Merge branch '7.0' of git@github.com:Dolibarr/dolibarr.git into develop

Conflicts: htdocs/langs/en_US/website.lang
2018-02-14 22:19:59 +01:00 · 2018-02-14 22:19:59 +01:00 · f1a9f81fb4
commit f1a9f81fb4
parent 78697c1735 7ba55ea12e
19 changed files with 317 additions and 46 deletions
--- a/4
+++ b/4
@ -585,7 +585,9 @@ Following changes may create regression for some external modules, but were nece
  exists, but if an external module need action on it, it must provides itself its trigger file.
 * Use $conf->global->MULTICOMPANY_TRANSVERSE_MODE instead $conf->multicompany->transverse_mode. So, if you set var
  $multicompany_transverse_mode to 1 into your conf file, you must remove this line and a new key into 
-  the Home - setup - other admin page. 
+  the Home - setup - other admin page.
+* If you use Multicompany transverse mode, it will be necessary to check the activation of the modules in the children
+  entities and to review completely the rights of the groups and the users.
 * Use getEntity('xxx') instead getEntity('xxx', 1) and use getEntity('xxx', 0) instead getEntity('xxx')
 * Some other change were done in the way we read permission of a user when module multicompany is enabled. You can 
  retreive the old behavior by adding constant MULTICOMPANY_BACKWARD_COMPATIBILITY to 1.
--- a/htdocs/adherents/type.php
+++ b/htdocs/adherents/type.php
@ -107,7 +107,7 @@ if ($action == 'add' && $user->rights->adherent->configurer)
 	$object->subscription	= (int) trim($subscription);
 	$object->note			= trim($comment);
 	$object->mail_valid		= trim($mail_valid);
-	$object->vote			= trim($vote);
+	$object->vote			= (boolean) trim($vote);

 	// Fill array 'array_options' with data from add form
 	$ret = $extrafields->setOptionalsFromPost($extralabels,$object);
@ -160,7 +160,7 @@ if ($action == 'update' && $user->rights->adherent->configurer)
 	$object->subscription	= (int) trim($subscription);
 	$object->note			= trim($comment);
 	$object->mail_valid		= trim($mail_valid);
-	$object->vote			= trim($vote);
+	$object->vote			= (boolean) trim($vote);

 	// Fill array 'array_options' with data from add form
 	$ret = $extrafields->setOptionalsFromPost($extralabels,$object);
--- a/htdocs/compta/facture/class/facture.class.php
+++ b/htdocs/compta/facture/class/facture.class.php
@ -3004,6 +3004,9 @@ class Facture extends CommonInvoice
 		$line->total_ttc = $tabprice[2];
 		$line->total_localtax1 = $tabprice[9];
 		$line->total_localtax2 = $tabprice[10];
+		$line->multicurrency_total_ht  = $tabprice[16];
+		$line->multicurrency_total_tva = $tabprice[17];
+		$line->multicurrency_total_ttc = $tabprice[18];
 		$line->update($user);
 		$this->update_price(1);
 		$this->db->commit();
--- a/htdocs/compta/tva/class/tva.class.php
+++ b/htdocs/compta/tva/class/tva.class.php
@ -670,6 +670,9 @@ class Tva extends CommonObject
        $linkclose='';
        if (empty($notooltip))
        {
+
+
+            
        	if (! empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER))
        	{
        		$label=$langs->trans("ShowMyObject");
--- a/htdocs/contrat/services_list.php
+++ b/htdocs/contrat/services_list.php
@ -75,7 +75,7 @@ $opclotureyear=GETPOST('opclotureyear');
 $filter_opcloture=GETPOST('filter_opcloture');

 // Initialize context for list
-$contextpage=GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'servicelist'.$mode;
+$contextpage=GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'contractservicelist'.$mode;

 // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
 $hookmanager->initHooks(array($contextpage));
@ -483,7 +483,6 @@ if (! empty($arrayfields['cd.date_cloture']['checked']))
 	print '</td>';
 }
 // Extra fields
-// Extra fields
 include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_input.tpl.php';

 // Fields from hook
--- a/htdocs/core/modules/commande/doc/pdf_einstein.modules.php
+++ b/htdocs/core/modules/commande/doc/pdf_einstein.modules.php
@ -1320,7 +1320,17 @@ class pdf_einstein extends ModelePDFCommandes
 		if ($showaddress)
 		{
 			// Sender properties
-			$carac_emetteur = pdf_build_address($outputlangs, $this->emetteur, $object->thirdparty);
+			$carac_emetteur='';
+		 	// Add internal contact of proposal if defined
+			$arrayidcontact=$object->getIdContact('internal','SALESREPFOLL');
+		 	if (count($arrayidcontact) > 0)
+		 	{
+		 		$object->fetch_user($arrayidcontact[0]);
+		 		$labelbeforecontactname=($outputlangs->transnoentities("FromContactName")!='FromContactName'?$outputlangs->transnoentities("FromContactName"):$outputlangs->transnoentities("Name"));
+		 		$carac_emetteur .= ($carac_emetteur ? "\n" : '' ).$labelbeforecontactname." ".$outputlangs->convToOutputCharset($object->user->getFullName($outputlangs))."\n";
+		 	}
+
+		 	$carac_emetteur .= pdf_build_address($outputlangs, $this->emetteur, $object->thirdparty);

 			// Show sender
 			$posy=42+$top_shift;
--- a/htdocs/core/modules/modBlockedLog.class.php
+++ b/htdocs/core/modules/modBlockedLog.class.php
@ -172,7 +172,7 @@ class modBlockedLog extends DolibarrModules
    	// If already used, we add an entry to show we enable module
   		require_once DOL_DOCUMENT_ROOT.'/blockedlog/class/blockedlog.class.php';

-   		$object=new stdClass;
+   		$object=new stdClass();
    	$object->id = 1;
    	$object->element = 'module';
    	$object->ref = 'systemevent';
@ -215,7 +215,7 @@ class modBlockedLog extends DolibarrModules
 		// If already used, we add an entry to show we enable module
 		require_once DOL_DOCUMENT_ROOT.'/blockedlog/class/blockedlog.class.php';

-		$object=new stdClass;
+		$object=new stdClass();
    	$object->id = 1;
    	$object->element = 'module';
    	$object->ref = 'systemevent';
--- a/htdocs/fourn/card.php
+++ b/htdocs/fourn/card.php
@ -117,7 +117,7 @@ if (empty($reshook))
        // Fill array 'array_options' with data from update form
        $extralabels = $extrafields->fetch_name_optionals_label($object->table_element);
        $ret = $extrafields->setOptionalsFromPost($extralabels, $object, GETPOST('attribute'));
-		
+
        if ($ret < 0) $error++;
        if (! $error)
        {
@ -476,7 +476,7 @@ if ($object->id > 0)


 	/*
-	 * Last supplier proposal
+	 * Latest supplier proposal
 	 */
 	$proposalstatic = new SupplierProposal($db);

@ -485,7 +485,7 @@ if ($object->id > 0)
 	    $sql  = "SELECT p.rowid, p.ref, p.date_valid as dc, p.fk_statut, p.total_ht, p.tva as total_tva, p.total as total_ttc";
 	    $sql.= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p ";
 	    $sql.= " WHERE p.fk_soc =".$object->id;
-	    $sql.= " AND p.entity =".$conf->entity;
+	    $sql.= " AND p.entity IN (".getEntity('supplier_proposal').")";
 	    $sql.= " ORDER BY p.date_valid DESC";
 	    $sql.= " ".$db->plimit($MAXLIST);

@ -548,7 +548,7 @@ if ($object->id > 0)
 	}

 	/*
-	 * Last supplier orders
+	 * Latest supplier orders
 	 */
 	$orderstatic = new CommandeFournisseur($db);

@ -561,6 +561,7 @@ if ($object->id > 0)
 		$sql2.= ' FROM '.MAIN_DB_PREFIX.'societe as s';
 		$sql2.= ', '.MAIN_DB_PREFIX.'commande_fournisseur as c';
 		$sql2.= ' WHERE c.fk_soc = s.rowid';
+		$sql2.= " AND c.entity IN (".getEntity('commande_fournisseur').")";
 		$sql2.= ' AND s.rowid = '.$object->id;
 		// Show orders with status validated, shipping started and delivered (well any order we can bill)
 		$sql2.= " AND c.fk_statut IN (5)";
@ -578,9 +579,9 @@ if ($object->id > 0)

 		// TODO move to DAO class
 		$sql  = "SELECT count(p.rowid) as total";
-		$sql.= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as p ";
+		$sql.= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as p";
 		$sql.= " WHERE p.fk_soc =".$object->id;
-		$sql.= " AND p.entity =".$conf->entity;
+		$sql.= " AND p.entity IN (".getEntity('commande_fournisseur').")";
 		$resql=$db->query($sql);
 		if ($resql)
 		{
@ -589,9 +590,9 @@ if ($object->id > 0)
 		}

 		$sql  = "SELECT p.rowid,p.ref, p.date_commande as dc, p.fk_statut, p.total_ht, p.tva as total_tva, p.total_ttc";
-		$sql.= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as p ";
+		$sql.= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as p";
 		$sql.= " WHERE p.fk_soc =".$object->id;
-		$sql.= " AND p.entity =".$conf->entity;
+		$sql.= " AND p.entity IN (".getEntity('commande_fournisseur').")";
 		$sql.= " ORDER BY p.date_commande DESC";
 		$sql.= " ".$db->plimit($MAXLIST);
 		$resql=$db->query($sql);
@ -652,7 +653,7 @@ if ($object->id > 0)
 	}

 	/*
-	 * Last supplier invoices
+	 * Latest supplier invoices
 	 */

 	$langs->load('bills');
@ -666,7 +667,7 @@ if ($object->id > 0)
 		$sql.= ' FROM '.MAIN_DB_PREFIX.'facture_fourn as f';
 		$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'paiementfourn_facturefourn as pf ON f.rowid=pf.fk_facturefourn';
 		$sql.= ' WHERE f.fk_soc = '.$object->id;
-		$sql.= " AND f.entity =".$conf->entity;
+		$sql.= " AND f.entity IN (".getEntity('facture_fourn').")";
 		$sql.= ' GROUP BY f.rowid,f.libelle,f.ref,f.ref_supplier,f.fk_statut,f.datef,f.total_ht,f.total_tva,f.total_ttc,f.paye';
 		$sql.= ' ORDER BY f.datef DESC';
 		$resql=$db->query($sql);
@ -694,15 +695,15 @@ if ($object->id > 0)
 				print '<td>';
 				print '<a href="facture/card.php?facid='.$obj->rowid.'">';
 				$facturestatic->id=$obj->rowid;
-				$facturestatic->ref=($obj->ref?$obj->ref:$obj->rowid).($obj->ref_supplier?' - '.$obj->ref_supplier:'');
-                $facturestatic->ref_supplier = $obj->ref_supplier;
-                $facturestatic->total_ht = $obj->total_ht;
+				$facturestatic->ref=($obj->ref?$obj->ref:$obj->rowid);
+				$facturestatic->ref_supplier = $obj->ref_supplier;
+				$facturestatic->libelle = $obj->libelle;
+				$facturestatic->total_ht = $obj->total_ht;
                $facturestatic->total_tva = $obj->total_tva;
                $facturestatic->total_ttc = $obj->total_ttc;
-				//$facturestatic->ref_supplier=$obj->ref_supplier;
 				print $facturestatic->getNomUrl(1);
-				//print img_object($langs->trans('ShowBill'),'bill').' '.($obj->ref?$obj->ref:$obj->rowid).' - '.$obj->ref_supplier.'</a>';
-				print ' '.dol_trunc($obj->libelle,14);
+				print $obj->ref_supplier?' - '.$obj->ref_supplier:'';
+				print ($obj->libelle?' - ':'').dol_trunc($obj->libelle,14);
 				print '</td>';
 				print '<td align="center" class="nowrap">'.dol_print_date($db->jdate($obj->df),'day').'</td>';
 				print '<td align="right" class="nowrap">'.price($obj->amount).'</td>';
--- a/htdocs/fourn/class/fournisseur.facture.class.php
+++ b/htdocs/fourn/class/fournisseur.facture.class.php
@ -1929,6 +1929,8 @@ class FactureFournisseur extends CommonInvoice
            $label .= '<br><b>' . $langs->trans('Ref') . ':</b> ' . $this->ref;
        if (! empty($this->ref_supplier))
            $label.= '<br><b>' . $langs->trans('RefSupplier') . ':</b> ' . $this->ref_supplier;
+        if (! empty($this->libelle))
+        	$label.= '<br><b>' . $langs->trans('Label') . ':</b> ' . $this->libelle;
        if (! empty($this->total_ht))
            $label.= '<br><b>' . $langs->trans('AmountHT') . ':</b> ' . price($this->total_ht, 0, $langs, 0, -1, -1, $conf->currency);
        if (! empty($this->total_tva))
--- a/htdocs/install/check.php
+++ b/htdocs/install/check.php
@ -35,7 +35,7 @@ $allowinstall = 0;
 $allowupgrade = false;
 $checksok = 1;

-$setuplang=GETPOST("selectlang",'',3)?GETPOST("selectlang",'',3):$langs->getDefaultLang();
+$setuplang=GETPOST("selectlang",'az09',3)?GETPOST("selectlang",'az09',3):$langs->getDefaultLang();
 $langs->setDefaultLang($setuplang);

 $langs->load("install");
@ -345,6 +345,10 @@ else
 			$conf->db->dolibarr_main_db_cryptkey = $dolibarr_main_db_cryptkey;

 			$conf->setValues($db);
+			// Reset forced setup after the setValues
+			if (defined('SYSLOG_FILE')) $conf->global->SYSLOG_FILE=constant('SYSLOG_FILE');
+			$conf->global->MAIN_ENABLE_LOG_TO_HTML = 1;
+
 			// Current version is $conf->global->MAIN_VERSION_LAST_UPGRADE
 			// Version to install is DOL_VERSION
 			$dolibarrlastupgradeversionarray=preg_split('/[\.-]/',isset($conf->global->MAIN_VERSION_LAST_UPGRADE) ? $conf->global->MAIN_VERSION_LAST_UPGRADE : (isset($conf->global->MAIN_VERSION_LAST_INSTALL)?$conf->global->MAIN_VERSION_LAST_INSTALL:''));
--- a/htdocs/install/repair.php
+++ b/htdocs/install/repair.php
@ -42,10 +42,8 @@ error_reporting(0);
@set_time_limit(120);
 error_reporting($err);

-$setuplang=GETPOST("selectlang",'',3)?GETPOST("selectlang",'',3):'auto';
+$setuplang=GETPOST("selectlang",'az09',3)?GETPOST("selectlang",'az09',3):'auto';
 $langs->setDefaultLang($setuplang);
-$versionfrom=GETPOST("versionfrom",'',3)?GETPOST("versionfrom",'',3):(empty($argv[1])?'':$argv[1]);
-$versionto=GETPOST("versionto",'',3)?GETPOST("versionto",'',3):(empty($argv[2])?'':$argv[2]);

 $langs->loadLangs(array("admin","install","other"));

@ -78,6 +76,7 @@ print 'Option clean_product_stock_batch (0 or \'test\' or \'confirmed\') is '.(G
 print 'Option set_empty_time_spent_amount (0 or \'test\' or \'confirmed\') is '.(GETPOST('set_empty_time_spent_amount','alpha')?GETPOST('set_empty_time_spent_amount','alpha'):'0').'<br>'."\n";
 print 'Option rebuild_product_thumbs (0 or \'test\' or \'confirmed\') is '.(GETPOST('rebuild_product_thumbs','alpha')?GETPOST('rebuild_product_thumbs','alpha'):'0').'<br>'."\n";
 print 'Option force_disable_of_modules_not_found (0 or \'test\' or \'confirmed\') is '.(GETPOST('force_disable_of_modules_not_found','alpha')?GETPOST('force_disable_of_modules_not_found','alpha'):'0').'<br>'."\n";
+print 'Option clean_perm_table (0 or \'test\' or \'confirmed\') is '.(GETPOST('clean_perm_table','alpha')?GETPOST('clean_perm_table','alpha'):'0').'<br>'."\n";
 print 'Option force_utf8_on_tables, for mysql/mariadb only (0 or \'test\' or \'confirmed\') is '.(GETPOST('force_utf8_on_tables','alpha')?GETPOST('force_utf8_on_tables','alpha'):'0').'<br>'."\n";
 print '<br>';

@ -154,13 +153,16 @@ if ($ok)
 }

 $conf->setValues($db);
-
+// Reset forced setup after the setValues
+if (defined('SYSLOG_FILE')) $conf->global->SYSLOG_FILE=constant('SYSLOG_FILE');
+$conf->global->MAIN_ENABLE_LOG_TO_HTML = 1;


 /* Start action here */
 $oneoptionset=0;
 $oneoptionset=(GETPOST('standard', 'alpha') || GETPOST('restore_thirdparties_logos','alpha') || GETPOST('clean_linked_elements','alpha') || GETPOST('clean_menus','alpha')
 	|| GETPOST('clean_orphelin_dir','alpha') || GETPOST('clean_product_stock_batch','alpha') || GETPOST('set_empty_time_spent_amount','alpha') || GETPOST('rebuild_product_thumbs','alpha')
+	|| GETPOST('clean_perm_table','alpha')
 	|| GETPOST('force_disable_of_modules_not_found','alpha') || GETPOST('force_utf8_on_tables','alpha'));

 if ($ok && $oneoptionset)
@ -586,8 +588,6 @@ if ($ok && GETPOST('clean_menus','alpha'))
 // clean_orphelin_dir: Run purge of directory
 if ($ok && GETPOST('clean_orphelin_dir','alpha'))
 {
-    $conf->setValues($db);
-
    $listmodulepart=array('company','invoice','invoice_supplier','propal','order','order_supplier','contract','tax');
    foreach ($listmodulepart as $modulepart)
    {
@ -904,7 +904,7 @@ if ($ok && GETPOST('set_empty_time_spent_amount','alpha'))
 // clean_old_module_entries: Clean data into const when files of module were removed without being
 if ($ok && GETPOST('force_disable_of_modules_not_found','alpha'))
 {
-    print '<tr><td colspan="2"><br>*** Force modules not found to be disabled</td></tr>';
+    print '<tr><td colspan="2"><br>*** Force modules not found to be disabled (only modules adding js, css or hooks can be detected as removed)</td></tr>';

    $arraylistofkey=array('hooks','js','css');

@ -1020,6 +1020,56 @@ if ($ok && GETPOST('force_disable_of_modules_not_found','alpha'))
 }


+// clean_old_module_entries: Clean data into const when files of module were removed without being
+if ($ok && GETPOST('clean_perm_table','alpha'))
+{
+	print '<tr><td colspan="2"><br>*** Clean table user_rights from lines of external modules no more enabled</td></tr>';
+
+	$listofmods='';
+	foreach($conf->modules as $key => $val)
+	{
+		$listofmods.=($listofmods?',':'')."'".$val."'";
+	}
+	$sql = 'SELECT id, libelle, module from '.MAIN_DB_PREFIX.'rights_def WHERE module not in ('.$listofmods.') AND id > 100000';
+	$resql = $db->query($sql);
+	if ($resql)
+	{
+		$num = $db->num_rows($resql);
+		if ($num)
+		{
+			$i = 0;
+			while ($i < $num)
+			{
+				$obj=$db->fetch_object($resql);
+				if ($obj->id > 0)
+				{
+					print '<tr><td>Found line with id '.$obj->id.', label "'.$obj->libelle.'" of module "'.$obj->module.'" to delete';
+					if (GETPOST('clean_perm_table','alpha') == 'confirmed')
+					{
+						$sqldelete = 'DELETE FROM '.MAIN_DB_PREFIX.'rights_def WHERE id = '.$obj->id;
+						$resqldelete = $db->query($sqldelete);
+						if (! $resqldelete)
+						{
+							dol_print_error($db);
+						}
+						print ' - deleted';
+					}
+					print '</td></tr>';
+				}
+				$i++;
+			}
+		}
+		else
+		{
+			print '<tr><td>No lines of a disabled external module (with id > 100000) found into table rights_def</td></tr>';
+		}
+	}
+	else
+	{
+		dol_print_error($db);
+	}
+}
+


 // clean_linked_elements: Check and clean linked elements
--- a/htdocs/install/step5.php
+++ b/htdocs/install/step5.php
@ -165,6 +165,9 @@ if ($action == "set" || empty($action) || preg_match('/upgrade/i',$action))
        if ($db->connected)
        {
            $conf->setValues($db);
+            // Reset forced setup after the setValues
+            if (defined('SYSLOG_FILE')) $conf->global->SYSLOG_FILE=constant('SYSLOG_FILE');
+            $conf->global->MAIN_ENABLE_LOG_TO_HTML = 1;

            // Create admin user
            include_once DOL_DOCUMENT_ROOT .'/user/class/user.class.php';
@ -298,6 +301,9 @@ if ($action == "set" || empty($action) || preg_match('/upgrade/i',$action))
        if ($db->connected)
        {
            $conf->setValues($db);
+            // Reset forced setup after the setValues
+            if (defined('SYSLOG_FILE')) $conf->global->SYSLOG_FILE=constant('SYSLOG_FILE');
+            $conf->global->MAIN_ENABLE_LOG_TO_HTML = 1;

            // Define if we need to update the MAIN_VERSION_LAST_UPGRADE value in database
            $tagdatabase=false;
--- a/htdocs/install/upgrade2.php
+++ b/htdocs/install/upgrade2.php
@ -163,7 +163,13 @@ if (! GETPOST('action','aZ09') || preg_match('/upgrade/i',GETPOST('action','aZ09
    $conf->db->dolibarr_main_db_cryptkey = $dolibarr_main_db_cryptkey;

    // Chargement config
-    if (! $error) $conf->setValues($db);
+    if (! $error)
+    {
+    	$conf->setValues($db);
+    	// Reset forced setup after the setValues
+    	if (defined('SYSLOG_FILE')) $conf->global->SYSLOG_FILE=constant('SYSLOG_FILE');
+    	$conf->global->MAIN_ENABLE_LOG_TO_HTML = 1;
+    }


    /***************************************************************************************
@ -371,7 +377,20 @@ if (! GETPOST('action','aZ09') || preg_match('/upgrade/i',GETPOST('action','aZ09
        $beforeversionarray=explode('.','6.0.9');
        if (versioncompare($versiontoarray,$afterversionarray) >= 0 && versioncompare($versiontoarray,$beforeversionarray) <= 0)
        {
-            // No particular code
+        	if (! empty($conf->multicompany->enabled))
+        	{
+        		global $multicompany_transverse_mode;
+
+        		// Only if the transverse mode is not used
+        		if (empty($multicompany_transverse_mode))
+        		{
+        			// Migrate to add entity value into llx_user_rights
+        			migrate_user_rights_entity($db, $langs, $conf);
+
+        			// Migrate to add entity value into llx_usergroup_rights
+        			migrate_usergroup_rights_entity($db, $langs, $conf);
+        		}
+        	}
        }

        // Scripts for last version
@ -3940,7 +3959,7 @@ function migrate_reset_blocked_log($db,$langs,$conf)
 						else
 						{
 							// Add set line
-							$object=new stdClass;
+							$object=new stdClass();
 							$object->id = 1;
 							$object->element = 'module';
 							$object->ref = 'systemevent';
@ -4182,6 +4201,158 @@ function migrate_remise_except_entity($db,$langs,$conf)
 	print '</td></tr>';
 }

+/**
+ * Migrate to add entity value into llx_user_rights
+ *
+ * @param	DoliDB		$db				Database handler
+ * @param	Translate	$langs			Object langs
+ * @param	Conf		$conf			Object conf
+ * @return	void
+ */
+function migrate_user_rights_entity($db,$langs,$conf)
+{
+	print '<tr><td colspan="4">';
+
+	print '<b>'.$langs->trans('MigrationUserRightsEntity')."</b><br>\n";
+
+	$error = 0;
+
+	dolibarr_install_syslog("upgrade2::migrate_user_rights_entity");
+
+	$db->begin();
+
+	$sqlSelect = "SELECT u.rowid, u.entity";
+	$sqlSelect.= " FROM ".MAIN_DB_PREFIX."user as u";
+	$sqlSelect.= " WHERE u.entity > 1";
+	//print $sqlSelect;
+
+	$resql = $db->query($sqlSelect);
+	if ($resql)
+	{
+		$i = 0;
+		$num = $db->num_rows($resql);
+
+		if ($num)
+		{
+			while ($i < $num)
+			{
+				$obj = $db->fetch_object($resql);
+
+				$sqlUpdate = "UPDATE ".MAIN_DB_PREFIX."user_rights SET";
+				$sqlUpdate.= " entity = " . $obj->entity;
+				$sqlUpdate.= " WHERE fk_user = " . $obj->rowid;
+
+				$result=$db->query($sqlUpdate);
+				if (! $result)
+				{
+					$error++;
+					dol_print_error($db);
+				}
+
+				print ". ";
+				$i++;
+			}
+		}
+		else
+		{
+			print $langs->trans('AlreadyDone')."<br>\n";
+		}
+
+		if (! $error)
+		{
+			$db->commit();
+		}
+		else
+		{
+			$db->rollback();
+		}
+	}
+	else
+	{
+		dol_print_error($db);
+		$db->rollback();
+	}
+
+
+	print '</td></tr>';
+}
+
+/**
+ * Migrate to add entity value into llx_usergroup_rights
+ *
+ * @param	DoliDB		$db				Database handler
+ * @param	Translate	$langs			Object langs
+ * @param	Conf		$conf			Object conf
+ * @return	void
+ */
+function migrate_usergroup_rights_entity($db,$langs,$conf)
+{
+	print '<tr><td colspan="4">';
+
+	print '<b>'.$langs->trans('MigrationUserGroupRightsEntity')."</b><br>\n";
+
+	$error = 0;
+
+	dolibarr_install_syslog("upgrade2::migrate_usergroup_rights_entity");
+
+	$db->begin();
+
+	$sqlSelect = "SELECT u.rowid, u.entity";
+	$sqlSelect.= " FROM ".MAIN_DB_PREFIX."usergroup as u";
+	$sqlSelect.= " WHERE u.entity > 1";
+	//print $sqlSelect;
+
+	$resql = $db->query($sqlSelect);
+	if ($resql)
+	{
+		$i = 0;
+		$num = $db->num_rows($resql);
+
+		if ($num)
+		{
+			while ($i < $num)
+			{
+				$obj = $db->fetch_object($resql);
+
+				$sqlUpdate = "UPDATE ".MAIN_DB_PREFIX."usergroup_rights SET";
+				$sqlUpdate.= " entity = " . $obj->entity;
+				$sqlUpdate.= " WHERE fk_usergroup = " . $obj->rowid;
+
+				$result=$db->query($sqlUpdate);
+				if (! $result)
+				{
+					$error++;
+					dol_print_error($db);
+				}
+
+				print ". ";
+				$i++;
+			}
+		}
+		else
+		{
+			print $langs->trans('AlreadyDone')."<br>\n";
+		}
+
+		if (! $error)
+		{
+			$db->commit();
+		}
+		else
+		{
+			$db->rollback();
+		}
+	}
+	else
+	{
+		dol_print_error($db);
+		$db->rollback();
+	}
+
+
+	print '</td></tr>';
+}
+
 /**
 * Migration directory
 *
--- a/htdocs/langs/en_US/install.lang
+++ b/htdocs/langs/en_US/install.lang
@ -196,6 +196,8 @@ MigrationEvents=Migration of events to add event owner into assignement table
 MigrationEventsContact=Migration of events to add event contact into assignement table
 MigrationRemiseEntity=Update entity field value of llx_societe_remise
 MigrationRemiseExceptEntity=Update entity field value of llx_societe_remise_except
+MigrationUserRightsEntity=Update entity field value of llx_user_rights
+MigrationUserGroupRightsEntity=Update entity field value of llx_usergroup_rights
 MigrationReloadModule=Reload module %s
 MigrationResetBlockedLog=Reset module BlockedLog for v7 algorithm
 ShowNotAvailableOptions=Show not available options
--- a/htdocs/langs/en_US/website.lang
+++ b/htdocs/langs/en_US/website.lang
@ -55,7 +55,7 @@ OrEnterPageInfoManually=Or create empty page from scratch...
 FetchAndCreate=Fetch and Create
 ExportSite=Export site
 IDOfPage=Id of page
-Banner=Bandeau
+Banner=Banner
 BlogPost=Blog post
 WebsiteAccount=Web site account
 WebsiteAccounts=Web site accounts
@ -65,4 +65,6 @@ DisableSiteFirst=Disable website first
 MyContainerTitle=My web site title
 AnotherContainer=Another container
 WEBSITE_USE_WEBSITE_ACCOUNTS=Enable the web site account table
-WEBSITE_USE_WEBSITE_ACCOUNTSTooltip=Enable the table to store web site accounts (login/pass) for each website / thirdparty
+WEBSITE_USE_WEBSITE_ACCOUNTSTooltip=Enable the table to store web site accounts (login/pass) for each website / thirdparty
+OnlyEditionOfSourceForGrabbedContentFuture=Note: only edition of HTML source will be possible when a page content is intiliazed by grabbing it from an external page (WYSIWYG editor will not be available)
+OnlyEditionOfSourceForGrabbedContent=Only edition of HTML source is possible when content was grabber from an external site
--- a/htdocs/product/fournisseurs.php
+++ b/htdocs/product/fournisseurs.php
@ -63,7 +63,9 @@ if (! empty($_REQUEST['search_fourn_id']))
 $fieldvalue = (! empty($id) ? $id : (! empty($ref) ? $ref : ''));
 $fieldtype = (! empty($ref) ? 'ref' : 'rowid');
 if ($user->societe_id) $socid=$user->societe_id;
-$result=restrictedArea($user,'produit|service&fournisseur',$fieldvalue,'product&product','','',$fieldtype);
+$result=restrictedArea($user,'produit|service',$fieldvalue,'product&product','','',$fieldtype);
+
+if (empty($user->rights->fournisseur->lire)) accessforbidden();

 $limit = GETPOST('limit','int')?GETPOST('limit','int'):$conf->liste_limit;
 $sortfield = GETPOST("sortfield",'alpha');
--- a/htdocs/website/class/websitepage.class.php
+++ b/htdocs/website/class/websitepage.class.php
@ -59,10 +59,12 @@ class WebsitePage extends CommonObject
 	public $keywords;
 	public $htmlheader;
 	public $content;
+	public $grabbed_from;
 	public $status;
 	public $date_creation;
 	public $date_modification;

+
 	// BEGIN MODULEBUILDER PROPERTIES
 	/**
     * @var array  Array with all fields and their property. Do not use it as a static var. It may be modified by constructor.
--- a/htdocs/website/index.php
+++ b/htdocs/website/index.php
@ -1476,6 +1476,12 @@ if (count($object->records) > 0)
 		//print '<input type="submit" class="button" name="refreshpage" value="'.$langs->trans("Load").'"'.($atleastonepage?'':' disabled="disabled"').'>';
 		print '<input type="image" class="valignbottom" src="'.img_picto('', 'refresh', '', 0, 1).'" name="refreshpage" value="'.$langs->trans("Load").'"'.($atleastonepage?'':' disabled="disabled"').'>';

+		$websitepage = new WebSitePage($db);
+		if ($pageid > 0 && ($action == 'preview' || $action == 'createfromclone' || $action == 'createpagefromclone'))
+		{
+			$websitepage->fetch($pageid);
+		}
+
 		if ($action == 'preview' || $action == 'createfromclone' || $action == 'createpagefromclone')
 		{
 			$disabled='';
@ -1516,7 +1522,15 @@ if (count($object->records) > 0)
 				print ' &nbsp; ';

 				print '<input type="submit" class="button nobordertransp"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("EditPageMeta")).'" name="editmeta">';
-				print '<input type="submit" class="button nobordertransp"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("EditWithEditor")).'" name="editcontent">';
+				if ($websitepage->grabbed_from)
+				{
+					print '<input type="submit" class="button nobordertransp" disabled="disabled" title="'.dol_escape_htmltag($langs->trans("OnlyEditionOfSourceForGrabbedContent")).'" value="'.dol_escape_htmltag($langs->trans("EditWithEditor")).'" name="editcontent">';
+				}
+				else
+				{
+					print '<input type="submit" class="button nobordertransp"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("EditWithEditor")).'" name="editcontent">';
+				}
+
 				print '<input type="submit" class="button nobordertransp"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("EditHTMLSource")).'" name="editsource">';
 				if ($object->fk_default_home > 0 && $pageid == $object->fk_default_home) print '<input type="submit" class="button nobordertransp" disabled="disabled" value="'.dol_escape_htmltag($langs->trans("SetAsHomePage")).'" name="setashome">';
 				else print '<input type="submit" class="button nobordertransp"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("SetAsHomePage")).'" name="setashome">';
@ -1529,11 +1543,8 @@ if (count($object->records) > 0)

 		print '<div class="websitetools">';

-		if ($website && $pageid > 0 && ($action == 'preview' || $action == 'createfromclone' || $action == 'createpagefromclone'))
+		if ($pageid > 0 && ($action == 'preview' || $action == 'createfromclone' || $action == 'createpagefromclone'))
 		{
-			$websitepage = new WebSitePage($db);
-			$websitepage->fetch($pageid);
-
 			$realpage=$urlwithroot.'/public/website/index.php?website='.$website.'&pageref='.$websitepage->pageurl;
 			$pagealias = $websitepage->pageurl;

@ -1894,8 +1905,9 @@ if ($action == 'editmeta' || $action == 'createcontainer')
 			print '<tr><td class="titlefield">';
 			print $langs->trans("URL");
 			print '</td><td>';
-			print '<input class="flat minwidth300" type="text" name="externalurl" value="'.dol_escape_htmltag(GETPOST('externalurl','alpha')).'" placeholder="http://externalsite/pagetofetch"> ';
+			print '<input class="flat minwidth300" type="text" name="externalurl" value="'.dol_escape_htmltag(GETPOST('externalurl','alpha')).'" placeholder="https://externalsite/pagetofetch"> ';
 			print '<input class="button" type="submit" name="fetchexternalurl" value="'.dol_escape_htmltag($langs->trans("FetchAndCreate")).'">';
+			print '<br><br>'.info_admin($langs->trans("OnlyEditionOfSourceForGrabbedContentFuture"), 0, 0, '1');
 			print '</td></tr>';
 			print '</table>';

--- a/test/phpunit/CodingPhpTest.php
+++ b/test/phpunit/CodingPhpTest.php
@ -196,10 +196,10 @@ class CodingPhpTest extends PHPUnit_Framework_TestCase
            $ok=true;
            $matches=array();
            // Check string   ='".$this->xxx   with xxx that is not 'escape'. It means we forget a db->escape when forging sql request.
-            preg_match_all('/(...................)\$_SERVER\[\'QUERY_STRING\'\]/', $filecontent, $matches, PREG_SET_ORDER);
+            preg_match_all('/(..............)\$_SERVER\[\'QUERY_STRING\'\]/', $filecontent, $matches, PREG_SET_ORDER);
            foreach($matches as $key => $val)
            {
-                if ($val[1] != 'dol_escape_htmltag(' && $val[1] != 'l_string_nohtmltag(')
+            	if ($val[1] != 'scape_htmltag(' && $val[1] != 'ing_nohtmltag(' && $val[1] != 'dol_escape_js(')
                {
                    $ok=false;
                    break;