diff --git a/ChangeLog b/ChangeLog
index 9b985647586..8c04eaf7a42 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -14,11 +14,13 @@ Following changes may create regressions for some external modules, but were nec
 
 ***** ChangeLog for 7.0.0 compared to 6.0.5 *****
 For users:
+NEW: Add a preview icon after files that can be previewed (pdf + images)
 NEW: When payment is registered, PDF of invoices are also regenerated so payments
      appears with no need to click on regenerate.
 NEW: #5711 Add shipment line deleting and editing for draft shipments.
+NEW: Accept substitution key __(ABC)__ replaced with value of translation of key ABC
 NEW: Accept substitution key __[ABC]__ replaced with value of const ABC
-NEW: Accountancy Add variant on sell account for intracommunity sales & export sales
+NEW: Accountancy Add fields for sale accounting account for intracommunity sales & export sales
 NEW: Add a button "Activate all services" on contracts
 NEW: Add a confirmation for all mass action 'delete'
 NEW: Add a group task line for tasks on same level on gantt diagram
@@ -583,7 +585,9 @@ Following changes may create regression for some external modules, but were nece
   exists, but if an external module need action on it, it must provides itself its trigger file.
 * Use $conf->global->MULTICOMPANY_TRANSVERSE_MODE instead $conf->multicompany->transverse_mode. So, if you set var
   $multicompany_transverse_mode to 1 into your conf file, you must remove this line and a new key into 
-  the Home - setup - other admin page. 
+  the Home - setup - other admin page.
+* If you use Multicompany transverse mode, it will be necessary to check the activation of the modules in the children
+  entities and to review completely the rights of the groups and the users.
 * Use getEntity('xxx') instead getEntity('xxx', 1) and use getEntity('xxx', 0) instead getEntity('xxx')
 * Some other change were done in the way we read permission of a user when module multicompany is enabled. You can 
   retreive the old behavior by adding constant MULTICOMPANY_BACKWARD_COMPATIBILITY to 1.
diff --git a/htdocs/adherents/type.php b/htdocs/adherents/type.php
index eb44809178f..cc9fd872062 100644
--- a/htdocs/adherents/type.php
+++ b/htdocs/adherents/type.php
@@ -107,7 +107,7 @@ if ($action == 'add' && $user->rights->adherent->configurer)
 	$object->subscription	= (int) trim($subscription);
 	$object->note			= trim($comment);
 	$object->mail_valid		= trim($mail_valid);
-	$object->vote			= trim($vote);
+	$object->vote			= (boolean) trim($vote);
 
 	// Fill array 'array_options' with data from add form
 	$ret = $extrafields->setOptionalsFromPost($extralabels,$object);
@@ -160,7 +160,7 @@ if ($action == 'update' && $user->rights->adherent->configurer)
 	$object->subscription	= (int) trim($subscription);
 	$object->note			= trim($comment);
 	$object->mail_valid		= trim($mail_valid);
-	$object->vote			= trim($vote);
+	$object->vote			= (boolean) trim($vote);
 
 	// Fill array 'array_options' with data from add form
 	$ret = $extrafields->setOptionalsFromPost($extralabels,$object);
diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php
index 8bd9f7ffa98..54e3cf36c45 100644
--- a/htdocs/comm/propal/card.php
+++ b/htdocs/comm/propal/card.php
@@ -104,8 +104,11 @@ if ($id > 0 || ! empty($ref)) {
 	$ret = $object->fetch($id, $ref);
 	if ($ret > 0)
 		$ret = $object->fetch_thirdparty();
-	if ($ret < 0)
-		dol_print_error('', $object->error);
+	if ($ret <= 0)
+	{
+		setEventMessages($object->error, $object->errors, 'errors');
+		$action = '';
+	}
 }
 
 // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
@@ -1711,7 +1714,7 @@ if ($action == 'create')
 		print '</table>';
 	}
 
-} else {
+} elseif ($object->id > 0) {
 	/*
 	 * Show object in view mode
 	 */
@@ -1818,7 +1821,6 @@ if ($action == 'create')
 
 	$linkback = '<a href="' . DOL_URL_ROOT . '/comm/propal/list.php?restore_lastsearch_values=1' . (! empty($socid) ? '&socid=' . $socid : '') . '">' . $langs->trans("BackToList") . '</a>';
 
-
 	$morehtmlref='<div class="refidno">';
 	// Ref customer
 	$morehtmlref.=$form->editfieldkey("RefCustomer", 'ref_client', $object->ref_client, $object, $user->rights->propal->creer, 'string', '', 0, 1);
diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php
index 35ab14454ef..12d6fa10769 100644
--- a/htdocs/compta/facture/class/facture.class.php
+++ b/htdocs/compta/facture/class/facture.class.php
@@ -3004,6 +3004,9 @@ class Facture extends CommonInvoice
 		$line->total_ttc = $tabprice[2];
 		$line->total_localtax1 = $tabprice[9];
 		$line->total_localtax2 = $tabprice[10];
+		$line->multicurrency_total_ht  = $tabprice[16];
+		$line->multicurrency_total_tva = $tabprice[17];
+		$line->multicurrency_total_ttc = $tabprice[18];
 		$line->update($user);
 		$this->update_price(1);
 		$this->db->commit();
diff --git a/htdocs/compta/sociales/class/chargesociales.class.php b/htdocs/compta/sociales/class/chargesociales.class.php
index 61728562d2e..2d75584cbda 100644
--- a/htdocs/compta/sociales/class/chargesociales.class.php
+++ b/htdocs/compta/sociales/class/chargesociales.class.php
@@ -156,6 +156,7 @@ class ChargeSociales extends CommonObject
     function create($user)
     {
     	global $conf;
+		$error=0;
 
         $now=dol_now();
 
@@ -191,8 +192,17 @@ class ChargeSociales extends CommonObject
             $this->id=$this->db->last_insert_id(MAIN_DB_PREFIX."chargesociales");
 
             //dol_syslog("ChargesSociales::create this->id=".$this->id);
-            $this->db->commit();
-            return $this->id;
+			$result=$this->call_trigger('PAYMENTSOCIALCONTRIBUTION_CREATE',$user);
+			if ($result < 0) $error++;
+
+			if(empty($error)) {
+				$this->db->commit();
+				return $this->id;
+			}
+			else {
+				$this->db->rollback();
+				return -1*$error;
+			}
         }
         else
         {
diff --git a/htdocs/compta/tva/class/tva.class.php b/htdocs/compta/tva/class/tva.class.php
index d575d1a97b9..c9db79e6202 100644
--- a/htdocs/compta/tva/class/tva.class.php
+++ b/htdocs/compta/tva/class/tva.class.php
@@ -670,6 +670,9 @@ class Tva extends CommonObject
         $linkclose='';
         if (empty($notooltip))
         {
+
+
+            
         	if (! empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER))
         	{
         		$label=$langs->trans("ShowMyObject");
diff --git a/htdocs/contrat/card.php b/htdocs/contrat/card.php
index 92290ee0656..c2b6e03ee5b 100644
--- a/htdocs/contrat/card.php
+++ b/htdocs/contrat/card.php
@@ -1561,7 +1561,7 @@ else
 
 				if ($action != 'editline' || GETPOST('rowid') != $objp->rowid)
 				{
-					print '<tr '.$bcnd[$var].' valign="top">';
+					print '<tr '.$bcnd[$var].' class="tdtop">';
 					// Label
 					if ($objp->fk_product > 0)
 					{
@@ -1571,12 +1571,10 @@ else
 						$productstatic->ref=$objp->pref;
 						$productstatic->entity=$objp->pentity;
 						$productstatic->label=$objp->plabel;
-						$text = $productstatic->getNomUrl(1,'',20);
+						$text = $productstatic->getNomUrl(1,'',32);
 						if ($objp->plabel)
 						{
 							$text .= ' - ';
-							//$productstatic->ref=$objp->label;
-							//$text .= $productstatic->getNomUrl(0,'',16);
 							$text .= $objp->plabel;
 						}
 						$description = $objp->description;
@@ -1713,8 +1711,8 @@ else
 						$productstatic->type=$objp->ptype;
 						$productstatic->ref=$objp->pref;
 						$productstatic->entity=$objp->pentity;
-						print $productstatic->getNomUrl(1,'',20);
-						print $objp->label?' - '.dol_trunc($objp->label,16):'';
+						print $productstatic->getNomUrl(1,'',32);
+						print $objp->label?' - '.dol_trunc($objp->label,32):'';
 						print '<br>';
 					}
 					else
@@ -1822,7 +1820,7 @@ else
 				'text' => $langs->trans("ConfirmMoveToAnotherContractQuestion"),
 				array('type' => 'select', 'name' => 'newcid', 'values' => $arraycontractid));
 
-				$form->form_confirm($_SERVER["PHP_SELF"]."?id=".$object->id."&lineid=".GETPOST('rowid'),$langs->trans("MoveToAnotherContract"),$langs->trans("ConfirmMoveToAnotherContract"),"confirm_move",$formquestion);
+				print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$object->id."&lineid=".GETPOST('rowid'),$langs->trans("MoveToAnotherContract"),$langs->trans("ConfirmMoveToAnotherContract"),"confirm_move",$formquestion);
 				print '<table class="notopnoleftnoright" width="100%"><tr class="oddeven" height="6"><td></td></tr></table>';
 			}
 
@@ -1834,7 +1832,7 @@ else
 				$dateactstart = dol_mktime(12, 0, 0, GETPOST('remonth'), GETPOST('reday'), GETPOST('reyear'));
 				$dateactend   = dol_mktime(12, 0, 0, GETPOST('endmonth'), GETPOST('endday'), GETPOST('endyear'));
 				$comment      = GETPOST('comment','alpha');
-				$form->form_confirm($_SERVER["PHP_SELF"]."?id=".$object->id."&ligne=".GETPOST('ligne')."&date=".$dateactstart."&dateend=".$dateactend."&comment=".urlencode($comment),$langs->trans("ActivateService"),$langs->trans("ConfirmActivateService",dol_print_date($dateactstart,"%A %d %B %Y")),"confirm_active", '', 0, 1);
+				print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$object->id."&ligne=".GETPOST('ligne')."&date=".$dateactstart."&dateend=".$dateactend."&comment=".urlencode($comment),$langs->trans("ActivateService"),$langs->trans("ConfirmActivateService",dol_print_date($dateactstart,"%A %d %B %Y")),"confirm_active", '', 0, 1);
 				print '<table class="notopnoleftnoright" width="100%"><tr class="oddeven" height="6"><td></td></tr></table>';
 			}
 
@@ -1853,7 +1851,7 @@ else
 				}
 				else
 				{
-					$form->form_confirm($_SERVER["PHP_SELF"]."?id=".$object->id."&ligne=".GETPOST('ligne','int')."&date=".$dateactstart."&dateend=".$dateactend."&comment=".urlencode($comment), $langs->trans("CloseService"), $langs->trans("ConfirmCloseService",dol_print_date($dateactend,"%A %d %B %Y")), "confirm_closeline", '', 0, 1);
+					print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$object->id."&ligne=".GETPOST('ligne','int')."&date=".$dateactstart."&dateend=".$dateactend."&comment=".urlencode($comment), $langs->trans("CloseService"), $langs->trans("ConfirmCloseService",dol_print_date($dateactend,"%A %d %B %Y")), "confirm_closeline", '', 0, 1);
 				}
 				print '<table class="notopnoleftnoright" width="100%"><tr class="oddeven" height="6"><td></td></tr></table>';
 			}
diff --git a/htdocs/contrat/services_list.php b/htdocs/contrat/services_list.php
index 5bede6be358..108fb6d4403 100644
--- a/htdocs/contrat/services_list.php
+++ b/htdocs/contrat/services_list.php
@@ -75,7 +75,7 @@ $opclotureyear=GETPOST('opclotureyear');
 $filter_opcloture=GETPOST('filter_opcloture');
 
 // Initialize context for list
-$contextpage=GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'servicelist'.$mode;
+$contextpage=GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'contractservicelist'.$mode;
 
 // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
 $hookmanager->initHooks(array($contextpage));
@@ -483,7 +483,6 @@ if (! empty($arrayfields['cd.date_cloture']['checked']))
 	print '</td>';
 }
 // Extra fields
-// Extra fields
 include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_input.tpl.php';
 
 // Fields from hook
diff --git a/htdocs/contrat/tpl/linkedobjectblock.tpl.php b/htdocs/contrat/tpl/linkedobjectblock.tpl.php
index e0b76ba689b..a44f20679b8 100644
--- a/htdocs/contrat/tpl/linkedobjectblock.tpl.php
+++ b/htdocs/contrat/tpl/linkedobjectblock.tpl.php
@@ -1,5 +1,6 @@
 <?php
 /* Copyright (C) 2010-2011 Regis Houssin <regis.houssin@capnetworks.com>
+ * Copyright (C) 2018      Juanjo Menent <jmenent@2byte.es>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -50,10 +51,22 @@ foreach($linkedObjectBlock as $key => $objectlink)
     <td><?php echo $objectlink->getNomUrl(1); ?></td>
     <td></td>
 	<td align="center"><?php echo dol_print_date($objectlink->date_contrat,'day'); ?></td>
-	<td align="right"><?php // var_dump($objectlink->total_ttc); ?></td>
+    <td align="right"><?php
+		// Price of contract is not shown by default because a contract is a list of service with 
+		// start and end date that change with time andd that may be different that the period of reference for price.
+		// So price of a contract does often means nothing. Prices is on the different invoices done on same contract.
+		if ($user->rights->contrat->lire && empty($conf->global->CONTRACT_SHOW_TOTAL_OF_PRODUCT_AS_PRICE)) 
+		{
+			$totalcontrat = 0;
+			foreach ($objectlink->lines as $linecontrat) {
+				$totalcontrat = $totalcontrat + $linecontrat->total_ht;
+			    $total = $total + $linecontrat->total_ht;
+			}
+			echo price($totalcontrat);
+		} ?></td>
 	<td align="right"><?php echo $objectlink->getLibStatut(7); ?></td>
 	<td align="right"><a href="<?php echo $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=dellink&dellinkid='.$key; ?>"><?php echo img_delete($langs->transnoentitiesnoconv("RemoveLink")); ?></a></td>
 </tr>
 <?php } ?>
 
-<!-- END PHP TEMPLATE -->
\ No newline at end of file
+<!-- END PHP TEMPLATE -->
diff --git a/htdocs/core/actions_linkedfiles.inc.php b/htdocs/core/actions_linkedfiles.inc.php
index 0e0c444af33..7f938ba9b6c 100644
--- a/htdocs/core/actions_linkedfiles.inc.php
+++ b/htdocs/core/actions_linkedfiles.inc.php
@@ -182,37 +182,70 @@ elseif ($action == 'renamefile' && GETPOST('renamefilesave','alpha'))
         $filenamefrom=dol_sanitizeFileName(GETPOST('renamefilefrom','alpha'), '_', 0);	// Do not remove accents
         $filenameto=dol_sanitizeFileName(GETPOST('renamefileto','alpha'), '_', 0);		// Do not remove accents
 
-        // Security:
-        // Disallow file with some extensions. We rename them.
-        // Because if we put the documents directory into a directory inside web root (very bad), this allows to execute on demand arbitrary code.
-        if (preg_match('/\.htm|\.html|\.php|\.pl|\.cgi$/i',$filenameto) && empty($conf->global->MAIN_DOCUMENT_IS_OUTSIDE_WEBROOT_SO_NOEXE_NOT_REQUIRED))
+        if ($filenamefrom != $filenameto)
         {
-            $filenameto.= '.noexe';
-        }
+	        // Security:
+	        // Disallow file with some extensions. We rename them.
+	        // Because if we put the documents directory into a directory inside web root (very bad), this allows to execute on demand arbitrary code.
+	        if (preg_match('/\.htm|\.html|\.php|\.pl|\.cgi$/i',$filenameto) && empty($conf->global->MAIN_DOCUMENT_IS_OUTSIDE_WEBROOT_SO_NOEXE_NOT_REQUIRED))
+	        {
+	            $filenameto.= '.noexe';
+	        }
 
-        if ($filenamefrom && $filenameto)
-        {
-            $srcpath = $upload_dir.'/'.$filenamefrom;
-            $destpath = $upload_dir.'/'.$filenameto;
+	        if ($filenamefrom && $filenameto)
+	        {
+	            $srcpath = $upload_dir.'/'.$filenamefrom;
+	            $destpath = $upload_dir.'/'.$filenameto;
 
-            $result = dol_move($srcpath, $destpath);
-            if ($result)
-            {
-            	if ($object->id)
-            	{
-                	$object->addThumbs($destpath);
-            	}
+	            $result = dol_move($srcpath, $destpath);
+	            if ($result)
+	            {
+	            	if ($object->id)
+	            	{
+	                	$object->addThumbs($destpath);
+	            	}
 
-                // TODO Add revert function of addThumbs to remove for old name
-                //$object->delThumbs($srcpath);
+	                // TODO Add revert function of addThumbs to remove for old name
+	                //$object->delThumbs($srcpath);
 
-                setEventMessages($langs->trans("FileRenamed"), null);
-            }
-            else
-            {
-                $langs->load("errors"); // key must be loaded because we can't rely on loading during output, we need var substitution to be done now.
-                setEventMessages($langs->trans("ErrorFailToRenameFile", $filenamefrom, $filenameto), null, 'errors');
-            }
+	                setEventMessages($langs->trans("FileRenamed"), null);
+	            }
+	            else
+	            {
+	                $langs->load("errors"); // key must be loaded because we can't rely on loading during output, we need var substitution to be done now.
+	                setEventMessages($langs->trans("ErrorFailToRenameFile", $filenamefrom, $filenameto), null, 'errors');
+	            }
+	        }
         }
     }
+
+    // Update properties in ECM table
+    if (GETPOST('ecmfileid', 'int') > 0)
+    {
+    	$shareenabled = GETPOST('shareenabled', 'alpha');
+
+    	include_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmfiles.class.php';
+	    $ecmfile=new EcmFiles($db);
+	    $result = $ecmfile->fetch(GETPOST('ecmfileid', 'int'));
+	    if ($result > 0)
+	    {
+	    	if ($shareenabled)
+		    {
+		    	if (empty($ecmfile->share))
+		    	{
+		    		require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
+		    		$ecmfile->share = getRandomPassword(true);
+		    	}
+		    }
+		    else
+		    {
+		    	$ecmfile->share = '';
+		    }
+		    $result = $ecmfile->update($user);
+		    if ($result < 0)
+		    {
+		    	setEventMessages($ecmfile->error, $ecmfile->errors, 'warnings');
+		    }
+	    }
+    }
 }
diff --git a/htdocs/core/class/commondocgenerator.class.php b/htdocs/core/class/commondocgenerator.class.php
index 015173f1f05..aeca3d5a102 100644
--- a/htdocs/core/class/commondocgenerator.class.php
+++ b/htdocs/core/class/commondocgenerator.class.php
@@ -425,7 +425,7 @@ abstract class CommonDocGenerator
 			{
 				$object->fetch_projet();
 			}
-			
+
 			$resarray[$array_key.'_project_ref'] = $object->project->ref;
 			$resarray[$array_key.'_project_title'] = $object->project->title;
 			$resarray[$array_key.'_project_description'] = $object->project->description;
@@ -510,7 +510,7 @@ abstract class CommonDocGenerator
 		    'line_multicurrency_total_tva_locale' => price($line->multicurrency_total_tva, 0, $outputlangs),
 		    'line_multicurrency_total_ttc_locale' => price($line->multicurrency_total_ttc, 0, $outputlangs),
 		);
-		
+
 		    // Units
 		if ($conf->global->PRODUCT_USE_UNITS)
 		{
@@ -527,16 +527,16 @@ abstract class CommonDocGenerator
 		$line->fetch_optionals($line->rowid,$extralabels);
 
 		$resarray = $this->fill_substitutionarray_with_extrafields($line,$resarray,$extrafields,$array_key=$array_key,$outputlangs);
-	
+
 		// Load product data optional fields to the line -> enables to use "line_options_{extrafield}"
-		if (isset($line->product_ref))
+		if (isset($line->fk_product) && $line->fk_product > 0)
 		{
-			$product = new Product($this->db);
-			$result = $product->fetch(null, $line->product_ref);
-			foreach($product->array_options as $key=>$label)
+			$tmpproduct = new Product($this->db);
+			$result = $tmpproduct->fetch($line->fk_product);
+			foreach($tmpproduct->array_options as $key=>$label)
 				$resarray["line_".$key] = $label;
-		}		
-		
+		}
+
 		return $resarray;
 	}
 
diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php
index 69002d9ae93..0dd9a245136 100644
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -3496,7 +3496,7 @@ abstract class CommonObject
 
 	/**
 	 *  Return if a country is inside the EEC (European Economic Community)
-	 *  @deprecated
+	 *  @deprecated	Use function isInEEC function instead
 	 *
 	 *  @return     boolean		true = country inside EEC, false = country outside EEC
 	 */
diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php
index cbd2eb5c3b3..4e8f67d6552 100644
--- a/htdocs/core/class/html.form.class.php
+++ b/htdocs/core/class/html.form.class.php
@@ -646,9 +646,10 @@ class Form
 	 *  @param	integer	$maxlength		Max length for labels (0=no limit)
 	 *  @param	string	$morecss		More css class
 	 *  @param	string	$usecodeaskey	'code3'=Use code on 3 alpha as key, 'code2"=Use code on 2 alpha as key
+	 *  @param	int		$showempty		Show empty choice
 	 *  @return string           		HTML string with select
 	 */
-	function select_country($selected='',$htmlname='country_id',$htmloption='',$maxlength=0,$morecss='minwidth300',$usecodeaskey='')
+	function select_country($selected='', $htmlname='country_id', $htmloption='', $maxlength=0, $morecss='minwidth300', $usecodeaskey='', $showempty=1)
 	{
 		global $conf,$langs;
 
@@ -693,20 +694,22 @@ class Form
 
 				foreach ($countryArray as $row)
 				{
+					if (empty($showempty) && empty($row['rowid'])) continue;
+
 					if ($row['favorite'] && $row['code_iso']) $atleastonefavorite++;
 					if (empty($row['favorite']) && $atleastonefavorite)
 					{
 						$atleastonefavorite=0;
-						$out.= '<option a value="" disabled class="selectoptiondisabledwhite">----------------------</option>';
+						$out.= '<option value="" disabled class="selectoptiondisabledwhite">----------------------</option>';
 					}
 					if ($selected && $selected != '-1' && ($selected == $row['rowid'] || $selected == $row['code_iso'] || $selected == $row['code_iso3'] || $selected == $row['label']) )
 					{
 						$foundselected=true;
-						$out.= '<option b value="'.($usecodeaskey?($usecodeaskey=='code2'?$row['code_iso']:$row['code_iso3']):$row['rowid']).'" selected>';
+						$out.= '<option value="'.($usecodeaskey?($usecodeaskey=='code2'?$row['code_iso']:$row['code_iso3']):$row['rowid']).'" selected>';
 					}
 					else
 					{
-						$out.= '<option c value="'.($usecodeaskey?($usecodeaskey=='code2'?$row['code_iso']:$row['code_iso3']):$row['rowid']).'">';
+						$out.= '<option value="'.($usecodeaskey?($usecodeaskey=='code2'?$row['code_iso']:$row['code_iso3']):$row['rowid']).'">';
 					}
 					if ($row['label']) $out.= dol_trunc($row['label'],$maxlength,'middle');
 					else $out.= '&nbsp;';
diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php
index 4bff96700d5..3d560c9644e 100644
--- a/htdocs/core/class/html.formfile.class.php
+++ b/htdocs/core/class/html.formfile.class.php
@@ -938,7 +938,7 @@ class FormFile
 	 *  @param	 string $url				Full url to use for click links ('' = autodetect)
 	 *  @param	 int	$showrelpart		0=Show only filename (default), 1=Show first level 1 dir
 	 *  @param   int    $permtoeditline     Permission to edit document line (You must provide a value, -1 is deprecated and must not be used any more)
-	 *  @param   string $upload_dir         Full path directory so we can know dir relative to MAIN_DATA_ROOT. Fill this if you want to complete file data with database indexes.
+	 *  @param   string $upload_dir         Full path directory so we can know dir relative to MAIN_DATA_ROOT. Fill this to complete file data with database indexes.
 	 *  @param   string $sortfield          Sort field ('name', 'size', 'position', ...)
 	 *  @param   string $sortorder          Sort order ('ASC' or 'DESC')
 	 *  @param   int    $disablemove        1=Disable move button, 0=Position move is possible.
@@ -951,6 +951,7 @@ class FormFile
 		global $user, $conf, $langs, $hookmanager;
 		global $bc,$bcdd;
 		global $sortfield, $sortorder, $maxheightmini;
+		global $dolibarr_main_url_root;
 
 		// Define relative path used to store the file
 		if (empty($relativepath))
@@ -1038,6 +1039,7 @@ class FormFile
 				print '<td></td>';
 				if (empty($useinecm)) print '<td></td>';
 				print '<td></td>';
+				print '<td></td>';
 				if (! $disablemove) print '<td></td>';
 				print "</tr>\n";
 			}
@@ -1047,7 +1049,8 @@ class FormFile
 			print_liste_field_titre('Documents2',$url,"name","",$param,'align="left"',$sortfield,$sortorder);
 			print_liste_field_titre('Size',$url,"size","",$param,'align="right"',$sortfield,$sortorder);
 			print_liste_field_titre('Date',$url,"date","",$param,'align="center"',$sortfield,$sortorder);
-			if (empty($useinecm)) print_liste_field_titre('',$url,"","",$param,'align="center"');
+			if (empty($useinecm)) print_liste_field_titre('',$url,"","",$param,'align="center"');					// Preview
+			print_liste_field_titre('');
 			print_liste_field_titre('');
 			if (! $disablemove) print_liste_field_titre('');
 			print "</tr>\n";
@@ -1063,7 +1066,6 @@ class FormFile
 					//var_dump($sortfield);
 					$filearray=dol_sort_array($filearray, $sortfield, $sortorder);
 				}
-				//var_dump($filearray);
 			}
 
 			$nboffiles=count($filearray);
@@ -1146,6 +1148,48 @@ class FormFile
 						else print '&nbsp;';
 						print '</td>';
 					}
+
+					// Hash of file (only if we are in a mode where a scan of dir were done and we have id of file in ECM table)
+					print '<td align="center">';
+					if ($relativedir && $filearray[$key]['rowid'] > 0)
+					{
+						if ($editline)
+						{
+							print $langs->trans("FileSharedViaALink").' ';
+							print '<input class="inline-block" type="checkbox" name="shareenabled"'.($file['share']?' checked="checked"':'').' /> ';
+						}
+						else
+						{
+							if ($file['share'])
+							{
+								// Define $urlwithroot
+								$urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim($dolibarr_main_url_root));
+								$urlwithroot=$urlwithouturlroot.DOL_URL_ROOT;		// This is to use external domain name found into config file
+								//$urlwithroot=DOL_MAIN_URL_ROOT;					// This is to use same domain name than current
+
+								//print '<span class="opacitymedium">'.$langs->trans("Hash").' : '.$file['share'].'</span>';
+								$forcedownload=0;
+								$paramlink='';
+								if (! empty($file['share'])) $paramlink.=($paramlink?'&':'').'hashp='.$file['share'];			// Hash for public share
+								if ($forcedownload) $paramlink.=($paramlink?'&':'').'attachment=1';
+
+								$fulllink=$urlwithroot.'/document.php'.($paramlink?'?'.$paramlink:'');
+								//if (! empty($object->ref))       $fulllink.='&hashn='.$object->ref;		// Hash of file path
+								//elseif (! empty($object->label)) $fulllink.='&hashc='.$object->label;		// Hash of file content
+
+								print img_picto($langs->trans("FileSharedViaALink"),'object_globe.png').' ';
+								print '<input type="text" class="quatrevingtpercent" id="downloadlink" name="downloadexternallink" value="'.dol_escape_htmltag($fulllink).'">';
+								//print ' <a href="'.$fulllink.'">'.$langs->trans("Download").'</a>';	// No target here
+							}
+							else
+							{
+								//print '<span class="opacitymedium">'.$langs->trans("FileNotShared").'</span>';
+							}
+						}
+					}
+					print '</td>';
+
+					// Actions buttons
 					if (! $editline)
 					{
 						// Delete or view link
@@ -1215,6 +1259,7 @@ class FormFile
 					else
 					{
 						print '<td class="right">';
+						print '<input type="hidden" name="ecmfileid" value="'.$filearray[$key]['rowid'].'">';
 						print '<input type="submit" class="button" name="renamefilesave" value="'.dol_escape_htmltag($langs->trans("Save")).'">';
 						print '<input type="submit" class="button" name="cancel" value="'.dol_escape_htmltag($langs->trans("Cancel")).'">';
 						print '</td>';
@@ -1227,9 +1272,9 @@ class FormFile
 			}
 			if ($nboffiles == 0)
 			{
-				$colspan=(empty($useinecm)?'5':'5');
-				if (empty($disablemove)) $colspan++;
-				print '<tr '.$bc[false].'><td colspan="'.$colspan.'" class="opacitymedium">';
+				$colspan=(empty($useinecm)?'6':'6');
+				if (empty($disablemove)) $colspan++;		// 6 columns or 7
+				print '<tr class="oddeven"><td colspan="'.$colspan.'" class="opacitymedium">';
 				if (empty($textifempty)) print $langs->trans("NoFileFound");
 				else print $textifempty;
 				print '</td></tr>';
@@ -1244,6 +1289,8 @@ class FormFile
 				}
 			}
 
+			print ajax_autoselect('downloadlink');
+
 			if (GETPOST('action','aZ09') == 'editfile' && $permtoeditline)
 			{
 				print '</form>';
@@ -1297,8 +1344,8 @@ class FormFile
 		if (! empty($addfilterfields))
 		{
 			print '<tr class="liste_titre nodrag nodrop">';
-			print '<td><input type="text" class="maxwidth100onsmartphone" name="search_doc_ref" value="'.dol_escape_htmltag($search_doc_ref).'"></td>';
 			print '<td></td>';
+			print '<td><input type="text" class="maxwidth100onsmartphone" name="search_doc_ref" value="'.dol_escape_htmltag($search_doc_ref).'"></td>';
 			print '<td></td>';
 			print '<td></td>';
 			// Action column
diff --git a/htdocs/core/class/translate.class.php b/htdocs/core/class/translate.class.php
index 7b6ef9bbde1..14f017bef55 100644
--- a/htdocs/core/class/translate.class.php
+++ b/htdocs/core/class/translate.class.php
@@ -129,7 +129,7 @@ class Translate
 	 *  Return active language code for current user
 	 * 	It's an accessor for this->defaultlang
 	 *
-	 *  @param	int		$mode       0=Long language code, 1=Short language code
+	 *  @param	int		$mode       0=Long language code, 1=Short language code (en, fr, es, ...)
 	 *  @return string      		Language code used (en_US, en_AU, fr_FR, ...)
 	 */
 	function getDefaultLang($mode=0)
diff --git a/htdocs/core/lib/ajax.lib.php b/htdocs/core/lib/ajax.lib.php
index 2ddc7125d4a..845a758703e 100644
--- a/htdocs/core/lib/ajax.lib.php
+++ b/htdocs/core/lib/ajax.lib.php
@@ -358,24 +358,6 @@ function ajax_dialog($title,$message,$w=350,$h=150)
 }
 
 
-/**
- * Make content of an input box selected when we click into input field.
- *
- * @param string	$htmlname	Id of html object
- * @param string	$addlink	Add a 'link to' after
- */
-function ajax_autoselect($htmlname, $addlink='')
-{
-	global $langs;
-	$out = '<script type="text/javascript">
-               jQuery(document).ready(function () {
-				    jQuery("#'.$htmlname.'").click(function() { jQuery(this).select(); } );
-				});
-		    </script>';
-	if ($addlink) $out.=' <a href="'.$addlink.'" target="_blank">'.$langs->trans("Link").'</a>';
-	return $out;
-}
-
 /**
  * Convert a html select field into an ajax combobox.
  * Use ajax_combobox() only for small combo list! If not, use instead ajax_autocompleter().
diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php
index d3b242840ae..3f7c45dda52 100644
--- a/htdocs/core/lib/company.lib.php
+++ b/htdocs/core/lib/company.lib.php
@@ -573,7 +573,7 @@ function getFormeJuridiqueLabel($code)
 }
 
 /**
- *  Return if a country is inside the EEC (European Economic Community)
+ *  Return if a country of an object is inside the EEC (European Economic Community)
  *  TODO Add a field into country dictionary.
  *
  *  @param      Object      $object    Object
diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php
index 206d1bb8099..b53e588c275 100644
--- a/htdocs/core/lib/files.lib.php
+++ b/htdocs/core/lib/files.lib.php
@@ -225,7 +225,8 @@ function dol_dir_list_in_database($path, $filter="", $excludefilter=null, $sortc
 {
 	global $conf, $db;
 
-	$sql=" SELECT rowid, label, entity, filename, filepath, fullpath_orig, keywords, cover, gen_or_uploaded, extraparams, date_c, date_m, fk_user_c, fk_user_m, acl, position";
+	$sql =" SELECT rowid, label, entity, filename, filepath, fullpath_orig, keywords, cover, gen_or_uploaded, extraparams, date_c, date_m, fk_user_c, fk_user_m,";
+	$sql.=" acl, position, share";
 	if ($mode) $sql.=", description";
 	$sql.=" FROM ".MAIN_DB_PREFIX."ecm_files";
 	$sql.=" WHERE filepath = '".$db->escape($path)."'";
@@ -258,7 +259,8 @@ function dol_dir_list_in_database($path, $filter="", $excludefilter=null, $sortc
 					"keywords" => $obj->keywords,
 					"cover" => $obj->cover,
 					"position" => (int) $obj->position,
-					"acl" => $obj->acl
+					"acl" => $obj->acl,
+					"share" => $obj->share
 				);
 			}
 			$i++;
@@ -318,6 +320,7 @@ function completeFileArrayWithDatabaseInfo(&$filearray, $relativedir)
 				$filearray[$key]['acl']=$filearrayindatabase[$key2]['acl'];
 				$filearray[$key]['rowid']=$filearrayindatabase[$key2]['rowid'];
 				$filearray[$key]['label']=$filearrayindatabase[$key2]['label'];
+				$filearray[$key]['share']=$filearrayindatabase[$key2]['share'];
 				$found=1;
 				break;
 			}
diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index a736f3c139a..89e31d00703 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -2223,13 +2223,263 @@ function dol_print_phone($phone,$countrycode='',$cid=0,$socid=0,$addlink='',$sep
 		}
 	}
 
-	if (strtoupper($countrycode) == "CA")
+	elseif (strtoupper($countrycode) == "CA")
 	{
 		if (dol_strlen($phone) == 10) {
 			$newphone=($separ!=''?'(':'').substr($newphone,0,3).($separ!=''?')':'').$separ.substr($newphone,3,3).($separ!=''?'-':'').substr($newphone,6,4);
 		}
 	}
-
+	elseif (strtoupper($parameters['countrycode']) == "PT" )
+	{//Portugal		
+		if (dol_strlen($object) == 13)
+		{//ex: +351_ABC_DEF_GHI
+			$newphone= substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,3).$separ.substr($newphone,10,3);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "SR" )
+	{//Suriname
+		if (dol_strlen($object) == 10)
+		{//ex: +597_ABC_DEF
+			$newphone= substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,3);
+		}
+		elseif (dol_strlen($object) == 11)
+		{//ex: +597_ABC_DEFG
+			$newphone= substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,4);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "DE" )
+	{//Allemagne
+		if (dol_strlen($object) == 14)
+		{//ex:  +49_ABCD_EFGH_IJK
+			$newphone= substr($newphone,0,3).$separ.substr($newphone,3,4).$separ.substr($newphone,7,4).$separ.substr($newphone,11,3);
+		}
+		elseif (dol_strlen($object) == 13) 
+		{//ex: +49_ABC_DEFG_HIJ
+			$newphone= substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,4).$separ.substr($newphone,10,3);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "ES")
+	{//Espagne
+		if (dol_strlen($object) == 12) 
+		{//ex:  +34_ABC_DEF_GHI
+			$newphone= substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,3).$separ.substr($newphone,9,3);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "BF")
+	{// Burkina Faso
+		if (dol_strlen($newphone) == 12)
+		{//ex :  +22 A BC_DE_FG_HI
+			$newphone= substr($newphone,0,3).$separ.substr($newphone,3,1).$separ.substr($newphone,4,2).$separ.substr($newphone,6,2).$separ.substr($newphone,8,2).$separ.substr($newphone,10,2);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "RO")
+	{// Roumanie
+		if (dol_strlen($newphone) == 12)
+		{//ex :  +40 AB_CDE_FG_HI
+			$newphone= substr($newphone,0,3).$separ.substr($newphone,3,2).$separ.substr($newphone,5,3).$separ.substr($newphone,8,2).$separ.substr($newphone,10,2);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "TR")
+	{//Turquie			
+		if (dol_strlen($object) == 13)
+		{//ex :  +90 ABC_DEF_GHIJ
+			$newphone= substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,3).$separ.substr($newphone,9,4);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "US")
+	{//Etat-Unis
+		if (dol_strlen($newphone) == 12)
+		{//ex: +1 ABC_DEF_GHIJ
+			$newphone= substr($newphone,0,2).$separ.substr($newphone,2,3).$separ.substr($newphone,5,3).$separ.substr($newphone,8,4);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "MX")
+	{//Mexique
+		if (dol_strlen($newphone) == 12)
+		{//ex: +52 ABCD_EFG_HI
+			$newphone = substr($newphone,0,3).$separ.substr($newphone,3,4).$separ.substr($newphone,7,3).$separ.substr($newphone,10,2);
+		}
+		elseif (dol_strlen($newphone) == 11)
+		{//ex: +52 AB_CD_EF_GH
+			$newphone = substr($newphone,0,3).$separ.substr($newphone,3,2).$separ.substr($newphone,5,2).$separ.substr($newphone,7,2).$separ.substr($newphone,9,2);				
+		}
+		elseif (dol_strlen($newphone) == 13)
+		{//ex: +52 ABC_DEF_GHIJ
+			$newphone = substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,3).$separ.substr($newphone,9,4);	
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "ML")
+	{//Mali
+		if(dol_strlen($newphone) == 12)
+		{//ex: +223 AB_CD_EF_GH
+			$newphone = substr($newphone,0,4).$separ.substr($newphone,4,2).$separ.substr($newphone,6,2).$separ.substr($newphone,8,2).$separ.substr($newphone,10,2);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "TH")
+	{//Thaïlande
+		if(dol_strlen($newphone) == 11)
+		{//ex: +66_ABC_DE_FGH
+			$newphone = substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,2).$separ.substr($newphone,8,3);
+		}
+		elseif(dol_strlen($newphone) == 12)
+		{//ex: +66_A_BCD_EF_GHI
+			$newphone = substr($newphone,0,3).$separ.substr($newphone,3,1).$separ.substr($newphone,4,3).$separ.substr($newphone,7,2).$separ.substr($newphone,9,3);
+		}
+		}
+	elseif (strtoupper($parameters['countrycode']) == "MU")
+	{//Maurice
+		if(dol_strlen($newphone) == 11)
+		{//ex: +230_ABC_DE_FG
+			$newphone = substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,2).$separ.substr($newphone,9,2);
+		}
+		elseif(dol_strlen($newphone) == 12)
+		{//ex: +230_ABCD_EF_GH
+			$newphone = substr($newphone,0,4).$separ.substr($newphone,4,4).$separ.substr($newphone,8,2).$separ.substr($newphone,10,2);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "ZA")
+	{//Afrique du sud
+		if(dol_strlen($newphone) == 12)
+		{//ex: +27_AB_CDE_FG_HI
+			$newphone = substr($newphone,0,3).$separ.substr($newphone,3,2).$separ.substr($newphone,5,3).$separ.substr($newphone,8,2).$separ.substr($newphone,10,2);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "SY")
+	{//Syrie
+		if(dol_strlen($newphone) == 12)
+		{//ex: +963_AB_CD_EF_GH
+			$newphone = substr($newphone,0,4).$separ.substr($newphone,4,2).$separ.substr($newphone,6,2).$separ.substr($newphone,8,2).$separ.substr($newphone,10,2);
+		}
+		elseif(dol_strlen($newphone) == 13)
+		{//ex: +963_AB_CD_EF_GHI
+			$newphone = substr($newphone,0,4).$separ.substr($newphone,4,2).$separ.substr($newphone,6,2).$separ.substr($newphone,8,2).$separ.substr($newphone,10,3);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "AE")
+	{//Emirats Arabes Unis
+		if(dol_strlen($newphone) == 12)
+		{//ex: +971_ABC_DEF_GH
+			$newphone = substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,3).$separ.substr($newphone,10,2);
+		}
+		elseif(dol_strlen($newphone) == 13)
+		{//ex: +971_ABC_DEF_GHI
+			$newphone = substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,3).$separ.substr($newphone,10,3);
+		}
+		elseif(dol_strlen($newphone) == 14)
+		{//ex: +971_ABC_DEF_GHIK
+			$newphone = substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,3).$separ.substr($newphone,10,4);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "DZ")
+	{//Algérie
+		if(dol_strlen($newphone) == 13)
+		{//ex: +213_ABC_DEF_GHI
+			$newphone = substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,3).$separ.substr($newphone,10,3);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "BE")
+	{//Belgique
+		if(dol_strlen($newphone) == 11)
+		{//ex: +32_ABC_DE_FGH
+			$newphone = substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,2).$separ.substr($newphone,8,3);
+		}
+		elseif(dol_strlen($newphone) == 12)
+		{//ex: +32_ABC_DEF_GHI
+			$newphone = substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,3).$separ.substr($newphone,9,3);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "PF")
+	{//Polynésie française
+		if(dol_strlen($newphone) == 12)
+		{//ex: +689_AB_CD_EF_GH
+			$newphone = substr($newphone,0,4).$separ.substr($newphone,4,2).$separ.substr($newphone,6,2).$separ.substr($newphone,8,2).$separ.substr($newphone,10,2);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "CO")
+	{//Colombie
+		if(dol_strlen($newphone) == 13)
+		{//ex: +57_ABC_DEF_GH_IJ
+			$newphone = substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,3).$separ.substr($newphone,9,2).$separ.substr($newphone,11,2);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "JO")
+	{//Jordanie
+		if(dol_strlen($newphone) == 12)
+		{//ex: +962_A_BCD_EF_GH
+			$newphone = substr($newphone,0,4).$separ.substr($newphone,4,1).$separ.substr($newphone,5,3).$separ.substr($newphone,7,2).$separ.substr($newphone,9,2);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "MG")
+	{//Madagascar
+		if(dol_strlen($newphone) == 13)
+		{//ex: +261_AB_CD_EF_GHI 
+			$newphone = substr($newphone,0,4).$separ.substr($newphone,4,2).$separ.substr($newphone,6,2).$separ.substr($newphone,8,2).$separ.substr($newphone,10,3);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "GB")
+	{//Royaume uni
+		if(dol_strlen($newphone) == 13)
+		{//ex: +44_ABCD_EFG_HIJ
+			$newphone = substr($newphone,0,3).$separ.substr($newphone,3,4).$separ.substr($newphone,7,3).$separ.substr($newphone,10,3);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "CH")
+	{//Suisse
+		if(dol_strlen($newphone) == 12)
+		{//ex: +41_AB_CDE_FG_HI
+			$newphone = substr($newphone,0,3).$separ.substr($newphone,3,2).$separ.substr($newphone,5,3).$separ.substr($newphone,8,2).$separ.substr($newphone,10,2);
+		}
+		elseif(dol_strlen($newphone) == 15)
+		{// +41_AB_CDE_FGH_IJKL
+			$newphone =$newphone = substr($newphone,0,3).$separ.substr($newphone,3,2).$separ.substr($newphone,5,3).$separ.substr($newphone,8,3).$separ.substr($newphone,11,4);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "TN")
+	{//Tunisie
+		if(dol_strlen($newphone) == 12)
+		{//ex: +216_AB_CDE_FGH
+			$newphone = substr($newphone,0,4).$separ.substr($newphone,4,2).$separ.substr($newphone,6,3).$separ.substr($newphone,9,3);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "GF")
+	{//Guyane francaise
+		if(dol_strlen($newphone) == 13)
+		{//ex: +594_ABC_DE_FG_HI  (ABC=594 de nouveau)
+			$newphone = substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,2).$separ.substr($newphone,9,2).$separ.substr($newphone,11,2);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "GP")
+	{//Guadeloupe
+		if(dol_strlen($newphone) == 13)
+		{//ex: +590_ABC_DE_FG_HI  (ABC=590 de nouveau)
+			$newphone = substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,2).$separ.substr($newphone,9,2).$separ.substr($newphone,11,2);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "MQ")
+	{//Martinique
+		if(dol_strlen($newphone) == 13)
+		{//ex: +596_ABC_DE_FG_HI  (ABC=596 de nouveau)
+			$newphone = substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,2).$separ.substr($newphone,9,2).$separ.substr($newphone,11,2);
+		}
+	}
+	elseif (strtoupper($parameters['countrycode']) == "IT")
+	{//Italie
+		if(dol_strlen($newphone) == 12)
+		{//ex: +39_ABC_DEF_GHI
+			$newphone = substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,3).$separ.substr($newphone,9,3);
+		}
+		elseif(dol_strlen($newphone) == 13)
+		{//ex: +39_ABC_DEF_GH_IJ
+			$newphone = substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,3).$separ.substr($newphone,9,2).$separ.substr($newphone,11,2);
+		}
+	}
+	elseif(strtoupper($parameters['countrycode']) == "AU")
+	{//Australie
+		 if(dol_strlen($newphone) == 12)
+		{//ex: +61_A_BCDE_FGHI
+			$newphone = substr($newphone,0,3).$separ.substr($newphone,3,1).$separ.substr($newphone,4,4).$separ.substr($newphone,8,4);
+		}
+	}
 	if (! empty($addlink))	// Link on phone number (+ link to add action if conf->global->AGENDA_ADDACTIONFORPHONE set)
 	{
 		if (! empty($conf->browser->phone) || (! empty($conf->clicktodial->enabled) && ! empty($conf->global->CLICKTODIAL_USE_TEL_LINK_ON_PHONE_NUMBERS)))	// If phone or option for, we use link of phone
@@ -6844,7 +7094,7 @@ function getAdvancedPreviewUrl($modulepart, $relativepath, $alldata=0, $param=''
 
 	if (empty($conf->use_javascript_ajax)) return '';
 
-	$mime_preview = array('bmp', 'jpeg', 'png', 'gif', 'tiff', 'pdf', 'plain', 'css');
+	$mime_preview = array('bmp', 'jpeg', 'png', 'gif', 'tiff', 'pdf', 'plain', 'css', 'svg+xml');
 	//$mime_preview[]='vnd.oasis.opendocument.presentation';
 	//$mime_preview[]='archive';
 	$num_mime = array_search(dol_mimetype($relativepath, '', 1), $mime_preview);
@@ -6861,6 +7111,25 @@ function getAdvancedPreviewUrl($modulepart, $relativepath, $alldata=0, $param=''
 }
 
 
+/**
+ * Make content of an input box selected when we click into input field.
+ *
+ * @param string	$htmlname	Id of html object
+ * @param string	$addlink	Add a 'link to' after
+ */
+function ajax_autoselect($htmlname, $addlink='')
+{
+	global $langs;
+	$out = '<script type="text/javascript">
+               jQuery(document).ready(function () {
+				    jQuery("#'.$htmlname.'").click(function() { jQuery(this).select(); } );
+				});
+		    </script>';
+	if ($addlink) $out.=' <a href="'.$addlink.'" target="_blank">'.$langs->trans("Link").'</a>';
+	return $out;
+}
+
+
 /**
  *	Return mime type of a file
  *
@@ -6931,6 +7200,7 @@ function dol_mimetype($file, $default='application/octet-stream', $mode=0)
 	if (preg_match('/\.gif$/i',$tmpfile))					   { $mime='image/gif';    $imgmime='image.png'; $famime='file-image-o'; }
 	if (preg_match('/\.bmp$/i',$tmpfile))					   { $mime='image/bmp';    $imgmime='image.png'; $famime='file-image-o'; }
 	if (preg_match('/\.(tif|tiff)$/i',$tmpfile))			   { $mime='image/tiff';   $imgmime='image.png'; $famime='file-image-o'; }
+	if (preg_match('/\.svg$/i',$tmpfile))					   { $mime='image/svg+xml';$imgmime='image.png'; $famime='file-image-o'; }
 	// Calendar
 	if (preg_match('/\.vcs$/i',$tmpfile))					   { $mime='text/calendar'; $imgmime='other.png'; $famime='file-text-o'; }
 	if (preg_match('/\.ics$/i',$tmpfile))					   { $mime='text/calendar'; $imgmime='other.png'; $famime='file-text-o'; }
diff --git a/htdocs/core/lib/images.lib.php b/htdocs/core/lib/images.lib.php
index e6f69da1d93..f0a666b03e9 100644
--- a/htdocs/core/lib/images.lib.php
+++ b/htdocs/core/lib/images.lib.php
@@ -37,7 +37,7 @@ $quality = 80;
  */
 function image_format_supported($file)
 {
-    $regeximgext='\.gif|\.jpg|\.jpeg|\.png|\.bmp|\.xpm|\.xbm';   // See also into product.class.php
+    $regeximgext='\.gif|\.jpg|\.jpeg|\.png|\.bmp|\.xpm|\.xbm|\.svg';   // See also into product.class.php
 
     // Case filename is not a format image
     if (! preg_match('/('.$regeximgext.')$/i',$file,$reg)) return -1;
diff --git a/htdocs/core/modules/commande/doc/pdf_einstein.modules.php b/htdocs/core/modules/commande/doc/pdf_einstein.modules.php
index 59a2d82ffc7..7c24e49e89b 100644
--- a/htdocs/core/modules/commande/doc/pdf_einstein.modules.php
+++ b/htdocs/core/modules/commande/doc/pdf_einstein.modules.php
@@ -1320,7 +1320,17 @@ class pdf_einstein extends ModelePDFCommandes
 		if ($showaddress)
 		{
 			// Sender properties
-			$carac_emetteur = pdf_build_address($outputlangs, $this->emetteur, $object->thirdparty);
+			$carac_emetteur='';
+		 	// Add internal contact of proposal if defined
+			$arrayidcontact=$object->getIdContact('internal','SALESREPFOLL');
+		 	if (count($arrayidcontact) > 0)
+		 	{
+		 		$object->fetch_user($arrayidcontact[0]);
+		 		$labelbeforecontactname=($outputlangs->transnoentities("FromContactName")!='FromContactName'?$outputlangs->transnoentities("FromContactName"):$outputlangs->transnoentities("Name"));
+		 		$carac_emetteur .= ($carac_emetteur ? "\n" : '' ).$labelbeforecontactname." ".$outputlangs->convToOutputCharset($object->user->getFullName($outputlangs))."\n";
+		 	}
+
+		 	$carac_emetteur .= pdf_build_address($outputlangs, $this->emetteur, $object->thirdparty);
 
 			// Show sender
 			$posy=42+$top_shift;
diff --git a/htdocs/core/modules/modBlockedLog.class.php b/htdocs/core/modules/modBlockedLog.class.php
index 9b3f4e16e9b..b18f8bebf62 100644
--- a/htdocs/core/modules/modBlockedLog.class.php
+++ b/htdocs/core/modules/modBlockedLog.class.php
@@ -172,7 +172,7 @@ class modBlockedLog extends DolibarrModules
     	// If already used, we add an entry to show we enable module
    		require_once DOL_DOCUMENT_ROOT.'/blockedlog/class/blockedlog.class.php';
 
-   		$object=new stdClass;
+   		$object=new stdClass();
     	$object->id = 1;
     	$object->element = 'module';
     	$object->ref = 'systemevent';
@@ -215,7 +215,7 @@ class modBlockedLog extends DolibarrModules
 		// If already used, we add an entry to show we enable module
 		require_once DOL_DOCUMENT_ROOT.'/blockedlog/class/blockedlog.class.php';
 
-		$object=new stdClass;
+		$object=new stdClass();
     	$object->id = 1;
     	$object->element = 'module';
     	$object->ref = 'systemevent';
diff --git a/htdocs/core/modules/modWebsite.class.php b/htdocs/core/modules/modWebsite.class.php
index 47d44d66164..d62576c5063 100644
--- a/htdocs/core/modules/modWebsite.class.php
+++ b/htdocs/core/modules/modWebsite.class.php
@@ -80,7 +80,7 @@ class modWebsite extends DolibarrModules
 
         // New pages on tabs
         // -----------------
-       	//$this->tabs[] = array('data'=>'thirdparty:+website:WebSites:website:($conf->societe->enabled && $user->rights->societe->lire):/societe/website.php?mainmenu=home&id=__ID__');  					// To add a new tab identified by code tabname1
+       	//$this->tabs[] = array();  					// To add a new tab identified by code tabname1
 
         // Boxes
         //------
diff --git a/htdocs/core/tpl/ajaxrow.tpl.php b/htdocs/core/tpl/ajaxrow.tpl.php
index a75ed1846ff..e4a63b23b3d 100644
--- a/htdocs/core/tpl/ajaxrow.tpl.php
+++ b/htdocs/core/tpl/ajaxrow.tpl.php
@@ -71,7 +71,8 @@ $(document).ready(function(){
 					function() {
 						console.log("tableDND end of ajax call");
 						if (reloadpage == 1) {
-							location.href = '<?php echo dol_escape_htmltag($_SERVER['PHP_SELF']).'?'.dol_escape_htmltag($_SERVER['QUERY_STRING']); ?>';
+							//console.log('<?php echo dol_escape_js($_SERVER['QUERY_STRING']); ?>');
+							location.href = '<?php echo dol_escape_js($_SERVER['PHP_SELF']).'?'.dol_escape_js($_SERVER['QUERY_STRING']); ?>';
 						} else {
 							$("#<?php echo $tagidfortablednd; ?> .drag").each(
 									function( intIndex ) {
diff --git a/htdocs/document.php b/htdocs/document.php
index 1c722e4cb55..50f4a61186d 100644
--- a/htdocs/document.php
+++ b/htdocs/document.php
@@ -25,9 +25,9 @@
  *	\file       htdocs/document.php
  *  \brief      Wrapper to download data files
  *  \remarks    Call of this wrapper is made with URL:
- * 				document.php?modulepart=repfichierconcerne&file=relativepathoffile
- * 				document.php?modulepart=logs&file=dolibarr.log
- * 				document.php?modulepart=logs&hashp=sharekey
+ * 				DOL_URL_ROOT.'/document.php?modulepart=repfichierconcerne&file=relativepathoffile'
+ * 				DOL_URL_ROOT.'/document.php?modulepart=logs&file=dolibarr.log'
+ * 				DOL_URL_ROOT.'/document.php?hashp=sharekey'
  */
 
 //if (! defined('NOREQUIREUSER'))	define('NOREQUIREUSER','1');	// Not disabled cause need to load personalized language
@@ -36,9 +36,9 @@
 //if (! defined('NOREQUIRETRAN'))		define('NOREQUIRETRAN','1');
 //if (! defined('NOCSRFCHECK'))		define('NOCSRFCHECK','1');
 if (! defined('NOTOKENRENEWAL'))	define('NOTOKENRENEWAL','1');
-//if (! defined('NOREQUIREMENU'))		define('NOREQUIREMENU','1');
-//if (! defined('NOREQUIREHTML'))		define('NOREQUIREHTML','1');
-//if (! defined('NOREQUIREAJAX'))		define('NOREQUIREAJAX','1');
+if (! defined('NOREQUIREMENU'))		define('NOREQUIREMENU','1');
+if (! defined('NOREQUIREHTML'))		define('NOREQUIREHTML','1');
+if (! defined('NOREQUIREAJAX'))		define('NOREQUIREAJAX','1');
 //if (! defined('NOREQUIREHOOK'))		define('NOREQUIREHOOK','1');	// Disable "main.inc.php" hooks
 // For bittorent link, we don't need to load/check we are into a login session
 if (isset($_GET["modulepart"]) && $_GET["modulepart"] == 'bittorrent' && ! defined("NOLOGIN"))
@@ -58,9 +58,6 @@ if ((isset($_GET["modulepart"]) && $_GET["modulepart"] == 'medias') && ! defined
 	define("NOLOGIN",1);
 	define("NOCSRFCHECK",1);	// We accept to go on this page from external web site.
 }
-if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1');
-if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1');
-if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1');
 
 /**
  * Header empty
@@ -75,7 +72,6 @@ function llxHeader() { }
  */
 function llxFooter() { }
 
-
 require 'main.inc.php';	// Load $user and permissions
 require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
 
@@ -103,21 +99,17 @@ if (in_array($modulepart, array('facture_paiement','unpaid')))
 
 
 /*
- * Action
+ * Actions
  */
 
 // None
 
 
+
 /*
  * View
  */
 
-// Define mime type
-$type = 'application/octet-stream';
-if (GETPOST('type','alpha')) $type=GETPOST('type','alpha');
-else $type=dol_mimetype($original_file);
-
 // Define attachment (attachment=true to force choice popup 'open'/'save as')
 $attachment = true;
 if (preg_match('/\.(html|htm)$/i',$original_file)) $attachment = false;
@@ -160,6 +152,10 @@ if (! empty($hashp))
 	}
 }
 
+// Define mime type
+$type = 'application/octet-stream';
+if (GETPOST('type','alpha')) $type=GETPOST('type','alpha');
+else $type=dol_mimetype($original_file);
 
 // Security: Delete string ../ into $original_file
 $original_file = str_replace("../","/", $original_file);
@@ -252,9 +248,6 @@ header('Content-Length: ' . dol_filesize($fullpath_original_file));
 header('Cache-Control: Public, must-revalidate');
 header('Pragma: public');
 
-//ob_clean();
-//flush();
-
 readfile($fullpath_original_file_osencoded);
 
 if (is_object($db)) $db->close();
diff --git a/htdocs/ecm/file_card.php b/htdocs/ecm/file_card.php
index 8c62cbe18f2..e0926e0f777 100644
--- a/htdocs/ecm/file_card.php
+++ b/htdocs/ecm/file_card.php
@@ -341,13 +341,9 @@ if (! empty($object->share))
 {
 	if ($action != 'edit')
 	{
-		$modulepart='ecm';
 		$forcedownload=0;
 
 		$paramlink='';
-		//if (! empty($modulepart)) $paramlink.=($paramlink?'&':'').'modulepart='.$modulepart;		// For sharing with hash (so public files), modulepart is not required.
-		//if (! empty($object->entity)) $paramlink.='&entity='.$object->entity; 					// For sharing with hash (so public files), entity is not required.
-		//$paramlink.=($paramlink?'&':'').'file='.urlencode($filepath);								// No need of name of file for public link, we will use the hash
 		if (! empty($object->share)) $paramlink.=($paramlink?'&':'').'hashp='.$object->share;			// Hash for public share
 		if ($forcedownload) $paramlink.=($paramlink?'&':'').'attachment=1';
 
diff --git a/htdocs/fourn/card.php b/htdocs/fourn/card.php
index 453cb6068ad..588c13ca849 100644
--- a/htdocs/fourn/card.php
+++ b/htdocs/fourn/card.php
@@ -117,7 +117,7 @@ if (empty($reshook))
         // Fill array 'array_options' with data from update form
         $extralabels = $extrafields->fetch_name_optionals_label($object->table_element);
         $ret = $extrafields->setOptionalsFromPost($extralabels, $object, GETPOST('attribute'));
-		
+
         if ($ret < 0) $error++;
         if (! $error)
         {
@@ -476,7 +476,7 @@ if ($object->id > 0)
 
 
 	/*
-	 * Last supplier proposal
+	 * Latest supplier proposal
 	 */
 	$proposalstatic = new SupplierProposal($db);
 
@@ -485,7 +485,7 @@ if ($object->id > 0)
 	    $sql  = "SELECT p.rowid, p.ref, p.date_valid as dc, p.fk_statut, p.total_ht, p.tva as total_tva, p.total as total_ttc";
 	    $sql.= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p ";
 	    $sql.= " WHERE p.fk_soc =".$object->id;
-	    $sql.= " AND p.entity =".$conf->entity;
+	    $sql.= " AND p.entity IN (".getEntity('supplier_proposal').")";
 	    $sql.= " ORDER BY p.date_valid DESC";
 	    $sql.= " ".$db->plimit($MAXLIST);
 
@@ -548,7 +548,7 @@ if ($object->id > 0)
 	}
 
 	/*
-	 * Last supplier orders
+	 * Latest supplier orders
 	 */
 	$orderstatic = new CommandeFournisseur($db);
 
@@ -561,6 +561,7 @@ if ($object->id > 0)
 		$sql2.= ' FROM '.MAIN_DB_PREFIX.'societe as s';
 		$sql2.= ', '.MAIN_DB_PREFIX.'commande_fournisseur as c';
 		$sql2.= ' WHERE c.fk_soc = s.rowid';
+		$sql2.= " AND c.entity IN (".getEntity('commande_fournisseur').")";
 		$sql2.= ' AND s.rowid = '.$object->id;
 		// Show orders with status validated, shipping started and delivered (well any order we can bill)
 		$sql2.= " AND c.fk_statut IN (5)";
@@ -578,9 +579,9 @@ if ($object->id > 0)
 
 		// TODO move to DAO class
 		$sql  = "SELECT count(p.rowid) as total";
-		$sql.= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as p ";
+		$sql.= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as p";
 		$sql.= " WHERE p.fk_soc =".$object->id;
-		$sql.= " AND p.entity =".$conf->entity;
+		$sql.= " AND p.entity IN (".getEntity('commande_fournisseur').")";
 		$resql=$db->query($sql);
 		if ($resql)
 		{
@@ -589,9 +590,9 @@ if ($object->id > 0)
 		}
 
 		$sql  = "SELECT p.rowid,p.ref, p.date_commande as dc, p.fk_statut, p.total_ht, p.tva as total_tva, p.total_ttc";
-		$sql.= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as p ";
+		$sql.= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as p";
 		$sql.= " WHERE p.fk_soc =".$object->id;
-		$sql.= " AND p.entity =".$conf->entity;
+		$sql.= " AND p.entity IN (".getEntity('commande_fournisseur').")";
 		$sql.= " ORDER BY p.date_commande DESC";
 		$sql.= " ".$db->plimit($MAXLIST);
 		$resql=$db->query($sql);
@@ -652,7 +653,7 @@ if ($object->id > 0)
 	}
 
 	/*
-	 * Last supplier invoices
+	 * Latest supplier invoices
 	 */
 
 	$langs->load('bills');
@@ -666,7 +667,7 @@ if ($object->id > 0)
 		$sql.= ' FROM '.MAIN_DB_PREFIX.'facture_fourn as f';
 		$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'paiementfourn_facturefourn as pf ON f.rowid=pf.fk_facturefourn';
 		$sql.= ' WHERE f.fk_soc = '.$object->id;
-		$sql.= " AND f.entity =".$conf->entity;
+		$sql.= " AND f.entity IN (".getEntity('facture_fourn').")";
 		$sql.= ' GROUP BY f.rowid,f.libelle,f.ref,f.ref_supplier,f.fk_statut,f.datef,f.total_ht,f.total_tva,f.total_ttc,f.paye';
 		$sql.= ' ORDER BY f.datef DESC';
 		$resql=$db->query($sql);
@@ -694,15 +695,15 @@ if ($object->id > 0)
 				print '<td>';
 				print '<a href="facture/card.php?facid='.$obj->rowid.'">';
 				$facturestatic->id=$obj->rowid;
-				$facturestatic->ref=($obj->ref?$obj->ref:$obj->rowid).($obj->ref_supplier?' - '.$obj->ref_supplier:'');
-                $facturestatic->ref_supplier = $obj->ref_supplier;
-                $facturestatic->total_ht = $obj->total_ht;
+				$facturestatic->ref=($obj->ref?$obj->ref:$obj->rowid);
+				$facturestatic->ref_supplier = $obj->ref_supplier;
+				$facturestatic->libelle = $obj->libelle;
+				$facturestatic->total_ht = $obj->total_ht;
                 $facturestatic->total_tva = $obj->total_tva;
                 $facturestatic->total_ttc = $obj->total_ttc;
-				//$facturestatic->ref_supplier=$obj->ref_supplier;
 				print $facturestatic->getNomUrl(1);
-				//print img_object($langs->trans('ShowBill'),'bill').' '.($obj->ref?$obj->ref:$obj->rowid).' - '.$obj->ref_supplier.'</a>';
-				print ' '.dol_trunc($obj->libelle,14);
+				print $obj->ref_supplier?' - '.$obj->ref_supplier:'';
+				print ($obj->libelle?' - ':'').dol_trunc($obj->libelle,14);
 				print '</td>';
 				print '<td align="center" class="nowrap">'.dol_print_date($db->jdate($obj->df),'day').'</td>';
 				print '<td align="right" class="nowrap">'.price($obj->amount).'</td>';
diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php
index 444eb5d200a..292466ea0d8 100644
--- a/htdocs/fourn/class/fournisseur.facture.class.php
+++ b/htdocs/fourn/class/fournisseur.facture.class.php
@@ -1929,6 +1929,8 @@ class FactureFournisseur extends CommonInvoice
             $label .= '<br><b>' . $langs->trans('Ref') . ':</b> ' . $this->ref;
         if (! empty($this->ref_supplier))
             $label.= '<br><b>' . $langs->trans('RefSupplier') . ':</b> ' . $this->ref_supplier;
+        if (! empty($this->libelle))
+        	$label.= '<br><b>' . $langs->trans('Label') . ':</b> ' . $this->libelle;
         if (! empty($this->total_ht))
             $label.= '<br><b>' . $langs->trans('AmountHT') . ':</b> ' . price($this->total_ht, 0, $langs, 0, -1, -1, $conf->currency);
         if (! empty($this->total_tva))
diff --git a/htdocs/install/check.php b/htdocs/install/check.php
index 8262a5f05df..7e64b6ae951 100644
--- a/htdocs/install/check.php
+++ b/htdocs/install/check.php
@@ -35,7 +35,7 @@ $allowinstall = 0;
 $allowupgrade = false;
 $checksok = 1;
 
-$setuplang=GETPOST("selectlang",'',3)?GETPOST("selectlang",'',3):$langs->getDefaultLang();
+$setuplang=GETPOST("selectlang",'az09',3)?GETPOST("selectlang",'az09',3):$langs->getDefaultLang();
 $langs->setDefaultLang($setuplang);
 
 $langs->load("install");
@@ -345,6 +345,10 @@ else
 			$conf->db->dolibarr_main_db_cryptkey = $dolibarr_main_db_cryptkey;
 
 			$conf->setValues($db);
+			// Reset forced setup after the setValues
+			if (defined('SYSLOG_FILE')) $conf->global->SYSLOG_FILE=constant('SYSLOG_FILE');
+			$conf->global->MAIN_ENABLE_LOG_TO_HTML = 1;
+
 			// Current version is $conf->global->MAIN_VERSION_LAST_UPGRADE
 			// Version to install is DOL_VERSION
 			$dolibarrlastupgradeversionarray=preg_split('/[\.-]/',isset($conf->global->MAIN_VERSION_LAST_UPGRADE) ? $conf->global->MAIN_VERSION_LAST_UPGRADE : (isset($conf->global->MAIN_VERSION_LAST_INSTALL)?$conf->global->MAIN_VERSION_LAST_INSTALL:''));
diff --git a/htdocs/install/repair.php b/htdocs/install/repair.php
index 5db07cd1412..229ae0a3c3e 100644
--- a/htdocs/install/repair.php
+++ b/htdocs/install/repair.php
@@ -42,10 +42,8 @@ error_reporting(0);
 @set_time_limit(120);
 error_reporting($err);
 
-$setuplang=GETPOST("selectlang",'',3)?GETPOST("selectlang",'',3):'auto';
+$setuplang=GETPOST("selectlang",'az09',3)?GETPOST("selectlang",'az09',3):'auto';
 $langs->setDefaultLang($setuplang);
-$versionfrom=GETPOST("versionfrom",'',3)?GETPOST("versionfrom",'',3):(empty($argv[1])?'':$argv[1]);
-$versionto=GETPOST("versionto",'',3)?GETPOST("versionto",'',3):(empty($argv[2])?'':$argv[2]);
 
 $langs->loadLangs(array("admin","install","other"));
 
@@ -78,6 +76,7 @@ print 'Option clean_product_stock_batch (0 or \'test\' or \'confirmed\') is '.(G
 print 'Option set_empty_time_spent_amount (0 or \'test\' or \'confirmed\') is '.(GETPOST('set_empty_time_spent_amount','alpha')?GETPOST('set_empty_time_spent_amount','alpha'):'0').'<br>'."\n";
 print 'Option rebuild_product_thumbs (0 or \'test\' or \'confirmed\') is '.(GETPOST('rebuild_product_thumbs','alpha')?GETPOST('rebuild_product_thumbs','alpha'):'0').'<br>'."\n";
 print 'Option force_disable_of_modules_not_found (0 or \'test\' or \'confirmed\') is '.(GETPOST('force_disable_of_modules_not_found','alpha')?GETPOST('force_disable_of_modules_not_found','alpha'):'0').'<br>'."\n";
+print 'Option clean_perm_table (0 or \'test\' or \'confirmed\') is '.(GETPOST('clean_perm_table','alpha')?GETPOST('clean_perm_table','alpha'):'0').'<br>'."\n";
 print 'Option force_utf8_on_tables, for mysql/mariadb only (0 or \'test\' or \'confirmed\') is '.(GETPOST('force_utf8_on_tables','alpha')?GETPOST('force_utf8_on_tables','alpha'):'0').'<br>'."\n";
 print '<br>';
 
@@ -154,13 +153,16 @@ if ($ok)
 }
 
 $conf->setValues($db);
-
+// Reset forced setup after the setValues
+if (defined('SYSLOG_FILE')) $conf->global->SYSLOG_FILE=constant('SYSLOG_FILE');
+$conf->global->MAIN_ENABLE_LOG_TO_HTML = 1;
 
 
 /* Start action here */
 $oneoptionset=0;
 $oneoptionset=(GETPOST('standard', 'alpha') || GETPOST('restore_thirdparties_logos','alpha') || GETPOST('clean_linked_elements','alpha') || GETPOST('clean_menus','alpha')
 	|| GETPOST('clean_orphelin_dir','alpha') || GETPOST('clean_product_stock_batch','alpha') || GETPOST('set_empty_time_spent_amount','alpha') || GETPOST('rebuild_product_thumbs','alpha')
+	|| GETPOST('clean_perm_table','alpha')
 	|| GETPOST('force_disable_of_modules_not_found','alpha') || GETPOST('force_utf8_on_tables','alpha'));
 
 if ($ok && $oneoptionset)
@@ -586,8 +588,6 @@ if ($ok && GETPOST('clean_menus','alpha'))
 // clean_orphelin_dir: Run purge of directory
 if ($ok && GETPOST('clean_orphelin_dir','alpha'))
 {
-    $conf->setValues($db);
-
     $listmodulepart=array('company','invoice','invoice_supplier','propal','order','order_supplier','contract','tax');
     foreach ($listmodulepart as $modulepart)
     {
@@ -904,7 +904,7 @@ if ($ok && GETPOST('set_empty_time_spent_amount','alpha'))
 // clean_old_module_entries: Clean data into const when files of module were removed without being
 if ($ok && GETPOST('force_disable_of_modules_not_found','alpha'))
 {
-    print '<tr><td colspan="2"><br>*** Force modules not found to be disabled</td></tr>';
+    print '<tr><td colspan="2"><br>*** Force modules not found to be disabled (only modules adding js, css or hooks can be detected as removed)</td></tr>';
 
     $arraylistofkey=array('hooks','js','css');
 
@@ -1020,6 +1020,56 @@ if ($ok && GETPOST('force_disable_of_modules_not_found','alpha'))
 }
 
 
+// clean_old_module_entries: Clean data into const when files of module were removed without being
+if ($ok && GETPOST('clean_perm_table','alpha'))
+{
+	print '<tr><td colspan="2"><br>*** Clean table user_rights from lines of external modules no more enabled</td></tr>';
+
+	$listofmods='';
+	foreach($conf->modules as $key => $val)
+	{
+		$listofmods.=($listofmods?',':'')."'".$val."'";
+	}
+	$sql = 'SELECT id, libelle, module from '.MAIN_DB_PREFIX.'rights_def WHERE module not in ('.$listofmods.') AND id > 100000';
+	$resql = $db->query($sql);
+	if ($resql)
+	{
+		$num = $db->num_rows($resql);
+		if ($num)
+		{
+			$i = 0;
+			while ($i < $num)
+			{
+				$obj=$db->fetch_object($resql);
+				if ($obj->id > 0)
+				{
+					print '<tr><td>Found line with id '.$obj->id.', label "'.$obj->libelle.'" of module "'.$obj->module.'" to delete';
+					if (GETPOST('clean_perm_table','alpha') == 'confirmed')
+					{
+						$sqldelete = 'DELETE FROM '.MAIN_DB_PREFIX.'rights_def WHERE id = '.$obj->id;
+						$resqldelete = $db->query($sqldelete);
+						if (! $resqldelete)
+						{
+							dol_print_error($db);
+						}
+						print ' - deleted';
+					}
+					print '</td></tr>';
+				}
+				$i++;
+			}
+		}
+		else
+		{
+			print '<tr><td>No lines of a disabled external module (with id > 100000) found into table rights_def</td></tr>';
+		}
+	}
+	else
+	{
+		dol_print_error($db);
+	}
+}
+
 
 
 // clean_linked_elements: Check and clean linked elements
diff --git a/htdocs/install/step5.php b/htdocs/install/step5.php
index 5181c35f2f9..d1f7e3eb31a 100644
--- a/htdocs/install/step5.php
+++ b/htdocs/install/step5.php
@@ -165,6 +165,9 @@ if ($action == "set" || empty($action) || preg_match('/upgrade/i',$action))
         if ($db->connected)
         {
             $conf->setValues($db);
+            // Reset forced setup after the setValues
+            if (defined('SYSLOG_FILE')) $conf->global->SYSLOG_FILE=constant('SYSLOG_FILE');
+            $conf->global->MAIN_ENABLE_LOG_TO_HTML = 1;
 
             // Create admin user
             include_once DOL_DOCUMENT_ROOT .'/user/class/user.class.php';
@@ -298,6 +301,9 @@ if ($action == "set" || empty($action) || preg_match('/upgrade/i',$action))
         if ($db->connected)
         {
             $conf->setValues($db);
+            // Reset forced setup after the setValues
+            if (defined('SYSLOG_FILE')) $conf->global->SYSLOG_FILE=constant('SYSLOG_FILE');
+            $conf->global->MAIN_ENABLE_LOG_TO_HTML = 1;
 
             // Define if we need to update the MAIN_VERSION_LAST_UPGRADE value in database
             $tagdatabase=false;
diff --git a/htdocs/install/upgrade2.php b/htdocs/install/upgrade2.php
index 430c6f46c94..d20357dd20c 100644
--- a/htdocs/install/upgrade2.php
+++ b/htdocs/install/upgrade2.php
@@ -163,7 +163,13 @@ if (! GETPOST('action','aZ09') || preg_match('/upgrade/i',GETPOST('action','aZ09
     $conf->db->dolibarr_main_db_cryptkey = $dolibarr_main_db_cryptkey;
 
     // Chargement config
-    if (! $error) $conf->setValues($db);
+    if (! $error)
+    {
+    	$conf->setValues($db);
+    	// Reset forced setup after the setValues
+    	if (defined('SYSLOG_FILE')) $conf->global->SYSLOG_FILE=constant('SYSLOG_FILE');
+    	$conf->global->MAIN_ENABLE_LOG_TO_HTML = 1;
+    }
 
 
     /***************************************************************************************
@@ -371,7 +377,20 @@ if (! GETPOST('action','aZ09') || preg_match('/upgrade/i',GETPOST('action','aZ09
         $beforeversionarray=explode('.','6.0.9');
         if (versioncompare($versiontoarray,$afterversionarray) >= 0 && versioncompare($versiontoarray,$beforeversionarray) <= 0)
         {
-            // No particular code
+        	if (! empty($conf->multicompany->enabled))
+        	{
+        		global $multicompany_transverse_mode;
+
+        		// Only if the transverse mode is not used
+        		if (empty($multicompany_transverse_mode))
+        		{
+        			// Migrate to add entity value into llx_user_rights
+        			migrate_user_rights_entity($db, $langs, $conf);
+
+        			// Migrate to add entity value into llx_usergroup_rights
+        			migrate_usergroup_rights_entity($db, $langs, $conf);
+        		}
+        	}
         }
 
         // Scripts for last version
@@ -3940,7 +3959,7 @@ function migrate_reset_blocked_log($db,$langs,$conf)
 						else
 						{
 							// Add set line
-							$object=new stdClass;
+							$object=new stdClass();
 							$object->id = 1;
 							$object->element = 'module';
 							$object->ref = 'systemevent';
@@ -4182,6 +4201,158 @@ function migrate_remise_except_entity($db,$langs,$conf)
 	print '</td></tr>';
 }
 
+/**
+ * Migrate to add entity value into llx_user_rights
+ *
+ * @param	DoliDB		$db				Database handler
+ * @param	Translate	$langs			Object langs
+ * @param	Conf		$conf			Object conf
+ * @return	void
+ */
+function migrate_user_rights_entity($db,$langs,$conf)
+{
+	print '<tr><td colspan="4">';
+
+	print '<b>'.$langs->trans('MigrationUserRightsEntity')."</b><br>\n";
+
+	$error = 0;
+
+	dolibarr_install_syslog("upgrade2::migrate_user_rights_entity");
+
+	$db->begin();
+
+	$sqlSelect = "SELECT u.rowid, u.entity";
+	$sqlSelect.= " FROM ".MAIN_DB_PREFIX."user as u";
+	$sqlSelect.= " WHERE u.entity > 1";
+	//print $sqlSelect;
+
+	$resql = $db->query($sqlSelect);
+	if ($resql)
+	{
+		$i = 0;
+		$num = $db->num_rows($resql);
+
+		if ($num)
+		{
+			while ($i < $num)
+			{
+				$obj = $db->fetch_object($resql);
+
+				$sqlUpdate = "UPDATE ".MAIN_DB_PREFIX."user_rights SET";
+				$sqlUpdate.= " entity = " . $obj->entity;
+				$sqlUpdate.= " WHERE fk_user = " . $obj->rowid;
+
+				$result=$db->query($sqlUpdate);
+				if (! $result)
+				{
+					$error++;
+					dol_print_error($db);
+				}
+
+				print ". ";
+				$i++;
+			}
+		}
+		else
+		{
+			print $langs->trans('AlreadyDone')."<br>\n";
+		}
+
+		if (! $error)
+		{
+			$db->commit();
+		}
+		else
+		{
+			$db->rollback();
+		}
+	}
+	else
+	{
+		dol_print_error($db);
+		$db->rollback();
+	}
+
+
+	print '</td></tr>';
+}
+
+/**
+ * Migrate to add entity value into llx_usergroup_rights
+ *
+ * @param	DoliDB		$db				Database handler
+ * @param	Translate	$langs			Object langs
+ * @param	Conf		$conf			Object conf
+ * @return	void
+ */
+function migrate_usergroup_rights_entity($db,$langs,$conf)
+{
+	print '<tr><td colspan="4">';
+
+	print '<b>'.$langs->trans('MigrationUserGroupRightsEntity')."</b><br>\n";
+
+	$error = 0;
+
+	dolibarr_install_syslog("upgrade2::migrate_usergroup_rights_entity");
+
+	$db->begin();
+
+	$sqlSelect = "SELECT u.rowid, u.entity";
+	$sqlSelect.= " FROM ".MAIN_DB_PREFIX."usergroup as u";
+	$sqlSelect.= " WHERE u.entity > 1";
+	//print $sqlSelect;
+
+	$resql = $db->query($sqlSelect);
+	if ($resql)
+	{
+		$i = 0;
+		$num = $db->num_rows($resql);
+
+		if ($num)
+		{
+			while ($i < $num)
+			{
+				$obj = $db->fetch_object($resql);
+
+				$sqlUpdate = "UPDATE ".MAIN_DB_PREFIX."usergroup_rights SET";
+				$sqlUpdate.= " entity = " . $obj->entity;
+				$sqlUpdate.= " WHERE fk_usergroup = " . $obj->rowid;
+
+				$result=$db->query($sqlUpdate);
+				if (! $result)
+				{
+					$error++;
+					dol_print_error($db);
+				}
+
+				print ". ";
+				$i++;
+			}
+		}
+		else
+		{
+			print $langs->trans('AlreadyDone')."<br>\n";
+		}
+
+		if (! $error)
+		{
+			$db->commit();
+		}
+		else
+		{
+			$db->rollback();
+		}
+	}
+	else
+	{
+		dol_print_error($db);
+		$db->rollback();
+	}
+
+
+	print '</td></tr>';
+}
+
 /**
  * Migration directory
  *
diff --git a/htdocs/langs/en_US/companies.lang b/htdocs/langs/en_US/companies.lang
index 18ec6bf8d85..7d2b878c5cc 100644
--- a/htdocs/langs/en_US/companies.lang
+++ b/htdocs/langs/en_US/companies.lang
@@ -75,8 +75,8 @@ Town=City
 Web=Web
 Poste= Position
 DefaultLang=Language by default
-VATIsUsed=VAT is used
-VATIsNotUsed=VAT is not used
+VATIsUsed=Sales tax is used
+VATIsNotUsed=Sales tax is not used
 CopyAddressFromSoc=Fill address with third party address
 ThirdpartyNotCustomerNotSupplierSoNoRef=Thirdparty neither customer nor supplier, no available refering objects
 PaymentBankAccount=Payment bank account
@@ -239,7 +239,7 @@ ProfId3TN=Prof Id 3 (Douane code)
 ProfId4TN=Prof Id 4 (BAN)
 ProfId5TN=-
 ProfId6TN=-
-ProfId1US=Prof Id
+ProfId1US=Prof Id (FEIN)
 ProfId2US=-
 ProfId3US=-
 ProfId4US=-
@@ -255,8 +255,8 @@ ProfId1DZ=RC
 ProfId2DZ=Art.
 ProfId3DZ=NIF
 ProfId4DZ=NIS
-VATIntra=VAT number
-VATIntraShort=VAT number
+VATIntra=Sales tax ID
+VATIntraShort=Tax ID
 VATIntraSyntaxIsValid=Syntax is valid
 ProspectCustomer=Prospect / Customer
 Prospect=Prospect
diff --git a/htdocs/langs/en_US/install.lang b/htdocs/langs/en_US/install.lang
index 87ef7d79b13..27a2edd1fda 100644
--- a/htdocs/langs/en_US/install.lang
+++ b/htdocs/langs/en_US/install.lang
@@ -196,6 +196,8 @@ MigrationEvents=Migration of events to add event owner into assignement table
 MigrationEventsContact=Migration of events to add event contact into assignement table
 MigrationRemiseEntity=Update entity field value of llx_societe_remise
 MigrationRemiseExceptEntity=Update entity field value of llx_societe_remise_except
+MigrationUserRightsEntity=Update entity field value of llx_user_rights
+MigrationUserGroupRightsEntity=Update entity field value of llx_usergroup_rights
 MigrationReloadModule=Reload module %s
 MigrationResetBlockedLog=Reset module BlockedLog for v7 algorithm
 ShowNotAvailableOptions=Show not available options
diff --git a/htdocs/langs/en_US/website.lang b/htdocs/langs/en_US/website.lang
index c7cdd65ff4e..d0ab703e6d4 100644
--- a/htdocs/langs/en_US/website.lang
+++ b/htdocs/langs/en_US/website.lang
@@ -55,7 +55,7 @@ OrEnterPageInfoManually=Or create empty page from scratch...
 FetchAndCreate=Fetch and Create
 ExportSite=Export site
 IDOfPage=Id of page
-Banner=Bandeau
+Banner=Banner
 BlogPost=Blog post
 WebsiteAccount=Web site account
 WebsiteAccounts=Web site accounts
@@ -65,4 +65,6 @@ DisableSiteFirst=Disable website first
 MyContainerTitle=My web site title
 AnotherContainer=Another container
 WEBSITE_USE_WEBSITE_ACCOUNTS=Enable the web site account table
-WEBSITE_USE_WEBSITE_ACCOUNTSTooltip=Enable the table to store web site accounts (login/pass) for each website / thirdparty
\ No newline at end of file
+WEBSITE_USE_WEBSITE_ACCOUNTSTooltip=Enable the table to store web site accounts (login/pass) for each website / thirdparty
+OnlyEditionOfSourceForGrabbedContentFuture=Note: only edition of HTML source will be possible when a page content is intiliazed by grabbing it from an external page (WYSIWYG editor will not be available)
+OnlyEditionOfSourceForGrabbedContent=Only edition of HTML source is possible when content was grabber from an external site
diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php
index e6439031146..73d867e7141 100644
--- a/htdocs/product/class/product.class.php
+++ b/htdocs/product/class/product.class.php
@@ -4095,9 +4095,11 @@ class Product extends CommonObject
 	 * 	@param		int		$maxHeight		Max height of original image when size='small' (so we can use original even if small requested). If 0, always use 'small' thumb image.
 	 * 	@param		int		$maxWidth		Max width of original image when size='small'
 	 *  @param      int     $nolink         Do not add a href link to view enlarged imaged into a new tab
+	 *  @param      int     $notitle         Do not add title tag on image
+	 *  @param		int		$usesharelink	Use the public shared link of image (if not available, the 'nophoto' image will be shown instead)
 	 *  @return     string					Html code to show photo. Number of photos shown is saved in this->nbphoto
 	 */
-	function show_photos($sdir,$size=0,$nbmax=0,$nbbyrow=5,$showfilename=0,$showaction=0,$maxHeight=120,$maxWidth=160,$nolink=0)
+	function show_photos($sdir,$size=0,$nbmax=0,$nbbyrow=5,$showfilename=0,$showaction=0,$maxHeight=120,$maxWidth=160,$nolink=0,$notitle=0,$usesharelink=0)
 	{
 		global $conf,$user,$langs;
 
@@ -4196,15 +4198,39 @@ class Product extends CommonObject
 						// Si fichier vignette disponible et image source trop grande, on utilise la vignette, sinon on utilise photo origine
 						$alt=$langs->transnoentitiesnoconv('File').': '.$relativefile;
 						$alt.=' - '.$langs->transnoentitiesnoconv('Size').': '.$imgarray['width'].'x'.$imgarray['height'];
+						if ($notitle) $alt='';
 
-						if (empty($maxHeight) || $photo_vignette && $imgarray['height'] > $maxHeight)
+						if ($usesharelink)
 						{
-							$return.= '<!-- Show thumb -->';
-							$return.= '<img class="photo photowithmargin" border="0" height="'.$maxHeight.'" src="'.DOL_URL_ROOT.'/viewimage.php?modulepart=product&entity='.$this->entity.'&file='.urlencode($pdirthumb.$photo_vignette).'" title="'.dol_escape_htmltag($alt).'">';
+							if ($val['share'])
+							{
+								if (empty($maxHeight) || $photo_vignette && $imgarray['height'] > $maxHeight)
+								{
+									$return.= '<!-- Show original file (thumb not yet available with shared links) -->';
+									$return.= '<img class="photo photowithmargin" border="0" height="'.$maxHeight.'" src="'.DOL_URL_ROOT.'/viewimage.php?hashp='.urlencode($val['share']).'" title="'.dol_escape_htmltag($alt).'">';
+								}
+								else {
+									$return.= '<!-- Show original file -->';
+									$return.= '<img class="photo photowithmargin" border="0" height="'.$maxHeight.'" src="'.DOL_URL_ROOT.'/viewimage.php?hashp='.urlencode($val['share']).'" title="'.dol_escape_htmltag($alt).'">';
+								}
+							}
+							else
+							{
+								$return.= '<!-- Show nophoto file (because file is not shared) -->';
+								$return.= '<img class="photo photowithmargin" border="0" height="'.$maxHeight.'" src="'.DOL_URL_ROOT.'/public/theme/common/nophoto.png" title="'.dol_escape_htmltag($alt).'">';
+							}
 						}
-						else {
-							$return.= '<!-- Show original file -->';
-							$return.= '<img class="photo photowithmargin" border="0" height="'.$maxHeight.'" src="'.DOL_URL_ROOT.'/viewimage.php?modulepart=product&entity='.$this->entity.'&file='.urlencode($pdir.$photo).'" title="'.dol_escape_htmltag($alt).'">';
+						else
+						{
+							if (empty($maxHeight) || $photo_vignette && $imgarray['height'] > $maxHeight)
+							{
+								$return.= '<!-- Show thumb -->';
+								$return.= '<img class="photo photowithmargin" border="0" height="'.$maxHeight.'" src="'.DOL_URL_ROOT.'/viewimage.php?modulepart=product&entity='.$this->entity.'&file='.urlencode($pdirthumb.$photo_vignette).'" title="'.dol_escape_htmltag($alt).'">';
+							}
+							else {
+								$return.= '<!-- Show original file -->';
+								$return.= '<img class="photo photowithmargin" border="0" height="'.$maxHeight.'" src="'.DOL_URL_ROOT.'/viewimage.php?modulepart=product&entity='.$this->entity.'&file='.urlencode($pdir.$photo).'" title="'.dol_escape_htmltag($alt).'">';
+							}
 						}
 
 						if (empty($nolink)) $return.= '</a>';
diff --git a/htdocs/product/fournisseurs.php b/htdocs/product/fournisseurs.php
index 21d29a8ce89..5219291e8af 100644
--- a/htdocs/product/fournisseurs.php
+++ b/htdocs/product/fournisseurs.php
@@ -63,7 +63,9 @@ if (! empty($_REQUEST['search_fourn_id']))
 $fieldvalue = (! empty($id) ? $id : (! empty($ref) ? $ref : ''));
 $fieldtype = (! empty($ref) ? 'ref' : 'rowid');
 if ($user->societe_id) $socid=$user->societe_id;
-$result=restrictedArea($user,'produit|service&fournisseur',$fieldvalue,'product&product','','',$fieldtype);
+$result=restrictedArea($user,'produit|service',$fieldvalue,'product&product','','',$fieldtype);
+
+if (empty($user->rights->fournisseur->lire)) accessforbidden();
 
 $limit = GETPOST('limit','int')?GETPOST('limit','int'):$conf->liste_limit;
 $sortfield = GETPOST("sortfield",'alpha');
diff --git a/htdocs/product/list.php b/htdocs/product/list.php
index 257d3344ba5..fb9b9672015 100644
--- a/htdocs/product/list.php
+++ b/htdocs/product/list.php
@@ -716,7 +716,7 @@ else
 				// Ref
 				if (! empty($arrayfields['p.ref']['checked']))
 				{
-					print '<td class="tdoverflowmax150">';
+					print '<td class="tdoverflowmax200">';
 					print $product_static->getNomUrl(1);
 					print "</td>\n";
 					if (! $i) $totalarray['nbfield']++;
@@ -724,7 +724,7 @@ else
 	   			// Ref supplier
 				if (! empty($arrayfields['pfp.ref_fourn']['checked']))
 				{
-					print '<td class="tdoverflowmax150">';
+					print '<td class="tdoverflowmax200">';
 					print $product_static->getNomUrl(1);
 					print "</td>\n";
 					if (! $i) $totalarray['nbfield']++;
diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php
index fa3fdc6b18e..b304f65f986 100644
--- a/htdocs/societe/card.php
+++ b/htdocs/societe/card.php
@@ -1230,7 +1230,7 @@ else
         print '<td class="nowrap">';
         $s = '<input type="text" class="flat maxwidthonsmartphone" name="tva_intra" id="intra_vat" maxlength="20" value="'.$object->tva_intra.'">';
 
-        if (empty($conf->global->MAIN_DISABLEVATCHECK))
+        if (empty($conf->global->MAIN_DISABLEVATCHECK) && isInEEC($object))
         {
             $s.=' ';
 
@@ -1849,7 +1849,7 @@ else
             print '<td colspan="3">';
             $s ='<input type="text" class="flat maxwidthonsmartphone" name="tva_intra" id="intra_vat" maxlength="20" value="'.$object->tva_intra.'">';
 
-            if (empty($conf->global->MAIN_DISABLEVATCHECK))
+            if (empty($conf->global->MAIN_DISABLEVATCHECK) && isInEEC($object))
             {
                 $s.=' &nbsp; ';
 
diff --git a/htdocs/viewimage.php b/htdocs/viewimage.php
index 3f7ddbcd1cb..3e2b59ae404 100644
--- a/htdocs/viewimage.php
+++ b/htdocs/viewimage.php
@@ -20,8 +20,10 @@
 
 /**
  *		\file       htdocs/viewimage.php
- *		\brief      Wrapper to show images into Dolibarr screens
- *      \remarks    Call to wrapper is '<img src="'.DOL_URL_ROOT.'/viewimage.php?modulepart=diroffile&file=relativepathofofile&cache=0">'
+ *		\brief      Wrapper to show images into Dolibarr screens.
+ *		\remarks    Call to wrapper is :
+ *					DOL_URL_ROOT.'/viewimage.php?modulepart=diroffile&file=relativepathofofile&cache=0
+ *					DOL_URL_ROOT.'/viewimage.php?hashp=sharekey
  */
 
 //if (! defined('NOREQUIREUSER'))	define('NOREQUIREUSER','1');	// Not disabled cause need to load personalized language
@@ -35,7 +37,16 @@ if (! defined('NOREQUIREHTML'))		define('NOREQUIREHTML','1');
 if (! defined('NOREQUIREAJAX'))		define('NOREQUIREAJAX','1');
 if (! defined('NOREQUIREHOOK'))		define('NOREQUIREHOOK','1');	// Disable "main.inc.php" hooks
 // Some value of modulepart can be used to get resources that are public so no login are required.
-if ((isset($_GET["modulepart"]) && ($_GET["modulepart"] == 'mycompany' || $_GET["modulepart"] == 'companylogo')) && ! defined("NOLOGIN")) define("NOLOGIN",'1');
+if ((isset($_GET["modulepart"]) && ($_GET["modulepart"] == 'mycompany' || $_GET["modulepart"] == 'companylogo')) && ! defined("NOLOGIN"))
+{
+	define("NOLOGIN",'1');
+}
+// For direct external download link, we don't need to load/check we are into a login session
+if (isset($_GET["hashp"]) && ! defined("NOLOGIN"))
+{
+	define("NOLOGIN",1);
+}
+// Some value of modulepart can be used to get resources that are public so no login are required.
 if ((isset($_GET["modulepart"]) && $_GET["modulepart"] == 'medias') && ! defined("NOLOGIN"))
 {
 	define("NOLOGIN",'1');
@@ -57,18 +68,20 @@ function llxHeader() { }
  */
 function llxFooter() { }
 
-require 'main.inc.php';
+require 'main.inc.php';	// Load $user and permissions
 require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
 
 
 $action=GETPOST('action','alpha');
-$original_file=GETPOST("file",'alpha');
+$original_file=GETPOST('file','alpha');		// Do not use urldecode here ($_GET are already decoded by PHP).
+$hashp=GETPOST('hashp','aZ09');
 $modulepart=GETPOST('modulepart','alpha');
-$urlsource=GETPOST("urlsource",'alpha');
+$urlsource=GETPOST('urlsource','alpha');
 $entity=GETPOST('entity','int')?GETPOST('entity','int'):$conf->entity;
 
 // Security check
-if (empty($modulepart)) accessforbidden('Bad value for parameter modulepart');
+if (empty($modulepart) && empty($hashp)) accessforbidden('Bad link. Bad value for parameter modulepart',0,0,1);
+if (empty($original_file) && empty($hashp)) accessforbidden('Bad link. Missing identification to find file (original_file or hashp)',0,0,1);
 if ($modulepart == 'fckeditor') $modulepart='medias';   // For backward compatibility
 
 
@@ -97,9 +110,45 @@ if (GETPOST("cache",'alpha'))
     //print $dolibarr_nocache; exit;
 }
 
+// If we have a hash public (hashp), we guess the original_file.
+if (! empty($hashp))
+{
+	include_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmfiles.class.php';
+	$ecmfile=new EcmFiles($db);
+	$result = $ecmfile->fetch(0, '', '', '', $hashp);
+	if ($result > 0)
+	{
+		$tmp = explode('/', $ecmfile->filepath, 2);		// $ecmfile->filepath is relative to document directory
+		$moduleparttocheck = $tmp[0];
+		if ($modulepart)	// Not required for link using public hashp
+		{
+			if ($moduleparttocheck == $modulepart)
+			{
+				// We remove first level of directory
+				$original_file = (($tmp[1]?$tmp[1].'/':'').$ecmfile->filename);		// this is relative to module dir
+				//var_dump($original_file); exit;
+			}
+			else
+			{
+				accessforbidden('Bad link. File is from another module part.',0,0,1);
+			}
+		}
+		else
+		{
+			$modulepart = $moduleparttocheck;
+			$original_file = (($tmp[1]?$tmp[1].'/':'').$ecmfile->filename);		// this is relative to module dir
+		}
+	}
+	else
+	{
+		$langs->load("errors");
+		accessforbidden($langs->trans("ErrorFileNotFoundWithSharedLink"),0,0,1);
+	}
+}
+
 // Define mime type
 $type = 'application/octet-stream';
-if (! empty($_GET["type"])) $type=$_GET["type"];
+if (GETPOST('type','alpha')) $type=GETPOST('type','alpha');
 else $type=dol_mimetype($original_file);
 
 // Security: Delete string ../ into $original_file
@@ -110,16 +159,49 @@ $refname=basename(dirname($original_file)."/");
 
 // Security check
 if (empty($modulepart)) accessforbidden('Bad value for parameter modulepart');
-$check_access = dol_check_secure_access_document($modulepart,$original_file,$entity,$refname);
+
+$check_access = dol_check_secure_access_document($modulepart, $original_file, $entity, $refname);
 $accessallowed              = $check_access['accessallowed'];
 $sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals'];
-$fullpath_original_file     = $check_access['original_file'];
+$fullpath_original_file     = $check_access['original_file'];               // $fullpath_original_file is now a full path name
+
+if (! empty($hashp))
+{
+	$accessallowed = 1;					// When using hashp, link is public so we force $accessallowed
+	$sqlprotectagainstexternals = '';
+}
+else
+{
+	// Basic protection (against external users only)
+	if ($user->societe_id > 0)
+	{
+		if ($sqlprotectagainstexternals)
+		{
+			$resql = $db->query($sqlprotectagainstexternals);
+			if ($resql)
+			{
+				$num=$db->num_rows($resql);
+				$i=0;
+				while ($i < $num)
+				{
+					$obj = $db->fetch_object($resql);
+					if ($user->societe_id != $obj->fk_soc)
+					{
+						$accessallowed=0;
+						break;
+					}
+					$i++;
+				}
+			}
+		}
+	}
+}
 
 // Security:
 // Limit access if permissions are wrong
 if (! $accessallowed)
 {
-    accessforbidden();
+	accessforbidden();
 }
 
 // Security:
@@ -128,7 +210,7 @@ if (preg_match('/\.\./',$fullpath_original_file) || preg_match('/[<>|]/',$fullpa
 {
 	dol_syslog("Refused to deliver file ".$fullpath_original_file);
 	print "ErrorFileNameInvalid: ".$original_file;
-    exit;
+	exit;
 }
 
 
@@ -174,8 +256,10 @@ else					// Open and return file
 {
     clearstatcache();
 
+    $filename = basename($fullpath_original_file);
+
     // Output files on browser
-    dol_syslog("viewimage.php return file $fullpath_original_file content-type=$type");
+    dol_syslog("viewimage.php return file $fullpath_original_file filename=$filename content-type=$type");
 
     // This test is to avoid error images when image is not available (for example thumbs).
     if (! dol_is_file($fullpath_original_file) && empty($_GET["noalt"]))
@@ -186,7 +270,7 @@ else					// Open and return file
         exit;*/
     }
 
-    // Les drois sont ok et fichier trouve
+    // Permissions are ok and file found, so we return it
     if ($type)
     {
         top_httphead($type);
diff --git a/htdocs/website/class/websitepage.class.php b/htdocs/website/class/websitepage.class.php
index 51c737673a0..408f5d194ae 100644
--- a/htdocs/website/class/websitepage.class.php
+++ b/htdocs/website/class/websitepage.class.php
@@ -59,10 +59,12 @@ class WebsitePage extends CommonObject
 	public $keywords;
 	public $htmlheader;
 	public $content;
+	public $grabbed_from;
 	public $status;
 	public $date_creation;
 	public $date_modification;
 
+
 	// BEGIN MODULEBUILDER PROPERTIES
 	/**
      * @var array  Array with all fields and their property. Do not use it as a static var. It may be modified by constructor.
diff --git a/htdocs/website/index.php b/htdocs/website/index.php
index 6f515568bc2..f57d28a2acb 100644
--- a/htdocs/website/index.php
+++ b/htdocs/website/index.php
@@ -1476,6 +1476,12 @@ if (count($object->records) > 0)
 		//print '<input type="submit" class="button" name="refreshpage" value="'.$langs->trans("Load").'"'.($atleastonepage?'':' disabled="disabled"').'>';
 		print '<input type="image" class="valignbottom" src="'.img_picto('', 'refresh', '', 0, 1).'" name="refreshpage" value="'.$langs->trans("Load").'"'.($atleastonepage?'':' disabled="disabled"').'>';
 
+		$websitepage = new WebSitePage($db);
+		if ($pageid > 0 && ($action == 'preview' || $action == 'createfromclone' || $action == 'createpagefromclone'))
+		{
+			$websitepage->fetch($pageid);
+		}
+
 		if ($action == 'preview' || $action == 'createfromclone' || $action == 'createpagefromclone')
 		{
 			$disabled='';
@@ -1516,7 +1522,15 @@ if (count($object->records) > 0)
 				print ' &nbsp; ';
 
 				print '<input type="submit" class="button nobordertransp"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("EditPageMeta")).'" name="editmeta">';
-				print '<input type="submit" class="button nobordertransp"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("EditWithEditor")).'" name="editcontent">';
+				if ($websitepage->grabbed_from)
+				{
+					print '<input type="submit" class="button nobordertransp" disabled="disabled" title="'.dol_escape_htmltag($langs->trans("OnlyEditionOfSourceForGrabbedContent")).'" value="'.dol_escape_htmltag($langs->trans("EditWithEditor")).'" name="editcontent">';
+				}
+				else
+				{
+					print '<input type="submit" class="button nobordertransp"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("EditWithEditor")).'" name="editcontent">';
+				}
+
 				print '<input type="submit" class="button nobordertransp"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("EditHTMLSource")).'" name="editsource">';
 				if ($object->fk_default_home > 0 && $pageid == $object->fk_default_home) print '<input type="submit" class="button nobordertransp" disabled="disabled" value="'.dol_escape_htmltag($langs->trans("SetAsHomePage")).'" name="setashome">';
 				else print '<input type="submit" class="button nobordertransp"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("SetAsHomePage")).'" name="setashome">';
@@ -1529,11 +1543,8 @@ if (count($object->records) > 0)
 
 		print '<div class="websitetools">';
 
-		if ($website && $pageid > 0 && ($action == 'preview' || $action == 'createfromclone' || $action == 'createpagefromclone'))
+		if ($pageid > 0 && ($action == 'preview' || $action == 'createfromclone' || $action == 'createpagefromclone'))
 		{
-			$websitepage = new WebSitePage($db);
-			$websitepage->fetch($pageid);
-
 			$realpage=$urlwithroot.'/public/website/index.php?website='.$website.'&pageref='.$websitepage->pageurl;
 			$pagealias = $websitepage->pageurl;
 
@@ -1894,8 +1905,9 @@ if ($action == 'editmeta' || $action == 'createcontainer')
 			print '<tr><td class="titlefield">';
 			print $langs->trans("URL");
 			print '</td><td>';
-			print '<input class="flat minwidth300" type="text" name="externalurl" value="'.dol_escape_htmltag(GETPOST('externalurl','alpha')).'" placeholder="http://externalsite/pagetofetch"> ';
+			print '<input class="flat minwidth300" type="text" name="externalurl" value="'.dol_escape_htmltag(GETPOST('externalurl','alpha')).'" placeholder="https://externalsite/pagetofetch"> ';
 			print '<input class="button" type="submit" name="fetchexternalurl" value="'.dol_escape_htmltag($langs->trans("FetchAndCreate")).'">';
+			print '<br><br>'.info_admin($langs->trans("OnlyEditionOfSourceForGrabbedContentFuture"), 0, 0, '1');
 			print '</td></tr>';
 			print '</table>';
 
diff --git a/test/phpunit/CodingPhpTest.php b/test/phpunit/CodingPhpTest.php
index 2e4deb372eb..6c3a1bda329 100644
--- a/test/phpunit/CodingPhpTest.php
+++ b/test/phpunit/CodingPhpTest.php
@@ -196,10 +196,10 @@ class CodingPhpTest extends PHPUnit_Framework_TestCase
             $ok=true;
             $matches=array();
             // Check string   ='".$this->xxx   with xxx that is not 'escape'. It means we forget a db->escape when forging sql request.
-            preg_match_all('/(...................)\$_SERVER\[\'QUERY_STRING\'\]/', $filecontent, $matches, PREG_SET_ORDER);
+            preg_match_all('/(..............)\$_SERVER\[\'QUERY_STRING\'\]/', $filecontent, $matches, PREG_SET_ORDER);
             foreach($matches as $key => $val)
             {
-                if ($val[1] != 'dol_escape_htmltag(' && $val[1] != 'l_string_nohtmltag(')
+            	if ($val[1] != 'scape_htmltag(' && $val[1] != 'ing_nohtmltag(' && $val[1] != 'dol_escape_js(')
                 {
                     $ok=false;
                     break;