 0";
 		}
 		if ($filteronproducttype >= 0) {
-			$sql .= " AND p.rowid = d.fk_product AND p.fk_product_type =".$filteronproducttype;
+			$sql .= " AND p.rowid = d.fk_product AND p.fk_product_type = ".((int) $filteronproducttype);
 		}
 		$sql .= " AND f.fk_soc = s.rowid";
 		$sql .= " AND f.entity IN (".getEntity('facture_fourn').")";
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		if ($socid > 0) {
@ -3406,7 +3413,7 @@ class Product extends CommonObject
 		if ($filteronproducttype >= 0) {
 			$sql .= ", ".MAIN_DB_PREFIX."product as prod";
 		}
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql .= " WHERE p.rowid = d.fk_propal";
@ -3416,11 +3423,11 @@ class Product extends CommonObject
 			$sql .= " AND d.fk_product > 0";
 		}
 		if ($filteronproducttype >= 0) {
-			$sql .= " AND prod.rowid = d.fk_product AND prod.fk_product_type =".$filteronproducttype;
+			$sql .= " AND prod.rowid = d.fk_product AND prod.fk_product_type = ".((int) $filteronproducttype);
 		}
 		$sql .= " AND p.fk_soc = s.rowid";
 		$sql .= " AND p.entity IN (".getEntity('propal').")";
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		if ($socid > 0) {
@ -3458,7 +3465,7 @@ class Product extends CommonObject
 		if ($filteronproducttype >= 0) {
 			$sql .= ", ".MAIN_DB_PREFIX."product as prod";
 		}
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql .= " WHERE p.rowid = d.fk_supplier_proposal";
@ -3468,11 +3475,11 @@ class Product extends CommonObject
 			$sql .= " AND d.fk_product > 0";
 		}
 		if ($filteronproducttype >= 0) {
-			$sql .= " AND prod.rowid = d.fk_product AND prod.fk_product_type =".$filteronproducttype;
+			$sql .= " AND prod.rowid = d.fk_product AND prod.fk_product_type = ".((int) $filteronproducttype);
 		}
 		$sql .= " AND p.fk_soc = s.rowid";
 		$sql .= " AND p.entity IN (".getEntity('supplier_proposal').")";
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		if ($socid > 0) {
@ -3509,7 +3516,7 @@ class Product extends CommonObject
 		if ($filteronproducttype >= 0) {
 			$sql .= ", ".MAIN_DB_PREFIX."product as p";
 		}
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql .= " WHERE c.rowid = d.fk_commande";
@ -3519,11 +3526,11 @@ class Product extends CommonObject
 			$sql .= " AND d.fk_product > 0";
 		}
 		if ($filteronproducttype >= 0) {
-			$sql .= " AND p.rowid = d.fk_product AND p.fk_product_type =".$filteronproducttype;
+			$sql .= " AND p.rowid = d.fk_product AND p.fk_product_type = ".((int) $filteronproducttype);
 		}
 		$sql .= " AND c.fk_soc = s.rowid";
 		$sql .= " AND c.entity IN (".getEntity('commande').")";
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		if ($socid > 0) {
@ -3560,7 +3567,7 @@ class Product extends CommonObject
 		if ($filteronproducttype >= 0) {
 			$sql .= ", ".MAIN_DB_PREFIX."product as p";
 		}
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql .= " WHERE c.rowid = d.fk_commande";
@ -3570,11 +3577,11 @@ class Product extends CommonObject
 			$sql .= " AND d.fk_product > 0";
 		}
 		if ($filteronproducttype >= 0) {
-			$sql .= " AND p.rowid = d.fk_product AND p.fk_product_type =".$filteronproducttype;
+			$sql .= " AND p.rowid = d.fk_product AND p.fk_product_type = ".((int) $filteronproducttype);
 		}
 		$sql .= " AND c.fk_soc = s.rowid";
 		$sql .= " AND c.entity IN (".getEntity('supplier_order').")";
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		if ($socid > 0) {
@ -3611,7 +3618,7 @@ class Product extends CommonObject
 		if ($filteronproducttype >= 0) {
 			$sql .= ", ".MAIN_DB_PREFIX."product as p";
 		}
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
@ -3624,11 +3631,11 @@ class Product extends CommonObject
 			$sql .= " AND d.fk_product > 0";
 		}
 		if ($filteronproducttype >= 0) {
-			$sql .= " AND p.rowid = d.fk_product AND p.fk_product_type =".$filteronproducttype;
+			$sql .= " AND p.rowid = d.fk_product AND p.fk_product_type = ".((int) $filteronproducttype);
 		}
 		$sql .= " AND c.fk_soc = s.rowid";
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		if ($socid > 0) {
@ -3665,7 +3672,7 @@ class Product extends CommonObject
 		if ($filteronproducttype >= 0) {
 			$sql .= ", ".MAIN_DB_PREFIX."product as p";
 		}
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
@ -3678,10 +3685,10 @@ class Product extends CommonObject
 			$sql .= " AND d.fk_product > 0";
 		}
 		if ($filteronproducttype >= 0) {
-			$sql .= " AND p.rowid = d.fk_product AND p.fk_product_type =".$filteronproducttype;
+			$sql .= " AND p.rowid = d.fk_product AND p.fk_product_type = ".((int) $filteronproducttype);
 		}
-		if (!$user->rights->societe->client->voir && !$socid) {
+		if (empty($user->rights->societe->client->voir) && !$socid) {
 			$sql .= " AND d.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id;
 		}
 		if ($socid > 0) {
--- a/htdocs/product/fournisseurs.php
+++ b/htdocs/product/fournisseurs.php
@ -365,7 +365,7 @@ if (GETPOST("type") == '1' || ($object->type == Product::TYPE_SERVICE))
 	$helpurl = 'EN:Module_Services_En|FR:Module_Services|ES:M&oacute;dulo_Servicios';
 }
-llxHeader('', $title, $helpurl);
+llxHeader('', $title, $helpurl, '', 0, 0, '', '', '', 'classforhorizontalscrolloftabs');
 $form = new Form($db);
@ -920,9 +920,9 @@ END;
 				$param = "&id=".$object->id;
 				print '<tr class="liste_titre">';
-				if (!empty($arrayfields['pfp.datec']['checked']))					print_liste_field_titre("AppliedPricesFrom", $_SERVER["PHP_SELF"], "pfp.datec", "", $param, "", $sortfield, $sortorder);
+				if (!empty($arrayfields['pfp.datec']['checked']))					print_liste_field_titre("AppliedPricesFrom", $_SERVER["PHP_SELF"], "pfp.datec", "", $param, "", $sortfield, $sortorder, '', '', 1);
-				if (!empty($arrayfields['s.nom']['checked']))						print_liste_field_titre("Suppliers", $_SERVER["PHP_SELF"], "s.nom", "", $param, "", $sortfield, $sortorder);
+				if (!empty($arrayfields['s.nom']['checked']))						print_liste_field_titre("Suppliers", $_SERVER["PHP_SELF"], "s.nom", "", $param, "", $sortfield, $sortorder, '', '', 1);
-				print_liste_field_titre("SupplierRef", $_SERVER["PHP_SELF"], "", "", $param, "", $sortfield, $sortorder);
+				print_liste_field_titre("SupplierRef", $_SERVER["PHP_SELF"], "", "", $param, "", $sortfield, $sortorder, '', '', 1);
 				if (!empty($arrayfields['pfp.fk_availability']['checked']))			print_liste_field_titre("Availability", $_SERVER["PHP_SELF"], "pfp.fk_availability", "", $param, "", $sortfield, $sortorder);
 				if (!empty($arrayfields['pfp.quantity']['checked']))				print_liste_field_titre("QtyMin", $_SERVER["PHP_SELF"], "pfp.quantity", "", $param, '', $sortfield, $sortorder, 'right ');
 				print_liste_field_titre("VATRate", $_SERVER["PHP_SELF"], '', '', $param, '', $sortfield, $sortorder, 'right ');
--- a/htdocs/product/list.php
+++ b/htdocs/product/list.php
@ -261,6 +261,9 @@ $parameters = array();
 $reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
 if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
 $rightskey = 'produit';
 if ($type == Product::TYPE_SERVICE) $rightskey = 'service';
 if (empty($reshook))
 {
 	// Selection of new fields
@ -299,8 +302,8 @@ if (empty($reshook))
 	if ((string) $search_type == '1') { $objectlabel = 'Services'; }
 	if ((string) $search_type == '0') { $objectlabel = 'Products'; }
-	$permissiontoread = $user->rights->produit->lire;
+	$permissiontoread = $user->rights->{$rightskey}->lire;
-	$permissiontodelete = $user->rights->produit->supprimer;
+	$permissiontodelete = $user->rights->{$rightskey}->supprimer;
 	$uploaddir = $conf->product->dir_output;
 	include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
 }
@ -530,6 +533,7 @@ if ($resql)
 		//'builddoc'=>$langs->trans("PDFMerge"),
 		//'presend'=>$langs->trans("SendByMail"),
 	);
 	$rightskey = 'produit';
 	if ($type == Product::TYPE_SERVICE) $rightskey = 'service';
 	if ($user->rights->{$rightskey}->supprimer) $arrayofmassactions['predelete'] = "<span class='fa fa-trash paddingrightonly'></span>".$langs->trans("Delete");
--- a/htdocs/product/price.php
+++ b/htdocs/product/price.php
@ -705,7 +705,7 @@ if (GETPOST("type") == '1' || ($object->type == Product::TYPE_SERVICE))
 	$helpurl = 'EN:Module_Services_En|FR:Module_Services|ES:M&oacute;dulo_Servicios';
 }
-llxHeader('', $title, $helpurl);
+llxHeader('', $title, $helpurl, '', 0, 0, '', '', '', 'classforhorizontalscrolloftabs');
 $head = product_prepare_head($object);
 $titre = $langs->trans("CardProduct".$object->type);
--- a/htdocs/projet/list.php
+++ b/htdocs/projet/list.php
@ -454,7 +454,7 @@ $arrayofmassactions = array(
 );
 //if($user->rights->societe->creer) $arrayofmassactions['createbills']=$langs->trans("CreateInvoiceForThisCustomer");
 if ($user->rights->projet->creer) $arrayofmassactions['close'] = $langs->trans("Close");
-if ($user->rights->societe->supprimer) $arrayofmassactions['predelete'] = '<span class="fa fa-trash paddingrightonly"></span>'.$langs->trans("Delete");
+if ($user->rights->projet->supprimer) $arrayofmassactions['predelete'] = '<span class="fa fa-trash paddingrightonly"></span>'.$langs->trans("Delete");
 if (in_array($massaction, array('presend', 'predelete'))) $arrayofmassactions = array();
 $massactionbutton = $form->selectMassAction('', $arrayofmassactions);
--- a/htdocs/webservices/server_invoice.php
+++ b/htdocs/webservices/server_invoice.php
@ -288,7 +288,7 @@ $server->register(
 */
 function getInvoice($authentication, $id = '', $ref = '', $ref_ext = '')
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	dol_syslog("Function: getInvoice login=".$authentication['login']." id=".$id." ref=".$ref." ref_ext=".$ref_ext);
@ -363,7 +363,7 @@ function getInvoice($authentication, $id = '', $ref = '', $ref_ext = '')
 						'note_private' => $invoice->note_private ? $invoice->note_private : '',
 						'note_public' => $invoice->note_public ? $invoice->note_public : '',
 						'status' => $invoice->statut,
-					'project_id' => $invoic->fk_project,
+						'project_id' => $invoice->fk_project,
 						'close_code' => $invoice->close_code ? $invoice->close_code : '',
 						'close_note' => $invoice->close_note ? $invoice->close_note : '',
 						'payment_mode_id' => $invoice->mode_reglement_id ? $invoice->mode_reglement_id : '',
@ -399,7 +399,7 @@ function getInvoice($authentication, $id = '', $ref = '', $ref_ext = '')
 */
 function getInvoicesForThirdParty($authentication, $idthirdparty)
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	dol_syslog("Function: getInvoicesForThirdParty login=".$authentication['login']." idthirdparty=".$idthirdparty);
@ -482,7 +482,7 @@ function getInvoicesForThirdParty($authentication, $idthirdparty)
 						'fk_user_valid' => $invoice->user_valid ? $invoice->user_valid : '',
 						'date' => $invoice->date ?dol_print_date($invoice->date, 'dayrfc') : '',
 						'date_due' => $invoice->date_lim_reglement ?dol_print_date($invoice->date_lim_reglement, 'dayrfc') : '',
-										'date_creation' => $invoice->date_creation ?dol_print_date($invoice->date_creation, 'dayhourrfc') : '',
+						'date_creation' => $invoice->date_creation ?dol_print_date($invoice->date_creation, 'dayhourrfc') : '',
 						'date_validation' => $invoice->date_validation ?dol_print_date($invoice->date_creation, 'dayhourrfc') : '',
 						'date_modification' => $invoice->datem ?dol_print_date($invoice->datem, 'dayhourrfc') : '',
 						'type' => $invoice->type,
@ -492,7 +492,7 @@ function getInvoicesForThirdParty($authentication, $idthirdparty)
 						'note_private' => $invoice->note_private ? $invoice->note_private : '',
 						'note_public' => $invoice->note_public ? $invoice->note_public : '',
 						'status'=> $invoice->statut,
-										'project_id' => $invoic->fk_project,
+						'project_id' => $invoice->fk_project,
 						'close_code' => $invoice->close_code ? $invoice->close_code : '',
 						'close_note' => $invoice->close_note ? $invoice->close_note : '',
 						'payment_mode_id' => $invoice->mode_reglement_id ? $invoice->mode_reglement_id : '',
@ -528,17 +528,16 @@ function getInvoicesForThirdParty($authentication, $idthirdparty)
 * Create an invoice
 *
 * @param	array		$authentication		Array of authentication information
- * @param	Facture		$invoice			Invoice
+ * @param	array		$invoice			Invoice
 * @return	array							Array result
 */
 function createInvoice($authentication, $invoice)
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	$now = dol_now();
-	dol_syslog("Function: createInvoice login=".$authentication['login']." id=".$invoice->id.
+	dol_syslog("Function: createInvoice login=".$authentication['login']." id=".$invoice['id'].", ref=".$invoice['ref'].", ref_ext=".$invoice['ref_ext']);
 			", ref=".$invoice->ref.", ref_ext=".$invoice->ref_ext);
 	if ($authentication['entity']) $conf->entity = $authentication['entity'];
@ -580,22 +579,22 @@ function createInvoice($authentication, $invoice)
 		if (isset($invoice['lines']['line'][0])) $arrayoflines = $invoice['lines']['line'];
 		else $arrayoflines = $invoice['lines'];
-		foreach ($arrayoflines as $key => $line)
+		foreach ($arrayoflines as $line)
 		{
 			// $key can be 'line' or '0','1',...
 			$newline = new FactureLigne($db);
 			$newline->product_type = $line['type'];
 			$newline->desc = $line['desc'];
-			$newline->fk_product = $line['fk_product'];
+			$newline->fk_product = $line['product_id'];
-			$newline->tva_tx = $line['vat_rate'];
+			$newline->tva_tx = isset($line['vat_rate']) ? $line['vat_rate'] : 0;
 			$newline->qty = $line['qty'];
-			$newline->subprice = $line['unitprice'];
+			$newline->subprice = isset($line['unitprice']) ? $line['unitprice'] : null;
 			$newline->total_ht = $line['total_net'];
 			$newline->total_tva = $line['total_vat'];
 			$newline->total_ttc = $line['total'];
 			$newline->date_start = dol_stringtotime($line['date_start']);
 			$newline->date_end = dol_stringtotime($line['date_end']);
-			$newline->fk_product = $line['product_id'];
+
 			$new_invoice->lines[] = $newline;
 		}
 		//var_dump($newobject->date_lim_reglement); exit;
@ -654,10 +653,7 @@ function createInvoiceFromOrder($authentication, $id_order = '', $ref_order = ''
 {
 	global $db, $conf;
-	$now = dol_now();
+	dol_syslog("Function: createInvoiceFromOrder login=".$authentication['login']." id=".$id_order.", ref=".$ref_order.", ref_ext=".$ref_ext_order);
 	dol_syslog("Function: createInvoiceFromOrder login=".$authentication['login']." id=".$id_order.
 			", ref=".$ref_order.", ref_ext=".$ref_ext_order);
 	if ($authentication['entity']) $conf->entity = $authentication['entity'];
--- a/htdocs/webservices/server_order.php
+++ b/htdocs/webservices/server_order.php
@ -354,7 +354,7 @@ $server->register(
 */
 function getOrder($authentication, $id = '', $ref = '', $ref_ext = '')
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	dol_syslog("Function: getOrder login=".$authentication['login']." id=".$id." ref=".$ref." ref_ext=".$ref_ext);
@ -504,7 +504,7 @@ function getOrder($authentication, $id = '', $ref = '', $ref_ext = '')
 */
 function getOrdersForThirdParty($authentication, $idthirdparty)
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	dol_syslog("Function: getOrdersForThirdParty login=".$authentication['login']." idthirdparty=".$idthirdparty);
@ -707,7 +707,7 @@ function createOrder($authentication, $order)
 		$extrafields->fetch_name_optionals_label($elementtype, true);
 		if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label']))
 		{
-			foreach ($extrafields->attributes[$elementtype]['label'] as $key=>$label)
+			foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label)
 			{
 				$key = 'options_'.$key;
 				$newobject->array_options[$key] = $order[$key];
@ -813,7 +813,7 @@ function validOrder($authentication, $id = '', $id_warehouse = 0)
 {
 	global $db, $conf, $langs;
-	dol_syslog("Function: validOrder login=".$authentication['login']." id=".$id." ref=".$ref." ref_ext=".$ref_ext);
+	dol_syslog("Function: validOrder login=".$authentication['login']." id=".$id." id_warehouse=".$id_warehouse);
 	// Init and check authentication
 	$objectresp = array();
@ -830,7 +830,7 @@ function validOrder($authentication, $id = '', $id_warehouse = 0)
 		if ($fuser->rights->commande->lire)
 		{
 			$order = new Commande($db);
-			$result = $order->fetch($id, $ref, $ref_ext);
+			$result = $order->fetch($id);
 			$order->fetch_thirdparty();
 			$db->begin();
@ -889,8 +889,6 @@ function updateOrder($authentication, $order)
 {
 	global $db, $conf, $langs;
 	$now = dol_now();
 	dol_syslog("Function: updateOrder login=".$authentication['login']);
 	if ($authentication['entity']) $conf->entity = $authentication['entity'];
@ -950,7 +948,7 @@ function updateOrder($authentication, $order)
 			$extrafields->fetch_name_optionals_label($elementtype, true);
 			if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label']))
 			{
-				foreach ($extrafields->attributes[$elementtype]['label'] as $key=>$label)
+				foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label)
 				{
 					$key = 'options_'.$key;
 					if (isset($order[$key]))
--- a/htdocs/webservices/server_other.php
+++ b/htdocs/webservices/server_other.php
@ -145,7 +145,7 @@ $server->register(
 */
 function getVersions($authentication)
 {
-	global $db, $conf, $langs;
+	global $conf;
 	dol_syslog("Function: getVersions login=".$authentication['login']);
@ -188,7 +188,7 @@ function getVersions($authentication)
 */
 function getDocument($authentication, $modulepart, $file, $refname = '')
 {
-	global $db, $conf, $langs, $mysoc;
+	global $db, $conf;
 	dol_syslog("Function: getDocument login=".$authentication['login'].' - modulepart='.$modulepart.' - file='.$file);
@ -283,10 +283,7 @@ function getDocument($authentication, $modulepart, $file, $refname = '')
 		{
 			if (file_exists($original_file))
 			{
-				dol_syslog("Function: getDocument $original_file $filename content-type=$type");
+				dol_syslog("Function: getDocument $original_file  content-type=$type");
 				$file = $fileparams['fullname'];
 				$filename = basename($file);
 				$f = fopen($original_file, 'r');
 				$content_file = fread($f, filesize($original_file));
--- a/htdocs/webservices/server_payment.php
+++ b/htdocs/webservices/server_payment.php
@ -45,6 +45,7 @@ $langs->load("main");
 if (empty($conf->global->MAIN_MODULE_WEBSERVICES))
 {
 	   $langs->load("admin");
 	   dol_syslog("Call Dolibarr webservices interfaces with module webservices disabled");
 	   print $langs->trans("WarningModuleNotActive", 'WebServices').'.<br><br>';
 	   print $langs->trans("ToActivateModule");
@ -139,7 +140,7 @@ $server->register(
 */
 function createPayment($authentication, $payment)
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	$now = dol_now();
@ -165,7 +166,7 @@ function createPayment($authentication, $payment)
 	if (!$error)
 	{
 		$soc = new Societe($db);
-		$res = $soc->fetch($payment['thirdparty_id']);
+		$soc->fetch($payment['thirdparty_id']);
 		$new_payment              = new Paiement($db);
 		$new_payment->amount      = doubleval($payment['amount']);
--- a/htdocs/webservices/server_productorservice.php
+++ b/htdocs/webservices/server_productorservice.php
@ -438,7 +438,7 @@ function getProductOrService($authentication, $id = '', $ref = '', $ref_ext = ''
 				if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label']))
 				{
-					foreach ($extrafields->attributes[$elementtype]['label'] as $key=>$label)
+					foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label)
 					{
 						$productorservice_result_fields = array_merge($productorservice_result_fields, array('options_'.$key => $product->array_options['options_'.$key]));
 					}
@ -479,7 +479,7 @@ function getProductOrService($authentication, $id = '', $ref = '', $ref_ext = ''
 */
 function createProductOrService($authentication, $product)
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	$now = dol_now();
@ -493,56 +493,56 @@ function createProductOrService($authentication, $product)
 	$error = 0;
 	$fuser = check_authentication($authentication, $error, $errorcode, $errorlabel);
 	// Check parameters
-	if ($product['price_net'] > 0) $product['price_base_type'] = 'HT';
+	if (empty($product['price_base_type'])) {
-	if ($product['price'] > 0)     $product['price_base_type'] = 'TTC';
+		if (isset($product['price_net']) && $product['price_net'] > 0) $product['price_base_type'] = 'HT';
 		if (isset($product['price']) && $product['price'] > 0)     $product['price_base_type'] = 'TTC';
 	}
-	if ($product['price_net'] > 0 && $product['price'] > 0)
+	if (isset($product['price_net']) && $product['price_net'] > 0 && isset($product['price']) && $product['price'] > 0)
 	{
 		$error++; $errorcode = 'KO'; $errorlabel = "You must choose between price or price_net to provide price.";
 	}
-	if ($product['barcode'] && !$product['barcode_type'])
+	if (!empty($product['barcode']) && empty($product['barcode_type']))
 	{
 		$error++; $errorcode = 'KO'; $errorlabel = "You must set a barcode type when setting a barcode.";
 	}
 	if (!$error)
 	{
 		include_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';
 		$newobject = new Product($db);
 		$newobject->ref = $product['ref'];
-		$newobject->ref_ext = $product['ref_ext'];
+		$newobject->ref_ext = empty($product['ref_ext']) ? '' : $product['ref_ext'];
-		$newobject->type = $product['type'];
+		$newobject->type = empty($product['type']) ? 0 : $product['type'];
-		$newobject->label = $product['label'];
+		$newobject->label = empty($product['label']) ? '' : $product['label'];
-		$newobject->description = $product['description'];
+		$newobject->description = empty($product['description']) ? '' : $product['description'];
-		$newobject->note_public = $product['note_public'];
+		$newobject->note_public = empty($product['note_public']) ? '' : $product['note_public'];
-		$newobject->note_private = $product['note_private'];
+		$newobject->note_private = empty($product['note_private']) ? '' :$product['note_private'];
-		$newobject->status = $product['status_tosell'];
+		$newobject->status = empty($product['status_tosell']) ? 0 : $product['status_tosell'];
-		$newobject->status_buy = $product['status_tobuy'];
+		$newobject->status_buy = empty($product['status_tobuy']) ? 0 : $product['status_tobuy'];
-		$newobject->price = $product['price_net'];
+		$newobject->price = isset($product['price_net']) ? $product['price_net'] : 0;
-		$newobject->price_ttc = $product['price'];
+		$newobject->price_ttc = isset($product['price']) ? $product['price'] : 0;
-		$newobject->tva_tx = $product['vat_rate'];
+		$newobject->tva_tx = empty($product['vat_rate']) ? 0 : $product['vat_rate'];
 		$newobject->price_base_type = $product['price_base_type'];
 		$newobject->date_creation = $now;
-		if ($product['barcode'])
+		if (!empty($product['barcode']))
 		{
 			$newobject->barcode = $product['barcode'];
 			$newobject->barcode_type = $product['barcode_type'];
 		}
-		$newobject->stock_reel = $product['stock_real'];
+		$newobject->stock_reel = isset($product['stock_real']) ? $product['stock_real'] : null;
-		$newobject->pmp = $product['pmp'];
+		$newobject->pmp = isset($product['pmp']) ? $product['pmp'] : null;
-		$newobject->seuil_stock_alert = $product['stock_alert'];
+		$newobject->seuil_stock_alert = isset($product['stock_alert']) ? $product['stock_alert'] : null;
-		$newobject->country_id = $product['country_id'];
+		$newobject->country_id = isset($product['country_id']) ? $product['country_id'] : 0;
-		if ($product['country_code']) $newobject->country_id = getCountry($product['country_code'], 3);
+		if (!empty($product['country_code'])) $newobject->country_id = getCountry($product['country_code'], 3);
-		$newobject->customcode = $product['customcode'];
+		$newobject->customcode = isset($product['customcode']) ? $product['customcode'] : '';
-		$newobject->canvas = $product['canvas'];
+		$newobject->canvas = isset($product['canvas']) ? $product['canvas'] : '';
 		/*foreach($product['lines'] as $line)
        {
            $newline=new FactureLigne($db);
@ -565,7 +565,7 @@ function createProductOrService($authentication, $product)
 		$extrafields->fetch_name_optionals_label($elementtype, true);
 		if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label']))
 		{
-			foreach ($extrafields->attributes[$elementtype]['label'] as $key=>$label)
+			foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label)
 			{
 				$key = 'options_'.$key;
 				$newobject->array_options[$key] = $product[$key];
@ -650,7 +650,7 @@ function createProductOrService($authentication, $product)
 */
 function updateProductOrService($authentication, $product)
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	$now = dol_now();
@ -721,7 +721,7 @@ function updateProductOrService($authentication, $product)
 		$extrafields->fetch_name_optionals_label($elementtype, true);
 		if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label']))
 		{
-			foreach ($extrafields->attributes[$elementtype]['label'] as $key=>$label)
+			foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label)
 			{
 				$key = 'options_'.$key;
 				$newobject->array_options[$key] = $product[$key];
@ -824,7 +824,7 @@ function updateProductOrService($authentication, $product)
 */
 function deleteProductOrService($authentication, $listofidstring)
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	dol_syslog("Function: deleteProductOrService login=".$authentication['login']);
@ -855,7 +855,7 @@ function deleteProductOrService($authentication, $listofidstring)
 		$db->begin();
-		foreach ($listofid as $key => $id)
+		foreach ($listofid as $id)
 		{
 			$newobject = new Product($db);
 			$result = $newobject->fetch($id);
@ -917,7 +917,7 @@ function deleteProductOrService($authentication, $listofidstring)
 */
 function getListOfProductsOrServices($authentication, $filterproduct)
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	dol_syslog("Function: getListOfProductsOrServices login=".$authentication['login']);
@ -1092,7 +1092,7 @@ function getProductsForCategory($authentication, $id, $lang = '')
 							if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label']))
 							{
-								foreach ($extrafields->attributes[$elementtype]['label'] as $key=>$label)
+								foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label)
 								{
 									$products[$iProduct] = array_merge($products[$iProduct], array('options_'.$key => $tmpproduct->array_options['options_'.$key]));
 								}
--- a/htdocs/webservices/server_project.php
+++ b/htdocs/webservices/server_project.php
@ -131,7 +131,7 @@ $server->wsdl->addComplexType(
 );
 $project_elements = array();
-foreach ($listofreferent as $key => $_)
+foreach ($listofreferent as $key => $label)
 {
 	$project_elements[$key] = array('name'=>$key, 'type'=>'tns:elementsArray');
 }
@ -279,7 +279,7 @@ function createProject($authentication, $project)
 			$extrafields->fetch_name_optionals_label($elementtype, true);
 			if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label']))
 			{
-				foreach ($extrafields->attributes[$elementtype]['label'] as $key=>$label)
+				foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label)
 				{
 					$key = 'options_'.$key;
 					$newobject->array_options[$key] = $project[$key];
@ -338,7 +338,7 @@ function createProject($authentication, $project)
 */
 function getProject($authentication, $id = '', $ref = '')
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	dol_syslog("Function: getProject login=".$authentication['login']." id=".$id." ref=".$ref);
@ -389,7 +389,7 @@ function getProject($authentication, $id = '', $ref = '')
 				if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label']))
 				{
 					$project->fetch_optionals();
-					foreach ($extrafields->attributes[$elementtype]['label'] as $key=>$label)
+					foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label)
 					{
 						$project_result_fields = array_merge($project_result_fields, array('options_'.$key => $project->array_options['options_'.$key]));
 					}
--- a/htdocs/webservices/server_supplier_invoice.php
+++ b/htdocs/webservices/server_supplier_invoice.php
@ -225,7 +225,7 @@ $server->register(
 */
 function getSupplierInvoice($authentication, $id = '', $ref = '', $ref_ext = '')
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	dol_syslog("Function: getSupplierInvoice login=".$authentication['login']." id=".$id." ref=".$ref." ref_ext=".$ref_ext);
@ -333,7 +333,7 @@ function getSupplierInvoice($authentication, $id = '', $ref = '', $ref_ext = '')
 */
 function getSupplierInvoicesForThirdParty($authentication, $idthirdparty)
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	dol_syslog("Function: getSupplierInvoicesForThirdParty login=".$authentication['login']." idthirdparty=".$idthirdparty);
@ -344,6 +344,7 @@ function getSupplierInvoicesForThirdParty($authentication, $idthirdparty)
 	$errorcode = ''; $errorlabel = '';
 	$error = 0;
 	$fuser = check_authentication($authentication, $error, $errorcode, $errorlabel);
 	// Check parameters
 	if (!$error && empty($idthirdparty))
 	{
--- a/htdocs/webservices/server_thirdparty.php
+++ b/htdocs/webservices/server_thirdparty.php
@ -132,7 +132,7 @@ if (is_array($extrafields) && count($extrafields) > 0) {
 }
 if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label']))
 {
-	foreach ($extrafields->attributes[$elementtype]['label'] as $key=>$label)
+	foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label)
 	{
 		//$value=$object->array_options["options_".$key];
 		$type = $extrafields->attributes[$elementtype]['type'][$key];
@ -290,7 +290,7 @@ $server->register(
 */
 function getThirdParty($authentication, $id = '', $ref = '', $ref_ext = '')
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	dol_syslog("Function: getThirdParty login=".$authentication['login']." id=".$id." ref=".$ref." ref_ext=".$ref_ext);
@ -367,7 +367,7 @@ function getThirdParty($authentication, $id = '', $ref = '', $ref_ext = '')
 				if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label']))
 				{
-					foreach ($extrafields->attributes[$elementtype]['label'] as $key=>$label)
+					foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label)
 					{
 						$thirdparty_result_fields = array_merge($thirdparty_result_fields, array('options_'.$key => $thirdparty->array_options['options_'.$key]));
 					}
@ -408,7 +408,7 @@ function getThirdParty($authentication, $id = '', $ref = '', $ref_ext = '')
 */
 function createThirdParty($authentication, $thirdparty)
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	$now = dol_now();
@ -483,7 +483,7 @@ function createThirdParty($authentication, $thirdparty)
 		$extrafields->fetch_name_optionals_label($elementtype, true);
 		if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label']))
 		{
-			foreach ($extrafields->attributes[$elementtype]['label'] as $key=>$label)
+			foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label)
 			{
 				$key = 'options_'.$key;
 				$newobject->array_options[$key] = $thirdparty[$key];
@ -538,7 +538,7 @@ function createThirdParty($authentication, $thirdparty)
 */
 function updateThirdParty($authentication, $thirdparty)
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	$now = dol_now();
@ -617,7 +617,7 @@ function updateThirdParty($authentication, $thirdparty)
 			$extrafields->fetch_name_optionals_label($elementtype, true);
 			if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label']))
 			{
-				foreach ($extrafields->attributes[$elementtype]['label'] as $key=>$label)
+				foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label)
 				{
 					$key = 'options_'.$key;
 					$object->array_options[$key] = $thirdparty[$key];
@ -672,9 +672,7 @@ function updateThirdParty($authentication, $thirdparty)
 */
 function getListOfThirdParties($authentication, $filterthirdparty)
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	$now = dol_now();
 	dol_syslog("Function: getListOfThirdParties login=".$authentication['login']);
@ -725,7 +723,7 @@ function getListOfThirdParties($authentication, $filterthirdparty)
 				if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label']))
 				{
-					foreach ($extrafields->attributes[$elementtype]['label'] as $key=>$label)
+					foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label)
 					{
 						$extrafieldsOptions['options_'.$key] = $obj->{$key};
 					}
@ -782,7 +780,7 @@ function getListOfThirdParties($authentication, $filterthirdparty)
 */
 function deleteThirdParty($authentication, $id = '', $ref = '', $ref_ext = '')
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	dol_syslog("Function: deleteThirdParty login=".$authentication['login']." id=".$id." ref=".$ref." ref_ext=".$ref_ext);
--- a/htdocs/webservices/server_user.php
+++ b/htdocs/webservices/server_user.php
@ -195,7 +195,7 @@ if (is_array($extrafields) && count($extrafields) > 0) {
 }
 if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label']))
 {
-	foreach ($extrafields->attributes[$elementtype]['label'] as $key=>$label)
+	foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label)
 	{
 		$type = $extrafields->attributes[$elementtype]['type'][$key];
 		if ($type == 'date' || $type == 'datetime') {$type = 'xsd:dateTime'; }
@ -308,7 +308,7 @@ $server->register(
 */
 function getUser($authentication, $id, $ref = '', $ref_ext = '')
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	dol_syslog("Function: getUser login=".$authentication['login']." id=".$id." ref=".$ref." ref_ext=".$ref_ext);
@ -399,9 +399,7 @@ function getUser($authentication, $id, $ref = '', $ref_ext = '')
 */
 function getListOfGroups($authentication)
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
 	$now = dol_now();
 	dol_syslog("Function: getListOfGroups login=".$authentication['login']);
@ -477,7 +475,7 @@ function createUserFromThirdparty($authentication, $thirdpartywithuser)
 {
 	global $db, $conf, $langs;
-	dol_syslog("Function: createUserFromThirdparty login=".$authentication['login']." id=".$id." ref=".$ref." ref_ext=".$ref_ext);
+	dol_syslog("Function: createUserFromThirdparty login=".$authentication['login']);
 	if ($authentication['entity']) $conf->entity = $authentication['entity'];
@ -601,7 +599,7 @@ function createUserFromThirdparty($authentication, $thirdpartywithuser)
 						$extrafields->fetch_name_optionals_label($elementtype, true);
 						if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label']))
 						{
-							foreach ($extrafields->attributes[$elementtype]['label'] as $key=>$label)
+							foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label)
 							{
 								$key = 'contact_options_'.$key;
 								$key = substr($key, 8); // Remove 'contact_' prefix
@ -644,7 +642,7 @@ function createUserFromThirdparty($authentication, $thirdpartywithuser)
 						}
 					} else {
 						$error++;
-						$errors = ($thirdparty->error ? array($thirdparty->error) : $thirdparty->errors);
+						$errorcode = join(', ', ($thirdparty->error ? array($thirdparty->error) : $thirdparty->errors));
 					}
 				}
 			} else {
@ -662,7 +660,7 @@ function createUserFromThirdparty($authentication, $thirdpartywithuser)
 	{
 		$db->rollback();
 		$objectresp = array(
-		'result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel)
+			'result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel)
 		);
 	}
@ -680,9 +678,9 @@ function createUserFromThirdparty($authentication, $thirdpartywithuser)
 function setUserPassword($authentication, $shortuser)
 {
-	global $db, $conf, $langs;
+	global $db, $conf;
-	dol_syslog("Function: setUserPassword login=".$authentication['login']." id=".$id." ref=".$ref." ref_ext=".$ref_ext);
+	dol_syslog("Function: setUserPassword login=".$authentication['login']);
 	if ($authentication['entity']) $conf->entity = $authentication['entity'];
@ -715,7 +713,6 @@ function setUserPassword($authentication, $shortuser)
 				{
 					$objectresp = array(
 						'result'=>array('result_code' => 'OK', 'result_label' => ''),
 						'groups'=>$arraygroups
 					);
 				}
 				else {
--- a/test/phpunit/WebservicesInvoicesTest.php
+++ b/test/phpunit/WebservicesInvoicesTest.php
@ -102,6 +102,8 @@ class WebservicesInvoicesTest extends PHPUnit\Framework\TestCase
    {
        global $conf,$user,$langs,$db;
        $now = dol_now();
 		// create a third_party, needed to create an invoice
 		//
 		// The third party is created in setUpBeforeClass() and not in the
--- a/test/phpunit/WebservicesProductsTest.php
+++ b/test/phpunit/WebservicesProductsTest.php
@ -182,7 +182,10 @@ class WebservicesProductsTest extends PHPUnit\Framework\TestCase
                'type'=>1,
                'description'=>'This is a new product created from WS PHPUnit test case',
                'barcode'=>'123456789012',
-                'barcode_type'=>2
+                'barcode_type'=>2,
            	'price_net'=>10,
            	'status_tosell'=>1,
            	'status_tobuy'=>1
            )
        );
        print __METHOD__." call method ".$WS_METHOD."\n";
@ -201,7 +204,7 @@ class WebservicesProductsTest extends PHPUnit\Framework\TestCase
            print $soapclient->response;
            print "\n";
        }
-
+        print var_export($result, true);
        print __METHOD__." count(result)=".(is_array($result) ? count($result) : '')."\n";
        $this->assertEquals('OK', $result['result']['result_code']);