diff --git a/build/exe/doliwamp/config.inc.php.install b/build/exe/doliwamp/config.inc.php.install
index 19a3d36a45e..6ad04752766 100644
--- a/build/exe/doliwamp/config.inc.php.install
+++ b/build/exe/doliwamp/config.inc.php.install
@@ -542,7 +542,7 @@ $cfg['ThemePerServer']      = FALSE;         // allow diferent theme for each co
  * %f will be replaced by a list of field names.
  * (%t and %f only applies to DefaultQueryTable)
  */
-$cfg['DefaultQueryTable']    = 'SELECT * FROM %t WHERE 1';
+$cfg['DefaultQueryTable']    = 'SELECT * FROM %t WHERE 1 = 1';
 $cfg['DefaultQueryDatabase'] = '';
 
 /**
diff --git a/htdocs/admin/mails_templates.php b/htdocs/admin/mails_templates.php
index 615dd7041e3..48d8c11d604 100644
--- a/htdocs/admin/mails_templates.php
+++ b/htdocs/admin/mails_templates.php
@@ -289,14 +289,13 @@ if (empty($reshook)) {
 			}
 		}
 
-		// Si verif ok et action add, on ajoute la ligne
-		if ($ok && GETPOST('actionadd'))
-		{
+		// If previous test is ok action is add, we add the line
+		if ($ok && GETPOST('actionadd')) {
 			// Add new entry
 			$sql = "INSERT INTO ".$tabname[$id]." (";
 			// List of fields
 			$sql .= $tabfieldinsert[$id];
-			$sql .= ",active)";
+            $sql .= ", active, enabled)";
 			$sql .= " VALUES(";
 
 			// List of values
@@ -332,7 +331,7 @@ if (empty($reshook)) {
 				}
 				$i++;
 			}
-			$sql .= ", 1)";
+			$sql .= ", 1, 1)";
 
 			dol_syslog("actionadd", LOG_DEBUG);
 			$result = $db->query($sql);
diff --git a/htdocs/compta/bank/class/account.class.php b/htdocs/compta/bank/class/account.class.php
index 0002dbcb8ed..75738abc3d4 100644
--- a/htdocs/compta/bank/class/account.class.php
+++ b/htdocs/compta/bank/class/account.class.php
@@ -1676,6 +1676,28 @@ class Account extends CommonObject
 		$this->owner_address   = 'Owner address';
 		$this->country_id      = 1;
 	}
+
+	/**
+	 * Function used to replace a thirdparty id with another one.
+	 *
+	 * @param DoliDB 	$db 			Database handler
+	 * @param int 		$origin_id 		Old thirdparty id
+	 * @param int 		$dest_id 		New thirdparty id
+	 * @return bool
+	 */
+	public static function replaceThirdparty($db, $origin_id, $dest_id)
+	{
+		$sql = "UPDATE ".MAIN_DB_PREFIX."bank_url SET url_id = ".((int) $dest_id)." WHERE url_id = ".((int) $origin_id)." AND type='company'";
+
+		if (!$db->query($sql))
+		{
+			//if ($ignoreerrors) return true; // TODO Not enough. If there is A-B on kept thirdarty and B-C on old one, we must get A-B-C after merge. Not A-B.
+			//$this->errors = $db->lasterror();
+			return false;
+		} else {
+			return true;
+		}
+	}
 }
 
 
diff --git a/htdocs/core/actions_linkedfiles.inc.php b/htdocs/core/actions_linkedfiles.inc.php
index b0671bbf555..73b80a47973 100644
--- a/htdocs/core/actions_linkedfiles.inc.php
+++ b/htdocs/core/actions_linkedfiles.inc.php
@@ -68,7 +68,7 @@ if (GETPOST('sendit', 'alpha') && !empty($conf->global->MAIN_UPLOAD_DOC))
 	$link = GETPOST('link', 'alpha');
 	if ($link)
 	{
-		if (substr($link, 0, 7) != 'http://' && substr($link, 0, 8) != 'https://' && substr($link, 0, 7) != 'file://') {
+		if (substr($link, 0, 7) != 'http://' && substr($link, 0, 8) != 'https://' && substr($link, 0, 7) != 'file://' && substr($link, 0, 7) != 'davs://') {
 			$link = 'http://'.$link;
 		}
 		dol_add_file_process($upload_dir, 0, 1, 'userfile', null, $link, '', 0);
diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php
index 0ca49a49ff2..3adb6265564 100644
--- a/htdocs/core/class/html.formfile.class.php
+++ b/htdocs/core/class/html.formfile.class.php
@@ -1870,7 +1870,7 @@ class FormFile
 				print '<td class="center">'.dol_print_date($link->datea, "dayhour", "tzuser").'</td>';
 				print '<td class="center"></td>';
 				print '<td class="right">';
-				print '<a href="'.$_SERVER['PHP_SELF'].'?action=update&linkid='.$link->id.$param.'" class="editfilelink editfielda reposition" >'.img_edit().'</a>'; // id= is included into $param
+				print '<a href="'.$_SERVER['PHP_SELF'].'?action=update&linkid='.$link->id.$param.'&token='.newToken().'" class="editfilelink editfielda reposition" >'.img_edit().'</a>'; // id= is included into $param
 				if ($permissiontodelete) {
 					print ' &nbsp; <a class="deletefilelink" href="'.$_SERVER['PHP_SELF'].'?action=delete&token='.newToken().'&linkid='.$link->id.$param.'">'.img_delete().'</a>'; // id= is included into $param
 				} else {
diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index 766ee1b71a8..6aff92904ad 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -8457,7 +8457,7 @@ function getDictvalue($tablename, $field, $id, $checkentity = false, $rowidfield
 	if (!isset($dictvalues[$tablename]))
 	{
 		$dictvalues[$tablename] = array();
-		$sql = 'SELECT * FROM '.$tablename.' WHERE 1'; // Here select * is allowed as it is generic code and we don't have list of fields
+		$sql = 'SELECT * FROM '.$tablename.' WHERE 1 = 1'; // Here select * is allowed as it is generic code and we don't have list of fields
 		if ($checkentity) $sql .= ' AND entity IN (0,'.getEntity($tablename).')';
 
 		$resql = $db->query($sql);
diff --git a/htdocs/install/mysql/migration/12.0.0-13.0.0.sql b/htdocs/install/mysql/migration/12.0.0-13.0.0.sql
index bfa8bf01b39..81471e18e4c 100644
--- a/htdocs/install/mysql/migration/12.0.0-13.0.0.sql
+++ b/htdocs/install/mysql/migration/12.0.0-13.0.0.sql
@@ -583,4 +583,5 @@ insert into llx_c_actioncomm (id, code, type, libelle, module, active, position)
 -- VMYSQL4.3 ALTER TABLE llx_accounting_bookkeeping MODIFY COLUMN montant double(24,8) NULL;
 -- VPGSQL8.2 ALTER TABLE llx_accounting_bookkeeping ALTER COLUMN montant DROP NOT NULL;
 
+ALTER TABLE llx_export_model MODIFY COLUMN type varchar(64);
 
diff --git a/htdocs/install/mysql/tables/llx_export_model.sql b/htdocs/install/mysql/tables/llx_export_model.sql
index 53952430c14..7e68eab4ad5 100644
--- a/htdocs/install/mysql/tables/llx_export_model.sql
+++ b/htdocs/install/mysql/tables/llx_export_model.sql
@@ -24,7 +24,7 @@ create table llx_export_model
   	rowid		integer AUTO_INCREMENT PRIMARY KEY,
 	fk_user		integer DEFAULT 0 NOT NULL,
   	label		varchar(50) NOT NULL,
-  	type		varchar(20) NOT NULL,
+  	type		varchar(64) NOT NULL,
   	field		text NOT NULL,
   	filter		text
   	
diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php
index 66b5f68564e..1fbb1ad6082 100644
--- a/htdocs/societe/card.php
+++ b/htdocs/societe/card.php
@@ -254,7 +254,8 @@ if (empty($reshook))
 						'Product' => '/product/class/product.class.php',
 						'Project' => '/projet/class/project.class.php',
 						'Ticket' => '/ticket/class/ticket.class.php',
-						'User' => '/user/class/user.class.php'
+						'User' => '/user/class/user.class.php',
+						'Account' => '/compta/bank/class/account.class.php',
 					);
 
 					//First, all core objects must update their tables
diff --git a/htdocs/societe/consumption.php b/htdocs/societe/consumption.php
index 33e483ee757..d3c1d2716df 100644
--- a/htdocs/societe/consumption.php
+++ b/htdocs/societe/consumption.php
@@ -318,7 +318,7 @@ if (!empty($sql_select))
 	if ($sref) $sql .= " AND ".$doc_number." LIKE '%".$db->escape($sref)."%'";
 	if ($sprod_fulldescr)
 	{
-		$sql .= " AND (d.description LIKE '%".$db->escape($sprod_fulldescr)."%'";
+	    $sql .= " AND (d.description LIKE '%".$db->escape($sprod_fulldescr)."%' OR d.description LIKE '%".$db->escape(dol_htmlentities($sprod_fulldescr))."%'";
 		if (GETPOST('type_element') != 'fichinter') $sql .= " OR p.ref LIKE '%".$db->escape($sprod_fulldescr)."%'";
 		if (GETPOST('type_element') != 'fichinter') $sql .= " OR p.label LIKE '%".$db->escape($sprod_fulldescr)."%'";
 		$sql .= ")";
diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php
index 241057047e5..df60c0f2fc9 100644
--- a/htdocs/user/class/user.class.php
+++ b/htdocs/user/class/user.class.php
@@ -3425,7 +3425,7 @@ class User extends CommonObject
 				$sql .= " WHERE t.entity IN (".getEntity('user').")";
 			}
 		} else {
-			$sql .= " WHERE 1";
+			$sql .= " WHERE 1 = 1";
 		}
 
 		// Manage filter