Merge remote-tracking branch 'Dolibarr/14.0' into 14

2021-07-06 20:17:39 +02:00 · 2021-07-06 20:17:39 +02:00 · 9d98164558
commit 9d98164558
parent a4c9fba6cb f761a2d3b8
82 changed files with 792 additions and 491 deletions
--- a/htdocs/accountancy/admin/index.php
+++ b/htdocs/accountancy/admin/index.php
@ -259,7 +259,7 @@ llxHeader('', $title);

 $linkback = '';
 //$linkback = '<a href="' . DOL_URL_ROOT . '/admin/modules.php?restore_lastsearch_values=1">' . $langs->trans("BackToModuleList") . '</a>';
-print load_fiche_titre($langs->trans('ConfigAccountingExpert'), $linkback, 'accountancy');
+print load_fiche_titre($title, $linkback, 'accountancy');

 print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
 print '<input type="hidden" name="token" value="'.newToken().'">';
--- a/htdocs/admin/accounting.php
+++ b/htdocs/admin/accounting.php
@ -1,5 +1,5 @@
 <?php
-/* Copyright (C) 2018       Alexandre Spangaro      <aspangaro@open-dsi.fr>
+/* Copyright (C) 2018-2021	Alexandre Spangaro      <aspangaro@open-dsi.fr>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@ -18,7 +18,7 @@
 /**
 *	\file       htdocs/admin/accounting.php
 *	\ingroup    accounting
- *	\brief      Setup page to configure accountanting module
+ *	\brief      Setup page to configure accounting module
 */

 require '../main.inc.php';
@ -32,7 +32,7 @@ $action = GETPOST('action', 'aZ09');
 $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'adminaccoutant'; // To manage different context of search

 // Load translation files required by the page
-$langs->loadLangs(array('admin', 'companies'));
+$langs->loadLangs(array('admin', 'companies', 'accountancy'));

 if (!$user->admin) {
 	accessforbidden();
@ -52,12 +52,13 @@ $error = 0;
 * View
 */

+$title = $langs->trans("ConfigAccountingExpert");
 $help_url = '';
-llxHeader('', $langs->trans("ConfigAccountingExpert"), $help_url);
+llxHeader('', $title, $help_url);

 $linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';

-print load_fiche_titre($langs->trans("ConfigAccountingExpert"), $linkback, 'title_setup');
+print load_fiche_titre($title, $linkback, 'title_setup');

 print "<br>\n";
 print '<span class="opacitymedium">'.$langs->trans("AccountancySetupDoneFromAccountancyMenu", $langs->transnoentitiesnoconv("Accounting").' - '.$langs->transnoentitiesnoconv("Setup"))."</span><br>\n";
--- a/htdocs/admin/dict.php
+++ b/htdocs/admin/dict.php
@ -100,7 +100,7 @@ $hookmanager->initHooks(array('admin'));
 // Put here declaration of dictionaries properties

 // Sort order to show dictionary (0 is space). All other dictionaries (added by modules) will be at end of this.
-$taborder = array(9, 0, 4, 3, 2, 0, 1, 8, 19, 16, 39, 27, 40, 38, 0, 5, 11, 0, 6, 0, 29, 0, 33, 34, 32, 24, 28, 17, 35, 36, 0, 10, 23, 12, 13, 7, 0, 14, 0, 22, 20, 18, 21, 41, 0, 15, 30, 0, 37, 42, 0, 43, 0, 25, 0);
+$taborder = array(9, 15, 30, 0, 4, 3, 2, 0, 1, 8, 19, 16, 39, 27, 40, 38, 0, 5, 11, 0, 6, 24, 0, 29, 0, 33, 34, 32, 28, 17, 35, 36, 0, 10, 23, 12, 13, 7, 0, 14, 0, 22, 20, 18, 21, 41, 0, 37, 42, 0, 43, 0, 25, 0);

 // Name of SQL tables of dictionaries
 $tabname = array();
@ -223,7 +223,7 @@ $tabsql[24] = "SELECT rowid   as rowid, code, label, active FROM ".MAIN_DB_PREFI
 $tabsql[25] = "SELECT rowid   as rowid, code, label, active, module FROM ".MAIN_DB_PREFIX."c_type_container as t WHERE t.entity IN (".getEntity('c_type_container').")";
 //$tabsql[26]= "SELECT rowid   as rowid, code, label, short_label, active FROM ".MAIN_DB_PREFIX."c_units";
 $tabsql[27] = "SELECT id      as rowid, code, libelle, picto, active FROM ".MAIN_DB_PREFIX."c_stcomm";
-$tabsql[28] = "SELECT h.rowid as rowid, h.code, h.label, h.affect, h.delay, h.newbymonth, h.fk_country as country_id, c.code as country_code, c.label as country, h.active FROM ".MAIN_DB_PREFIX."c_holiday_types as h LEFT JOIN ".MAIN_DB_PREFIX."c_country as c ON h.fk_country=c.rowid";
+$tabsql[28] = "SELECT h.rowid as rowid, h.code, h.label, h.affect, h.delay, h.newByMonth, h.fk_country as country_id, c.code as country_code, c.label as country, h.active FROM ".MAIN_DB_PREFIX."c_holiday_types as h LEFT JOIN ".MAIN_DB_PREFIX."c_country as c ON h.fk_country=c.rowid";
 $tabsql[29] = "SELECT rowid   as rowid, code, label, percent, position, active FROM ".MAIN_DB_PREFIX."c_lead_status";
 $tabsql[30] = "SELECT rowid, code, name, paper_size, orientation, metric, leftmargin, topmargin, nx, ny, spacex, spacey, width, height, font_size, custom_x, custom_y, active FROM ".MAIN_DB_PREFIX."c_format_cards";
 //$tabsql[31]= "SELECT s.rowid as rowid, pcg_version, s.label, s.active FROM ".MAIN_DB_PREFIX."accounting_system as s";
@ -315,7 +315,7 @@ $tabfield[24] = "code,label";
 $tabfield[25] = "code,label";
 //$tabfield[26]= "code,label,short_label";
 $tabfield[27] = "code,libelle,picto";
-$tabfield[28] = "code,label,affect,delay,newbymonth,country_id,country";
+$tabfield[28] = "code,label,affect,delay,newByMonth,country_id,country";
 $tabfield[29] = "code,label,percent,position";
 $tabfield[30] = "code,name,paper_size,orientation,metric,leftmargin,topmargin,nx,ny,spacex,spacey,width,height,font_size,custom_x,custom_y";
 //$tabfield[31]= "pcg_version,label";
@ -361,7 +361,7 @@ $tabfieldvalue[24] = "code,label";
 $tabfieldvalue[25] = "code,label";
 //$tabfieldvalue[26]= "code,label,short_label";
 $tabfieldvalue[27] = "code,libelle,picto";
-$tabfieldvalue[28] = "code,label,affect,delay,newbymonth,country";
+$tabfieldvalue[28] = "code,label,affect,delay,newByMonth,country";
 $tabfieldvalue[29] = "code,label,percent,position";
 $tabfieldvalue[30] = "code,name,paper_size,orientation,metric,leftmargin,topmargin,nx,ny,spacex,spacey,width,height,font_size,custom_x,custom_y";
 //$tabfieldvalue[31]= "pcg_version,label";
@ -407,7 +407,7 @@ $tabfieldinsert[24] = "code,label";
 $tabfieldinsert[25] = "code,label";
 //$tabfieldinsert[26]= "code,label,short_label";
 $tabfieldinsert[27] = "code,libelle,picto";
-$tabfieldinsert[28] = "code,label,affect,delay,newbymonth,fk_country";
+$tabfieldinsert[28] = "code,label,affect,delay,newByMonth,fk_country";
 $tabfieldinsert[29] = "code,label,percent,position";
 $tabfieldinsert[30] = "code,name,paper_size,orientation,metric,leftmargin,topmargin,nx,ny,spacex,spacey,width,height,font_size,custom_x,custom_y";
 //$tabfieldinsert[31]= "pcg_version,label";
@ -548,7 +548,7 @@ $tabhelp[24] = array('code'=>$langs->trans("EnterAnyCode"));
 $tabhelp[25] = array('code'=>$langs->trans('EnterAnyCode'));
 //$tabhelp[26] = array('code'=>$langs->trans("EnterAnyCode"));
 $tabhelp[27] = array('code'=>$langs->trans("EnterAnyCode"), 'picto'=>$langs->trans("PictoHelp"));
-$tabhelp[28] = array('affect'=>$langs->trans("FollowedByACounter"), 'delay'=>$langs->trans("MinimumNoticePeriod"), 'newbymonth'=>$langs->trans("NbAddedAutomatically"));
+$tabhelp[28] = array('affect'=>$langs->trans("FollowedByACounter"), 'delay'=>$langs->trans("MinimumNoticePeriod"), 'newByMonth'=>$langs->trans("NbAddedAutomatically"));
 $tabhelp[29] = array('code'=>$langs->trans("EnterAnyCode"), 'percent'=>$langs->trans("OpportunityPercent"), 'position'=>$langs->trans("PositionIntoComboList"));
 $tabhelp[30] = array('code'=>$langs->trans("EnterAnyCode"), 'name'=>$langs->trans("LabelName"), 'paper_size'=>$langs->trans("LabelPaperSize"));
 //$tabhelp[31] = array('pcg_version'=>$langs->trans("EnterAnyCode"));
@ -568,8 +568,8 @@ $tabhelp[43] = array('code'=>$langs->trans("EnterAnyCode"));
 // Table to store complete informations (will replace all other table). Key is table name.
 $tabcomplete = array(
 	'c_forme_juridique'=>array('picto'=>'company'),
-	'c_departements'=>array('picto'=>'country'),
-	'c_regions'=>array('picto'=>'country'),
+	'c_departements'=>array('picto'=>'state'),
+	'c_regions'=>array('picto'=>'region'),
 	'c_country'=>array('picto'=>'country'),
 	'c_civility'=>array('picto'=>'contact'),
 	'c_actioncomm'=>array('picto'=>'action'),
@ -1389,7 +1389,7 @@ if ($id) {
 			if ($value == 'delay') {
 				$valuetoshow = $langs->trans("NoticePeriod");
 			}
-			if ($value == 'newbymonth') {
+			if ($value == 'newByMonth') {
 				$valuetoshow = $langs->trans("NewByMonth");
 			}
 			if ($value == 'fk_tva') {
@ -1734,7 +1734,7 @@ if ($id) {
 			if ($value == 'delay') {
 				$valuetoshow = $langs->trans("NoticePeriod");
 			}
-			if ($value == 'newbymonth') {
+			if ($value == 'newByMonth') {
 				$valuetoshow = $langs->trans("NewByMonth");
 			}
 			if ($value == 'fk_tva') {
--- a/htdocs/admin/eventorganization.php
+++ b/htdocs/admin/eventorganization.php
@ -54,12 +54,12 @@ $arrayofparameters = array(
 	'EVENTORGANIZATION_CATEG_THIRDPARTY_BOOTH'=>array('type'=>'category:'.Categorie::TYPE_CUSTOMER, 'enabled'=>1),
 	//'EVENTORGANIZATION_FILTERATTENDEES_CAT'=>array('type'=>'category:'.Categorie::TYPE_CUSTOMER, 'enabled'=>1),
 	//'EVENTORGANIZATION_FILTERATTENDEES_TYPE'=>array('type'=>'thirdparty_type:', 'enabled'=>1),
-	'EVENTORGANIZATION_TEMPLATE_EMAIL_ASK_CONF'=>array('type'=>'emailtemplate:eventorganization_send', 'enabled'=>1),
-	'EVENTORGANIZATION_TEMPLATE_EMAIL_ASK_BOOTH'=>array('type'=>'emailtemplate:eventorganization_send', 'enabled'=>1),
-	'EVENTORGANIZATION_TEMPLATE_EMAIL_AFT_SUBS_BOOTH'=>array('type'=>'emailtemplate:eventorganization_send', 'enabled'=>1),
-	'EVENTORGANIZATION_TEMPLATE_EMAIL_AFT_SUBS_EVENT'=>array('type'=>'emailtemplate:eventorganization_send', 'enabled'=>1),
-	'EVENTORGANIZATION_TEMPLATE_EMAIL_BULK_SPEAKER'=>array('type'=>'emailtemplate:eventorganization_send', 'enabled'=>1),
-	'EVENTORGANIZATION_TEMPLATE_EMAIL_BULK_ATTENDES'=>array('type'=>'emailtemplate:eventorganization_send', 'enabled'=>1),
+	'EVENTORGANIZATION_TEMPLATE_EMAIL_ASK_CONF'=>array('type'=>'emailtemplate:conferenceorbooth', 'enabled'=>1),
+	'EVENTORGANIZATION_TEMPLATE_EMAIL_ASK_BOOTH'=>array('type'=>'emailtemplate:conferenceorbooth', 'enabled'=>1),
+	'EVENTORGANIZATION_TEMPLATE_EMAIL_AFT_SUBS_BOOTH'=>array('type'=>'emailtemplate:conferenceorbooth', 'enabled'=>1),
+	'EVENTORGANIZATION_TEMPLATE_EMAIL_AFT_SUBS_EVENT'=>array('type'=>'emailtemplate:conferenceorbooth', 'enabled'=>1),
+	'EVENTORGANIZATION_TEMPLATE_EMAIL_BULK_SPEAKER'=>array('type'=>'emailtemplate:conferenceorbooth', 'enabled'=>1),
+	'EVENTORGANIZATION_TEMPLATE_EMAIL_BULK_ATTENDES'=>array('type'=>'emailtemplate:conferenceorbooth', 'enabled'=>1),
 	'EVENTORGANIZATION_SECUREKEY'=>array('type'=>'securekey', 'enabled'=>1),
 	'SERVICE_BOOTH_LOCATION'=>array('type'=>'product', 'enabled'=>1),
 	'SERVICE_CONFERENCE_ATTENDEE_SUBSCRIPTION'=>array('type'=>'product', 'enabled'=>1),
--- a/htdocs/admin/system/dolibarr.php
+++ b/htdocs/admin/system/dolibarr.php
@ -309,57 +309,58 @@ print '<br>';

 // Parameters in conf.php file (when a parameter start with ?, it is shown only if defined)
 $configfileparameters = array(
-		'dolibarr_main_url_root' => $langs->trans("URLRoot"),
-		'?dolibarr_main_url_root_alt' => $langs->trans("URLRoot").' (alt)',
-		'dolibarr_main_document_root'=> $langs->trans("DocumentRootServer"),
-		'?dolibarr_main_document_root_alt' => $langs->trans("DocumentRootServer").' (alt)',
-		'dolibarr_main_data_root' => $langs->trans("DataRootServer"),
-		'dolibarr_main_instance_unique_id' => $langs->trans("InstanceUniqueID"),
-		'separator1' => '',
-		'dolibarr_main_db_host' => $langs->trans("DatabaseServer"),
-		'dolibarr_main_db_port' => $langs->trans("DatabasePort"),
-		'dolibarr_main_db_name' => $langs->trans("DatabaseName"),
-		'dolibarr_main_db_type' => $langs->trans("DriverType"),
-		'dolibarr_main_db_user' => $langs->trans("DatabaseUser"),
-		'dolibarr_main_db_pass' => $langs->trans("DatabasePassword"),
-		'dolibarr_main_db_character_set' => $langs->trans("DBStoringCharset"),
-		'dolibarr_main_db_collation' => $langs->trans("DBSortingCollation"),
-		'?dolibarr_main_db_prefix' => $langs->trans("Prefix"),
-		'separator2' => '',
-		'dolibarr_main_authentication' => $langs->trans("AuthenticationMode"),
-		'?multicompany_transverse_mode'=>  $langs->trans("MultiCompanyMode"),
-		'separator'=> '',
-		'?dolibarr_main_auth_ldap_login_attribute' => 'dolibarr_main_auth_ldap_login_attribute',
-		'?dolibarr_main_auth_ldap_host' => 'dolibarr_main_auth_ldap_host',
-		'?dolibarr_main_auth_ldap_port' => 'dolibarr_main_auth_ldap_port',
-		'?dolibarr_main_auth_ldap_version' => 'dolibarr_main_auth_ldap_version',
-		'?dolibarr_main_auth_ldap_dn' => 'dolibarr_main_auth_ldap_dn',
-		'?dolibarr_main_auth_ldap_admin_login' => 'dolibarr_main_auth_ldap_admin_login',
-		'?dolibarr_main_auth_ldap_admin_pass' => 'dolibarr_main_auth_ldap_admin_pass',
-		'?dolibarr_main_auth_ldap_debug' => 'dolibarr_main_auth_ldap_debug',
-		'separator3' => '',
-		'?dolibarr_lib_ADODB_PATH' => 'dolibarr_lib_ADODB_PATH',
-		'?dolibarr_lib_FPDF_PATH' => 'dolibarr_lib_FPDF_PATH',
-		'?dolibarr_lib_TCPDF_PATH' => 'dolibarr_lib_TCPDF_PATH',
-		'?dolibarr_lib_FPDI_PATH' => 'dolibarr_lib_FPDI_PATH',
-		'?dolibarr_lib_TCPDI_PATH' => 'dolibarr_lib_TCPDI_PATH',
-		'?dolibarr_lib_NUSOAP_PATH' => 'dolibarr_lib_NUSOAP_PATH',
-		'?dolibarr_lib_GEOIP_PATH' => 'dolibarr_lib_GEOIP_PATH',
-		'?dolibarr_lib_ODTPHP_PATH' => 'dolibarr_lib_ODTPHP_PATH',
-		'?dolibarr_lib_ODTPHP_PATHTOPCLZIP' => 'dolibarr_lib_ODTPHP_PATHTOPCLZIP',
-		'?dolibarr_js_CKEDITOR' => 'dolibarr_js_CKEDITOR',
-		'?dolibarr_js_JQUERY' => 'dolibarr_js_JQUERY',
-		'?dolibarr_js_JQUERY_UI' => 'dolibarr_js_JQUERY_UI',
-		'?dolibarr_font_DOL_DEFAULT_TTF' => 'dolibarr_font_DOL_DEFAULT_TTF',
-		'?dolibarr_font_DOL_DEFAULT_TTF_BOLD' => 'dolibarr_font_DOL_DEFAULT_TTF_BOLD',
-		'separator4' => '',
-		'dolibarr_main_prod' => 'Production mode (Hide all error messages)',
-		'dolibarr_main_restrict_os_commands' => 'Restrict CLI commands for backups',
-		'dolibarr_main_restrict_ip' => 'Restrict access to some IPs only',
-		'?dolibarr_mailing_limit_sendbyweb' => 'Limit nb of email sent by page',
-		'?dolibarr_mailing_limit_sendbycli' => 'Limit nb of email sent by cli',
-		'?dolibarr_strict_mode' => 'Strict mode is on/off',
-		'?dolibarr_nocsrfcheck' => 'Disable CSRF security checks'
+	'dolibarr_main_prod' => 'Production mode (Hide all error messages)',
+	'dolibarr_main_instance_unique_id' => $langs->trans("InstanceUniqueID"),
+	'separator0' => '',
+	'dolibarr_main_url_root' => $langs->trans("URLRoot"),
+	'?dolibarr_main_url_root_alt' => $langs->trans("URLRoot").' (alt)',
+	'dolibarr_main_document_root'=> $langs->trans("DocumentRootServer"),
+	'?dolibarr_main_document_root_alt' => $langs->trans("DocumentRootServer").' (alt)',
+	'dolibarr_main_data_root' => $langs->trans("DataRootServer"),
+	'separator1' => '',
+	'dolibarr_main_db_host' => $langs->trans("DatabaseServer"),
+	'dolibarr_main_db_port' => $langs->trans("DatabasePort"),
+	'dolibarr_main_db_name' => $langs->trans("DatabaseName"),
+	'dolibarr_main_db_type' => $langs->trans("DriverType"),
+	'dolibarr_main_db_user' => $langs->trans("DatabaseUser"),
+	'dolibarr_main_db_pass' => $langs->trans("DatabasePassword"),
+	'dolibarr_main_db_character_set' => $langs->trans("DBStoringCharset"),
+	'dolibarr_main_db_collation' => $langs->trans("DBSortingCollation"),
+	'?dolibarr_main_db_prefix' => $langs->trans("DatabasePrefix"),
+	'separator2' => '',
+	'dolibarr_main_authentication' => $langs->trans("AuthenticationMode"),
+	'?multicompany_transverse_mode'=>  $langs->trans("MultiCompanyMode"),
+	'separator'=> '',
+	'?dolibarr_main_auth_ldap_login_attribute' => 'dolibarr_main_auth_ldap_login_attribute',
+	'?dolibarr_main_auth_ldap_host' => 'dolibarr_main_auth_ldap_host',
+	'?dolibarr_main_auth_ldap_port' => 'dolibarr_main_auth_ldap_port',
+	'?dolibarr_main_auth_ldap_version' => 'dolibarr_main_auth_ldap_version',
+	'?dolibarr_main_auth_ldap_dn' => 'dolibarr_main_auth_ldap_dn',
+	'?dolibarr_main_auth_ldap_admin_login' => 'dolibarr_main_auth_ldap_admin_login',
+	'?dolibarr_main_auth_ldap_admin_pass' => 'dolibarr_main_auth_ldap_admin_pass',
+	'?dolibarr_main_auth_ldap_debug' => 'dolibarr_main_auth_ldap_debug',
+	'separator3' => '',
+	'?dolibarr_lib_ADODB_PATH' => 'dolibarr_lib_ADODB_PATH',
+	'?dolibarr_lib_FPDF_PATH' => 'dolibarr_lib_FPDF_PATH',
+	'?dolibarr_lib_TCPDF_PATH' => 'dolibarr_lib_TCPDF_PATH',
+	'?dolibarr_lib_FPDI_PATH' => 'dolibarr_lib_FPDI_PATH',
+	'?dolibarr_lib_TCPDI_PATH' => 'dolibarr_lib_TCPDI_PATH',
+	'?dolibarr_lib_NUSOAP_PATH' => 'dolibarr_lib_NUSOAP_PATH',
+	'?dolibarr_lib_GEOIP_PATH' => 'dolibarr_lib_GEOIP_PATH',
+	'?dolibarr_lib_ODTPHP_PATH' => 'dolibarr_lib_ODTPHP_PATH',
+	'?dolibarr_lib_ODTPHP_PATHTOPCLZIP' => 'dolibarr_lib_ODTPHP_PATHTOPCLZIP',
+	'?dolibarr_js_CKEDITOR' => 'dolibarr_js_CKEDITOR',
+	'?dolibarr_js_JQUERY' => 'dolibarr_js_JQUERY',
+	'?dolibarr_js_JQUERY_UI' => 'dolibarr_js_JQUERY_UI',
+	'?dolibarr_font_DOL_DEFAULT_TTF' => 'dolibarr_font_DOL_DEFAULT_TTF',
+	'?dolibarr_font_DOL_DEFAULT_TTF_BOLD' => 'dolibarr_font_DOL_DEFAULT_TTF_BOLD',
+	'separator4' => '',
+	'dolibarr_main_restrict_os_commands' => 'Restrict CLI commands for backups',
+	'dolibarr_main_restrict_ip' => 'Restrict access to some IPs only',
+	'?dolibarr_mailing_limit_sendbyweb' => 'Limit nb of email sent by page',
+	'?dolibarr_mailing_limit_sendbycli' => 'Limit nb of email sent by cli',
+	'?dolibarr_strict_mode' => 'Strict mode is on/off',
+	'?dolibarr_nocsrfcheck' => 'Disable CSRF security checks'
 );

 print '<div class="div-table-responsive-no-min">';
@ -400,8 +401,10 @@ foreach ($configfileparameters as $key => $value) {
 			if (in_array($newkey, array('dolibarr_main_db_pass', 'dolibarr_main_auth_ldap_admin_pass'))) {
 				if (empty($dolibarr_main_prod)) {
 					print '<!-- '.${$newkey}.' -->';
+					print showValueWithClipboardCPButton(${$newkey}, 0, '********');
+				} else {
+					print '**********';
 				}
-				print '**********';
 			} elseif ($newkey == 'dolibarr_main_url_root' && preg_match('/__auto__/', ${$newkey})) {
 				print ${$newkey}.' => '.constant('DOL_MAIN_URL_ROOT');
 			} elseif ($newkey == 'dolibarr_main_document_root_alt') {
@ -420,9 +423,14 @@ foreach ($configfileparameters as $key => $value) {
 				}
 			} elseif ($newkey == 'dolibarr_main_instance_unique_id') {
 				//print $conf->file->instance_unique_id;
-				global $dolibarr_main_cookie_cryptkey;
-				$valuetoshow = ${$newkey} ? ${$newkey} : $dolibarr_main_cookie_cryptkey; // Use $dolibarr_main_instance_unique_id first then $dolibarr_main_cookie_cryptkey
-				print $valuetoshow;
+				global $dolibarr_main_cookie_cryptkey, $dolibarr_main_instance_unique_id;
+				$valuetoshow = $dolibarr_main_instance_unique_id ? $dolibarr_main_instance_unique_id : $dolibarr_main_cookie_cryptkey; // Use $dolibarr_main_instance_unique_id first then $dolibarr_main_cookie_cryptkey
+				if (empty($dolibarr_main_prod)) {
+					print '<!-- '.${$newkey}.' -->';
+					print showValueWithClipboardCPButton($valuetoshow, 0, '********');
+				} else {
+					print '**********';
+				}
 				if (empty($valuetoshow)) {
 					print img_warning("EditConfigFileToAddEntry", 'dolibarr_main_instance_unique_id');
 				}
--- a/htdocs/admin/system/security.php
+++ b/htdocs/admin/system/security.php
@ -251,7 +251,7 @@ print '<br>';
 if (empty($conf->global->SECURITY_DISABLE_TEST_ON_OBFUSCATED_CONF)) {
 	print '<strong>$dolibarr_main_db_pass</strong>: ';
 	if (!empty($dolibarr_main_db_pass) && empty($dolibarr_main_db_encrypted_pass)) {
-		print img_picto('', 'warning').' '.$langs->trans("DatabasePasswordNotObfuscated").' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommanded").': '.$langs->trans("SetOptionTo", $langs->transnoentitiesnoconv("MainDbPasswordFileConfEncrypted"), yn(1)).')</span>';
+		print img_picto('', 'warning').' '.$langs->trans("DatabasePasswordNotObfuscated").' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': '.$langs->trans("SetOptionTo", $langs->transnoentitiesnoconv("MainDbPasswordFileConfEncrypted"), yn(1)).')</span>';
 		//print ' <span class="opacitymedium">('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("IPsOfUsers")).')</span>';
 	} else {
 		print img_picto('', 'tick').' '.$langs->trans("DatabasePasswordObfuscated");
@ -267,49 +267,14 @@ if (empty($conf->global->SECURITY_DISABLE_TEST_ON_OBFUSCATED_CONF)) {
 print '<br>';
 print '<br>';
 print '<br>';
-print load_fiche_titre($langs->trans("Menu").' '.$langs->trans("SecuritySetup").' + '.$langs->trans("OtherSetup"), '', 'folder');

-//print '<strong>'.$langs->trans("PasswordEncryption").'</strong>: ';
-print '<strong>MAIN_SECURITY_HASH_ALGO</strong> = '.(empty($conf->global->MAIN_SECURITY_HASH_ALGO) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_SECURITY_HASH_ALGO)." &nbsp; ";
-if (empty($conf->global->MAIN_SECURITY_HASH_ALGO)) {
-	print '<span class="opacitymedium"> &nbsp; &nbsp; If unset: \'md5\'</span>';
-}
-if ($conf->global->MAIN_SECURITY_HASH_ALGO != 'password_hash') {
-	print '<br><strong>MAIN_SECURITY_SALT</strong> = '.(empty($conf->global->MAIN_SECURITY_SALT) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_SECURITY_SALT).'<br>';
-} else {
-	print '<span class="opacitymedium">('.$langs->trans("Recommanded").': password_hash)</span>';
-	print '<br>';
-}
-if ($conf->global->MAIN_SECURITY_HASH_ALGO != 'password_hash') {
-	print '<div class="info">The recommanded value for MAIN_SECURITY_HASH_ALGO is now \'password_hash\' but setting it now will make ALL existing passwords of all users not valid, so update is not possible.<br>';
-	print 'If you really want to switch, you must:<br>';
-	print '- Go on home - setup - other and add constant MAIN_SECURITY_HASH_ALGO to value \'password_hash\'<br>';
-	print '- In same session, WITHOUT LOGGING OUT, go into your admin user record and set a new password<br>';
-	print '- You can now logout and login with this new password. You must now reset password of all other users.<br>';
-	print '</div><br>';
-}
+print load_fiche_titre($langs->trans("Menu").' '.$langs->trans("SecuritySetup"), '', 'folder');
+
+
+print '<strong>'.$langs->trans("UseCaptchaCode").'</strong>: ';
+print empty($conf->global->MAIN_SECURITY_ENABLECAPTCHA) ? '' : img_picto('', 'tick').' ';
+print yn(empty($conf->global->MAIN_SECURITY_ENABLECAPTCHA) ? 0 : 1);
 print '<br>';
-
-
-print '<strong>MAIN_SECURITY_ANTI_SSRF_SERVER_IP</strong> = '.(empty($conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span> &nbsp; <span class="opacitymedium">('.$langs->trans("Example").': static-ips-of-server - '.$langs->trans("Note").': common loopback ip like 127.*.*.*, [::1] are already added)</span>' : $conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP)."<br>";
-print '<br>';
-
-print '<strong>MAIN_ALLOW_SVG_FILES_AS_IMAGES</strong> = '.(empty($conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES) ? '0 &nbsp; <span class="opacitymedium">('.$langs->trans("Recommanded").': 0)</span>' : $conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES)."<br>";
-print '<br>';
-
-print '<strong>MAIN_EXEC_USE_POPEN</strong> = ';
-if (empty($conf->global->MAIN_EXEC_USE_POPEN)) {
-	print '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>';
-} else {
-	print $conf->global->MAIN_EXEC_USE_POPEN;
-}
-if ($execmethod == 1) {
-	print ' &nbsp; <span class="opacitymedium">("exec" PHP method will be used for shell commands)</span>';
-}
-if ($execmethod == 2) {
-	print ' &nbsp; <span class="opacitymedium">("popen" PHP method will be used for shell commands)</span>';
-}
-print "<br>";
 print '<br>';


@ -354,6 +319,62 @@ if (empty($out)) {
 }

 print '<br>';
+print '<br>';
+print '<br>';
+print '<br>';
+
+
+print load_fiche_titre($langs->trans("OtherSetup").' ('.$langs->trans("Experimental").')', '', 'folder');
+
+
+//print '<strong>'.$langs->trans("PasswordEncryption").'</strong>: ';
+print '<strong>MAIN_SECURITY_HASH_ALGO</strong> = '.(empty($conf->global->MAIN_SECURITY_HASH_ALGO) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_SECURITY_HASH_ALGO)." &nbsp; ";
+if (empty($conf->global->MAIN_SECURITY_HASH_ALGO)) {
+	print '<span class="opacitymedium"> &nbsp; &nbsp; If unset: \'md5\'</span>';
+}
+if ($conf->global->MAIN_SECURITY_HASH_ALGO != 'password_hash') {
+	print '<br><strong>MAIN_SECURITY_SALT</strong> = '.(empty($conf->global->MAIN_SECURITY_SALT) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_SECURITY_SALT).'<br>';
+} else {
+	print '<span class="opacitymedium">('.$langs->trans("Recommanded").': password_hash)</span>';
+	print '<br>';
+}
+if ($conf->global->MAIN_SECURITY_HASH_ALGO != 'password_hash') {
+	print '<div class="info">The recommanded value for MAIN_SECURITY_HASH_ALGO is now \'password_hash\' but setting it now will make ALL existing passwords of all users not valid, so update is not possible.<br>';
+	print 'If you really want to switch, you must:<br>';
+	print '- Go on home - setup - other and add constant MAIN_SECURITY_HASH_ALGO to value \'password_hash\'<br>';
+	print '- In same session, WITHOUT LOGGING OUT, go into your admin user record and set a new password<br>';
+	print '- You can now logout and login with this new password. You must now reset password of all other users.<br>';
+	print '</div><br>';
+}
+print '<br>';
+
+print '<strong>MAIN_SECURITY_ANTI_SSRF_SERVER_IP</strong> = '.(empty($conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span> &nbsp; <span class="opacitymedium">('.$langs->trans("Example").': static-ips-of-server - '.$langs->trans("Note").': common loopback ip like 127.*.*.*, [::1] are already added)</span>' : $conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP)."<br>";
+print '<br>';
+
+print '<strong>MAIN_ALLOW_SVG_FILES_AS_IMAGES</strong> = '.(empty($conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES) ? '0 &nbsp; <span class="opacitymedium">('.$langs->trans("Recommanded").': 0)</span>' : $conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES)."<br>";
+print '<br>';
+
+print '<strong>MAIN_RESTRICTHTML_ONLY_VALID_HTML</strong> = '.(empty($conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommanded").': 1)</span>' : $conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML)."<br>";
+print '<br>';
+
+print '<strong>MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES</strong> = '.(empty($conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommanded").': 1)</span>' : $conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES)."<br>";
+print '<br>';
+
+print '<strong>MAIN_EXEC_USE_POPEN</strong> = ';
+if (empty($conf->global->MAIN_EXEC_USE_POPEN)) {
+	print '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>';
+} else {
+	print $conf->global->MAIN_EXEC_USE_POPEN;
+}
+if ($execmethod == 1) {
+	print ' &nbsp; <span class="opacitymedium">("exec" PHP method will be used for shell commands)</span>';
+}
+if ($execmethod == 2) {
+	print ' &nbsp; <span class="opacitymedium">("popen" PHP method will be used for shell commands)</span>';
+}
+print "<br>";
+print '<br>';
+


 // Modules/Applications
@ -405,7 +426,7 @@ if (empty($conf->api->enabled) && empty($conf->webservices->enabled)) {
 		print '<br>';
 	}
 	if (!empty($conf->api->enabled)) {
-		print '<strong>API_ENDPOINT_RULES</strong> = '.(empty($conf->global->API_ENDPOINT_RULES) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->API_ENDPOINT_RULES)."<br>\n";
+		print '<strong>API_ENDPOINT_RULES</strong> = '.(empty($conf->global->API_ENDPOINT_RULES) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Example").': endpoint1:1,endpoint2:1,...)</span>' : $conf->global->API_ENDPOINT_RULES)."<br>\n";
 		print '<br>';
 	}
 }
--- a/htdocs/bom/bom_list.php
+++ b/htdocs/bom/bom_list.php
@ -108,7 +108,7 @@ foreach ($object->fields as $key => $val) {
 			'checked'=>(($visible < 0) ? 0 : 1),
 			'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)),
 			'position'=>$val['position'],
-			'help'=>$val['help']
+			'help'=> isset($val['help']) ? $val['help'] : ''
 		);
 	}
 }
@ -321,7 +321,7 @@ if ($object->ismultientitymanaged == 1) {
 foreach ($search as $key => $val) {
 	if (array_key_exists($key, $object->fields)) {
 		if ($key == 'status' && $search[$key] == -1) {
-		continue;
+			continue;
 		}
 		$mode_search = (($object->isInt($object->fields[$key]) || $object->isFloat($object->fields[$key])) ? 1 : 0);
 		if ((strpos($object->fields[$key]['type'], 'integer:') === 0) || (strpos($object->fields[$key]['type'], 'sellist:') === 0) || !empty($object->fields[$key]['arrayofkeyval'])) {
--- a/htdocs/categories/card.php
+++ b/htdocs/categories/card.php
@ -1,6 +1,6 @@
 <?php
 /* Copyright (C) 2005		Matthieu Valleton	<mv@seeschloss.org>
- * Copyright (C) 2006-2017	Laurent Destailleur	<eldy@users.sourceforge.net>
+ * Copyright (C) 2006-2021	Laurent Destailleur	<eldy@users.sourceforge.net>
 * Copyright (C) 2005-2014	Regis Houssin		<regis.houssin@inodbox.com>
 * Copyright (C) 2007		Patrick Raguin		<patrick.raguin@gmail.com>
 * Copyright (C) 2013		Florian Henry		<florian.henry@open-concept.pro>
@ -257,6 +257,7 @@ if ($user->rights->categorie->creer) {

 		// Parent category
 		print '<tr><td>'.$langs->trans("AddIn").'</td><td>';
+		print img_picto($langs->trans("ParentCategory"), 'category', 'class="pictofixedwidth"');
 		print $form->select_all_categories($type, $catorigin, 'parent');
 		print ajax_combobox('parent');
 		print '</td></tr>';
--- a/htdocs/comm/mailing/card.php
+++ b/htdocs/comm/mailing/card.php
@ -577,7 +577,6 @@ if (empty($reshook)) {

 		if (!$isupload) {
 			$mesgs = array();
-
 			$object->sujet          = (string) GETPOST("sujet");
 			$object->body           = (string) GETPOST("bodyemail", 'restricthtml');
 			$object->bgcolor        = (string) GETPOST("bgcolor");
@ -744,7 +743,7 @@ if ($action == 'create') {
 	print '<div style="padding-top: 10px">';
 	// wysiwyg editor
 	require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
-	$doleditor = new DolEditor('bodyemail', GETPOST('bodyemail', 'restricthtml'), '', 600, 'dolibarr_mailings', '', true, true, $conf->global->FCKEDITOR_ENABLE_MAILING, 20, '90%');
+	$doleditor = new DolEditor('bodyemail', GETPOST('bodyemail', 'restricthtmlallowunvalid'), '', 600, 'dolibarr_mailings', '', true, true, $conf->global->FCKEDITOR_ENABLE_MAILING, 20, '90%');
 	$doleditor->Create();
 	print '</div>';

--- a/htdocs/comm/mailing/class/mailing.class.php
+++ b/htdocs/comm/mailing/class/mailing.class.php
@ -208,6 +208,12 @@ class Mailing extends CommonObject
 	{
 		global $conf, $langs;

+		// Check properties
+		if ($this->body === 'InvalidHTMLString') {
+			$this->error = 'InvalidHTMLString';
+			return -1;
+		}
+
 		$this->db->begin();

 		$this->title = trim($this->title);
@ -257,6 +263,12 @@ class Mailing extends CommonObject
 	 */
 	public function update($user)
 	{
+		// Check properties
+		if ($this->body === 'InvalidHTMLString') {
+			$this->error = 'InvalidHTMLString';
+			return -1;
+		}
+
 		$sql = "UPDATE ".MAIN_DB_PREFIX."mailing ";
 		$sql .= " SET titre = '".$this->db->escape($this->title)."'";
 		$sql .= ", sujet = '".$this->db->escape($this->sujet)."'";
--- a/htdocs/comm/propal/list.php
+++ b/htdocs/comm/propal/list.php
@ -226,8 +226,10 @@ if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
 } else {
 	$permissiontovalidate = $user->rights->propal->creer;
 	$permissiontoclose = $user->rights->propal->creer;
+	$permissiontosendbymail = $user->rights->propal->creer;
 }

+
 /*
 * Actions
 */
--- a/htdocs/compta/bank/class/account.class.php
+++ b/htdocs/compta/bank/class/account.class.php
@ -829,8 +829,8 @@ class Account extends CommonObject
 		$sql .= ",min_desired = ".($this->min_desired != '' ? price2num($this->min_desired) : "null");
 		$sql .= ",comment     = '".$this->db->escape($this->comment)."'";

-		$sql .= ",state_id = ".($this->state_id > 0 ? $this->state_id : "null");
-		$sql .= ",fk_pays = ".($this->country_id > 0 ? $this->country_id : "null");
+		$sql .= ",state_id = ".($this->state_id > 0 ? ((int) $this->state_id) : "null");
+		$sql .= ",fk_pays = ".($this->country_id > 0 ? ((int) $this->country_id) : "null");
 		$sql .= ",ics = '".$this->db->escape($this->ics)."'";
 		$sql .= ",ics_transfer = '".$this->db->escape($this->ics_transfer)."'";

--- a/htdocs/compta/cashcontrol/cashcontrol_list.php
+++ b/htdocs/compta/cashcontrol/cashcontrol_list.php
@ -131,7 +131,7 @@ foreach ($object->fields as $key => $val) {
 			'checked'=>(($visible < 0) ? 0 : 1),
 			'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)),
 			'position'=>$val['position'],
-			'help'=>$val['help']
+			'help'=> isset($val['help']) ? $val['help'] : ''
 		);
 	}
 }
--- a/htdocs/compta/sociales/class/cchargesociales.class.php
+++ b/htdocs/compta/sociales/class/cchargesociales.class.php
@ -260,13 +260,13 @@ class Cchargesociales
 		// Update request
 		$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element.' SET';
 		$sql .= ' libelle = '.(isset($this->libelle) ? "'".$this->db->escape($this->libelle)."'" : "null").',';
-		$sql .= ' deductible = '.(isset($this->deductible) ? $this->deductible : "null").',';
-		$sql .= ' active = '.(isset($this->active) ? $this->active : "null").',';
+		$sql .= ' deductible = '.(isset($this->deductible) ? ((int) $this->deductible) : "null").',';
+		$sql .= ' active = '.(isset($this->active) ? ((int) $this->active) : "null").',';
 		$sql .= ' code = '.(isset($this->code) ? "'".$this->db->escape($this->code)."'" : "null").',';
-		$sql .= ' fk_pays = '.(isset($this->fk_pays) ? $this->fk_pays : "null").',';
+		$sql .= ' fk_pays = '.((isset($this->fk_pays) && $this->fk_pays > 0) ? ((int) $this->fk_pays) : "null").',';
 		$sql .= ' module = '.(isset($this->module) ? "'".$this->db->escape($this->module)."'" : "null").',';
 		$sql .= ' accountancy_code = '.(isset($this->accountancy_code) ? "'".$this->db->escape($this->accountancy_code)."'" : "null");
-		$sql .= ' WHERE id='.$this->id;
+		$sql .= ' WHERE id='.((int) $this->id);

 		$this->db->begin();

--- a/htdocs/core/boxes/box_graph_nb_tickets_type.php
+++ b/htdocs/core/boxes/box_graph_nb_tickets_type.php
@ -69,20 +69,11 @@ class box_graph_nb_tickets_type extends ModeleBoxes
 		global $theme_datacolor, $badgeStatus8;

 		require_once DOL_DOCUMENT_ROOT."/core/lib/functions2.lib.php";
+		require_once DOL_DOCUMENT_ROOT."/theme/".$conf->theme."/theme_vars.inc.php";


-		$badgeStatus0 = '#cbd3d3'; // draft
-		$badgeStatus1 = '#bc9526'; // validated
-		$badgeStatus1b = '#bc9526'; // validated
-		$badgeStatus2 = '#9c9c26'; // approved
-		$badgeStatus3 = '#bca52b';
-		$badgeStatus4 = '#25a580'; // Color ok
-		$badgeStatus4b = '#25a580'; // Color ok
-		$badgeStatus5 = '#cad2d2';
-		$badgeStatus6 = '#cad2d2';
-		$badgeStatus7 = '#baa32b';
 		$badgeStatus8 = '#993013';
-		$badgeStatus9 = '#e7f0f0';
+
 		$text = $langs->trans("BoxTicketType");
 		$this->info_box_head = array(
 			'text' => $text,
--- a/htdocs/core/class/html.formadmin.class.php
+++ b/htdocs/core/class/html.formadmin.class.php
@ -393,9 +393,10 @@ class FormAdmin
 	 *  @param      string	$htmlname       Name of HTML select field
 	 *  @param		string	$filter			Value to filter on code
 	 *  @param		int		$showempty		Add empty value
+	 * 	@param		int		$forcecombo		Force to load all values and output a standard combobox (with no beautification)
 	 *  @return		string					Return HTML output
 	 */
-	public function select_paper_format($selected = '', $htmlname = 'paperformat_id', $filter = 0, $showempty = 0)
+	public function select_paper_format($selected = '', $htmlname = 'paperformat_id', $filter = 0, $showempty = 0, $forcecombo = 0)
 	{
 		// phpcs:enable
 		global $langs;
@ -444,7 +445,10 @@ class FormAdmin
 		}
 		$out .= '</select>';

-		$out .= ajax_combobox($htmlname);
+		if (!$forcecombo) {
+			include_once DOL_DOCUMENT_ROOT.'/core/lib/ajax.lib.php';
+			$out .= ajax_combobox($htmlname);
+		}

 		return $out;
 	}
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@ -775,22 +775,40 @@ function checkVal($out = '', $check = 'alphanohtml', $filter = null, $options =
 			}
 			break;
 		case 'restricthtml':		// Recommended for most html textarea
+		case 'restricthtmlallowunvalid':
 			do {
 				$oldstringtoclean = $out;

+				if (!empty($conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML) && $check != 'restricthtmlallowunvalid') {
+					try {
+						$dom = new DOMDocument;
+						$dom->loadHTML($out, LIBXML_ERR_NONE|LIBXML_HTML_NOIMPLIED|LIBXML_HTML_NODEFDTD|LIBXML_NONET|LIBXML_NOWARNING|LIBXML_NOXMLDECL);
+					} catch (Exception $e) {
+						//print $e->getMessage();
+						return 'InvalidHTMLString';
+					}
+					$out = $dom->saveHTML();
+				}
+				//var_dump($oldstringtoclean);var_dump($out);
+
+				// Ckeditor use the numeric entitic for apostrophe so we force it to text entity (all other special chars are correctly
+				// encoded using text entities). This is a fix for CKeditor.
+				$out = preg_replace('/&#39;/i', '&apos;', $out);
+
 				// We replace chars from a/A to z/Z encoded with numeric HTML entities with the real char so we won't loose the chars at the next step.
 				// No need to use a loop here, this step is not to sanitize (this is done at next step, this is to try to save chars, even if they are
 				// using a non coventionnel way to be encoded, to not have them sanitized just after)
 				$out = preg_replace_callback('/&#(x?[0-9][0-9a-f]+;?)/i', 'realCharForNumericEntities', $out);

-				// Now we remove all remaining HTML entities staring with a number. We don't want such entities.
+				// Now we remove all remaining HTML entities starting with a number. We don't want such entities.
 				$out = preg_replace('/&#x?[0-9]+/i', '', $out);	// For example if we have j&#x61vascript with an entities without the ; to hide the 'a' of 'javascript'.

 				$out = dol_string_onlythesehtmltags($out, 0, 1, 1);

 				// We should also exclude non expected attributes
 				if (!empty($conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES)) {
-					$out = dol_string_onlythesehtmlattributes($out);
+					// Warning, the function may add a LF so we are forced to trim to compare with old $out without having always a difference and an infinit loop.
+					$out = trim(dol_string_onlythesehtmlattributes($out));
 				}
 			} while ($oldstringtoclean != $out);
 			break;
@ -1025,10 +1043,11 @@ function dol_size($size, $type = '')


 /**
- *	Clean a string to use it as a file name
+ *	Clean a string to use it as a file name.
+ *  Replace also '--' and ' -' strings, they are used for parameters separation.
 *
 *	@param	string	$str            String to clean
- * 	@param	string	$newstr			String to replace bad chars with
+ * 	@param	string	$newstr			String to replace bad chars with.
 *  @param	int	    $unaccent		1=Remove also accent (default), 0 do not remove them
 *	@return string          		String cleaned (a-zA-Z_)
 *
@ -1040,8 +1059,11 @@ function dol_sanitizeFileName($str, $newstr = '_', $unaccent = 1)
 	// Char '>' '<' '|' '$' and ';' are special chars for shells.
 	// Char '/' and '\' are file delimiters.
 	// -- car can be used into filename to inject special paramaters like --use-compress-program to make command with file as parameter making remote execution of command
-	$filesystem_forbidden_chars = array('<', '>', '/', '\\', '?', '*', '|', '"', ':', '°', '$', ';', '--');
-	return dol_string_nospecial($unaccent ? dol_string_unaccent($str) : $str, $newstr, $filesystem_forbidden_chars);
+	$filesystem_forbidden_chars = array('<', '>', '/', '\\', '?', '*', '|', '"', ':', '°', '$', ';');
+	$tmp = dol_string_nospecial($unaccent ? dol_string_unaccent($str) : $str, $newstr, $filesystem_forbidden_chars);
+	$tmp = preg_replace('/\-\-+/', '_', $tmp);
+	$tmp = preg_replace('/\s+\-/', ' _', $tmp);
+	return $tmp;
 }

 /**
@ -1153,21 +1175,26 @@ function dol_string_unaccent($str)
 *	Clean a string from all punctuation characters to use it as a ref or login.
 *  This is a more complete function than dol_sanitizeFileName.
 *
- *	@param	string	$str            	String to clean
- * 	@param	string	$newstr				String to replace forbidden chars with
- *  @param  array	$badcharstoreplace  List of forbidden characters
- * 	@return string          			Cleaned string
+ *	@param	string			$str            	String to clean
+ * 	@param	string			$newstr				String to replace forbidden chars with
+ *  @param  array|string	$badcharstoreplace  List of forbidden characters to replace
+ *  @param  array|string	$badcharstoremove   List of forbidden characters to remove
+ * 	@return string          					Cleaned string
 *
 * 	@see    		dol_sanitizeFilename(), dol_string_unaccent(), dol_string_nounprintableascii()
 */
-function dol_string_nospecial($str, $newstr = '_', $badcharstoreplace = '')
+function dol_string_nospecial($str, $newstr = '_', $badcharstoreplace = '', $badcharstoremove = '')
 {
 	$forbidden_chars_to_replace = array(" ", "'", "/", "\\", ":", "*", "?", "\"", "<", ">", "|", "[", "]", ",", ";", "=", '°'); // more complete than dol_sanitizeFileName
 	$forbidden_chars_to_remove = array();
+	//$forbidden_chars_to_remove=array("(",")");
+
 	if (is_array($badcharstoreplace)) {
 		$forbidden_chars_to_replace = $badcharstoreplace;
 	}
-	//$forbidden_chars_to_remove=array("(",")");
+	if (is_array($badcharstoremove)) {
+		$forbidden_chars_to_remove = $badcharstoremove;
+	}

 	return str_replace($forbidden_chars_to_replace, $newstr, str_replace($forbidden_chars_to_remove, "", $str));
 }
@ -3521,8 +3548,8 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
 				'github', 'jabber', 'skype', 'twitter', 'facebook', 'linkedin', 'instagram', 'snapchat', 'youtube', 'google-plus-g', 'whatsapp',
 				'chevron-left', 'chevron-right', 'chevron-down', 'chevron-top', 'commercial', 'companies',
 				'generic', 'home', 'hrm', 'members', 'products', 'invoicing',
-				'partnership', 'payment', 'pencil-ruler', 'preview', 'project', 'projectpub', 'projecttask', 'question', 'refresh', 'salary', 'shipment',
-				'state', 'supplier_invoice', 'supplier_invoicea', 'supplier_invoicer', 'supplier_invoiced',
+				'partnership', 'payment', 'pencil-ruler', 'preview', 'project', 'projectpub', 'projecttask', 'question', 'refresh', 'region',
+				'salary', 'shipment', 'state', 'supplier_invoice', 'supplier_invoicea', 'supplier_invoicer', 'supplier_invoiced',
 				'technic', 'ticket',
 				'error', 'warning',
 				'recent', 'reception', 'recruitmentcandidature', 'recruitmentjobposition', 'resource',
@ -3571,8 +3598,8 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
 				'partnership'=>'handshake', 'payment'=>'money-check-alt', 'phoning'=>'phone', 'phoning_mobile'=>'mobile-alt', 'phoning_fax'=>'fax', 'previous'=>'arrow-alt-circle-left', 'printer'=>'print', 'product'=>'cube', 'service'=>'concierge-bell',
 				'recent' => 'question', 'reception'=>'dolly', 'recruitmentjobposition'=>'id-card-alt', 'recruitmentcandidature'=>'id-badge',
 				'resize'=>'crop', 'supplier_order'=>'dol-order_supplier', 'supplier_proposal'=>'file-signature',
-				'refresh'=>'redo', 'resource'=>'laptop-house',
-				'state'=>'map-marked', 'security'=>'key', 'salary'=>'wallet', 'shipment'=>'dolly', 'stock'=>'box-open', 'stats' => 'chart-bar', 'split'=>'code-branch', 'stripe'=>'stripe-s',
+				'refresh'=>'redo', 'region'=>'map-marked', 'resource'=>'laptop-house',
+				'state'=>'map-marked-alt', 'security'=>'key', 'salary'=>'wallet', 'shipment'=>'dolly', 'stock'=>'box-open', 'stats' => 'chart-bar', 'split'=>'code-branch', 'stripe'=>'stripe-s',
 				'supplier'=>'building', 'supplier_invoice'=>'file-invoice-dollar', 'technic'=>'cogs', 'ticket'=>'ticket-alt',
 				'timespent'=>'clock', 'title_setup'=>'tools', 'title_accountancy'=>'money-check-alt', 'title_bank'=>'university', 'title_hrm'=>'umbrella-beach',
 				'title_agenda'=>'calendar-alt',
@ -3673,7 +3700,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
 				'partnership'=>'#6c6aa8', 'playdisabled'=>'#ccc', 'printer'=>'#444', 'projectpub'=>'#986c6a', 'reception'=>'#a69944', 'resize'=>'#444', 'rss'=>'#cba',
 				//'shipment'=>'#a69944',
 				'security'=>'#999', 'stats'=>'#444', 'switch_off'=>'#999', 'technic'=>'#999', 'timespent'=>'#555',
-				'uncheck'=>'#800', 'uparrow'=>'#555', 'user-cog'=>'#999', 'country'=>'#aaa', 'globe-americas'=>'#aaa', 'state'=>'#aaa',
+				'uncheck'=>'#800', 'uparrow'=>'#555', 'user-cog'=>'#999', 'country'=>'#aaa', 'globe-americas'=>'#aaa', 'region'=>'#aaa', 'state'=>'#aaa',
 				'website'=>'#304', 'workstation'=>'#a69944'
 			);
 			if (isset($arrayconvpictotocolor[$pictowithouttext])) {
@ -3956,7 +3983,7 @@ function img_edit($titlealt = 'default', $float = 0, $other = '')
 *	@param  string	$other		Add more attributes on img
 *	@return string      		Return tag img
 */
-function img_view($titlealt = 'default', $float = 0, $other = '')
+function img_view($titlealt = 'default', $float = 0, $other = 'class="valignmiddle"')
 {
 	global $langs;

@ -5470,7 +5497,7 @@ function get_localtax($vatrate, $local, $thirdparty_buyer = "", $thirdparty_sell
 	} else {
 		$sql .= " AND t.recuperableonly = '".$db->escape($vatnpr)."'";
 	}
-	dol_syslog("get_localtax", LOG_DEBUG);
+
 	$resql = $db->query($sql);

 	if ($resql) {
@ -6298,7 +6325,7 @@ function dol_string_onlythesehtmltags($stringtoclean, $cleanalsosomestyles = 1,
 	$stringtoclean = preg_replace('/&#58;|&#0+58|&#x3A/i', '', $stringtoclean); // refused string ':' encoded (no reason to have a : encoded like this) to disable 'javascript:...'
 	$stringtoclean = preg_replace('/javascript\s*:/i', '', $stringtoclean);

-	$temp = strip_tags($stringtoclean, $allowed_tags_string);
+	$temp = strip_tags($stringtoclean, $allowed_tags_string);	// Warning: This remove also undesired </> changing string obfuscated with </> that pass injection detection into harmfull string

 	if ($cleanalsosomestyles) {	// Clean for remaining html tags
 		$temp = preg_replace('/position\s*:\s*(absolute|fixed)\s*!\s*important/i', '', $temp); // Note: If hacker try to introduce css comment into string to bypass this regex, the string must also be encoded by the dol_htmlentitiesbr during output so it become harmless
@ -6348,8 +6375,8 @@ function dol_string_onlythesehtmlattributes($stringtoclean, $allowed_attributes
 		}

 		$return = $dom->saveHTML();
-
 		//$return = '<html><body>aaaa</p>bb<p>ssdd</p>'."\n<p>aaa</p>aa<p>bb</p>";
+
 		$return = preg_replace('/^<html><body>/', '', $return);
 		$return = preg_replace('/<\/body><\/html>$/', '', $return);
 		return $return;
@ -7435,7 +7462,7 @@ function print_date_range($date_start, $date_end, $format = '', $outputlangs = '
 *    @param    int			$date_end      		End date
 *    @param    string		$format        		Output format
 *    @param	Translate	$outputlangs   		Output language
- *    @param	integer		$withparenthesis	1=Add parenthesis, 0=non parenthesis
+ *    @param	integer		$withparenthesis	1=Add parenthesis, 0=no parenthesis
 *    @return	string							String
 */
 function get_date_range($date_start, $date_end, $format = '', $outputlangs = '', $withparenthesis = 1)
@ -8087,7 +8114,7 @@ function picto_from_langcode($codelang, $moreatt = '')
 	}

 	if ($codelang == 'auto') {
-		return '<span class="fa fa-globe"></span>';
+		return '<span class="fa fa-language"></span>';
 	}

 	$langtocountryflag = array(
--- a/htdocs/core/lib/security2.lib.php
+++ b/htdocs/core/lib/security2.lib.php
@ -476,8 +476,8 @@ function getRandomPassword($generic = false, $replaceambiguouschars = null, $len
 			}

 			$generated_password = str_shuffle($randomCode);
-		} else // Old platform, non cryptographic random
-		{
+		} else {
+			// Old platform, non cryptographic random
 			$max = strlen($lowercase) - 1;
 			for ($x = 0; $x < $nbofchar; $x++) {
 				$tmp = mt_rand(0, $max);
--- a/htdocs/core/login/functions_ldap.php
+++ b/htdocs/core/login/functions_ldap.php
@ -29,7 +29,7 @@
 *
 * @param	string	$usertotest		Login
 * @param	string	$passwordtotest	Password
- * @param   int		$entitytotest   Number of instance (always 1 if module multicompany not enabled)
+ * @param   int		$entitytotest   Numero of instance (always 1 if module multicompany not enabled)
 * @return	string					Login if OK, '' if KO
 */
 function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest)
@ -151,10 +151,13 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest)
 		if ($result > 0) {
 			if ($result == 2) {	// Connection is ok for user/pass into LDAP
 				$login = $usertotest;
-				if (!empty($conf->global->LDAP_FIELD_LOGIN)) {
-					$login = $ldap->login;
-				}
 				dol_syslog("functions_ldap::check_user_password_ldap $login authentication ok");
+				// For the case, we search the user id using a search key without the login (but using other fields like id),
+				// we need to get the real login to use in the ldap answer.
+				if (!empty($conf->global->LDAP_FIELD_LOGIN) && !empty($ldap->login)) {
+					$login = $ldap->login;
+					dol_syslog("functions_ldap::check_user_password_ldap login is now $login (LDAP_FIELD_LOGIN=".$conf->global->LDAP_FIELD_LOGIN.")");
+				}

 				require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';

@ -207,7 +210,7 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest)
 					}

 					$usertmp = new User($db);
-					$resultFetchUser = $usertmp->fetch('', $login, $sid);
+					$resultFetchUser = $usertmp->fetch('', $login, $sid, 1, ($entitytotest > 0 ? $entitytotest : -1));
 					if ($resultFetchUser > 0) {
 						dol_syslog("functions_ldap::check_user_password_ldap Sync user found user id=".$usertmp->id);
 						// On verifie si le login a change et on met a jour les attributs dolibarr
@ -215,7 +218,7 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest)
 						if ($usertmp->login != $ldap->login && $ldap->login) {
 							$usertmp->login = $ldap->login;
 							$usertmp->update($usertmp);
-							// TODO Que faire si update echoue car on update avec un login deja existant.
+							// TODO Que faire si update echoue car on update avec un login deja existant pour un autre compte.
 						}

 						//$resultUpdate = $usertmp->update_ldap2dolibarr($ldap);
@ -231,7 +234,7 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest)
 					$usertmp->fetch('', $login);
 					$ret = $mc->checkRight($usertmp->id, $entitytotest);
 					if ($ret < 0) {
-						dol_syslog("functions_ldap::check_user_password_ldap Authentication KO entity '".$entitytotest."' not allowed for user '".$usertmp->id."'", LOG_NOTICE);
+						dol_syslog("functions_ldap::check_user_password_ldap Authentication KO entity '".$entitytotest."' not allowed for user id '".$usertmp->id."'", LOG_NOTICE);
 						$login = ''; // force authentication failure
 					}
 					unset($usertmp);
--- a/htdocs/core/menus/standard/eldy.lib.php
+++ b/htdocs/core/menus/standard/eldy.lib.php
@ -1797,11 +1797,11 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM
 				$newmenu->add("/holiday/card.php?mainmenu=hrm&leftmenu=holiday&action=create", $langs->trans("New"), 1, $user->rights->holiday->write);
 				$newmenu->add("/holiday/list.php?mainmenu=hrm&leftmenu=hrm", $langs->trans("List"), 1, $user->rights->holiday->read);
 				if ($usemenuhider || empty($leftmenu) || $leftmenu == "hrm") {
-					$newmenu->add("/holiday/list.php?search_statut=1&mainmenu=hrm&leftmenu=hrm", $langs->trans("DraftCP"), 2, $user->rights->holiday->read);
-					$newmenu->add("/holiday/list.php?search_statut=2&mainmenu=hrm&leftmenu=hrm", $langs->trans("ToReviewCP"), 2, $user->rights->holiday->read);
-					$newmenu->add("/holiday/list.php?search_statut=3&mainmenu=hrm&leftmenu=hrm", $langs->trans("ApprovedCP"), 2, $user->rights->holiday->read);
-					$newmenu->add("/holiday/list.php?search_statut=4&mainmenu=hrm&leftmenu=hrm", $langs->trans("CancelCP"), 2, $user->rights->holiday->read);
-					$newmenu->add("/holiday/list.php?search_statut=5&mainmenu=hrm&leftmenu=hrm", $langs->trans("RefuseCP"), 2, $user->rights->holiday->read);
+					$newmenu->add("/holiday/list.php?search_status=1&mainmenu=hrm&leftmenu=hrm", $langs->trans("DraftCP"), 2, $user->rights->holiday->read);
+					$newmenu->add("/holiday/list.php?search_status=2&mainmenu=hrm&leftmenu=hrm", $langs->trans("ToReviewCP"), 2, $user->rights->holiday->read);
+					$newmenu->add("/holiday/list.php?search_status=3&mainmenu=hrm&leftmenu=hrm", $langs->trans("ApprovedCP"), 2, $user->rights->holiday->read);
+					$newmenu->add("/holiday/list.php?search_status=4&mainmenu=hrm&leftmenu=hrm", $langs->trans("CancelCP"), 2, $user->rights->holiday->read);
+					$newmenu->add("/holiday/list.php?search_status=5&mainmenu=hrm&leftmenu=hrm", $langs->trans("RefuseCP"), 2, $user->rights->holiday->read);
 				}
 				$newmenu->add("/holiday/define_holiday.php?mainmenu=hrm&action=request", $langs->trans("MenuConfCP"), 1, $user->rights->holiday->read);
 				$newmenu->add("/holiday/month_report.php?mainmenu=hrm&leftmenu=holiday", $langs->trans("MenuReportMonth"), 1, $user->rights->holiday->readall);
--- a/htdocs/core/modules/modAccounting.class.php
+++ b/htdocs/core/modules/modAccounting.class.php
@ -60,7 +60,7 @@ class modAccounting extends DolibarrModules
 		$this->dirs = array('/accounting/temp');

 		// Config pages
-		$this->config_page_url = array('accounting.php');
+		$this->config_page_url = array('accounting.php?mainmenu=accountancy&leftmenu=accountancy_admin');

 		// Dependencies
 		$this->depends = array("modFacture", "modBanque", "modTax"); // List of modules id that must be enabled if this module is enabled
--- a/htdocs/core/modules/security/generate/modGeneratePassStandard.class.php
+++ b/htdocs/core/modules/security/generate/modGeneratePassStandard.class.php
@ -99,7 +99,7 @@ class modGeneratePassStandard extends ModeleGenPassword
 		$password = "";

 		// define possible characters
-		$possible = "0123456789bcdfghjkmnpqrstvwxyz";
+		$possible = "0123456789qwertyuiopasdfghjklzxcvbnmASDFGHJKLZXCVBNMQWERTYUIOP";

 		// set up a counter
 		$i = 0;
@ -107,10 +107,13 @@ class modGeneratePassStandard extends ModeleGenPassword
 		// add random characters to $password until $length is reached
 		while ($i < $this->length) {
 			// pick a random character from the possible ones
-			$char = substr($possible, mt_rand(0, dol_strlen($possible) - 1), 1);
+			if (function_exists('random_int')) {	// Cryptographic random
+				$char = substr($possible, random_int(0, dol_strlen($possible) - 1), 1);
+			} else {
+				$char = substr($possible, mt_rand(0, dol_strlen($possible) - 1), 1);
+			}

-			// we don't want this character if it's already in the password
-			if (!strstr($password, $char)) {
+			if (substr_count($password, $char) <= 6) {	// we don't want this character if it's already 5 times in the password
 				$password .= $char;
 				$i++;
 			}
--- a/htdocs/core/tpl/commonfields_add.tpl.php
+++ b/htdocs/core/tpl/commonfields_add.tpl.php
@ -47,7 +47,7 @@ foreach ($object->fields as $key => $val) {
 	print '<tr class="field_'.$key.'">';
 	print '<td';
 	print ' class="titlefieldcreate';
-	if ($val['notnull'] > 0) {
+	if (isset($val['notnull']) && $val['notnull'] > 0) {
 		print ' fieldrequired';
 	}
 	if ($val['type'] == 'text' || $val['type'] == 'html') {
--- a/htdocs/core/tpl/commonfields_edit.tpl.php
+++ b/htdocs/core/tpl/commonfields_edit.tpl.php
@ -48,7 +48,7 @@ foreach ($object->fields as $key => $val) {

 	print '<tr class="field_'.$key.'"><td';
 	print ' class="titlefieldcreate';
-	if ($val['notnull'] > 0) {
+	if (isset($val['notnull']) && $val['notnull'] > 0) {
 		print ' fieldrequired';
 	}
 	if (preg_match('/^(text|html)/', $val['type'])) {
--- a/htdocs/core/tpl/login.tpl.php
+++ b/htdocs/core/tpl/login.tpl.php
@ -356,7 +356,7 @@ if (!empty($conf->global->MAIN_EASTER_EGG_COMMITSTRIP)) {

 <?php if ($main_home) {
 	?>
-	<div class="center login_main_home paddingtopbottom <?php echo empty($conf->global->MAIN_LOGIN_BACKGROUND) ? '' : ' backgroundsemitransparent'; ?>" style="max-width: 70%">
+	<div class="center login_main_home paddingtopbottom <?php echo empty($conf->global->MAIN_LOGIN_BACKGROUND) ? '' : ' backgroundsemitransparent boxshadow'; ?>" style="max-width: 70%">
 	<?php echo $main_home; ?>
 	</div><br>
 	<?php
--- a/htdocs/core/tpl/objectline_view.tpl.php
+++ b/htdocs/core/tpl/objectline_view.tpl.php
@ -353,8 +353,7 @@ if ($outputalsopricetotalwithtax) {
 	$coldisplay++;
 }

-if ($this->statut == 0 && ($object_rights->creer) && $action != 'selectlines') {
-
+if ($this->statut == 0 && !empty($object_rights->creer) && $action != 'selectlines') {
 	$situationinvoicelinewithparent = 0;
 	if ($line->fk_prev_id != null && in_array($object->element, array('facture', 'facturedet'))) {
 		if ($object->type == $object::TYPE_SITUATION) {	// The constant TYPE_SITUATION exists only for object invoice
--- a/htdocs/core/tpl/passwordforgotten.tpl.php
+++ b/htdocs/core/tpl/passwordforgotten.tpl.php
@ -216,7 +216,7 @@ if (!empty($morelogincontent)) {
 </form>


-<div class="center login_main_home divpasswordmessagedesc paddingtopbottom<?php echo empty($conf->global->MAIN_LOGIN_BACKGROUND) ? '' : ' backgroundsemitransparent'; ?>" style="max-width: 70%">
+<div class="center login_main_home divpasswordmessagedesc paddingtopbottom<?php echo empty($conf->global->MAIN_LOGIN_BACKGROUND) ? '' : ' backgroundsemitransparent boxshadow'; ?>" style="max-width: 70%">
 <?php if ($mode == 'dolibarr' || !$disabled) { ?>
 	<span class="passwordmessagedesc">
 	<?php echo $langs->trans('SendNewPasswordDesc'); ?>
--- a/htdocs/eventorganization/class/conferenceorbooth.class.php
+++ b/htdocs/eventorganization/class/conferenceorbooth.class.php
@ -108,7 +108,7 @@ class ConferenceOrBooth extends ActionComm
 		'label' => array('type'=>'varchar(255)', 'label'=>'Label', 'enabled'=>'1', 'position'=>30, 'notnull'=>0, 'visible'=>1, 'searchall'=>1, 'css'=>'minwidth300', 'help'=>"Help text", 'showoncombobox'=>'1',),
 		'fk_soc' => array('type'=>'integer:Societe:societe/class/societe.class.php:1:status=1 AND entity IN (__SHARED_ENTITIES__)', 'label'=>'ThirdParty', 'enabled'=>'1', 'position'=>50, 'notnull'=>-1, 'visible'=>1, 'index'=>1, 'help'=>"LinkToThirparty",),
 		'fk_project' => array('type'=>'integer:Project:projet/class/project.class.php:1::eventorganization', 'label'=>'Project', 'enabled'=>'1', 'position'=>52, 'notnull'=>-1, 'visible'=>-1, 'index'=>1,),
-		'note' => array('type'=>'text', 'label'=>'Description', 'enabled'=>'1', 'position'=>60, 'notnull'=>0, 'visible'=>1,),
+		'note' => array('type'=>'text', 'label'=>'Description', 'enabled'=>'1', 'position'=>60, 'notnull'=>0, 'visible'=>1),
 		'fk_action' => array('type'=>'sellist:c_actioncomm:libelle:id::module LIKE (\'%@eventorganization\')', 'label'=>'Format', 'enabled'=>'1', 'position'=>60, 'notnull'=>1, 'visible'=>1,),
 		'datep' => array('type'=>'datetime', 'label'=>'DateStart', 'enabled'=>'1', 'position'=>70, 'notnull'=>0, 'visible'=>1, 'showoncombobox'=>'2',),
 		'datep2' => array('type'=>'datetime', 'label'=>'DateEnd', 'enabled'=>'1', 'position'=>71, 'notnull'=>0, 'visible'=>1, 'showoncombobox'=>'3',),
@ -118,6 +118,7 @@ class ConferenceOrBooth extends ActionComm
 		'fk_user_mod' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserModif', 'enabled'=>'1', 'position'=>511, 'notnull'=>-1, 'visible'=>-2,),
 		'import_key' => array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>'1', 'position'=>1000, 'notnull'=>-1, 'visible'=>-2,),
 		'status' => array('type'=>'smallint', 'label'=>'Status', 'enabled'=>'1', 'position'=>1000, 'notnull'=>1, 'visible'=>1, 'default'=>'0', 'index'=>1, 'arrayofkeyval'=>array('0'=>'EvntOrgDraft', '1'=>'EvntOrgSuggested', '2'=> 'EvntOrgConfirmed', '3' =>'EvntOrgNotQualified', '4' =>'EvntOrgDone', '9'=>'EvntOrgCancelled'),),
+		'num_vote' => array('type'=>'smallint', 'label'=>'NbVotes', 'enabled'=>'1', 'position'=>1001, 'notnull'=>-1, 'visible'=>5, 'default'=>'0', 'index'=>0),
 	);
 	public $rowid;
 	public $id;
--- a/htdocs/eventorganization/conferenceorbooth_list.php
+++ b/htdocs/eventorganization/conferenceorbooth_list.php
@ -119,7 +119,7 @@ foreach ($object->fields as $key => $val) {
 			'checked'=>(($visible < 0) ? 0 : 1),
 			'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)),
 			'position'=>$val['position'],
-			'help'=>$val['help']
+			'help'=> isset($val['help']) ? $val['help'] : ''
 		);
 	}
 }
--- a/htdocs/eventorganization/conferenceorboothattendee_list.php
+++ b/htdocs/eventorganization/conferenceorboothattendee_list.php
@ -128,7 +128,7 @@ foreach ($object->fields as $key => $val) {
 			'checked'=>(($visible < 0) ? 0 : 1),
 			'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)),
 			'position'=>$val['position'],
-			'help'=>$val['help']
+			'help'=> isset($val['help']) ? $val['help'] : ''
 		);
 	}
 }
--- a/htdocs/expensereport/card.php
+++ b/htdocs/expensereport/card.php
@ -1084,7 +1084,7 @@ if (empty($reshook)) {

 		$fk_c_exp_tax_cat = GETPOST('fk_c_exp_tax_cat', 'int');

-		$qty = GETPOST('qty', 'int');
+		$qty = price2num(GETPOST('qty', 'alpha'));
 		if (empty($qty)) {
 			$qty = 1;
 		}
@ -1101,21 +1101,21 @@ if (empty($reshook)) {
 			$action = '';
 		}

-		// Si aucune date n'est rentrée
+		// If no date entered
 		if (empty($date) || $date == "--") {
 			$error++;
 			setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Date")), null, 'errors');
+		} elseif ($date < $object->date_debut || $date > ($object->date_fin + (24 * 3600 - 1))) {
+			// Warning if date out of range
+			$langs->load("errors");
+			setEventMessages($langs->trans("WarningDateOfLineMustBeInExpenseReportRange"), null, 'warnings');
 		}
-		// Si aucun prix n'est rentré
+
+		// If no price entered
 		if ($value_unit == 0) {
 			$error++;
 			setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("PriceUTTC")), null, 'errors');
 		}
-		// Warning if date out of range
-		if ($date < $object->date_debut || $date > ($object->date_fin + (24 * 3600 - 1))) {
-			$langs->load("errors");
-			setEventMessages($langs->trans("WarningDateOfLineMustBeInExpenseReportRange"), null, 'warnings');
-		}

 		if (!$error) {
 			$type = 0; // TODO What if service ? We should take the type product/service from the type of expense report llx_c_type_fees
@ -1215,12 +1215,12 @@ if (empty($reshook)) {
 			}
 		}

-		$rowid = $_POST['rowid'];
+		$rowid = GETPOST('rowid', 'int');
 		$type_fees_id = GETPOST('fk_c_type_fees', 'int');
 		$fk_c_exp_tax_cat = GETPOST('fk_c_exp_tax_cat', 'int');
 		$projet_id = $fk_project;
 		$comments = GETPOST('comments', 'restricthtml');
-		$qty = GETPOST('qty', 'int');
+		$qty = price2num(GETPOST('qty', 'alpha'));
 		$vatrate = GETPOST('vatrate', 'alpha');

 		// if VAT is not used in Dolibarr, set VAT rate to 0 because VAT rate is necessary.
@ -2474,32 +2474,32 @@ if ($action == 'create') {
 					print '</tr>';
 			} // Fin si c'est payé/validé

-				print '</table>';
-				print '</div>';
+			print '</table>';
+			print '</div>';

-				print '<script javascript>
+			print '<script javascript>

-				/* JQuery for product free or predefined select */
-				jQuery(document).ready(function() {
-					jQuery("#value_unit_ht").keyup(function(event) {
-						console.log(event.which);		// discard event tag and arrows
-						if (event.which != 9 && (event.which < 37 ||event.which > 40) && jQuery("#value_unit_ht").val() != "") {
-							jQuery("#value_unit").val("");
-						}
-					});
-					jQuery("#value_unit").keyup(function(event) {
-						console.log(event.which);		// discard event tag and arrows
-						if (event.which != 9 && (event.which < 37 || event.which > 40) && jQuery("#value_unit").val() != "") {
-							jQuery("#value_unit_ht").val("");
-						}
-					});
+			/* JQuery for product free or predefined select */
+			jQuery(document).ready(function() {
+				jQuery("#value_unit_ht").keyup(function(event) {
+					console.log(event.which);		// discard event tag and arrows
+					if (event.which != 9 && (event.which < 37 ||event.which > 40) && jQuery("#value_unit_ht").val() != "") {
+						jQuery("#value_unit").val("");
+					}
 				});
+				jQuery("#value_unit").keyup(function(event) {
+					console.log(event.which);		// discard event tag and arrows
+					if (event.which != 9 && (event.which < 37 || event.which > 40) && jQuery("#value_unit").val() != "") {
+						jQuery("#value_unit_ht").val("");
+					}
+				});
+			});

-				</script>';
+			</script>';

-				print '</form>';
+			print '</form>';

-				print dol_get_fiche_end();
+			print dol_get_fiche_end();
 		}
 	} else {
 		dol_print_error($db);
@ -2511,9 +2511,11 @@ if ($action == 'create') {
 	exit(1);
 }

+
 /*
 * Action bar
 */
+
 print '<div class="tabsAction">';

 if ($action != 'create' && $action != 'edit') {
--- a/htdocs/expensereport/class/expensereport.class.php
+++ b/htdocs/expensereport/class/expensereport.class.php
@ -2119,7 +2119,7 @@ class ExpenseReport extends CommonObject

 			$this->line->fk_ecm_files = $fk_ecm_files;

-			$this->line->id = $rowid;
+			$this->line->id = ((int) $rowid);

 			// Select des infos sur le type fees
 			$sql = "SELECT c.code as code_type_fees, c.label as libelle_type_fees";
@ -2703,10 +2703,10 @@ class ExpenseReportLine
 		$sql .= " '".$this->db->escape(empty($this->vat_src_code) ? '' : $this->vat_src_code)."',";
 		$sql .= " '".$this->db->escape($this->comments)."',";
 		$sql .= " ".((float) $this->qty).",";
-		$sql .= " ".((int) $this->value_unit).",";
-		$sql .= " ".price2num($this->total_ht).",";
-		$sql .= " ".price2num($this->total_tva).",";
-		$sql .= " ".price2num($this->total_ttc).",";
+		$sql .= " ".((float) $this->value_unit).",";
+		$sql .= " ".((float) price2num($this->total_ht)).",";
+		$sql .= " ".((float) price2num($this->total_tva)).",";
+		$sql .= " ".((float) price2num($this->total_ttc)).",";
 		$sql .= " '".$this->db->idate($this->date)."',";
 		$sql .= " ".(empty($this->rule_warning_message) ? 'null' : "'".$this->db->escape($this->rule_warning_message)."'").",";
 		$sql .= " ".((int) $this->fk_c_exp_tax_cat).",";
@ -2811,26 +2811,26 @@ class ExpenseReportLine
 		// Update line in database
 		$sql = "UPDATE ".MAIN_DB_PREFIX."expensereport_det SET";
 		$sql .= " comments='".$this->db->escape($this->comments)."'";
-		$sql .= ",value_unit = ".((float) $this->value_unit);
-		$sql .= ",qty=".((float) $this->qty);
-		$sql .= ",date='".$this->db->idate($this->date)."'";
-		$sql .= ",total_ht=".((float) price2num($this->total_ht, 'MT'))."";
-		$sql .= ",total_tva=".((float) price2num($this->total_tva, 'MT'))."";
-		$sql .= ",total_ttc=".((float) price2num($this->total_ttc, 'MT'))."";
-		$sql .= ",tva_tx=".((float) $this->vatrate);
-		$sql .= ",vat_src_code='".$this->db->escape($this->vat_src_code)."'";
-		$sql .= ",rule_warning_message='".$this->db->escape($this->rule_warning_message)."'";
-		$sql .= ",fk_c_exp_tax_cat=".$this->db->escape($this->fk_c_exp_tax_cat);
-		$sql .= ",fk_ecm_files=".($this->fk_ecm_files > 0 ? ((int) $this->fk_ecm_files) : 'null');
+		$sql .= ", value_unit = ".((float) $this->value_unit);
+		$sql .= ", qty=".((float) $this->qty);
+		$sql .= ", date='".$this->db->idate($this->date)."'";
+		$sql .= ", total_ht=".((float) price2num($this->total_ht, 'MT'))."";
+		$sql .= ", total_tva=".((float) price2num($this->total_tva, 'MT'))."";
+		$sql .= ", total_ttc=".((float) price2num($this->total_ttc, 'MT'))."";
+		$sql .= ", tva_tx=".((float) $this->vatrate);
+		$sql .= ", vat_src_code='".$this->db->escape($this->vat_src_code)."'";
+		$sql .= ", rule_warning_message='".$this->db->escape($this->rule_warning_message)."'";
+		$sql .= ", fk_c_exp_tax_cat=".$this->db->escape($this->fk_c_exp_tax_cat);
+		$sql .= ", fk_ecm_files=".($this->fk_ecm_files > 0 ? ((int) $this->fk_ecm_files) : 'null');
 		if ($this->fk_c_type_fees) {
-			$sql .= ",fk_c_type_fees = ".((int) $this->fk_c_type_fees);
+			$sql .= ", fk_c_type_fees = ".((int) $this->fk_c_type_fees);
 		} else {
-			$sql .= ",fk_c_type_fees=null";
+			$sql .= ", fk_c_type_fees=null";
 		}
 		if ($this->fk_project > 0) {
-			$sql .= ",fk_projet=".((int) $this->fk_project);
+			$sql .= ", fk_projet=".((int) $this->fk_project);
 		} else {
-			$sql .= ",fk_projet=null";
+			$sql .= ", fk_projet=null";
 		}
 		$sql .= " WHERE rowid = ".((int) ($this->rowid ? $this->rowid : $this->id));

--- a/htdocs/expensereport/index.php
+++ b/htdocs/expensereport/index.php
@ -1,6 +1,6 @@
 <?php
 /* Copyright (C) 2003		Rodolphe Quiedeville <rodolphe@quiedeville.org>
- * Copyright (C) 2004-2015	Laurent Destailleur  <eldy@users.sourceforge.net>
+ * Copyright (C) 2004-2021	Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) 2004		Eric Seigne          <eric.seigne@ryxeo.com>
 * Copyright (C) 2005-2011	Regis Houssin        <regis.houssin@inodbox.com>
 * Copyright (C) 2015       Alexandre Spangaro   <aspangaro@open-dsi.fr>
@ -132,6 +132,30 @@ foreach ($listoftype as $code => $label) {
 	$dataseries[] = array($label, (isset($somme[$code]) ? (int) $somme[$code] : 0));
 }

+// Sort array with most important first
+$dataseries = dol_sort_array($dataseries, 1, 'desc');
+
+// Merge all entrie after the $KEEPNFIRST one into one entry called "Other..." (to avoid to have too much entries in graphic).
+$KEEPNFIRST = 7;	// Keep first $KEEPNFIRST one + 1 with the remain
+$i = 0;
+if (count($dataseries) > ($KEEPNFIRST + 1)) {
+	foreach ($dataseries as $key => $val) {
+		if ($i < $KEEPNFIRST) {
+			$i++;
+			continue;
+		}
+		// Here $key = $KEEPNFIRST
+		$dataseries[$KEEPNFIRST][0] = $langs->trans("Others").'...';
+		if ($key == $KEEPNFIRST) {
+			$i++;
+			continue;
+		}
+		$dataseries[$KEEPNFIRST][1] += $dataseries[$key][1];
+		unset($dataseries[$key]);
+		$i++;
+	}
+}
+
 if ($conf->use_javascript_ajax) {
 	print '<tr><td class="center" colspan="4">';

@ -221,10 +245,10 @@ if ($result) {
 			$userstatic->photo = $obj->photo;

 			print '<tr class="oddeven">';
-			print '<td>'.$expensereportstatic->getNomUrl(1).'</td>';
-			print '<td>'.$userstatic->getNomUrl(-1).'</td>';
-			print '<td class="right">'.price($obj->total_ht).'</td>';
-			print '<td class="right">'.price($obj->total_ttc).'</td>';
+			print '<td class="tdoverflowmax200">'.$expensereportstatic->getNomUrl(1).'</td>';
+			print '<td class="tdoverflowmax150">'.$userstatic->getNomUrl(-1).'</td>';
+			print '<td class="right amount">'.price($obj->total_ht).'</td>';
+			print '<td class="right amount">'.price($obj->total_ttc).'</td>';
 			print '<td class="right">'.dol_print_date($db->jdate($obj->dm), 'day').'</td>';
 			print '<td class="right">';
 			print $expensereportstatic->getLibStatut(3);
--- a/htdocs/expensereport/tpl/expensereport_linktofile.tpl.php
+++ b/htdocs/expensereport/tpl/expensereport_linktofile.tpl.php
@ -72,7 +72,7 @@ if (empty($conf->global->EXPENSEREPORT_DISABLE_ATTACHMENT_ON_LINES)) {
 						}
 						// If the preview file is found
 						if (file_exists($fileimage)) {
-							$thumbshown = '<img height="'.$heightforphotref.'" class="photo photowithmargin photowithborder" src="'.DOL_URL_ROOT.'/viewimage.php?modulepart=apercu'.$modulepart.'&amp;file='.urlencode($relativepathimage).'">';
+							$thumbshown = '<img height="'.$heightforphotref.'" class="photo photowithmargin photowithborder" src="'.DOL_URL_ROOT.'/viewimage.php?modulepart=apercu'.urlencode($modulepart).'&file='.urlencode($relativepathimage).'">';
 						}
 					}
 				}
--- a/htdocs/holiday/class/holiday.class.php
+++ b/htdocs/holiday/class/holiday.class.php
@ -2261,7 +2261,7 @@ class Holiday extends CommonObject
 			$response->warning_delay = $conf->holiday->approve->warning_delay / 60 / 60 / 24;
 			$response->label = $langs->trans("HolidaysToApprove");
 			$response->labelShort = $langs->trans("ToApprove");
-			$response->url = DOL_URL_ROOT.'/holiday/list.php?search_statut=2&amp;mainmenu=hrm&amp;leftmenu=holiday';
+			$response->url = DOL_URL_ROOT.'/holiday/list.php?search_status=2&amp;mainmenu=hrm&amp;leftmenu=holiday';
 			$response->img = img_object('', "holiday");

 			while ($obj = $this->db->fetch_object($resql)) {
--- a/htdocs/hrm/index.php
+++ b/htdocs/hrm/index.php
@ -310,11 +310,11 @@ if (!empty($conf->expensereport->enabled) && $user->rights->expensereport->lire)
 				$userstatic->photo = $obj->photo;

 				print '<tr class="oddeven">';
-				print '<td class="nowraponall">'.$expensereportstatic->getNomUrl(1).'</td>';
+				print '<td class="tdoverflowmax200">'.$expensereportstatic->getNomUrl(1).'</td>';
 				print '<td class="tdoverflowmax150">'.$userstatic->getNomUrl(-1).'</td>';
-				print '<td class="right">'.price($obj->total_ttc).'</td>';
+				print '<td class="right amount">'.price($obj->total_ttc).'</td>';
 				print '<td class="right">'.dol_print_date($db->jdate($obj->dm), 'day').'</td>';
-				print '<td class="right nowrap" width="16">'.$expensereportstatic->LibStatut($obj->status, 3).'</td>';
+				print '<td class="right nowraponall" width="16">'.$expensereportstatic->LibStatut($obj->status, 3).'</td>';
 				print '</tr>';

 				$i++;
--- a/htdocs/includes/odtphp/odf.php
+++ b/htdocs/includes/odtphp/odf.php
@ -881,6 +881,11 @@ IMG;
 		//$command = DOL_DOCUMENT_ROOT.'/includes/odtphp/odt2pdf.sh '.$name.' '.$dirname;

 		dol_syslog(get_class($this).'::exportAsAttachedPDF $execmethod='.$execmethod.' Run command='.$command,LOG_DEBUG);
+		// TODO Use:
+		// $outputfile = DOL_DATA_ROOT.'/odt2pdf.log';
+		// $result = $utils->executeCLI($command, $outputfile);  and replace test on $execmethod.
+		// $retval will be $result['result']
+		// $errorstring will be $result['output']
 		$retval=0; $output_arr=array();
 		if ($execmethod == 1)
 		{
@ -909,8 +914,7 @@ IMG;
 			if (! empty($conf->global->MAIN_UMASK)) @chmod($outputfile, octdec($conf->global->MAIN_UMASK));
 		}

-		if ($retval == 0)
-		{
+		if ($retval == 0) {
 			dol_syslog(get_class($this).'::exportAsAttachedPDF $ret_val='.$retval, LOG_DEBUG);
 			$filename=''; $linenum=0;

@ -927,8 +931,7 @@ IMG;
 				}
 			}

-			if (!empty($conf->global->MAIN_ODT_AS_PDF_DEL_SOURCE))
-			{
+			if (!empty($conf->global->MAIN_ODT_AS_PDF_DEL_SOURCE)) {
 				unlink($name);
 			}
 		} else {
--- a/htdocs/install/default.css
+++ b/htdocs/install/default.css
@ -80,6 +80,10 @@ div.soustitre {
 	text-align: right;
 }

+.wordbreak {
+    word-break: break-word;
+}
+
 .minwidth100 { min-width: 100px; }
 .minwidth200 { min-width: 200px; }
 .minwidth300 { min-width: 300px; }
--- a/htdocs/install/mysql/data/llx_c_currencies.sql
+++ b/htdocs/install/mysql/data/llx_c_currencies.sql
@ -7,6 +7,7 @@
 -- Copyright (C) 2007 	    Patrick Raguin        <patrick.raguin@gmail.com>
 -- Copyright (C) 2011 	    Juanjo Menent         <jmenent@2byte.es>
 -- Copyright (C) 2020 	    Udo Tamm              <dev@dolibit.de>
+-- Copyright (C) 2021 	    Lenin Rivas           <lenin@leninrivas.com>
 --
 -- This program is free software; you can redistribute it and/or modify
 -- it under the terms of the GNU General Public License as published by
@ -50,7 +51,7 @@ INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'BDT'
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'BYR', '[112,46]', 1,			  'Belarus Ruble');
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'BZD', '[66,90,36]', 1,			'Belize Dollar');
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'BMD', '[36]', 1,				    'Bermuda Dollar');
-INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'BOB', '[36,98]', 1,				  'Bolivia Boliviano');
+INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'BOB', '[66,115]', 1,				'Bolivia Boliviano');
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'BAM', '[75,77]', 1,			  	'Bosnia and Herzegovina Convertible Marka');
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'BWP', '[80]', 1,				    'Botswana Pula');
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'BGN', '[1083,1074]', 1,			'Bulgaria Lev');
@ -70,6 +71,7 @@ INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'CZK'
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'DKK', '[107,114]', 1,	  		'Denmark Krone');
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'DOP', '[82,68,36]', 1,			'Dominican Republic Peso');
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'XCD', '[36]', 1,		    		'East Caribbean Dollar');
+INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'ECS', '[83,47,46]', 1,		  'Ecuador Sucre');
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'EGP', '[163]', 1,	    			'Egypt Pound');
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'SVC', '[36]', 1,			    	'El Salvador Colon');
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'EEK', '[107,114]', 1,	  		'Estonia Kroon');
@ -126,7 +128,7 @@ INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'OMR'
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'PKR', '[8360]', 1,		  		'Pakistan Rupee');
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'PAB', '[66,47,46]', 1,			'Panama Balboa');
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'PYG', '[71,115]', 1,		  	'Paraguay Guarani');
-INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'PEN', '[83,47,46]', 1,			'Peru Nuevo Sol');
+INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'PEN', '[83,47]', 1,			    'Perú Sol');
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'PHP', '[8369]', 1,			  	'Philippines Peso');
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'PLN', '[122,322]', 1,	  		'Poland Zloty');
 INSERT INTO llx_c_currencies ( code_iso, unicode, active, label ) VALUES ( 'QAR', '[65020]', 1,		  		'Qatar Riyal');
--- a/htdocs/install/mysql/data/llx_c_email_templates.sql
+++ b/htdocs/install/mysql/data/llx_c_email_templates.sql
@ -35,9 +35,9 @@ INSERT INTO llx_c_email_templates (entity, module, type_template, lang, private,
 INSERT INTO llx_c_email_templates (entity, module, type_template, lang, private, fk_user, datec, label, position, enabled, active, topic, content, content_lines, joinfiles) VALUES (0,'recruitment','recruitmentcandidature_send','',0,null,null,'(AnswerCandidature)'       ,100,'$conf->recruitment->enabled',1,'[__[MAIN_INFO_SOCIETE_NOM]__] __(YourCandidature)__',       '__(Hello)__ __CANDIDATE_FULLNAME__,<br><br>\n\n__(YourCandidatureAnswerMessage)__<br>__ONLINE_INTERVIEW_SCHEDULER_TEXT_AND_URL__\n<br><br>\n__(Sincerely)__<br>__USER_SIGNATURE__',null, 0);

 -- Event organization 
-INSERT INTO llx_c_email_templates (entity, module, type_template, lang, private, fk_user, datec, label, position, active, topic, content, content_lines, enabled, joinfiles) values (0, '', 'eventorganization_send', '', 0, null, null, 'EventOrganizationEmailAskConf',       10, 1, '[__[MAIN_INFO_SOCIETE_NOM]__] __(EventOrganizationEmailAskConf)__', '__(Hello)__ __THIRDPARTY_NAME__,<br /><br />__(ThisIsContentOfYourOrganizationEventConfRequestWasReceived)__<br /><br />__ONLINE_PAYMENT_TEXT_AND_URL__<br /><br /><br />__(Sincerely)__<br />__USER_SIGNATURE__', null, '1', null);
-INSERT INTO llx_c_email_templates (entity, module, type_template, lang, private, fk_user, datec, label, position, active, topic, content, content_lines, enabled, joinfiles) values (0, '', 'eventorganization_send', '', 0, null, null, 'EventOrganizationEmailAskBooth',      20, 1, '[__[MAIN_INFO_SOCIETE_NOM]__] __(EventOrganizationEmailAskBooth)__', '__(Hello)__ __THIRDPARTY_NAME__,<br /><br />__(ThisIsContentOfYourOrganizationEventBoothRequestWasReceived)__<br /><br />__ONLINE_PAYMENT_TEXT_AND_URL__<br /><br /><br />__(Sincerely)__<br />__USER_SIGNATURE__', null, '1', null);
-INSERT INTO llx_c_email_templates (entity, module, type_template, lang, private, fk_user, datec, label, position, active, topic, content, content_lines, enabled, joinfiles) values (0, '', 'eventorganization_send', '', 0, null, null, 'EventOrganizationEmailSubsBooth',     30, 1, '[__[MAIN_INFO_SOCIETE_NOM]__] __(EventOrganizationEmailSubsBooth)__', '__(Hello)__ __THIRDPARTY_NAME__,<br /><br />__(ThisIsContentOfYourOrganizationEventBoothSubscriptionWasReceived)__<br /><br />__ONLINE_PAYMENT_TEXT_AND_URL__<br /><br /><br />__(Sincerely)__<br />__USER_SIGNATURE__', null, '1', null);
-INSERT INTO llx_c_email_templates (entity, module, type_template, lang, private, fk_user, datec, label, position, active, topic, content, content_lines, enabled, joinfiles) values (0, '', 'eventorganization_send', '', 0, null, null, 'EventOrganizationEmailSubsEvent',     40, 1, '[__[MAIN_INFO_SOCIETE_NOM]__] __(EventOrganizationEmailSubsEvent)__', '__(Hello)__ __THIRDPARTY_NAME__,<br /><br />__(ThisIsContentOfYourOrganizationEventEventSubscriptionWasReceived)__<br /><br />__(Sincerely)__<br /><br />__MYCOMPANY_NAME__<br />__USER_SIGNATURE__', null, '1', null);
-INSERT INTO llx_c_email_templates (entity, module, type_template, lang, private, fk_user, datec, label, position, active, topic, content, content_lines, enabled, joinfiles) values (0, '', 'eventorganization_send', '', 0, null, null, 'EventOrganizationMassEmailAttendees', 50, 1, '[__[MAIN_INFO_SOCIETE_NOM]__] __(EventOrganizationMassEmailAttendees)__', '__(Hello)__ __THIRDPARTY_NAME__,<br /><br />__(ThisIsContentOfYourOrganizationEventBulkMailToAttendees)__<br /><br />__(Sincerely)__<br />__USER_SIGNATURE__', null, '1', null);
-INSERT INTO llx_c_email_templates (entity, module, type_template, lang, private, fk_user, datec, label, position, active, topic, content, content_lines, enabled, joinfiles) values (0, '', 'eventorganization_send', '', 0, null, null, 'EventOrganizationMassEmailSpeakers',  60, 1, '[__[MAIN_INFO_SOCIETE_NOM]__] __(EventOrganizationMassEmailSpeakers)__', '__(Hello)__ __THIRDPARTY_NAME__,<br /><br />__(ThisIsContentOfYourOrganizationEventBulkMailToSpeakers)__<br /><br />__(Sincerely)__<br />__USER_SIGNATURE__', null, '1', null);
+INSERT INTO llx_c_email_templates (entity, module, type_template, lang, private, fk_user, datec, label, position, active, topic, content, content_lines, enabled, joinfiles) values (0, '', 'conferenceorbooth', '', 0, null, null, 'EventOrganizationEmailAskConf',       10, 1, '[__[MAIN_INFO_SOCIETE_NOM]__] __(EventOrganizationEmailAskConf)__', '__(Hello)__ __THIRDPARTY_NAME__,<br /><br />__(ThisIsContentOfYourOrganizationEventConfRequestWasReceived)__<br /><br />__ONLINE_PAYMENT_TEXT_AND_URL__<br /><br /><br />__(Sincerely)__<br />__USER_SIGNATURE__', null, '1', null);
+INSERT INTO llx_c_email_templates (entity, module, type_template, lang, private, fk_user, datec, label, position, active, topic, content, content_lines, enabled, joinfiles) values (0, '', 'conferenceorbooth', '', 0, null, null, 'EventOrganizationEmailAskBooth',      20, 1, '[__[MAIN_INFO_SOCIETE_NOM]__] __(EventOrganizationEmailAskBooth)__', '__(Hello)__ __THIRDPARTY_NAME__,<br /><br />__(ThisIsContentOfYourOrganizationEventBoothRequestWasReceived)__<br /><br />__ONLINE_PAYMENT_TEXT_AND_URL__<br /><br /><br />__(Sincerely)__<br />__USER_SIGNATURE__', null, '1', null);
+INSERT INTO llx_c_email_templates (entity, module, type_template, lang, private, fk_user, datec, label, position, active, topic, content, content_lines, enabled, joinfiles) values (0, '', 'conferenceorbooth', '', 0, null, null, 'EventOrganizationEmailSubsBooth',     30, 1, '[__[MAIN_INFO_SOCIETE_NOM]__] __(EventOrganizationEmailSubsBooth)__', '__(Hello)__ __THIRDPARTY_NAME__,<br /><br />__(ThisIsContentOfYourOrganizationEventBoothSubscriptionWasReceived)__<br /><br />__ONLINE_PAYMENT_TEXT_AND_URL__<br /><br /><br />__(Sincerely)__<br />__USER_SIGNATURE__', null, '1', null);
+INSERT INTO llx_c_email_templates (entity, module, type_template, lang, private, fk_user, datec, label, position, active, topic, content, content_lines, enabled, joinfiles) values (0, '', 'conferenceorbooth', '', 0, null, null, 'EventOrganizationEmailSubsEvent',     40, 1, '[__[MAIN_INFO_SOCIETE_NOM]__] __(EventOrganizationEmailSubsEvent)__', '__(Hello)__ __THIRDPARTY_NAME__,<br /><br />__(ThisIsContentOfYourOrganizationEventEventSubscriptionWasReceived)__<br /><br />__(Sincerely)__<br /><br />__MYCOMPANY_NAME__<br />__USER_SIGNATURE__', null, '1', null);
+INSERT INTO llx_c_email_templates (entity, module, type_template, lang, private, fk_user, datec, label, position, active, topic, content, content_lines, enabled, joinfiles) values (0, '', 'conferenceorbooth', '', 0, null, null, 'EventOrganizationMassEmailAttendees', 50, 1, '[__[MAIN_INFO_SOCIETE_NOM]__] __(EventOrganizationMassEmailAttendees)__', '__(Hello)__ __THIRDPARTY_NAME__,<br /><br />__(ThisIsContentOfYourOrganizationEventBulkMailToAttendees)__<br /><br />__(Sincerely)__<br />__USER_SIGNATURE__', null, '1', null);
+INSERT INTO llx_c_email_templates (entity, module, type_template, lang, private, fk_user, datec, label, position, active, topic, content, content_lines, enabled, joinfiles) values (0, '', 'conferenceorbooth', '', 0, null, null, 'EventOrganizationMassEmailSpeakers',  60, 1, '[__[MAIN_INFO_SOCIETE_NOM]__] __(EventOrganizationMassEmailSpeakers)__', '__(Hello)__ __THIRDPARTY_NAME__,<br /><br />__(ThisIsContentOfYourOrganizationEventBulkMailToSpeakers)__<br /><br />__(Sincerely)__<br />__USER_SIGNATURE__', null, '1', null);
--- a/htdocs/install/mysql/migration/13.0.0-14.0.0.sql
+++ b/htdocs/install/mysql/migration/13.0.0-14.0.0.sql
@ -428,6 +428,10 @@ create table llx_eventorganization_conferenceorboothattendee_extrafields
 ALTER TABLE llx_eventorganization_conferenceorboothattendee_extrafields ADD INDEX idx_conferenceorboothattendee_fk_object(fk_object);

 ALTER TABLE llx_c_ticket_category ADD COLUMN public integer DEFAULT 0;
+
+-- VPGSQL8.2 ALTER TABLE llx_c_ticket_category ALTER COLUMN pos TYPE INTEGER USING pos::INTEGER;
+-- VPGSQL8.2 ALTER TABLE llx_c_ticket_category ALTER COLUMN pos SET NOT NULL;
+-- VPGSQL8.2 ALTER TABLE llx_c_ticket_category ALTER COLUMN pos SET DEFAULT 0;
 ALTER TABLE llx_c_ticket_category MODIFY COLUMN pos	integer DEFAULT 0 NOT NULL;


--- a/htdocs/install/mysql/tables/llx_actioncomm.sql
+++ b/htdocs/install/mysql/tables/llx_actioncomm.sql
@ -55,7 +55,7 @@ create table llx_actioncomm
  durationp			real,							-- planed duration

  label				varchar(255) NOT NULL,			-- label/title of event or topic of email
-  note				text,							-- note of event or content of email
+  note				text,							-- private note of event or content of email
  
  calling_duration  integer,                        -- when event is a phone call, duration of phone call
  
--- a/htdocs/install/upgrade2.php
+++ b/htdocs/install/upgrade2.php
@ -448,8 +448,17 @@ if (!GETPOST('action', 'aZ09') || preg_match('/upgrade/i', GETPOST('action', 'aZ
 			migrate_contacts_socialnetworks();
 			migrate_thirdparties_socialnetworks();
 		}
+
+		// Scripts for 14.0
+		$afterversionarray = explode('.', '13.0.9');
+		$beforeversionarray = explode('.', '14.0.9');
+		if (versioncompare($versiontoarray, $afterversionarray) >= 0 && versioncompare($versiontoarray, $beforeversionarray) <= 0) {
+			migrate_export_import_profiles('export');
+			migrate_export_import_profiles('import');
+		}
 	}

+
 	// Code executed only if migration is LAST ONE. Must always be done.
 	if (versioncompare($versiontoarray, $versionranarray) >= 0 || versioncompare($versiontoarray, $versionranarray) <= -3) {
 		// Reload modules (this must be always done and only into last targeted version, because code to reload module may need table structure of last version)
@ -4904,3 +4913,74 @@ function migrate_thirdparties_socialnetworks()
 	print '<b>'.$langs->trans('MigrationFieldsSocialNetworks', 'Thirdparties')."</b><br>\n";
 	print '</td></tr>';
 }
+
+
+/**
+ * Migrate export and import profiles to fix field name that was renamed
+ *
+ * @param	string		$mode		'export' or 'import'
+ * @return  void
+ */
+function migrate_export_import_profiles($mode = 'export')
+{
+	global $db, $langs;
+
+	$error = 0;
+	$resultstring = '';
+
+	$db->begin();
+
+	print '<tr class="trforrunsql"><td colspan="4">';
+	$sql = 'SELECT rowid, field';
+	if ($mode == 'export') {
+		$sql .= ', filter';
+	}
+	$sql .= ' FROM '.MAIN_DB_PREFIX.$mode.'_model WHERE';
+	$sql .= " type LIKE 'propale_%' OR type LIKE 'commande_%' OR type LIKE 'facture_%'";
+	//print $sql;
+	$resql = $db->query($sql);
+	if ($resql) {
+		while ($obj = $db->fetch_object($resql)) {
+			$oldfield = $obj->field;
+			$newfield = str_replace(array(',f.facnumber', 'f.facnumber,', 'f.total,', 'f.tva,'), array(',f.ref', 'f.ref,', 'f.total_ht,', 'f.total_tva,'), $oldfield);
+
+			if ($mode == 'export') {
+				$oldfilter = $obj->filter;
+				$newfilter = str_replace(array('f.facnumber=', 'f.total=', 'f.tva='), array('f.ref=', 'f.total_ht=', 'f.total_tva='), $oldfilter);
+			} else {
+				$oldfilter = '';
+				$newfilter = '';
+			}
+
+			if ($oldfield != $newfield || $oldfilter != $newfilter) {
+				$sqlupd = 'UPDATE '.MAIN_DB_PREFIX.$mode."_model SET field = '".$db->escape($newfield)."'";
+				if ($mode == 'export') {
+					$sql .= ", filter = '".$db->escape($newfilter)."'";
+				}
+				$sqlupd .= ' WHERE rowid='.$obj->rowid;
+				$resultstring .= '<tr class="trforrunsql" style=""><td class="wordbreak" colspan="4">'.$sqlupd."</td></tr>\n";
+				$resqlupd = $db->query($sqlupd);
+				if (!$resqlupd) {
+					dol_print_error($db);
+					$error++;
+				}
+			}
+		}
+	} else {
+		$error++;
+	}
+	if (!$error) {
+		$db->commit();
+	} else {
+		dol_print_error($db);
+		$db->rollback();
+	}
+	print '<b>'.$langs->trans('MigrationImportOrExportProfiles', $mode)."</b><br>\n";
+	print '</td></tr>';
+
+	if ($resultstring) {
+		print $resultstring;
+	} else {
+		print '<tr class="trforrunsql" style=""><td class="wordbreak" colspan="4">'.$langs->trans("NothingToDo")."</td></tr>\n";
+	}
+}
--- a/htdocs/knowledgemanagement/knowledgerecord_list.php
+++ b/htdocs/knowledgemanagement/knowledgerecord_list.php
@ -115,7 +115,7 @@ foreach ($object->fields as $key => $val) {
 			'checked'=>(($visible < 0) ? 0 : 1),
 			'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)),
 			'position'=>$val['position'],
-			'help'=>$val['help']
+			'help'=> isset($val['help']) ? $val['help'] : ''
 		);
 	}
 }
--- a/htdocs/langs/en_US/admin.lang
+++ b/htdocs/langs/en_US/admin.lang
@ -53,6 +53,7 @@ InternalUser=Internal user
 ExternalUser=External user
 InternalUsers=Internal users
 ExternalUsers=External users
+UserInterface=User interface
 GUISetup=Display
 SetupArea=Setup
 UploadNewTemplate=Upload new template(s)
@ -2133,7 +2134,8 @@ IfCLINotRequiredYouShouldDisablePHPFunctions=Except if you need to run system co
 PHPFunctionsRequiredForCLI=For shell purpose (like scheduled job backup or running an anitivurs program), you must keep PHP functions
 NoWritableFilesFoundIntoRootDir=No writable files or directories of the common programs were found into your root directory (Good)
 RecommendedValueIs=Recommended: %s
-NotRecommended=Not recommanded
+Recommended=Recommended
+NotRecommended=Not recommended
 ARestrictedPath=A restricted path
 CheckForModuleUpdate=Check for external modules updates
 CheckForModuleUpdateHelp=This action will connect to editors of external modules to check if a new version is available.
--- a/htdocs/langs/en_US/boxes.lang
+++ b/htdocs/langs/en_US/boxes.lang
@ -91,8 +91,8 @@ BoxTitleLatestModifiedSupplierOrders=Vendor Orders: last %s modified
 BoxTitleLastModifiedCustomerBills=Customer Invoices: last %s modified
 BoxTitleLastModifiedCustomerOrders=Sales Orders: last %s modified
 BoxTitleLastModifiedPropals=Latest %s modified proposals
-BoxTitleLatestModifiedJobPositions=Latest %s modified jobs
-BoxTitleLatestModifiedCandidatures=Latest %s modified candidatures
+BoxTitleLatestModifiedJobPositions=Latest %s modified job positions
+BoxTitleLatestModifiedCandidatures=Latest %s modified job applications
 ForCustomersInvoices=Customers invoices
 ForCustomersOrders=Customers orders
 ForProposals=Proposals
--- a/htdocs/langs/en_US/eventorganization.lang
+++ b/htdocs/langs/en_US/eventorganization.lang
@ -86,6 +86,7 @@ DownloadICSLink = Download ICS link
 EVENTORGANIZATION_SECUREKEY = Secure Key of the public registration link to a conference
 SERVICE_BOOTH_LOCATION = Service used for the invoice row about a booth location
 SERVICE_CONFERENCE_ATTENDEE_SUBSCRIPTION = Service used for the invoice row about an attendee subscription to a conference
+NbVotes=Number of votes
 #
 # Status
 #
@ -115,6 +116,9 @@ EvntOrgDuration = This conference starts on %s and ends on %s.
 ConferenceAttendeeFee = Conference attendee fee for the event : '%s' occurring from %s to %s.
 BoothLocationFee = Booth location for the event : '%s' occurring from %s to %s
 EventType = Event type
+LabelOfBooth=Booth label
+LabelOfconference=Conference label
+ConferenceIsNotConfirmed=Subcription not available, conference is not confirmed yet

 #
 # Vote page
--- a/htdocs/langs/en_US/install.lang
+++ b/htdocs/langs/en_US/install.lang
@ -206,6 +206,7 @@ MigrationUserPhotoPath=Migration of photo paths for users
 MigrationFieldsSocialNetworks=Migration of users fields social networks (%s)
 MigrationReloadModule=Reload module %s
 MigrationResetBlockedLog=Reset module BlockedLog for v7 algorithm
+MigrationImportOrExportProfiles=Migration of import or export profiles (%s)
 ShowNotAvailableOptions=Show unavailable options
 HideNotAvailableOptions=Hide unavailable options
 ErrorFoundDuringMigration=Error(s) were reported during the migration process so next step is not available. To ignore errors, you can <a href="%s">click here</a>, but the application or some features may not work correctly until the errors are resolved.
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@ -509,7 +509,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->gl
 		//print 'Unset POST by CSRF protection in main.inc.php.';	// Do not output anything because this create problems when using the BACK button on browsers.
 		setEventMessages('SecurityTokenHasExpiredSoActionHasBeenCanceledPleaseRetry', null, 'warnings');
 		//if ($conf->global->MAIN_FEATURES_LEVEL >= 1) setEventMessages('Unset POST and GET params by CSRF protection in main.inc.php (Token provided was not generated by the previous page).'."<br>\n".'$_SERVER[REQUEST_URI] = '.$_SERVER['REQUEST_URI'].' $_SERVER[REQUEST_METHOD] = '.$_SERVER['REQUEST_METHOD'].' GETPOST(token) = '.GETPOST('token', 'alpha').' $_SESSION[token] = '.$_SESSION['token'], null, 'warnings');
-		$savid = ((int) $_POST['id']);
+		if (isset($_POST['id'])) $savid = ((int) $_POST['id']);
 		unset($_POST);
 		//unset($_POST['action']); unset($_POST['massaction']);
 		//unset($_POST['confirm']); unset($_POST['confirmmassaction']);
@ -517,7 +517,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->gl
 		unset($_GET['action']);
 		unset($_GET['confirmmassaction']);
 		unset($_GET['massaction']);
-		$_POST['id'] = ((int) $savid);
+		if (isset($savid)) $_POST['id'] = ((int) $savid);
 	}

 	// Note: There is another CSRF protection into the filefunc.inc.php
@ -3146,7 +3146,7 @@ if (!function_exists("llxFooter")) {
 		}

 		// Wrapper to add log when clicking on download or preview
-		if (!empty($conf->blockedlog->enabled) && is_object($object) && $object->id > 0 && $object->statut > 0) {
+		if (!empty($conf->blockedlog->enabled) && is_object($object) && !empty($object->id) && $object->id > 0 && $object->statut > 0) {
 			if (in_array($object->element, array('facture'))) {       // Restrict for the moment to element 'facture'
 				print "\n<!-- JS CODE TO ENABLE log when making a download or a preview of a document -->\n";
 				?>
--- a/htdocs/margin/tabs/thirdpartyMargins.php
+++ b/htdocs/margin/tabs/thirdpartyMargins.php
@ -142,7 +142,7 @@ if ($socid > 0) {

 	// Total Margin
 	print '<tr><td class="titlefield">'.$langs->trans("TotalMargin").'</td><td colspan="3">';
-	print '<span id="totalMargin"></span>'; // set by jquery (see below)
+	print '<span id="totalMargin" class="amount"></span>'; // set by jquery (see below)
 	print '</td></tr>';

 	// Margin Rate
@ -242,9 +242,9 @@ if ($socid > 0) {
 				print "</td>\n";
 				print "<td class=\"center\">";
 				print dol_print_date($db->jdate($objp->datef), 'day')."</td>";
-				print "<td class=\"right\">".price(price2num($objp->selling_price, 'MT'))."</td>\n";
-				print "<td class=\"right\">".price(price2num(($objp->type == 2 ? -1 : 1) * $objp->buying_price, 'MT'))."</td>\n";
-				print "<td class=\"right\">".$sign.price(price2num($objp->marge, 'MT'))."</td>\n";
+				print "<td class=\"right amount\">".price(price2num($objp->selling_price, 'MT'))."</td>\n";
+				print "<td class=\"right amount\">".price(price2num(($objp->type == 2 ? -1 : 1) * $objp->buying_price, 'MT'))."</td>\n";
+				print "<td class=\"right amount\">".$sign.price(price2num($objp->marge, 'MT'))."</td>\n";
 				if (!empty($conf->global->DISPLAY_MARGIN_RATES)) {
 					print "<td class=\"right\">".(($marginRate === '') ? 'n/a' : $sign.price(price2num($marginRate, 'MT'))."%")."</td>\n";
 				}
--- a/htdocs/modulebuilder/template/myobject_list.php
+++ b/htdocs/modulebuilder/template/myobject_list.php
@ -165,7 +165,7 @@ foreach ($object->fields as $key => $val) {
 			'checked'=>(($visible < 0) ? 0 : 1),
 			'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)),
 			'position'=>$val['position'],
-			'help'=>$val['help']
+			'help'=> isset($val['help']) ? $val['help'] : ''
 		);
 	}
 }
--- a/htdocs/mrp/mo_list.php
+++ b/htdocs/mrp/mo_list.php
@ -115,7 +115,7 @@ foreach ($object->fields as $key => $val) {
 			'checked'=>(($visible < 0) ? 0 : 1),
 			'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)),
 			'position'=>$val['position'],
-			'help'=>$val['help']
+			'help'=> isset($val['help']) ? $val['help'] : ''
 		);
 	}
 }
@ -236,8 +236,8 @@ foreach ($search as $key => $val) {
 		$mode_search = (($object->isInt($object->fields[$key]) || $object->isFloat($object->fields[$key])) ? 1 : 0);
 		if ((strpos($object->fields[$key]['type'], 'integer:') === 0) || (strpos($object->fields[$key]['type'], 'sellist:') === 0) || !empty($object->fields[$key]['arrayofkeyval'])) {
 			if ($search[$key] == '-1' || $search[$key] === '0') {
-			$search[$key] = '';
-				}
+				$search[$key] = '';
+			}
 			$mode_search = 2;
 		}
 		if ($search[$key] != '') {
--- a/htdocs/partnership/partnership_list.php
+++ b/htdocs/partnership/partnership_list.php
@ -126,7 +126,7 @@ foreach ($object->fields as $key => $val) {
 			'checked'=>(($visible < 0) ? 0 : 1),
 			'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)),
 			'position'=>$val['position'],
-			'help'=>$val['help']
+			'help'=> isset($val['help']) ? $val['help'] : ''
 		);
 	}
 }
--- a/htdocs/product/admin/product.php
+++ b/htdocs/product/admin/product.php
@ -507,14 +507,16 @@ print "<br>";

 print "<br>";

-print load_fiche_titre($langs->trans("ProductOtherConf"), '', '');
-

 print '<form method="POST" action="'.$_SERVER['PHP_SELF'].'">';
 print '<input type="hidden" name="token" value="'.newToken().'">';
 print '<input type="hidden" name="action" value="other">';
 print '<input type="hidden" name="page_y" value="">';

+
+print load_fiche_titre($langs->trans("ProductOtherConf"), '', '');
+
+
 print '<table class="noborder centpercent">';
 print '<tr class="liste_titre">';
 print '<td>'.$langs->trans("Parameters").'</td>'."\n";
@ -592,6 +594,38 @@ print $form->selectPriceBaseType($conf->global->PRODUCT_PRICE_BASE_TYPE, "price_
 print '</td>';
 print '</tr>';

+if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled)) {
+	print '<tr class="oddeven">';
+	print '<td>'.$langs->trans("UseProductFournDesc").'</td>';
+	print '<td class="right">';
+	print $form->selectyesno("activate_useProdFournDesc", (!empty($conf->global->PRODUIT_FOURN_TEXTS) ? $conf->global->PRODUIT_FOURN_TEXTS : 0), 1);
+	print '</td>';
+	print '</tr>';
+
+	print '<tr class="oddeven">';
+	print '<td>'.$langs->trans("UseProductSupplierPackaging").'</td>';
+	print '<td align="right">';
+	print $form->selectyesno("activate_useProdSupplierPackaging", (!empty($conf->global->PRODUCT_USE_SUPPLIER_PACKAGING) ? $conf->global->PRODUCT_USE_SUPPLIER_PACKAGING : 0), 1);
+	print '</td>';
+	print '</tr>';
+}
+
+print '</table>';
+
+print '<div class="center">';
+print '<input type="submit" class="button reposition" value="'.$langs->trans("Modify").'">';
+print '</div>';
+
+
+print load_fiche_titre($langs->trans("UserInterface"), '', '');
+
+
+print '<table class="noborder centpercent">';
+print '<tr class="liste_titre">';
+print '<td>'.$langs->trans("Parameters").'</td>'."\n";
+print '<td class="right" width="60">'.$langs->trans("Value").'</td>'."\n";
+print '</tr>'."\n";
+
 // Use Ajax form to select a product

 print '<tr class="oddeven">';
@ -624,9 +658,10 @@ if (empty($conf->global->PRODUIT_USE_SEARCH_TO_SELECT)) {
 print '<tr class="oddeven">';
 print '<td>'.$langs->trans("OnProductSelectAddProductDesc").'</td>';
 print '<td class="right">';
+print '<!-- PRODUIT_AUTOFILL_DESC -->';
 print $form->selectarray(
 	"activate_FillProductDescAuto",
-	array(1=>'AutoFillFormFieldBeforeSubmit', 0=>'DoNotAutofillButAutoConcat', -1=>'DoNotUseDescriptionOfProdut'),
+	array(0=>'DoNotAutofillButAutoConcat', 1=>'AutoFillFormFieldBeforeSubmit', 2=>'DoNotUseDescriptionOfProdut'),
 	empty($conf->global->PRODUIT_AUTOFILL_DESC) ? 0 : $conf->global->PRODUIT_AUTOFILL_DESC,
 	0,
 	0,
@ -682,22 +717,6 @@ if (!empty($conf->global->MAIN_MULTILANGS)) {
 	print '</tr>';
 }

-if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled)) {
-	print '<tr class="oddeven">';
-	print '<td>'.$langs->trans("UseProductFournDesc").'</td>';
-	print '<td class="right">';
-	print $form->selectyesno("activate_useProdFournDesc", (!empty($conf->global->PRODUIT_FOURN_TEXTS) ? $conf->global->PRODUIT_FOURN_TEXTS : 0), 1);
-	print '</td>';
-	print '</tr>';
-
-	print '<tr class="oddeven">';
-	print '<td>'.$langs->trans("UseProductSupplierPackaging").'</td>';
-	print '<td align="right">';
-	print $form->selectyesno("activate_useProdSupplierPackaging", (!empty($conf->global->PRODUCT_USE_SUPPLIER_PACKAGING) ? $conf->global->PRODUCT_USE_SUPPLIER_PACKAGING : 0), 1);
-	print '</td>';
-	print '</tr>';
-}
-

 if (!empty($conf->global->PRODUCT_CANVAS_ABILITY)) {
 	// Add canvas feature
--- a/htdocs/product/class/product.class.php
+++ b/htdocs/product/class/product.class.php
@ -2236,7 +2236,7 @@ class Product extends CommonObject
 		// Check parameters
 		if (!$id && !$ref && !$ref_ext && !$barcode) {
 			$this->error = 'ErrorWrongParameters';
-			dol_syslog(get_class($this)."::fetch ".$this->error);
+			dol_syslog(get_class($this)."::fetch ".$this->error, LOG_ERR);
 			return -1;
 		}

@ -2286,7 +2286,7 @@ class Product extends CommonObject
 			$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as ppe ON ppe.fk_product = p.rowid AND ppe.entity = " . ((int) $conf->entity);
 		}
 		if ($separatedStock) {
-			$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_stock as sp ON sp.fk_product = p.rowid";
+			$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_stock as sp ON sp.fk_product = p.rowid AND sp.fk_entrepot IN (SELECT rowid FROM ".MAIN_DB_PREFIX."entrepot WHERE entity IN (".$this->db->sanitize($visibleWarehousesEntities)."))";
 		}
 		if ($id) {
 			$sql .= " WHERE p.rowid = ".((int) $id);
@ -2300,9 +2300,6 @@ class Product extends CommonObject
 				$sql .= " AND p.barcode = '".$this->db->escape($barcode)."'";
 			}
 		}
-		if ($separatedStock) {
-			$sql .= " AND sp.fk_entrepot IN (SELECT rowid FROM ".MAIN_DB_PREFIX."entrepot WHERE entity IN (".$this->db->sanitize($visibleWarehousesEntities)."))";
-		}
 		if ($separatedStock) {
 			$sql .= " GROUP BY p.rowid, p.ref, p.ref_ext, p.label, p.description, p.url, p.note_public, p.note, p.customcode, p.fk_country, p.fk_state, p.lifetime, p.qc_frequency, p.price, p.price_ttc,";
 			$sql .= " p.price_min, p.price_min_ttc, p.price_base_type, p.cost_price, p.default_vat_code, p.tva_tx, p.recuperableonly, p.localtax1_tx, p.localtax2_tx, p.localtax1_type, p.localtax2_type, p.tosell,";
--- a/htdocs/product/inventory/card.php
+++ b/htdocs/product/inventory/card.php
@ -49,7 +49,10 @@ if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
 // Initialize technical objects
 $object = new Inventory($db);
 $extrafields = new ExtraFields($db);
-$diroutputmassaction = $conf->stock->dir_output.'/temp/massgeneration/'.$user->id;
+// no inventory docs yet
+$includedocgeneration = false;
+$diroutputmassaction = null;
+// $diroutputmassaction = $conf->stock->dir_output.'/temp/massgeneration/'.$user->id;
 $hookmanager->initHooks(array('inventorycard', 'globalcard')); // Note that conf->hooks_modules contains array

 // Fetch optionals attributes and labels
@ -180,7 +183,7 @@ if ($action == 'create') {
 	if ($backtopage) {
 		print '<input type="hidden" name="backtopage" value="'.$backtopage.'">';
 	}
-	if ($backtopageforcancel) {
+	if (!empty($backtopageforcancel)) {
 		print '<input type="hidden" name="backtopageforcancel" value="'.$backtopageforcancel.'">';
 	}

@ -261,10 +264,6 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
 	if ($action == 'delete') {
 		$formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id, $langs->trans('DeleteInventory'), $langs->trans('ConfirmDeleteObject'), 'confirm_delete', '', 0, 1);
 	}
-	// Confirmation to delete line
-	if ($action == 'deleteline') {
-		$formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id.'&lineid='.$lineid, $langs->trans('DeleteLine'), $langs->trans('ConfirmDeleteLine'), 'confirm_deleteline', '', 0, 1);
-	}

 	// Clone confirmation
 	if ($action == 'clone') {
@ -290,7 +289,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
 	}

 	// Call Hook formConfirm
-	$parameters = array('formConfirm' => $formconfirm, 'lineid' => $lineid);
+	$parameters = array('formConfirm' => $formconfirm);
 	$reshook = $hookmanager->executeHooks('formConfirm', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
 	if (empty($reshook)) {
 		$formconfirm .= $hookmanager->resPrint;
@ -469,7 +468,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
 		// List of actions on element
 		include_once DOL_DOCUMENT_ROOT.'/core/class/html.formactions.class.php';
 		$formactions = new FormActions($db);
-		$somethingshown = $formactions->showactions($object, 'inventory', $socid, 1, '', $MAXEVENT, '', $morehtmlright);
+		$somethingshown = $formactions->showactions($object, 'inventory', 0, 1, '', $MAXEVENT, '', $morehtmlright);

 		print '</div></div></div>';
 	}
--- a/htdocs/product/inventory/inventory.php
+++ b/htdocs/product/inventory/inventory.php
@ -616,7 +616,7 @@ if ($object->id > 0) {
 		while ($i < $num) {
 			$obj = $db->fetch_object($resql);

-			if (is_object($cacheOfWarehouses[$obj->fk_warehouse])) {
+			if (isset($cacheOfWarehouses[$obj->fk_warehouse])) {
 				$warehouse_static = $cacheOfWarehouses[$obj->fk_warehouse];
 			} else {
 				$warehouse_static = new Entrepot($db);
@ -625,7 +625,7 @@ if ($object->id > 0) {
 				$cacheOfWarehouses[$warehouse_static->id] = $warehouse_static;
 			}

-			if (is_object($cacheOfProducts[$obj->fk_product])) {
+			if (isset($cacheOfProducts[$obj->fk_product])) {
 				$product_static = $cacheOfProducts[$obj->fk_product];
 			} else {
 				$product_static = new Product($db);
--- a/htdocs/product/inventory/list.php
+++ b/htdocs/product/inventory/list.php
@ -59,7 +59,9 @@ $pagenext = $page + 1;
 // Initialize technical objects
 $object = new Inventory($db);
 $extrafields = new ExtraFields($db);
-$diroutputmassaction = $conf->inventory->dir_output.'/temp/massgeneration/'.$user->id;
+// no inventory docs yet
+// $diroutputmassaction = $conf->inventory->dir_output.'/temp/massgeneration/'.$user->id;
+$diroutputmassaction = null;
 $hookmanager->initHooks(array('inventorylist')); // Note that conf->hooks_modules contains array
 // Fetch optionals attributes and labels
 $extrafields->fetch_name_optionals_label($object->table_element);
@ -106,7 +108,7 @@ foreach ($object->fields as $key => $val) {
 			'checked'=>(($visible < 0) ? 0 : 1),
 			'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)),
 			'position'=>$val['position'],
-			'help'=>$val['help']
+			'help'=> isset($val['help']) ? $val['help'] : ''
 		);
 	}
 }
@ -127,9 +129,9 @@ if ($user->socid > 0) {	// Protection if external user
 	accessforbidden();
 }
 if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
-	$result = restrictedArea($user, 'stock', $objectid);
+	$result = restrictedArea($user, 'stock');
 } else {
-	$result = restrictedArea($user, 'stock', $objectid, '', 'inventory_advance');
+	$result = restrictedArea($user, 'stock', 0, '', 'inventory_advance');
 }


@ -624,7 +626,8 @@ print '</table>'."\n";
 print '</div>'."\n";

 print '</form>'."\n";
-
+// no inventory docs yet
+/*
 if (in_array('builddoc', $arrayofmassactions) && ($nbtotalofrecords === '' || $nbtotalofrecords)) {
 	$hidegeneratedfilelistifempty = 1;
 	if ($massaction == 'builddoc' || $action == 'remove_file' || $show_files) {
@ -644,7 +647,7 @@ if (in_array('builddoc', $arrayofmassactions) && ($nbtotalofrecords === '' || $n

 	print $formfile->showdocuments('massfilesarea_mymodule', '', $filedir, $urlsource, 0, $delallowed, '', 1, 1, 0, 48, 1, $param, $title, '', '', '', null, $hidegeneratedfilelistifempty);
 }
-
+*/
 // End of page
 llxFooter();
 $db->close();
--- a/htdocs/product/stock/list.php
+++ b/htdocs/product/stock/list.php
@ -123,7 +123,7 @@ foreach ($object->fields as $key => $val) {
 			'checked'=>(($visible < 0) ? 0 : 1),
 			'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)),
 			'position'=>$val['position'],
-			'help'=>$val['help']
+			'help'=> isset($val['help']) ? $val['help'] : 'help'
 		);
 	}
 }
--- a/htdocs/projet/class/project.class.php
+++ b/htdocs/projet/class/project.class.php
@ -2050,7 +2050,7 @@ class Project extends CommonObject
 				$response->nbtodo++;

 				$project_static->statut = $obj->status;
-				$project_static->opp_status = $obj->opp_status;
+				$project_static->opp_status = $obj->fk_opp_status;
 				$project_static->datee = $this->db->jdate($obj->datee);

 				if ($project_static->hasDelay()) {
--- a/htdocs/projet/class/task.class.php
+++ b/htdocs/projet/class/task.class.php
@ -2118,7 +2118,7 @@ class Task extends CommonObject

 		$now = dol_now();

-		$datetouse = ($this->date_end > 0) ? $this->date_end : ($this->datee > 0 ? $this->datee : 0);
+		$datetouse = ($this->date_end > 0) ? $this->date_end : ((isset($this->datee) && $this->datee > 0) ? $this->datee : 0);

 		return ($datetouse > 0 && ($datetouse < ($now - $conf->projet->task->warning_delay)));
 	}
--- a/htdocs/projet/list.php
+++ b/htdocs/projet/list.php
@ -167,7 +167,7 @@ foreach ($object->fields as $key => $val) {
 			'checked'=>(($visible < 0) ? 0 : 1),
 			'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)),
 			'position'=>$val['position'],
-			'help'=>$val['help']
+			'help'=> isset($val['help']) ? $val['help'] : ''
 		);
 	}
 }
--- a/htdocs/public/eventorganization/attendee_subscription.php
+++ b/htdocs/public/eventorganization/attendee_subscription.php
@ -205,7 +205,7 @@ if ($reshook < 0) {
 }

 // Action called when page is submitted
-if (empty($reshook) && $action == 'add') {
+if (empty($reshook) && $action == 'add' && $conference->status==2) {
 	$error = 0;

 	$urlback = '';
@ -473,25 +473,27 @@ print $langs->trans("EvntOrgWelcomeMessage", $conference->label);
 print '<br>';
 print $langs->trans("EvntOrgDuration", dol_print_date($conference->datep), dol_print_date($conference->datef));
 print '</div>';
-
 dol_htmloutput_errors($errmsg);

-// Print form
-print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST" name="newmember">'."\n";
-print '<input type="hidden" name="token" value="'.newToken().'" / >';
-print '<input type="hidden" name="entity" value="'.$entity.'" />';
-print '<input type="hidden" name="action" value="add" />';
-print '<input type="hidden" name="id" value="'.$id.'" />';
-print '<input type="hidden" name="securekey" value="'.$securekeyreceived.'" />';
+if ($conference->status!=2) {
+	print $langs->trans("ConferenceIsNotConfirmed");
+} else {
+	// Print form
+	print '<form action="' . $_SERVER["PHP_SELF"] . '" method="POST" name="newmember">' . "\n";
+	print '<input type="hidden" name="token" value="' . newToken() . '" / >';
+	print '<input type="hidden" name="entity" value="' . $entity . '" />';
+	print '<input type="hidden" name="action" value="add" />';
+	print '<input type="hidden" name="id" value="' . $id . '" />';
+	print '<input type="hidden" name="securekey" value="' . $securekeyreceived . '" />';

-print '<br>';
+	print '<br>';

-print '<br><span class="opacitymedium">'.$langs->trans("FieldsWithAreMandatory", '*').'</span><br>';
-//print $langs->trans("FieldsWithIsForPublic",'**').'<br>';
+	print '<br><span class="opacitymedium">' . $langs->trans("FieldsWithAreMandatory", '*') . '</span><br>';
+	//print $langs->trans("FieldsWithIsForPublic",'**').'<br>';

-print dol_get_fiche_head('');
+	print dol_get_fiche_head('');

-print '<script type="text/javascript">
+	print '<script type="text/javascript">
 jQuery(document).ready(function () {
    jQuery(document).ready(function () {
        jQuery("#selectcountry_id").change(function() {
@ -502,74 +504,74 @@ jQuery(document).ready(function () {
 });
 </script>';

-print '<table class="border" summary="form to subscribe" id="tablesubscribe">'."\n";
+	print '<table class="border" summary="form to subscribe" id="tablesubscribe">' . "\n";

-// Email
-print '<tr><td>'.$langs->trans("Email").'<FONT COLOR="red">*</FONT></td><td><input type="text" name="email" maxlength="255" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('email')).'"></td></tr>'."\n";
-// Company
-print '<tr id="trcompany" class="trcompany"><td>'.$langs->trans("Company");
-if (!empty(floatval($project->price_registration))) {
-	print '<FONT COLOR="red">*</FONT>';
-}
-print ' </td><td><input type="text" name="societe" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('societe')).'"></td></tr>'."\n";
-// Address
-print '<tr><td>'.$langs->trans("Address").'</td><td>'."\n";
-print '<textarea name="address" id="address" wrap="soft" class="quatrevingtpercent" rows="'.ROWS_3.'">'.dol_escape_htmltag(GETPOST('address', 'restricthtml'), 0, 1).'</textarea></td></tr>'."\n";
-// Zip / Town
-print '<tr><td>'.$langs->trans('Zip').' / '.$langs->trans('Town').'</td><td>';
-print $formcompany->select_ziptown(GETPOST('zipcode'), 'zipcode', array('town', 'selectcountry_id', 'state_id'), 6, 1);
-print ' / ';
-print $formcompany->select_ziptown(GETPOST('town'), 'town', array('zipcode', 'selectcountry_id', 'state_id'), 0, 1);
-print '</td></tr>';
-// Country
-print '<tr><td>'.$langs->trans('Country').'<FONT COLOR="red">*</FONT></td><td>';
-$country_id = GETPOST('country_id');
-if (!$country_id && !empty($conf->global->MEMBER_NEWFORM_FORCECOUNTRYCODE)) {
-	$country_id = getCountry($conf->global->MEMBER_NEWFORM_FORCECOUNTRYCODE, 2, $db, $langs);
-}
-if (!$country_id && !empty($conf->geoipmaxmind->enabled)) {
-	$country_code = dol_user_country();
-	//print $country_code;
-	if ($country_code) {
-		$new_country_id = getCountry($country_code, 3, $db, $langs);
-		//print 'xxx'.$country_code.' - '.$new_country_id;
-		if ($new_country_id) {
-			$country_id = $new_country_id;
+	// Email
+	print '<tr><td>' . $langs->trans("Email") . '<FONT COLOR="red">*</FONT></td><td><input type="text" name="email" maxlength="255" class="minwidth150" value="' . dol_escape_htmltag(GETPOST('email')) . '"></td></tr>' . "\n";
+	// Company
+	print '<tr id="trcompany" class="trcompany"><td>' . $langs->trans("Company");
+	if (!empty(floatval($project->price_registration))) {
+		print '<FONT COLOR="red">*</FONT>';
+	}
+	print ' </td><td><input type="text" name="societe" class="minwidth150" value="' . dol_escape_htmltag(GETPOST('societe')) . '"></td></tr>' . "\n";
+	// Address
+	print '<tr><td>' . $langs->trans("Address") . '</td><td>' . "\n";
+	print '<textarea name="address" id="address" wrap="soft" class="quatrevingtpercent" rows="' . ROWS_3 . '">' . dol_escape_htmltag(GETPOST('address', 'restricthtml'), 0, 1) . '</textarea></td></tr>' . "\n";
+	// Zip / Town
+	print '<tr><td>' . $langs->trans('Zip') . ' / ' . $langs->trans('Town') . '</td><td>';
+	print $formcompany->select_ziptown(GETPOST('zipcode'), 'zipcode', array('town', 'selectcountry_id', 'state_id'), 6, 1);
+	print ' / ';
+	print $formcompany->select_ziptown(GETPOST('town'), 'town', array('zipcode', 'selectcountry_id', 'state_id'), 0, 1);
+	print '</td></tr>';
+	// Country
+	print '<tr><td>' . $langs->trans('Country') . '<FONT COLOR="red">*</FONT></td><td>';
+	$country_id = GETPOST('country_id');
+	if (!$country_id && !empty($conf->global->MEMBER_NEWFORM_FORCECOUNTRYCODE)) {
+		$country_id = getCountry($conf->global->MEMBER_NEWFORM_FORCECOUNTRYCODE, 2, $db, $langs);
+	}
+	if (!$country_id && !empty($conf->geoipmaxmind->enabled)) {
+		$country_code = dol_user_country();
+		//print $country_code;
+		if ($country_code) {
+			$new_country_id = getCountry($country_code, 3, $db, $langs);
+			//print 'xxx'.$country_code.' - '.$new_country_id;
+			if ($new_country_id) {
+				$country_id = $new_country_id;
+			}
 		}
 	}
-}
-$country_code = getCountry($country_id, 2, $db, $langs);
-print $form->select_country($country_id, 'country_id');
-print '</td></tr>';
-// State
-if (empty($conf->global->SOCIETE_DISABLE_STATE)) {
-	print '<tr><td>'.$langs->trans('State').'</td><td>';
-	if ($country_code) {
-		print $formcompany->select_state(GETPOST("state_id"), $country_code);
-	} else {
-		print '';
-	}
+	$country_code = getCountry($country_id, 2, $db, $langs);
+	print $form->select_country($country_id, 'country_id');
 	print '</td></tr>';
+	// State
+	if (empty($conf->global->SOCIETE_DISABLE_STATE)) {
+		print '<tr><td>' . $langs->trans('State') . '</td><td>';
+		if ($country_code) {
+			print $formcompany->select_state(GETPOST("state_id"), $country_code);
+		} else {
+			print '';
+		}
+		print '</td></tr>';
+	}
+
+	print "</table>\n";
+
+	print dol_get_fiche_end();
+
+	// Save
+	print '<div class="center">';
+	print '<input type="submit" value="' . $langs->trans("Submit") . '" id="submitsave" class="button">';
+	if (!empty($backtopage)) {
+		print ' &nbsp; &nbsp; <input type="submit" value="' . $langs->trans("Cancel") . '" id="submitcancel" class="button button-cancel">';
+	}
+	print '</div>';
+
+
+	print "</form>\n";
+	print "<br>";
+	print '</div></div>';
 }

-print "</table>\n";
-
-print dol_get_fiche_end();
-
-// Save
-print '<div class="center">';
-print '<input type="submit" value="'.$langs->trans("Submit").'" id="submitsave" class="button">';
-if (!empty($backtopage)) {
-	print ' &nbsp; &nbsp; <input type="submit" value="'.$langs->trans("Cancel").'" id="submitcancel" class="button button-cancel">';
-}
-print '</div>';
-
-
-print "</form>\n";
-print "<br>";
-print '</div></div>';
-
-
 llxFooterVierge();

 $db->close();
--- a/htdocs/public/payment/paymentok.php
+++ b/htdocs/public/payment/paymentok.php
@ -1302,6 +1302,12 @@ if ($ispaymentok) {
 			$error++;
 		}
 		// End call triggers
+	} elseif (get_class($object) == 'stdClass') {
+		//In some case $object is not instanciate (for paiement on custom object) We need to deal with payment
+		include_once DOL_DOCUMENT_ROOT.'/compta/paiement/class/paiement.class.php';
+		$paiement = new Paiement($db);
+		$result = $paiement->call_trigger('PAYMENTONLINE_PAYMENT_OK', $user);
+		if ($result < 0) $error++;
 	}

 	print $langs->trans("YourPaymentHasBeenRecorded")."<br>\n";
--- a/htdocs/public/project/suggestbooth.php
+++ b/htdocs/public/project/suggestbooth.php
@ -405,6 +405,7 @@ if (empty($reshook) && $action == 'add') {
 							$facture->paye = 0;
 							$facture->date = dol_now();
 							$facture->cond_reglement_id = $contact->cond_reglement_id;
+							$facture->fk_project = $project->id;

 							if (empty($facture->cond_reglement_id)) {
 								$paymenttermstatic = new PaymentTerm($contact->db);
@ -469,7 +470,7 @@ if (empty($reshook) && $action == 'add') {

 						$labeltouse = $conf->global->EVENTORGANIZATION_TEMPLATE_EMAIL_ASK_BOOTH;
 						if (!empty($labeltouse)) {
-							$arraydefaultmessage = $formmail->getEMailTemplate($db, 'eventorganization_send', $user, $outputlangs, $labeltouse, 1, '');
+							$arraydefaultmessage = $formmail->getEMailTemplate($db, 'conferenceorbooth', $user, $outputlangs, $labeltouse, 1, '');
 						}

 						if (!empty($labeltouse) && is_object($arraydefaultmessage) && $arraydefaultmessage->id > 0) {
@ -569,7 +570,7 @@ jQuery(document).ready(function () {
 print '<table class="border" summary="form to subscribe" id="tablesubscribe">'."\n";

 // Name
-print '<tr><td><label for="lastname">'.$langs->trans("Lastname").' / '.$langs->trans("Label").'<FONT COLOR="red">*</FONT></label></td>';
+print '<tr><td><label for="lastname">'.$langs->trans("Lastname").'<FONT COLOR="red">*</FONT></label></td>';
 print '<td colspan="3"><input name="lastname" id="lastname" type="text" class="maxwidth100onsmartphone" maxlength="80" value="'.dol_escape_htmltag(GETPOST("lastname", 'alpha') ?GETPOST("lastname", 'alpha') : $object->lastname).'" autofocus="autofocus"></td>';
 print '</tr>';
 // Email
@ -577,21 +578,6 @@ print '<tr><td>'.$langs->trans("Email").'<FONT COLOR="red">*</FONT></td><td><inp
 // Company
 print '<tr id="trcompany" class="trcompany"><td>'.$langs->trans("Company").'<FONT COLOR="red">*</FONT>';
 print ' </td><td><input type="text" name="societe" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('societe')).'"></td></tr>'."\n";
-// Type of event
-print '<tr><td>'.$langs->trans("EventType").'<FONT COLOR="red">*</FONT></td>'."\n";
-print '<td>'.FORM::selectarray('eventtype', $arrayofeventtype, $eventtype).'</td>';
-// Label
-print '<tr><td>'.$langs->trans("Label").'<FONT COLOR="red">*</FONT></td>'."\n";
-print '</td><td><input type="text" name="label" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('label')).'"></td></tr>'."\n";
-// Note
-print '<tr><td>'.$langs->trans("Note").'<FONT COLOR="red">*</FONT></td>'."\n";
-print '<td><input type="text" name="note" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('note')).'"></td></tr>'."\n";
-// Start Date
-print '<tr><td>'.$langs->trans("DateStart").'<FONT COLOR="red">*</FONT></td>'."\n";
-print '<td><input type="date" name="datestart" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('datestart')).'"></td></tr>'."\n";
-// End Date
-print '<tr><td>'.$langs->trans("DateEnd").'<FONT COLOR="red">*</FONT></td>'."\n";
-print '<td><input type="date" name="dateend" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('dateend')).'"></td></tr>'."\n";
 // Address
 print '<tr><td>'.$langs->trans("Address").'</td><td>'."\n";
 print '<textarea name="address" id="address" wrap="soft" class="quatrevingtpercent" rows="'.ROWS_3.'">'.dol_escape_htmltag(GETPOST('address', 'restricthtml'), 0, 1).'</textarea></td></tr>'."\n";
@ -603,9 +589,8 @@ print $formcompany->select_ziptown(GETPOST('town'), 'town', array('zipcode', 'se
 print '</td></tr>';
 // Country
 print '<tr><td>'.$langs->trans('Country');
-if (!empty(floatval($project->price_booth))) {
-	print '<FONT COLOR="red">*</FONT>';
-}
+print '<span style="color:red">*</span>';
+
 print '</td><td>';
 $country_id = GETPOST('country_id');
 if (!$country_id && !empty($conf->global->MEMBER_NEWFORM_FORCECOUNTRYCODE)) {
@ -635,6 +620,22 @@ if (empty($conf->global->SOCIETE_DISABLE_STATE)) {
 	}
 	print '</td></tr>';
 }
+// Type of event
+print '<tr><td>'.$langs->trans("EventType").'<FONT COLOR="red">*</FONT></td>'."\n";
+print '<td>'.FORM::selectarray('eventtype', $arrayofeventtype, $eventtype).'</td>';
+// Label
+print '<tr><td>'.$langs->trans("LabelOfBooth").'<FONT COLOR="red">*</FONT></td>'."\n";
+print '</td><td><input type="text" name="label" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('label')).'"></td></tr>'."\n";
+// Note
+print '<tr><td>'.$langs->trans("Description").'<FONT COLOR="red">*</FONT></td>'."\n";
+print '<td><textarea name="note" id="note" wrap="soft" class="quatrevingtpercent" rows="'.ROWS_3.'">'.dol_escape_htmltag(GETPOST('note', 'restricthtml'), 0, 1).'</textarea></td></tr>'."\n";
+// Start Date
+print '<tr><td>'.$langs->trans("DateStart").'<FONT COLOR="red">*</FONT></td>'."\n";
+print '<td><input type="date" name="datestart" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('datestart')).'"></td></tr>'."\n";
+// End Date
+print '<tr><td>'.$langs->trans("DateEnd").'<FONT COLOR="red">*</FONT></td>'."\n";
+print '<td><input type="date" name="dateend" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('dateend')).'"></td></tr>'."\n";
+

 print "</table>\n";

--- a/htdocs/public/project/suggestconference.php
+++ b/htdocs/public/project/suggestconference.php
@ -409,7 +409,7 @@ if (empty($reshook) && $action == 'add') {

 					$labeltouse = $conf->global->EVENTORGANIZATION_TEMPLATE_EMAIL_ASK_CONF;
 					if (!empty($labeltouse)) {
-						$arraydefaultmessage = $formmail->getEMailTemplate($db, 'eventorganization_send', $user, $outputlangs, $labeltouse, 1, '');
+						$arraydefaultmessage = $formmail->getEMailTemplate($db, 'conferenceorbooth', $user, $outputlangs, $labeltouse, 1, '');
 					}

 					if (!empty($labeltouse) && is_object($arraydefaultmessage) && $arraydefaultmessage->id > 0) {
@ -508,11 +508,11 @@ jQuery(document).ready(function () {
 print '<table class="border" summary="form to subscribe" id="tablesubscribe">'."\n";

 // Last Name
-print '<tr><td><label for="lastname">'.$langs->trans("Lastname").' / '.$langs->trans("Label").'<FONT COLOR="red">*</FONT></label></td>';
+print '<tr><td><label for="lastname">'.$langs->trans("Lastname").'<FONT COLOR="red">*</FONT></label></td>';
 print '<td colspan="3"><input name="lastname" id="lastname" type="text" class="maxwidth100onsmartphone" maxlength="80" value="'.dol_escape_htmltag(GETPOST("lastname", 'alpha') ?GETPOST("lastname", 'alpha') : $object->lastname).'" autofocus="autofocus"></td>';
 print '</tr>';
 // First Name
-print '<tr><td><label for="firstname">'.$langs->trans("Firstname").' / '.$langs->trans("Label").'<FONT COLOR="red">*</FONT></label></td>';
+print '<tr><td><label for="firstname">'.$langs->trans("Firstname").'<FONT COLOR="red">*</FONT></label></td>';
 print '<td colspan="3"><input name="firstname" id="firstname" type="text" class="maxwidth100onsmartphone" maxlength="80" value="'.dol_escape_htmltag(GETPOST("firstname", 'alpha') ?GETPOST("firstname", 'alpha') : $object->firstname).'" autofocus="autofocus"></td>';
 print '</tr>';
 // Email
@ -520,21 +520,6 @@ print '<tr><td>'.$langs->trans("Email").'<FONT COLOR="red">*</FONT></td><td><inp
 // Company
 print '<tr id="trcompany" class="trcompany"><td>'.$langs->trans("Company").'<FONT COLOR="red">*</FONT>';
 print ' </td><td><input type="text" name="societe" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('societe')).'"></td></tr>'."\n";
-// Type of event
-print '<tr><td>'.$langs->trans("EventType").'<FONT COLOR="red">*</FONT></td>'."\n";
-print '<td>'.FORM::selectarray('eventtype', $arrayofeventtype, $eventtype).'</td>';
-// Label
-print '<tr><td>'.$langs->trans("Label").'<FONT COLOR="red">*</FONT></td>'."\n";
-print '</td><td><input type="text" name="label" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('label')).'"></td></tr>'."\n";
-// Note
-print '<tr><td>'.$langs->trans("Note").'<FONT COLOR="red">*</FONT></td>'."\n";
-print '<td><input type="text" name="note" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('note')).'"></td></tr>'."\n";
-// Start Date
-print '<tr><td>'.$langs->trans("DateStart").'</td>'."\n";
-print '<td><input type="date" name="datestart" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('datestart')).'"></td></tr>'."\n";
-// End Date
-print '<tr><td>'.$langs->trans("DateEnd").'</td>'."\n";
-print '<td><input type="date" name="dateend" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('dateend')).'"></td></tr>'."\n";
 // Address
 print '<tr><td>'.$langs->trans("Address").'</td><td>'."\n";
 print '<textarea name="address" id="address" wrap="soft" class="quatrevingtpercent" rows="'.ROWS_3.'">'.dol_escape_htmltag(GETPOST('address', 'restricthtml'), 0, 1).'</textarea></td></tr>'."\n";
@ -574,6 +559,22 @@ if (empty($conf->global->SOCIETE_DISABLE_STATE)) {
 	}
 	print '</td></tr>';
 }
+// Type of event
+print '<tr><td>'.$langs->trans("EventType").'<FONT COLOR="red">*</FONT></td>'."\n";
+print '<td>'.FORM::selectarray('eventtype', $arrayofeventtype, $eventtype).'</td>';
+// Label
+print '<tr><td>'.$langs->trans("LabelOfconference").'<FONT COLOR="red">*</FONT></td>'."\n";
+print '</td><td><input type="text" name="label" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('label')).'"></td></tr>'."\n";
+// Note
+print '<tr><td>'.$langs->trans("Description").'<FONT COLOR="red">*</FONT></td>'."\n";
+print '<td><textarea name="note" id="note" wrap="soft" class="quatrevingtpercent" rows="'.ROWS_3.'">'.dol_escape_htmltag(GETPOST('note', 'restricthtml'), 0, 1).'</textarea></td></tr>'."\n";
+// Start Date
+print '<tr><td>'.$langs->trans("DateStart").'</td>'."\n";
+print '<td><input type="date" name="datestart" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('datestart')).'"></td></tr>'."\n";
+// End Date
+print '<tr><td>'.$langs->trans("DateEnd").'</td>'."\n";
+print '<td><input type="date" name="dateend" class="minwidth150" value="'.dol_escape_htmltag(GETPOST('dateend')).'"></td></tr>'."\n";
+

 print "</table>\n";

--- a/htdocs/recruitment/recruitmentindex.php
+++ b/htdocs/recruitment/recruitmentindex.php
@ -183,7 +183,7 @@ if ($conf->use_javascript_ajax) {

 		print '<div class="div-table-responsive-no-min">';
 		print '<table class="noborder nohover centpercent">';
-		print '<tr class="liste_titre"><th colspan="2">'.$langs->trans("Statistics").' - '.$langs->trans("Candidatures").'</th></tr>'."\n";
+		print '<tr class="liste_titre"><th colspan="2">'.$langs->trans("Statistics").' - '.$langs->trans("RecruitmentCandidatures").'</th></tr>'."\n";
 		$listofstatus = array(0, 1, 3, 5, 8, 9);
 		foreach ($listofstatus as $status) {
 			$dataseries[] = array(dol_html_entity_decode($staticrecruitmentcandidature->LibStatut($status, 1), ENT_QUOTES | ENT_HTML5), (isset($vals[$status]) ? (int) $vals[$status] : 0));
--- a/htdocs/salaries/list.php
+++ b/htdocs/salaries/list.php
@ -140,7 +140,7 @@ foreach ($object->fields as $key => $val) {
 			'checked'=>(($visible < 0) ? 0 : 1),
 			'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)),
 			'position'=>$val['position'],
-			'help'=>$val['help']
+			'help'=> isset($val['help']) ? $val['help'] : ''
 		);
 	}
 }
--- a/htdocs/salaries/payments.php
+++ b/htdocs/salaries/payments.php
@ -135,7 +135,7 @@ foreach ($object->fields as $key => $val) {
 			'checked'=>(($visible < 0) ? 0 : 1),
 			'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)),
 			'position'=>$val['position'],
-			'help'=>$val['help']
+			'help'=> isset($val['help']) ? $val['help'] : ''
 		);
 	}
 }
--- a/htdocs/societe/card.php
+++ b/htdocs/societe/card.php
@ -554,7 +554,7 @@ if (empty($reshook)) {
 				}

 				// We set country_id, country_code and country for the selected country
-				$object->country_id = GETPOST('country_id') != '' ?GETPOST('country_id') : $mysoc->country_id;
+				$object->country_id = GETPOST('country_id', 'int') != '' ? GETPOST('country_id', 'int') : $mysoc->country_id;
 				if ($object->country_id) {
 					$tmparray = getCountry($object->country_id, 'all');
 					$object->country_code = $tmparray['code'];
--- a/htdocs/societe/class/societe.class.php
+++ b/htdocs/societe/class/societe.class.php
@ -894,7 +894,7 @@ class Societe extends CommonObject
 			$sql .= ", ".(!empty($user->id) ? ((int) $user->id) : "null");
 			$sql .= ", ".(!empty($this->typent_id) ? ((int) $this->typent_id) : "null");
 			$sql .= ", ".(!empty($this->canvas) ? "'".$this->db->escape($this->canvas)."'" : "null");
-			$sql .= ", ".$this->status;
+			$sql .= ", ".((int) $this->status);
 			$sql .= ", ".(!empty($this->ref_ext) ? "'".$this->db->escape($this->ref_ext)."'" : "null");
 			$sql .= ", 0";
 			$sql .= ", ".(int) $this->fk_incoterms;
@ -1369,13 +1369,13 @@ class Societe extends CommonObject
 			$sql .= ",zip = ".(!empty($this->zip) ? "'".$this->db->escape($this->zip)."'" : "null");
 			$sql .= ",town = ".(!empty($this->town) ? "'".$this->db->escape($this->town)."'" : "null");

-			$sql .= ",fk_departement = '".(!empty($this->state_id) ? $this->state_id : '0')."'";
-			$sql .= ",fk_pays = '".(!empty($this->country_id) ? $this->country_id : '0')."'";
+			$sql .= ",fk_departement = ".((!empty($this->state_id) && $this->state_id > 0) ? ((int) $this->state_id) : 'null');
+			$sql .= ",fk_pays = ".((!empty($this->country_id) && $this->country_id > 0) ? ((int) $this->country_id) : 'null');

 			$sql .= ",phone = ".(!empty($this->phone) ? "'".$this->db->escape($this->phone)."'" : "null");
 			$sql .= ",fax = ".(!empty($this->fax) ? "'".$this->db->escape($this->fax)."'" : "null");
 			$sql .= ",email = ".(!empty($this->email) ? "'".$this->db->escape($this->email)."'" : "null");
-			$sql .= ", socialnetworks = '".$this->db->escape(json_encode($this->socialnetworks))."'";
+			$sql .= ",socialnetworks = '".$this->db->escape(json_encode($this->socialnetworks))."'";
 			$sql .= ",url = ".(!empty($this->url) ? "'".$this->db->escape($this->url)."'" : "null");

 			$sql .= ",parent = ".($this->parent > 0 ? $this->parent : "null");
--- a/htdocs/supplier_proposal/class/supplier_proposal.class.php
+++ b/htdocs/supplier_proposal/class/supplier_proposal.class.php
@ -2216,7 +2216,7 @@ class SupplierProposal extends CommonObject
 		$this->nbtodo = $this->nbtodolate = 0;
 		$clause = " WHERE";

-		$sql = "SELECT p.rowid, p.ref, p.datec as datec";
+		$sql = "SELECT p.rowid, p.ref, p.datec as datec, p.date_cloture as datefin";
 		$sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p";
 		if (!$user->rights->societe->client->voir && !$user->socid) {
 			$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc";
@ -2239,13 +2239,13 @@ class SupplierProposal extends CommonObject
 			$label = $labelShort = '';
 			$status = '';
 			if ($mode == 'opened') {
-				$delay_warning = $conf->supplier_proposal->cloture->warning_delay;
+				$delay_warning = !empty($conf->supplier_proposal->cloture->warning_delay) ? $conf->supplier_proposal->cloture->warning_delay : 0;
 				$status = self::STATUS_VALIDATED;
 				$label = $langs->trans("SupplierProposalsToClose");
 				$labelShort = $langs->trans("ToAcceptRefuse");
 			}
 			if ($mode == 'signed') {
-				$delay_warning = $conf->supplier_proposal->facturation->warning_delay;
+				$delay_warning = !empty($conf->supplier_proposal->facturation->warning_delay) ? $conf->supplier_proposal->facturation->warning_delay : 0;
 				$status = self::STATUS_SIGNED;
 				$label = $langs->trans("SupplierProposalsToProcess"); // May be billed or ordered
 				$labelShort = $langs->trans("ToClose");
--- a/htdocs/takepos/index.php
+++ b/htdocs/takepos/index.php
@ -72,6 +72,7 @@ if ($setterminal > 0) {

 if ($setcurrency != "") {
 	$_SESSION["takeposcustomercurrency"] = $setcurrency;
+	// We will recalculate amount for foreign currency at next call of invoice.php when $_SESSION["takeposcustomercurrency"] differs from invoice->multicurrency_code.
 }

 $_SESSION["urlfrom"] = '/takepos/index.php';
--- a/htdocs/takepos/invoice.php
+++ b/htdocs/takepos/invoice.php
@ -163,6 +163,14 @@ if ($invoice->socid > 0) {
 * Actions
 */

+// Change the currency of invoice if it was modified
+if (!empty($conf->multicurrency->enabled) && $_SESSION["takeposcustomercurrency"] != "") {
+	if ($invoice->multicurrency_code != $_SESSION["takeposcustomercurrency"]) {
+		$invoice->setMulticurrencyCode($_SESSION["takeposcustomercurrency"]);
+	}
+}
+
+
 // Action to record a payment on a TakePOS invoice
 if ($action == 'valid' && $user->rights->facture->creer) {
 	$bankaccount = 0;
@ -311,7 +319,7 @@ if ($action == 'valid' && $user->rights->facture->creer) {
 	}
 }

-if ($action == 'creditnote') {
+if ($action == 'creditnote' && $user->rights->facture->creer) {
 	$creditnote = new Facture($db);
 	$creditnote->socid = $invoice->socid;
 	$creditnote->date = dol_now();
@ -459,10 +467,6 @@ if ($action == 'history' || $action == 'creditnote') {
 	$invoice->fetch($placeid);
 }

-if (!empty($conf->multicurrency->enabled) && $_SESSION["takeposcustomercurrency"] != "") {
-	$invoice->setMulticurrencyCode($_SESSION["takeposcustomercurrency"]);
-}
-
 if (($action == "addline" || $action == "freezone") && $placeid == 0) {
 	$invoice->socid = $conf->global->$constforcompanyid;
 	$invoice->date = dol_now();
@ -631,8 +635,11 @@ if ($action == "delete") {
 if ($action == "updateqty") {
 	foreach ($invoice->lines as $line) {
 		if ($line->id == $idline) {
-			if (!$user->rights->takepos->editlines || (!$user->rights->takepos->editorderedlines && $line->special_code == "4")) dol_htmloutput_errors($langs->trans("NotEnoughPermissions", "TakePos"), null, 1);
-			else $result = $invoice->updateline($line->id, $line->desc, $line->subprice, $number, $line->remise_percent, $line->date_start, $line->date_end, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, 'HT', $line->info_bits, $line->product_type, $line->fk_parent_line, 0, $line->fk_fournprice, $line->pa_ht, $line->label, $line->special_code, $line->array_options, $line->situation_percent, $line->fk_unit);
+			if (!$user->rights->takepos->editlines || (!$user->rights->takepos->editorderedlines && $line->special_code == "4")) {
+				dol_htmloutput_errors($langs->trans("NotEnoughPermissions", "TakePos"), null, 1);
+			} else {
+				$result = $invoice->updateline($line->id, $line->desc, $line->subprice, $number, $line->remise_percent, $line->date_start, $line->date_end, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, 'HT', $line->info_bits, $line->product_type, $line->fk_parent_line, 0, $line->fk_fournprice, $line->pa_ht, $line->label, $line->special_code, $line->array_options, $line->situation_percent, $line->fk_unit);
+			}
 		}
 	}

@ -640,12 +647,13 @@ if ($action == "updateqty") {
 }

 if ($action == "updateprice") {
+	$customer = new Societe($db);
+	$customer->fetch($invoice->socid);
+
 	foreach ($invoice->lines as $line) {
 		if ($line->id == $idline) {
 			$prod = new Product($db);
 			$prod->fetch($line->fk_product);
-			$customer = new Societe($db);
-			$customer->fetch($invoice->socid);
 			$datapriceofproduct = $prod->getSellPrice($mysoc, $customer, 0);
 			$price_min = $datapriceofproduct['price_min'];
 			$usercanproductignorepricemin = ((!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->produit->ignore_price_min_advance)) || empty($conf->global->MAIN_USE_ADVANCED_PERMS));
@ -654,34 +662,50 @@ if ($action == "updateprice") {
 			if ($usercanproductignorepricemin && (!empty($price_min) && (price2num($pu_ht) * (1 - price2num($line->remise_percent) / 100) < price2num($price_min)))) {
 				echo $langs->trans("CantBeLessThanMinPrice");
 			} else {
-				if (!$user->rights->takepos->editlines || (!$user->rights->takepos->editorderedlines && $line->special_code == "4")) dol_htmloutput_errors($langs->trans("NotEnoughPermissions", "TakePos"), null, 1);
-				else $result = $invoice->updateline($line->id, $line->desc, $number, $line->qty, $line->remise_percent, $line->date_start, $line->date_end, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, 'TTC', $line->info_bits, $line->product_type, $line->fk_parent_line, 0, $line->fk_fournprice, $line->pa_ht, $line->label, $line->special_code, $line->array_options, $line->situation_percent, $line->fk_unit);
+				if (empty($user->rights->takepos->editlines) || (empty($user->rights->takepos->editorderedlines) && $line->special_code == "4")) {
+					dol_htmloutput_errors($langs->trans("NotEnoughPermissions", "TakePos"), null, 1);
+				} else {
+					$result = $invoice->updateline($line->id, $line->desc, $number, $line->qty, $line->remise_percent, $line->date_start, $line->date_end, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, 'TTC', $line->info_bits, $line->product_type, $line->fk_parent_line, 0, $line->fk_fournprice, $line->pa_ht, $line->label, $line->special_code, $line->array_options, $line->situation_percent, $line->fk_unit);
+				}
 			}
 		}
 	}
+
+	// Reload data
 	$invoice->fetch($placeid);
 }

 if ($action == "updatereduction") {
+	$customer = new Societe($db);
+	$customer->fetch($invoice->socid);
+
 	foreach ($invoice->lines as $line) {
 		if ($line->id == $idline) {
+			dol_syslog("updatereduction Process line ".$line->id.' to apply discount of '.$number.'%');
+
 			$prod = new Product($db);
 			$prod->fetch($line->fk_product);
-			$customer = new Societe($db);
-			$customer->fetch($invoice->socid);
+
 			$datapriceofproduct = $prod->getSellPrice($mysoc, $customer, 0);
 			$price_min = $datapriceofproduct['price_min'];
 			$usercanproductignorepricemin = ((!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->produit->ignore_price_min_advance)) || empty($conf->global->MAIN_USE_ADVANCED_PERMS));
-			$pu_ht = price2num($line->multicurrency_subprice / (1 + ($line->tva_tx / 100)), 'MU');
-			//Check min price
-			if ($usercanproductignorepricemin && (!empty($price_min) && (price2num($line->multicurrency_subprice) * (1 - price2num($number) / 100) < price2num($price_min)))) {
+
+			$pu_ht = price2num($line->subprice / (1 + ($line->tva_tx / 100)), 'MU');
+
+			// Check min price
+			if ($usercanproductignorepricemin && (!empty($price_min) && (price2num($line->subprice) * (1 - price2num($number) / 100) < price2num($price_min)))) {
 				echo $langs->trans("CantBeLessThanMinPrice");
 			} else {
-				if (!$user->rights->takepos->editlines || (!$user->rights->takepos->editorderedlines && $line->special_code == "4")) dol_htmloutput_errors($langs->trans("NotEnoughPermissions", "TakePos"), null, 1);
-				else $result = $invoice->updateline($line->id, $line->desc, $line->multicurrency_subprice, $line->qty, $number, $line->date_start, $line->date_end, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, 'HT', $line->info_bits, $line->product_type, $line->fk_parent_line, 0, $line->fk_fournprice, $line->pa_ht, $line->label, $line->special_code, $line->array_options, $line->situation_percent, $line->fk_unit);
+				if (empty($user->rights->takepos->editlines) || (empty($user->rights->takepos->editorderedlines) && $line->special_code == "4")) {
+					dol_htmloutput_errors($langs->trans("NotEnoughPermissions", "TakePos"), null, 1);
+				} else {
+					$result = $invoice->updateline($line->id, $line->desc, $line->subprice, $line->qty, $number, $line->date_start, $line->date_end, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, 'HT', $line->info_bits, $line->product_type, $line->fk_parent_line, 0, $line->fk_fournprice, $line->pa_ht, $line->label, $line->special_code, $line->array_options, $line->situation_percent, $line->fk_unit);
+				}
 			}
 		}
 	}
+
+	// Reload data
 	$invoice->fetch($placeid);
 } elseif ($action == 'update_reduction_global') {
 	foreach ($invoice->lines as $line) {
@ -709,6 +733,7 @@ if ($action == "order" and $placeid != 0) {
 	$catsprinter1 = explode(';', $conf->global->TAKEPOS_PRINTED_CATEGORIES_1);
 	$catsprinter2 = explode(';', $conf->global->TAKEPOS_PRINTED_CATEGORIES_2);
 	$catsprinter3 = explode(';', $conf->global->TAKEPOS_PRINTED_CATEGORIES_3);
+	$linestoprint = 0;
 	foreach ($invoice->lines as $line) {
 		if ($line->special_code == "4") {
 			continue;
--- a/htdocs/theme/eldy/global.inc.php
+++ b/htdocs/theme/eldy/global.inc.php
@ -2640,7 +2640,7 @@ table.login_table_securitycode tr td {
 }

 div.backgroundsemitransparent {
-	background:rgba(255,255,255,0.68);
+	background:rgba(255, 255, 255, 0.7);
 	padding-left: 10px;
 	padding-right: 10px;
 }
@ -3922,6 +3922,11 @@ table.noborder.paymenttable {
 	box-shadow: 1px 1px 7px #CCC !important;
 }

+.boxshadow {
+	-webkit-box-shadow: 0px 0px 5px #888;
+	box-shadow: 0px 0px 5px #888;
+}
+
 div.tabBar .noborder {
 	-webkit-box-shadow: 0px 0px 0px #DDD !important;
 	box-shadow: 0px 0px 0px #DDD !important;
--- a/htdocs/theme/md/style.css.php
+++ b/htdocs/theme/md/style.css.php
@ -1862,7 +1862,7 @@ div.login_block {


 div.backgroundsemitransparent {
-	background:rgba(255,255,255,0.6);
+	background:rgba(255, 255, 255, 0.7);
 	padding-left: 10px;
 	padding-right: 10px;
 }
@ -3943,6 +3943,11 @@ tr.liste_sub_total, tr.liste_sub_total td {
 	box-shadow: 2px 2px 5px #CCC !important;
 }

+.boxshadow {
+	-webkit-box-shadow: 0px 0px 5px #888;
+	box-shadow: 0px 0px 5px #888;
+}
+
 div.tabBar .noborder {
 	-webkit-box-shadow: 0px 0px 0px #f4f4f4 !important;
 	box-shadow: 0px 0px 0px #f4f4f4 !important;
--- a/htdocs/user/agenda_extsites.php
+++ b/htdocs/user/agenda_extsites.php
@ -188,7 +188,7 @@ print '<table class="noborder centpercent">';
 print "<tr class=\"liste_titre\">";
 print "<td>".$langs->trans("Parameter")."</td>";
 print "<td>".$langs->trans("Name")."</td>";
-print "<td>".$langs->trans("ExtSiteUrlAgenda").'<div class="hideonsmartphone">'." (".$langs->trans("Example").': http://yoursite/agenda/agenda.ics)</div></td>';
+print "<td>".$langs->trans("ExtSiteUrlAgenda").'<div class="hideonsmartphone opacitymedium">'." (".$langs->trans("Example").': https://externalcalendar/agenda/agenda.ics)</div></td>';
 print "<td>".$form->textwithpicto($langs->trans("FixTZ"), $langs->trans("FillFixTZOnlyIfRequired"), 1).'</td>';
 print '<td class="right">'.$langs->trans("Color").'</td>';
 print "</tr>";
--- a/htdocs/user/card.php
+++ b/htdocs/user/card.php
@ -1421,10 +1421,12 @@ if ($action == 'create' || $action == 'adduserldap') {
 			if ($object->socid > 0) {
 				$type = $langs->trans("External");
 			}
+			print '<span class="badgeneutral">';
 			print $type;
 			if ($object->ldap_sid) {
 				print ' ('.$langs->trans("DomainUser").')';
 			}
+			print '</span>';
 			print '</td></tr>'."\n";

 			// Ldap sid
@ -1534,7 +1536,7 @@ if ($action == 'create' || $action == 'adduserldap') {
 				// Salary
 				print '<tr><td>'.$langs->trans("Salary").'</td>';
 				print '<td>';
-				print ($object->salary != '' ? img_picto('', 'salary', 'class="pictofixedwidth paddingright"').price($object->salary, '', $langs, 1, -1, -1, $conf->currency) : '');
+				print ($object->salary != '' ? img_picto('', 'salary', 'class="pictofixedwidth paddingright"').'<span class="amount">'.price($object->salary, '', $langs, 1, -1, -1, $conf->currency) : '').'</span>';
 				print '</td>';
 				print "</tr>\n";
 			}
--- a/htdocs/user/class/user.class.php
+++ b/htdocs/user/class/user.class.php
@ -442,7 +442,7 @@ class User extends CommonObject

 		if ($entity < 0) {
 			if ((empty($conf->multicompany->enabled) || empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) && (!empty($user->entity))) {
-				$sql .= " WHERE u.entity IN (0, ".$this->db->sanitize($conf->entity).")";
+				$sql .= " WHERE u.entity IN (0, ".((int) $conf->entity).")";
 			} else {
 				$sql .= " WHERE u.entity IS NOT NULL"; // multicompany is on in transverse mode or user making fetch is on entity 0, so user is allowed to fetch anywhere into database
 			}
@ -451,7 +451,7 @@ class User extends CommonObject
 			if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
 				$sql .= " WHERE u.entity IS NOT NULL"; // multicompany is on in transverse mode or user making fetch is on entity 0, so user is allowed to fetch anywhere into database
 			} else {
-				$sql .= " WHERE u.entity IN (0, ".$this->db->sanitize(($entity != '' && $entity >= 0) ? $entity : $conf->entity).")"; // search in entity provided in parameter
+				$sql .= " WHERE u.entity IN (0, ".((int) (($entity != '' && $entity >= 0) ? $entity : $conf->entity)).")"; // search in entity provided in parameter
 			}
 		}

@ -2109,8 +2109,8 @@ class User extends CommonObject
 		$outputlangs = new Translate("", $conf);

 		if (isset($this->conf->MAIN_LANG_DEFAULT)
-		&& $this->conf->MAIN_LANG_DEFAULT != 'auto') {	// If user has defined its own language (rare because in most cases, auto is used)
-			$outputlangs->getDefaultLang($this->conf->MAIN_LANG_DEFAULT);
+			&& $this->conf->MAIN_LANG_DEFAULT != 'auto') {	// If user has defined its own language (rare because in most cases, auto is used)
+				$outputlangs->getDefaultLang($this->conf->MAIN_LANG_DEFAULT);
 		}

 		if ($this->conf->MAIN_LANG_DEFAULT) {
@ -2184,7 +2184,7 @@ class User extends CommonObject
 			'',
 			'',
 			$trackid
-		);
+			);

 		if ($mailfile->sendfile()) {
 			return 1;
@ -3222,7 +3222,7 @@ class User extends CommonObject
 			foreach ($this->users as $key => $val) {
 				if (preg_match('/'.$keyfilter1.'/', $val['fullpath']) || preg_match('/'.$keyfilter2.'/', $val['fullpath'])
 					|| preg_match('/'.$keyfilter3.'/', $val['fullpath']) || preg_match('/'.$keyfilter4.'/', $val['fullpath'])) {
-					unset($this->users[$key]);
+						unset($this->users[$key]);
 				}
 			}
 		}
@ -3298,7 +3298,7 @@ class User extends CommonObject
 		$i = 0; $cursor_user = $id_user;

 		$useridfound = array($id_user);
-		while (!empty($this->parentof[$cursor_user])) {
+		while (!empty($this->parentof[$cursor_user]) && !empty($this->users[$this->parentof[$cursor_user]])) {
 			if (in_array($this->parentof[$cursor_user], $useridfound)) {
 				dol_syslog("The hierarchy of user has a recursive loop", LOG_WARNING);
 				return -1; // Should not happen. Protection against looping hierarchy
--- a/htdocs/user/passwordforgotten.php
+++ b/htdocs/user/passwordforgotten.php
@ -87,14 +87,14 @@ if (empty($reshook)) {
 	// Validate new password
 	if ($action == 'validatenewpassword' && $username && $passworduidhash) {
 		$edituser = new User($db);
-		$result = $edituser->fetch('', $_GET["username"]);
+		$result = $edituser->fetch('', $username);
 		if ($result < 0) {
 			$message = '<div class="error">'.dol_escape_htmltag($langs->trans("ErrorLoginDoesNotExists", $username)).'</div>';
 		} else {
 			global $dolibarr_main_instance_unique_id;

 			//print $edituser->pass_temp.'-'.$edituser->id.'-'.$dolibarr_main_instance_unique_id.' '.$passworduidhash;
-			if (dol_verifyHash($edituser->pass_temp.'-'.$edituser->id.'-'.$dolibarr_main_instance_unique_id, $passworduidhash)) {
+			if ($edituser->pass_temp && dol_verifyHash($edituser->pass_temp.'-'.$edituser->id.'-'.$dolibarr_main_instance_unique_id, $passworduidhash)) {
 				// Clear session
 				unset($_SESSION['dol_login']);
 				$_SESSION['dol_loginmesg'] = $langs->trans('NewPasswordValidated'); // Save message for the session page
@ -128,7 +128,7 @@ if (empty($reshook)) {
 			}

 			if ($result <= 0 && $edituser->error == 'USERNOTFOUND') {
-				$message = '<div class="warning paddingtopbottom'.(empty($conf->global->MAIN_LOGIN_BACKGROUND) ? '' : ' backgroundsemitransparent').'">';
+				$message = '<div class="warning paddingtopbottom'.(empty($conf->global->MAIN_LOGIN_BACKGROUND) ? '' : ' backgroundsemitransparent boxshadow').'">';
 				if (!$isanemail) {
 					$message .= $langs->trans("IfLoginExistPasswordRequestSent");
 				} else {
@ -147,7 +147,7 @@ if (empty($reshook)) {
 					} else {
 						// Success
 						if ($edituser->send_password($user, $newpassword, 1) > 0) {
-							$message = '<div class="warning paddingtopbottom'.(empty($conf->global->MAIN_LOGIN_BACKGROUND) ? '' : ' backgroundsemitransparent').'">';
+							$message = '<div class="warning paddingtopbottom'.(empty($conf->global->MAIN_LOGIN_BACKGROUND) ? '' : ' backgroundsemitransparent boxshadow').'">';
 							if (!$isanemail) {
 								$message .= $langs->trans("IfLoginExistPasswordRequestSent");
 							} else {
--- a/test/phpunit/FormAdminTest.php
+++ b/test/phpunit/FormAdminTest.php
@ -139,7 +139,7 @@ class FormAdminTest extends PHPUnit\Framework\TestCase
 		$db=$this->savdb;

 		$localobject=new FormAdmin($this->savdb);
-		$result=$localobject->select_paper_format('', 'paperformat_id', 'A4');
+		$result=$localobject->select_paper_format('', 'paperformat_id', 'A4', 0, 1);

 		$this->assertEquals($result, '<select class="flat" id="paperformat_id" name="paperformat_id"><option value="EUA4">Format A4 - 210x297 mm</option></select>');
 		print __METHOD__." result=".$result."\n";
--- a/test/phpunit/SecurityTest.php
+++ b/test/phpunit/SecurityTest.php
@ -321,6 +321,10 @@ class SecurityTest extends PHPUnit\Framework\TestCase
 		$test="<a onpointerdown=alert(document.domain)>XSS</a>";
 		$result=testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject lll');
+
+		$test="Text with ' encoded with the numeric html entity converted into text entity &#39; (like when submited by CKEditor)";
+		$result=testSqlAndScriptInject($test, 0);	// result must be 0
+		$this->assertEquals(0, $result, 'Error on testSqlAndScriptInject mmm');
 	}

 	/**
@ -336,6 +340,10 @@ class SecurityTest extends PHPUnit\Framework\TestCase
 		$langs=$this->savlangs;
 		$db=$this->savdb;

+		// Force default mode
+		$conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML = 0;
+		$conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES = 0;
+
 		$_COOKIE["id"]=111;
 		$_GET["param1"]="222";
 		$_POST["param1"]="333";
@ -358,6 +366,8 @@ class SecurityTest extends PHPUnit\Framework\TestCase
 		$_POST["param12"]='<!DOCTYPE html><html>aaa</html>';
 		$_POST["param13"]='&#110; &#x6E; &gt; &lt; &quot; <a href=\"j&#x61;vascript:alert(document.domain)\">XSS</a>';
 		$_POST["param13b"]='&#110; &#x6E; &gt; &lt; &quot; <a href=\"j&#x61vascript:alert(document.domain)\">XSS</a>';
+		$_POST["param14"]="Text with ' encoded with the numeric html entity converted into text entity &#39; (like when submited by CKEditor)";
+		$_POST["param15"]="<img onerror<=alert(document.domain)> src=>0xbeefed";
 		//$_POST["param13"]='javascript%26colon%26%23x3B%3Balert(1)';
 		//$_POST["param14"]='javascripT&javascript#x3a alert(1)';

@ -475,7 +485,7 @@ class SecurityTest extends PHPUnit\Framework\TestCase
 		// Test with restricthtml we must remove html open/close tag and content but not htmlentities (we can decode html entities for ascii chars like &#110;)

 		$result=GETPOST("param6", 'restricthtml');
-		print __METHOD__." result=".$result."\n";
+		print __METHOD__." result param6=".$result."\n";
 		$this->assertEquals('&quot;&gt;', $result);

 		$result=GETPOST("param7", 'restricthtml');
@ -494,6 +504,33 @@ class SecurityTest extends PHPUnit\Framework\TestCase
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('n n &gt; &lt; &quot; <a href=\"alert(document.domain)\">XSS</a>', $result, 'Test 13b that HTML entities are decoded with restricthtml, but only for common alpha chars');

+		$result=GETPOST("param14", 'restricthtml');
+		print __METHOD__." result=".$result."\n";
+		$this->assertEquals("Text with ' encoded with the numeric html entity converted into text entity &apos; (like when submited by CKEditor)", $result, 'Test 14');
+
+		$result=GETPOST("param15", 'restricthtml');		// <img onerror<=alert(document.domain)> src=>0xbeefed
+		print __METHOD__." result=".$result."\n";
+		$this->assertEquals("<img onerror=alert(document.domain) src=>0xbeefed", $result, 'Test 15a');	// The GETPOST return a harmull string
+
+		// Test with restricthtml + MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES to test disabling of bad atrributes
+		$conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML = 1;
+
+		$result=GETPOST("param15", 'restricthtml');
+		print __METHOD__." result=".$result."\n";
+		$this->assertEquals('InvalidHTMLString', $result, 'Test 15b');
+
+		unset($conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML);
+
+		// Test with restricthtml + MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES to test disabling of bad atrributes
+		$conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES = 1;
+
+		$result=GETPOST("param15", 'restricthtml');
+		print __METHOD__." result=".$result."\n";
+		$this->assertEquals('<img src="">0xbeefed', $result, 'Test 15b');
+
+		unset($conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES);
+
+
 		// Special test for GETPOST of backtopage, backtolist or backtourl parameter

 		$_POST["backtopage"]='//www.google.com';
@ -789,8 +826,8 @@ class SecurityTest extends PHPUnit\Framework\TestCase
 		$result=dol_sanitizeFileName('bad file | evilaction');
 		$this->assertEquals('bad file _ evilaction', $result);

-		$result=dol_sanitizeFileName('bad file --evilparam');
-		$this->assertEquals('bad file _evilparam', $result);
+		$result=dol_sanitizeFileName('bad file -evilparam --evilparam ---evilparam ----evilparam');
+		$this->assertEquals('bad file _evilparam _evilparam _evilparam _evilparam', $result);
 	}

 	/**