Merge remote-tracking branch 'refs/remotes/Dolibarr/develop' into develop

2026-02-14 08:54:21 +01:00 · 2018-01-15 12:53:25 +01:00
parent 05d3b1bb5c f0d6099e5f
commit 9f2ecdd06f
24 changed files with 327 additions and 181 deletions
--- a/15
+++ b/15
@@ -2,6 +2,21 @@
 English Dolibarr ChangeLog
 --------------------------------------------------------------

+***** ChangeLog for 6.0.5 compared to 6.0.4 *****
+FIX: security vulnerability reported by ADLab of Venustech
+     CVE-2017-17897, CVE-2017-17898, CVE-2017-17899, CVE-2017-17900 
+FIX: #7379: Compatibility with PRODUCT_USE_OLD_PATH_FOR_PHOTO variable
+FIX: #7903
+FIX: #7933
+FIX: #8029 Unable to make leave request in holyday module
+FIX: Edit accountancy account and warning message on loan
+FIX: $accounts[$bid] is a label !
+FIX: $oldvatrateclean & $newvatrateclean must be set if preg_match === false
+FIX: product best price on product list
+FIX: search on contact list
+FIX: stats trad for customerinvoice
+FIX: translate unactivate on contractline
+
 ***** ChangeLog for 6.0.4 compared to 6.0.3 *****
 FIX: #7737
 FIX: #7751
--- a/htdocs/blockedlog/admin/blockedlog_list.php
+++ b/htdocs/blockedlog/admin/blockedlog_list.php
@@ -27,6 +27,7 @@ require_once DOL_DOCUMENT_ROOT.'/blockedlog/lib/blockedlog.lib.php';
 require_once DOL_DOCUMENT_ROOT.'/blockedlog/class/blockedlog.class.php';
 require_once DOL_DOCUMENT_ROOT.'/blockedlog/class/authority.class.php';
 require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
+require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';

 $langs->loadLangs(array("admin", "other", "blockedlog", "bills"));

@@ -37,17 +38,19 @@ $contextpage= GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'blockedlo
 $backtopage = GETPOST('backtopage','alpha');											// Go back to a dedicated page
 $optioncss  = GETPOST('optioncss','aZ');												// Option for the css output (always '' except when 'print')

-$showonlyerrors = GETPOST('showonlyerrors','int');
+$search_showonlyerrors = GETPOST('search_showonlyerrors','int');
+if ($search_showonlyerrors < 0) $search_showonlyerrors=0;

 $search_fk_user=GETPOST('search_fk_user','intcomma');
 $search_start = -1;
-if(GETPOST('search_startyear')!='') $search_start = dol_mktime(0, 0, 0, GETPOST('search_startmonth'), GETPOST('search_startday'), GETPOST('search_startyear'));
+if (GETPOST('search_startyear')!='') $search_start = dol_mktime(0, 0, 0, GETPOST('search_startmonth'), GETPOST('search_startday'), GETPOST('search_startyear'));
 $search_end = -1;
-if(GETPOST('search_endyear')!='') $search_end= dol_mktime(23, 59, 59, GETPOST('search_endmonth'), GETPOST('search_endday'), GETPOST('search_endyear'));
+if (GETPOST('search_endyear')!='') $search_end= dol_mktime(23, 59, 59, GETPOST('search_endmonth'), GETPOST('search_endday'), GETPOST('search_endyear'));
 $search_code = GETPOST('search_code', 'alpha');
 $search_ref = GETPOST('search_ref', 'alpha');
 $search_amount = GETPOST('search_amount', 'alpha');

+if (($search_start == -1 || empty($search_start)) && ! GETPOSTISSET('search_startmonth')) $search_start = dol_time_plus_duree(dol_now(), '-1', 'w');

 // Load variable for pagination
 $limit = GETPOST('limit','int')?GETPOST('limit','int'):$conf->liste_limit;
@@ -81,6 +84,7 @@ if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x',
 	$search_code = '';
 	$search_ref = '';
 	$search_amount = '';
+	$search_showonlyerrors = 0;
 	$toselect='';
 	$search_array_options=array();
 }
@@ -207,11 +211,20 @@ else

 llxHeader('',$langs->trans("BrowseBlockedLog"));

-$blocks = $block_static->getLog('all', 0, GETPOST('all','alpha') ? 0 : 50, $sortfield, $sortorder, $search_fk_user, $search_start, $search_end, $search_ref, $search_amount, $search_code);
+$MAXLINES = 10000;
+
+$blocks = $block_static->getLog('all', 0, $MAXLINES, $sortfield, $sortorder, $search_fk_user, $search_start, $search_end, $search_ref, $search_amount, $search_code);
 if (! is_array($blocks))
 {
-	dol_print_error($block_static->db);
-	exit;
+	if ($blocks == -2)
+	{
+		setEventMessages($langs->trans("TooManyRecordToScanRestrictFilters", $MAXLINES), null, 'errors');
+	}
+	else
+	{
+		dol_print_error($block_static->db, $block_static->error, $block_static->errors);
+		exit;
+	}
 }

 $linkback='';
@@ -235,10 +248,15 @@ print '<br>';
 $param='';
 if (! empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param.='&contextpage='.urlencode($contextpage);
 if ($limit > 0 && $limit != $conf->liste_limit) $param.='&limit='.urlencode($limit);
-if ($search_fk_user > 0) $param.='&search_fk_user='.urlencode($search_fk_user);
-if ($search_start > 0)   $param.='&search_startyear='.urlencode(GETPOST('search_startyear','int')).'&search_startmonth='.urlencode(GETPOST('search_startmonth','int')).'&search_startday='.urlencode(GETPOST('search_startday','int'));
-if ($search_end > 0)     $param.='&search_endyear='.urlencode(GETPOST('search_endyear','int')).'&search_endmonth='.urlencode(GETPOST('search_endmonth','int')).'&search_endday='.urlencode(GETPOST('search_endday','int'));
-if ($optioncss != '')    $param.='&optioncss='.urlencode($optioncss);
+if ($search_fk_user > 0)    $param.='&search_fk_user='.urlencode($search_fk_user);
+if ($search_startyear > 0)  $param.='&search_startyear='.urlencode(GETPOST('search_startyear','int'));
+if ($search_startmonth > 0) $param.='&search_startmonth='.urlencode(GETPOST('search_startmonth','int'));
+if ($search_startday > 0)   $param.='&search_startday='.urlencode(GETPOST('search_startday','int'));
+if ($search_endyear > 0)    $param.='&search_endyear='.urlencode(GETPOST('search_endyear','int'));
+if ($search_endmonth > 0)   $param.='&search_endmonth='.urlencode(GETPOST('search_endmonth','int'));
+if ($search_endday > 0)     $param.='&search_endday='.urlencode(GETPOST('search_endday','int'));
+if ($search_showonlyerrors > 0) $param.='&search_showonlyerrors='.urlencode($search_showonlyerrors);
+if ($optioncss != '')       $param.='&optioncss='.urlencode($optioncss);
 if (GETPOST('withtab','alpha')) $param.='&withtab='.urlencode(GETPOST('withtab','alpha'));

 // Add $param from extra fields
@@ -246,9 +264,9 @@ if (GETPOST('withtab','alpha')) $param.='&withtab='.urlencode(GETPOST('withtab',


 print '<div align="right">';
-print ' <a href="?all=1'.(GETPOST('withtab','alpha')?'&withtab='.GETPOST('withtab','alpha'):'').'">'.$langs->trans('ShowAllFingerPrintsMightBeTooLong').'</a>';
-print ' | <a href="?all=1&showonlyerrors=1'.(GETPOST('withtab','alpha')?'&withtab='.GETPOST('withtab','alpha'):'').'">'.$langs->trans('ShowAllFingerPrintsErrorsMightBeTooLong').'</a>';
-print ' | <a href="?action=downloadcsv'.(GETPOST('withtab','alpha')?'&withtab='.GETPOST('withtab','alpha'):'').'">'.$langs->trans('DownloadLogCSV').'</a>';
+//print ' <a href="?all=1'.(GETPOST('withtab','alpha')?'&withtab='.GETPOST('withtab','alpha'):'').'">'.$langs->trans('ShowAllFingerPrintsMightBeTooLong').'</a>';
+//print ' | <a href="?all=1&search_showonlyerrors=1'.(GETPOST('withtab','alpha')?'&withtab='.GETPOST('withtab','alpha'):'').'">'.$langs->trans('ShowAllFingerPrintsErrorsMightBeTooLong').'</a>';
+print ' <a href="?action=downloadcsv'.(GETPOST('withtab','alpha')?'&withtab='.GETPOST('withtab','alpha'):'').'">'.$langs->trans('DownloadLogCSV').'</a>';
 if (!empty($conf->global->BLOCKEDLOG_USE_REMOTE_AUTHORITY)) print ' | <a href="?action=downloadblockchain'.(GETPOST('withtab','alpha')?'&withtab='.GETPOST('withtab','alpha'):'').'">'.$langs->trans('DownloadBlockChain').'</a>';
 print ' </div>';

@@ -300,9 +318,18 @@ print '<td class="liste_titre"></td>';
 // Amount
 print '<td class="liste_titre right"><input type="text" class="maxwidth50" name="search_amount" value="'.dol_escape_htmltag($search_amount).'"></td>';

+// Full data
 print '<td class="liste_titre"></td>';
+
+// Fingerprint
 print '<td class="liste_titre"></td>';

+// Status
+print '<td class="liste_titre">';
+$array=array("1"=>$langs->trans("OnlyNonValid"));
+print $form->selectarray('search_showonlyerrors', $array, $search_showonlyerrors, 1);
+print '</td>';
+
 // Action column
 print '<td class="liste_titre" align="middle">';
 $searchpicto=$form->showFilterButtons();
@@ -321,12 +348,13 @@ print getTitleFieldOfList('', 0, $_SERVER["PHP_SELF"],'','',$param,'',$sortfield
 print getTitleFieldOfList($langs->trans('Amount'), 0, $_SERVER["PHP_SELF"],'','',$param,'align="right"',$sortfield,$sortorder,'')."\n";
 print getTitleFieldOfList($langs->trans('DataOfArchivedEvent'), 0, $_SERVER["PHP_SELF"],'','',$param,'align="center"',$sortfield,$sortorder,'')."\n";
 print getTitleFieldOfList($langs->trans('Fingerprint'), 0, $_SERVER["PHP_SELF"],'','',$param,'',$sortfield,$sortorder,'')."\n";
+print getTitleFieldOfList($langs->trans('Status'), 0, $_SERVER["PHP_SELF"],'','',$param,'align="center"',$sortfield,$sortorder,'')."\n";
 print getTitleFieldOfList('<span id="blockchainstatus"></span>', 0, $_SERVER["PHP_SELF"],'','',$param,'align="center"',$sortfield,$sortorder,'')."\n";
 print '</tr>';

 if (! empty($conf->global->BLOCKEDLOG_SCAN_ALL_FOR_LOWERIDINERROR))
 {
-	// This is version that is faster memory but require more memory and report errors that are outside the filter range
+	// This is version that is faster but require more memory and report errors that are outside the filter range

 	// TODO Make a full scan of table in reverse order of id of $block, so we can use the parameter $previoushash into checkSignature to save requests
 	// to find the $loweridinerror.
@@ -334,66 +362,76 @@ if (! empty($conf->global->BLOCKEDLOG_SCAN_ALL_FOR_LOWERIDINERROR))
 }
 else
 {
-	// This is version that optimize memory (but will not report error that are outside the filter range)
+	// This is version that optimize the memory (but will not report errors that are outside the filter range)
 	$loweridinerror=0;
 	$checkresult=array();
-	foreach($blocks as &$block) {
-		$checksignature = $block->checkSignature();	// Note: this make a sql request at each call, we can't avoid this as the sorting order is various
-		$checkresult[$block->id]=$checksignature;	// false if error
-		if (! $checksignature)
+	if (is_array($blocks))
+	{
+		foreach($blocks as &$block)
 		{
-			if (empty($loweridinerror)) $loweridinerror=$block->id;
-			else $loweridinerror = min($loweridinerror, $block->id);
+			$checksignature = $block->checkSignature();	// Note: this make a sql request at each call, we can't avoid this as the sorting order is various
+			$checkresult[$block->id]=$checksignature;	// false if error
+			if (! $checksignature)
+			{
+				if (empty($loweridinerror)) $loweridinerror=$block->id;
+				else $loweridinerror = min($loweridinerror, $block->id);
+			}
 		}
 	}
 }

-foreach($blocks as &$block) {
-	$object_link = $block->getObjectLink();
-
-	if (empty($showonlyerrors) || ! $checkresult[$block->id] || ($loweridinerror && $block->id >= $loweridinerror))
+if (is_array($blocks))
+{
+	foreach($blocks as &$block)
 	{
-	   	print '<tr class="oddeven">';
-	   	// ID
-	   	print '<td>'.$block->id.'</td>';
-	   	// Date
-	   	print '<td>'.dol_print_date($block->tms,'dayhour').'</td>';
-		// User
-	   	print '<td>';
-	   	//print $block->getUser()
-	   	print $block->user_fullname;
-	   	print '</td>';
-	   	// Action
-	   	print '<td>'.$langs->trans('log'.$block->action).'</td>';
-	   	// Ref
-	   	print '<td>'.$block->ref_object.'</td>';
-	   	// Link to source object
-	   	print '<td>'.$object_link.'</td>';
-	   	print '<td align="right">'.price($block->amounts).'</td>';
-	   	print '<td align="center"><a href="#" data-blockid="'.$block->id.'" rel="show-info">'.img_info($langs->trans('ShowDetails')).'</a></td>';
+		$object_link = $block->getObjectLink();

-	   	print '<td>';
-	   	print $form->textwithpicto(dol_trunc($block->signature, '12'), $block->signature);
-	   	print '</td>';
+		if (empty($search_showonlyerrors) || ! $checkresult[$block->id] || ($loweridinerror && $block->id >= $loweridinerror))
+		{
+		   	print '<tr class="oddeven">';
+		   	// ID
+		   	print '<td>'.$block->id.'</td>';
+		   	// Date
+		   	print '<td>'.dol_print_date($block->date_creation,'dayhour').'</td>';
+			// User
+		   	print '<td>';
+		   	//print $block->getUser()
+		   	print $block->user_fullname;
+		   	print '</td>';
+		   	// Action
+		   	print '<td>'.$langs->trans('log'.$block->action).'</td>';
+		   	// Ref
+		   	print '<td class="nowrap">'.$block->ref_object.'</td>';
+		   	// Link to source object
+		   	print '<td>'.$object_link.'</td>';
+		   	print '<td align="right">'.price($block->amounts).'</td>';
+		   	print '<td align="center"><a href="#" data-blockid="'.$block->id.'" rel="show-info">'.img_info($langs->trans('ShowDetails')).'</a></td>';

-	   	print '<td class="center">';
-	   	if (! $checkresult[$block->id] || ($loweridinerror && $block->id >= $loweridinerror))	// If error
-	   	{
-	   		if ($checkresult[$block->id]) print img_picto($langs->trans('OkCheckFingerprintValidityButChainIsKo'), 'statut1');
-	   		else print img_picto($langs->trans('KoCheckFingerprintValidity'), 'statut8');
-	   	}
-	   	else
-	   	{
-	   		print img_picto($langs->trans('OkCheckFingerprintValidity'), 'statut4');
-	   	}
+		   	print '<td>';
+		   	print $form->textwithpicto(dol_trunc($block->signature, '12'), $block->signature);
+		   	print '</td>';

-	   	if(!empty($conf->global->BLOCKEDLOG_USE_REMOTE_AUTHORITY) && !empty($conf->global->BLOCKEDLOG_AUTHORITY_URL)) {
-	   		print ' '.($block->certified ? img_picto($langs->trans('AddedByAuthority'), 'info') :  img_picto($langs->trans('NotAddedByAuthorityYet'), 'info_black') );
-	   	}
-		print '</td>';
+		   	print '<td class="center">';
+		   	if (! $checkresult[$block->id] || ($loweridinerror && $block->id >= $loweridinerror))	// If error
+		   	{
+		   		if ($checkresult[$block->id]) print img_picto($langs->trans('OkCheckFingerprintValidityButChainIsKo'), 'statut1');
+		   		else print img_picto($langs->trans('KoCheckFingerprintValidity'), 'statut8');
+		   	}
+		   	else
+		   	{
+		   		print img_picto($langs->trans('OkCheckFingerprintValidity'), 'statut4');
+		   	}

-		print '</tr>';
+		   	if(!empty($conf->global->BLOCKEDLOG_USE_REMOTE_AUTHORITY) && !empty($conf->global->BLOCKEDLOG_AUTHORITY_URL)) {
+		   		print ' '.($block->certified ? img_picto($langs->trans('AddedByAuthority'), 'info') :  img_picto($langs->trans('NotAddedByAuthorityYet'), 'info_black') );
+		   	}
+			print '</td>';

+			print '<td></td>';
+
+			print '</tr>';
+
+		}
 	}
 }

--- a/htdocs/blockedlog/class/blockedlog.class.php
+++ b/htdocs/blockedlog/class/blockedlog.class.php
@@ -364,6 +364,8 @@ class BlockedLog
 				))) continue;									// Discard if not into a dedicated list
 				if (!is_object($value)) $this->object_data->{$key} = $value;
 			}
+
+			if (! empty($object->newref)) $this->object_data->ref = $object->newref;
 		}
 		elseif ($this->element == 'invoice_supplier')
 		{
@@ -375,6 +377,8 @@ class BlockedLog
 				))) continue;									// Discard if not into a dedicated list
 				if (!is_object($value)) $this->object_data->{$key} = $value;
 			}
+
+			if (! empty($object->newref)) $this->object_data->ref = $object->newref;
 		}
 		elseif ($this->element == 'payment' || $this->element == 'payment_supplier' || $this->element == 'payment_donation')
 		{
@@ -474,10 +478,14 @@ class BlockedLog
 			}

 			$this->object_data->amount = $totalamount;
+
+			if (! empty($object->newref)) $this->object_data->ref = $object->newref;
 		}
 		elseif($this->element == 'payment_salary')
 		{
 			$this->object_data->amounts = array($object->amount);
+
+			if (! empty($object->newref)) $this->object_data->ref = $object->newref;
 		}

 		return 1;
@@ -780,7 +788,7 @@ class BlockedLog
 	 *  @param	string	$search_ref		search ref
 	 *  @param	string	$search_amount	search amount
 	 *  @param	string	$search_code	search code
-	 *	@return	array					array of object log
+	 *	@return	array|int				Array of object log or <0 if error
 	 */
 	public function getLog($element, $fk_object, $limit = 0, $sortfield = '', $sortorder = '', $search_fk_user = -1, $search_start = -1, $search_end = -1, $search_ref='', $search_amount='', $search_code='')
 	{
@@ -818,16 +826,25 @@ class BlockedLog
 		if ($search_code != '' && $search_code != '-1')   $sql.=natural_search("action", $search_code, 3);

 		$sql.=$this->db->order($sortfield, $sortorder);
-		$sql.=$this->db->plimit($limit);
+		$sql.=$this->db->plimit($limit+1);					// We want more, because we will stop into loop later with error if we reach max

 		$res = $this->db->query($sql);
 		if($res) {

 			$results=array();

-			while ($obj = $this->db->fetch_object($res)) {
+			$i = 0;
+			while ($obj = $this->db->fetch_object($res))
+			{
+				$i++;
+				if ($i > $limit)
+				{
+					// Too many record, we will consume too much memory
+					return -2;
+				}

-				if (!isset($cachedlogs[$obj->rowid])) {
+				if (!isset($cachedlogs[$obj->rowid]))
+				{
 					$b=new BlockedLog($this->db);
 					$b->fetch($obj->rowid);

@@ -839,9 +856,8 @@ class BlockedLog

 			return $results;
 		}
-		else{
-			return false;
-		}
+
+		return -1;
 	}

 	/**
--- a/htdocs/comm/mailing/card.php
+++ b/htdocs/comm/mailing/card.php
@@ -1095,7 +1095,7 @@ else
 			$htmltext.='</i>';

 			// Print mail content
-			print load_fiche_titre($langs->trans("EMail"), $form->textwithpicto($langs->trans("AvailableVariables"), $htmltext, 1, 'help', '', 0, 2, 'emailsubstitionhelp'), 'title_generic');
+			print load_fiche_titre($langs->trans("EMail"), $form->textwithpicto('<span class="hideonsmartphone">'.$langs->trans("AvailableVariables").'</span>', $htmltext, 1, 'help', '', 0, 2, 'emailsubstitionhelp'), 'title_generic');

 			dol_fiche_head('', '', '', -1);

--- a/htdocs/comm/propal/list.php
+++ b/htdocs/comm/propal/list.php
@@ -141,7 +141,7 @@ $checkedtypetiers=0;
 $arrayfields=array(
 	'p.ref'=>array('label'=>$langs->trans("Ref"), 'checked'=>1),
 	'p.ref_client'=>array('label'=>$langs->trans("RefCustomer"), 'checked'=>1),
-        'pr.ref'=>array('label'=>$langs->trans("Project"), 'checked'=>1, 'enabled'=>$conf->projet->enabled),
+	'pr.ref'=>array('label'=>$langs->trans("Project"), 'checked'=>1, 'enabled'=>(empty($conf->projet->enabled)?0:1)),
 	's.nom'=>array('label'=>$langs->trans("ThirdParty"), 'checked'=>1),
 	's.town'=>array('label'=>$langs->trans("Town"), 'checked'=>1),
 	's.zip'=>array('label'=>$langs->trans("Zip"), 'checked'=>1),
@@ -191,7 +191,7 @@ if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x',
 	$search_sale='';
 	$search_ref='';
 	$search_refcustomer='';
-	$search_refproject=''; 	
+	$search_refproject='';
 	$search_societe='';
 	$search_montant_ht='';
 	$search_montant_vat='';
--- a/htdocs/commande/list.php
+++ b/htdocs/commande/list.php
@@ -664,7 +664,7 @@ if ($resql)
 			-3=>$langs->trans("StatusOrderValidatedShort").'+'.$langs->trans("StatusOrderSentShort").'+'.$langs->trans("StatusOrderDelivered"),
 			Commande::STATUS_CANCELED=>$langs->trans("StatusOrderCanceledShort")
 		);
-		print $form->selectarray('viewstatut', $liststatus, $viewstatut, -4);
+		print $form->selectarray('viewstatut', $liststatus, $viewstatut, -4, 0, 0, '', 0, 0, 0, '', 'maxwidth100');
 		print '</td>';
 	}
 	// Status billed
--- a/htdocs/compta/facture/fiche-rec.php
+++ b/htdocs/compta/facture/fiche-rec.php
@@ -1299,13 +1299,13 @@ else

 		print '<table class="border" width="100%">';

-		print '<tr><td class="titlefield">'.$langs->trans("Author").'</td><td colspan="3">'.$author->getFullName($langs)."</td></tr>";
+		print '<tr><td class="titlefield">'.$langs->trans("Author").'</td><td>'.$author->getFullName($langs)."</td></tr>";

 		print '<tr><td>'.$langs->trans("AmountHT").'</td>';
-		print '<td colspan="3">'.price($object->total_ht,'',$langs,1,-1,-1,$conf->currency).'</td>';
+		print '<td>'.price($object->total_ht,'',$langs,1,-1,-1,$conf->currency).'</td>';
 		print '</tr>';

-		print '<tr><td>'.$langs->trans("AmountVAT").'</td><td colspan="3">'.price($object->total_tva,'',$langs,1,-1,-1,$conf->currency).'</td>';
+		print '<tr><td>'.$langs->trans("AmountVAT").'</td><td>'.price($object->total_tva,'',$langs,1,-1,-1,$conf->currency).'</td>';
 		print '</tr>';

 		// Amount Local Taxes
@@ -1332,7 +1332,7 @@ else
 		if ($object->type != Facture::TYPE_CREDIT_NOTE && $action != 'editconditions' && ! empty($object->brouillon) && $user->rights->facture->creer)
 			print '<td align="right"><a href="' . $_SERVER["PHP_SELF"] . '?action=editconditions&amp;facid=' . $object->id . '">' . img_edit($langs->trans('SetConditions'), 1) . '</a></td>';
 		print '</tr></table>';
-		print '</td><td colspan="3">';
+		print '</td><td>';
 		if ($object->type != Facture::TYPE_CREDIT_NOTE)
 		{
 			if ($action == 'editconditions')
@@ -1356,7 +1356,7 @@ else
 		if ($action != 'editmode' && ! empty($object->brouillon) && $user->rights->facture->creer)
 			print '<td align="right"><a href="' . $_SERVER["PHP_SELF"] . '?action=editmode&amp;facid=' . $object->id . '">' . img_edit($langs->trans('SetMode'), 1) . '</a></td>';
 		print '</tr></table>';
-		print '</td><td colspan="3">';
+		print '</td><td>';
 		if ($action == 'editmode')
 		{
 			$form->form_modes_reglement($_SERVER['PHP_SELF'].'?facid='.$object->id, $object->mode_reglement_id, 'mode_reglement_id', 'CRDT');
@@ -1396,16 +1396,16 @@ else
 		// Note public
 		print '<tr><td>';
 		print $form->editfieldkey($form->textwithpicto($langs->trans('NotePublic'), $htmltext, 1, 'help', '', 0, 2, 'notepublic'), 'note_public', $object->note_public, $object, $user->rights->facture->creer);
-		print '</td><td colspan="5">';
-		print $form->editfieldval($langs->trans("NotePublic"), 'note_public', $object->note_public, $object, $user->rights->facture->creer, 'textarea:'.ROWS_4.':60');
+		print '</td><td>';
+		print $form->editfieldval($langs->trans("NotePublic"), 'note_public', $object->note_public, $object, $user->rights->facture->creer, 'textarea:'.ROWS_4.':90%', '', null, null, '', 1);
 		print '</td>';
 		print '</tr>';

 		// Note private
 		print '<tr><td>';
 		print $form->editfieldkey($form->textwithpicto($langs->trans("NotePrivate"), $htmltext, 1, 'help', '', 0, 2, 'noteprivate'), 'note_private', $object->note_private, $object, $user->rights->facture->creer);
-		print '</td><td colspan="5">';
-		print $form->editfieldval($langs->trans("NotePrivate"), 'note_private', $object->note_private, $object, $user->rights->facture->creer, 'textarea:'.ROWS_4.':60');
+		print '</td><td>';
+		print $form->editfieldval($langs->trans("NotePrivate"), 'note_private', $object->note_private, $object, $user->rights->facture->creer, 'textarea:'.ROWS_4.':90%', '', null, null, '', 1);
 		print '</td>';
 		print '</tr>';

@@ -1419,7 +1419,7 @@ else
 		if (($action != 'editbankaccount') && $user->rights->facture->creer && ! empty($object->brouillon))
 			print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editbankaccount&amp;id='.$object->id.'">'.img_edit($langs->trans('SetBankAccount'),1).'</a></td>';
 		print '</tr></table>';
-		print '</td><td colspan="3">';
+		print '</td><td>';
 		if ($action == 'editbankaccount')
 		{
 			$form->formSelectAccount($_SERVER['PHP_SELF'].'?id='.$object->id, $object->fk_account, 'fk_account', 1);
@@ -1441,7 +1441,7 @@ else
        if (($action != 'editmodelpdf') && $user->rights->facture->creer && ! empty($object->brouillon))
            print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editmodelpdf&amp;id='.$object->id.'">'.img_edit($langs->trans('SetModel'),1).'</a></td>';
        print '</tr></table>';
-        print '</td><td colspan="3">';
+        print '</td><td>';
        if ($action == 'editmodelpdf')
        {
            include_once DOL_DOCUMENT_ROOT . '/core/modules/facture/modules_facture.php';
--- a/htdocs/core/class/extrafields.class.php
+++ b/htdocs/core/class/extrafields.class.php
@@ -143,11 +143,12 @@ class ExtraFields
 	 *  @param	int				$list				Visibilty
 	 *  @param	int				$ishidden			Deprecated. Use visibility instead.
 	 *  @param  string  		$computed           Computed value
-	 *  @param  string  		$entity    		 	Entity of extrafields
+	 *  @param  string  		$entity    		 	Entity of extrafields (for multicompany modules)
 	 *  @param  string  		$langfile  		 	Language file
+	 *  @param  string  		$enabled  		 	Condition to have the field enabled or not
 	 *  @return int      							<=0 if KO, >0 if OK
 	 */
-	function addExtraField($attrname, $label, $type, $pos, $size, $elementtype, $unique=0, $required=0, $default_value='', $param='', $alwayseditable=0, $perms='', $list=-1, $ishidden=0, $computed='', $entity='', $langfile='')
+	function addExtraField($attrname, $label, $type, $pos, $size, $elementtype, $unique=0, $required=0, $default_value='', $param='', $alwayseditable=0, $perms='', $list=-1, $ishidden=0, $computed='', $entity='', $langfile='', $enabled='1')
 	{
 		if (empty($attrname)) return -1;
 		if (empty($label)) return -1;
@@ -164,7 +165,7 @@ class ExtraFields
 		if ($result > 0 || $err1 == 'DB_ERROR_COLUMN_ALREADY_EXISTS' || $type == 'separate')
 		{
 			// Add declaration of field into table
-			$result2=$this->create_label($attrname, $label, $type, $pos, $size, $elementtype, $unique, $required, $param, $alwayseditable, $perms, $list, $ishidden, $default, $computed, $entity, $langfile);
+			$result2=$this->create_label($attrname, $label, $type, $pos, $size, $elementtype, $unique, $required, $param, $alwayseditable, $perms, $list, $ishidden, $default, $computed, $entity, $langfile, $enabled);
 			$err2=$this->errno;
 			if ($result2 > 0 || ($err1 == 'DB_ERROR_COLUMN_ALREADY_EXISTS' && $err2 == 'DB_ERROR_RECORD_ALREADY_EXISTS'))
 			{
@@ -286,9 +287,10 @@ class ExtraFields
 	 *  @param  string          $computed       Computed value
 	 *  @param  string          $entity     	Entity of extrafields
 	 *  @param	string			$langfile		Language file
+	 *  @param  string  		$enabled  		Condition to have the field enabled or not
 	 *  @return	int								<=0 if KO, >0 if OK
 	 */
-	private function create_label($attrname, $label='', $type='', $pos=0, $size=0, $elementtype='member', $unique=0, $required=0, $param='', $alwayseditable=0, $perms='', $list=-1, $ishidden=0, $default='', $computed='',$entity='', $langfile='')
+	private function create_label($attrname, $label='', $type='', $pos=0, $size=0, $elementtype='member', $unique=0, $required=0, $param='', $alwayseditable=0, $perms='', $list=-1, $ishidden=0, $default='', $computed='',$entity='', $langfile='', $enabled='1')
 	{
 		global $conf,$user;

@@ -298,6 +300,9 @@ class ExtraFields
 		// Clean parameters
 		if (empty($pos)) $pos=0;
 		if (empty($list)) $list=0;
+		if (empty($required)) $required=0;
+		if (empty($unique)) $unique=0;
+		if (empty($alwayseditable)) $alwayseditable=0;

 		if (! empty($attrname) && preg_match("/^\w[a-zA-Z0-9-_]*$/",$attrname) && ! is_numeric($attrname))
 		{
@@ -333,19 +338,20 @@ class ExtraFields
 			$sql.= " fieldcomputed,";
 			$sql.= " fk_user_author,";
 			$sql.= " fk_user_modif,";
-			$sql.= " datec";
+			$sql.= " datec,";
+			$sql.= " enabled";
 			$sql.= " )";
 			$sql.= " VALUES('".$attrname."',";
 			$sql.= " '".$this->db->escape($label)."',";
-			$sql.= " '".$type."',";
-			$sql.= " '".$pos."',";
-			$sql.= " '".$size."',";
+			$sql.= " '".$this->db->escape($type)."',";
+			$sql.= " ".$pos.",";
+			$sql.= " '".$this->db->escape($size)."',";
 			$sql.= " ".($entity===''?$conf->entity:$entity).",";
-			$sql.= " '".$elementtype."',";
-			$sql.= " '".$unique."',";
-			$sql.= " '".$required."',";
-			$sql.= " '".$params."',";
-			$sql.= " '".$alwayseditable."',";
+			$sql.= " '".$this->db->escape($elementtype)."',";
+			$sql.= " ".$unique.",";
+			$sql.= " ".$required.",";
+			$sql.= " '".$this->db->escape($params)."',";
+			$sql.= " ".$alwayseditable.",";
 			$sql.= " ".($perms?"'".$this->db->escape($perms)."'":"null").",";
 			$sql.= " ".($langfile?"'".$this->db->escape($langfile)."'":"null").",";
 			$sql.= " ".$list.",";
@@ -353,7 +359,8 @@ class ExtraFields
 			$sql.= " ".($computed?"'".$this->db->escape($computed)."'":"null").",";
 			$sql .= " " . $user->id . ",";
 			$sql .= " " . $user->id . ",";
-			$sql .= "'" . $this->db->idate(dol_now()) . "'";
+			$sql .= "'" . $this->db->idate(dol_now()) . "',";
+			$sql.= " ".($enabled?"'".$this->db->escape($enabled)."'":"1");
 			$sql.=')';

 			dol_syslog(get_class($this)."::create_label", LOG_DEBUG);
@@ -488,9 +495,10 @@ class ExtraFields
 	 *  @param  string  $computed           Computed value
 	 *  @param  string  $entity	            Entity of extrafields
 	 *  @param	string	$langfile			Language file
+	 *  @param  string  $enabled  			Condition to have the field enabled or not
 	 * 	@return	int							>0 if OK, <=0 if KO
 	 */
-	function update($attrname, $label, $type, $length, $elementtype, $unique=0, $required=0, $pos=0, $param='', $alwayseditable=0, $perms='', $list='', $ishidden=0, $default='', $computed='', $entity='', $langfile='')
+	function update($attrname, $label, $type, $length, $elementtype, $unique=0, $required=0, $pos=0, $param='', $alwayseditable=0, $perms='', $list='', $ishidden=0, $default='', $computed='', $entity='', $langfile='', $enabled='1')
 	{
 		if ($elementtype == 'thirdparty') $elementtype='societe';
 		if ($elementtype == 'contact') $elementtype='socpeople';
@@ -538,7 +546,7 @@ class ExtraFields
 			{
 				if ($label)
 				{
-					$result=$this->update_label($attrname,$label,$type,$length,$elementtype,$unique,$required,$pos,$param,$alwayseditable,$perms,$list,$ishidden,$default,$computed,$entity,$langfile);
+					$result=$this->update_label($attrname,$label,$type,$length,$elementtype,$unique,$required,$pos,$param,$alwayseditable,$perms,$list,$ishidden,$default,$computed,$entity,$langfile,$enabled);
 				}
 				if ($result > 0)
 				{
@@ -594,26 +602,32 @@ class ExtraFields
 	 *  @param  string  $computed           Computed value
 	 *  @param  string  $entity     		Entity of extrafields
 	 *  @param	string	$langfile			Language file
+	 *  @param  string  $enabled  			Condition to have the field enabled or not
 	 *  @return	int							<=0 if KO, >0 if OK
 	 */
-	private function update_label($attrname,$label,$type,$size,$elementtype,$unique=0,$required=0,$pos=0,$param='',$alwayseditable=0,$perms='',$list=0,$ishidden=0,$default='',$computed='',$entity='',$langfile='')
+	private function update_label($attrname,$label,$type,$size,$elementtype,$unique=0,$required=0,$pos=0,$param='',$alwayseditable=0,$perms='',$list=0,$ishidden=0,$default='',$computed='',$entity='',$langfile='',$enabled='1')
 	{
 		global $conf, $user;
-		dol_syslog(get_class($this)."::update_label ".$attrname.", ".$label.", ".$type.", ".$size.", ".$elementtype.", ".$unique.", ".$required.", ".$pos.", ".$alwayseditable.", ".$perms.", ".$list.", ".$ishidden.", ".$default.", ".$computed.", ".$entity.", ".$langfile);
+		dol_syslog(get_class($this)."::update_label ".$attrname.", ".$label.", ".$type.", ".$size.", ".$elementtype.", ".$unique.", ".$required.", ".$pos.", ".$alwayseditable.", ".$perms.", ".$list.", ".$ishidden.", ".$default.", ".$computed.", ".$entity.", ".$langfile.", ".$enabled);

 		// Clean parameters
 		if ($elementtype == 'thirdparty') $elementtype='societe';
 		if ($elementtype == 'contact') $elementtype='socpeople';

+		if (empty($pos)) $pos=0;
 		if (empty($list)) $list=0;
+		if (empty($required)) $required=0;
+		if (empty($unique)) $unique=0;
+		if (empty($alwayseditable)) $alwayseditable=0;

 		if (isset($attrname) && $attrname != '' && preg_match("/^\w[a-zA-Z0-9-_]*$/",$attrname))
 		{
 			$this->db->begin();

-			if(is_array($param) && count($param) > 0)
+			if (is_array($param))
 			{
-				$param = $this->db->escape(serialize($param));
+				if (count($param) > 0) $param = $this->db->escape(serialize($param));
+				else $param='';
 			}

 			$sql_del = "DELETE FROM ".MAIN_DB_PREFIX."extrafields";
@@ -642,27 +656,29 @@ class ExtraFields
 			$sql.= " fieldcomputed,";
 			$sql.= " fk_user_author,";
 			$sql.= " fk_user_modif,";
-			$sql.= " datec";
+			$sql.= " datec,";
+			$sql.= " enabled";
 			$sql.= ") VALUES (";
 			$sql.= "'".$attrname."',";
 			$sql.= " ".($entity===''?$conf->entity:$entity).",";
 			$sql.= " '".$this->db->escape($label)."',";
-			$sql.= " '".$type."',";
-			$sql.= " '".$size."',";
-			$sql.= " '".$elementtype."',";
-			$sql.= " '".$unique."',";
-			$sql.= " '".$required."',";
+			$sql.= " '".$this->db->escape($type)."',";
+			$sql.= " '".$this->db->escape($size)."',";
+			$sql.= " '".$this->db->escape($elementtype)."',";
+			$sql.= " ".$unique.",";
+			$sql.= " ".$required.",";
 			$sql.= " ".($perms?"'".$this->db->escape($perms)."'":"null").",";
 			$sql.= " ".($langfile?"'".$this->db->escape($langfile)."'":"null").",";
-			$sql.= " '".$pos."',";
-			$sql.= " '".$alwayseditable."',";
-			$sql.= " '".$param."',";
+			$sql.= " ".$pos.",";
+			$sql.= " '".$this->db->escape($alwayseditable)."',";
+			$sql.= " '".$this->db->escape($param)."',";
 			$sql.= " ".$list.", ";
 			$sql.= " ".(($default!='')?"'".$this->db->escape($default)."'":"null").",";
 			$sql.= " ".($computed?"'".$this->db->escape($computed)."'":"null").",";
 			$sql .= " " . $user->id . ",";
 			$sql .= " " . $user->id . ",";
-			$sql .= "'" . $this->db->idate(dol_now()) . "'";
+			$sql .= "'" . $this->db->idate(dol_now()) . "',";
+			$sql .= "'" . $this->db->escape($enabled). "'";
 			$sql.= ")";

 			$resql2=$this->db->query($sql);
@@ -683,7 +699,6 @@ class ExtraFields
 		{
 			return 0;
 		}
-
 	}


@@ -1706,9 +1721,16 @@ class ExtraFields
 					$error_field_required[] = $value;
 				}

-				if (in_array($key_type,array('date','datetime')))
+				if (in_array($key_type,array('date')))
 				{
 					// Clean parameters
+					// TODO GMT date in memory must be GMT so we should add gm=true in parameters
+					$value_key=dol_mktime(0, 0, 0, $_POST["options_".$key."month"], $_POST["options_".$key."day"], $_POST["options_".$key."year"]);
+				}
+				elseif (in_array($key_type,array('datetime')))
+				{
+					// Clean parameters
+					// TODO GMT date in memory must be GMT so we should add gm=true in parameters
 					$value_key=dol_mktime($_POST["options_".$key."hour"], $_POST["options_".$key."min"], 0, $_POST["options_".$key."month"], $_POST["options_".$key."day"], $_POST["options_".$key."year"]);
 				}
 				else if (in_array($key_type,array('checkbox','chkbxlst')))
@@ -1747,12 +1769,12 @@ class ExtraFields
 	}

 	/**
-	 * return array_options array for object by extrafields value (using for data send by forms)
+	 * return array_options array of data of extrafields value of object sent by a search form
 	 *
 	 * @param  array   $extralabels    $array of extrafields
 	 * @param  string  $keyprefix      Prefix string to add into name and id of field (can be used to avoid duplicate names)
 	 * @param  string  $keysuffix      Suffix string to add into name and id of field (can be used to avoid duplicate names)
-	 * @return int                     1 if array_options set / 0 if no value
+	 * @return array|int               array_options set or 0 if no value
 	 */
 	function getOptionalsFromPost($extralabels,$keyprefix='',$keysuffix='')
 	{
--- a/htdocs/core/class/html.form.class.php
+++ b/htdocs/core/class/html.form.class.php
@@ -135,7 +135,7 @@ class Form
 	 * @param	string	$value			Value to show/edit
 	 * @param	object	$object			Object
 	 * @param	boolean	$perm			Permission to allow button to edit parameter
-	 * @param	string	$typeofdata		Type of data ('string' by default, 'email', 'amount:99', 'numeric:99', 'text' or 'textarea:rows:cols', 'datepicker' ('day' do not work, don't know why), 'dayhour' or 'datepickerhour', 'ckeditor:dolibarr_zzz:width:height:savemethod:toolbarstartexpanded:rows:cols', 'select:xxx'...)
+	 * @param	string	$typeofdata		Type of data ('string' by default, 'email', 'amount:99', 'numeric:99', 'text' or 'textarea:rows:cols%', 'datepicker' ('day' do not work, don't know why), 'dayhour' or 'datepickerhour', 'ckeditor:dolibarr_zzz:width:height:savemethod:toolbarstartexpanded:rows:cols', 'select:xxx'...)
 	 * @param	string	$editvalue		When in edit mode, use this value as $value instead of value (for example, you can provide here a formated price instead of value). Use '' to use same than $value
 	 * @param	object	$extObject		External object
 	 * @param	mixed	$custommsg		String or Array of custom messages : eg array('success' => 'MyMessage', 'error' => 'MyMessage')
@@ -523,8 +523,13 @@ class Form
 			}
 		}

-		// If info or help with smartphone, show only text (tooltip can't works)
-		if (! empty($conf->dol_no_mouse_hover))
+		// If info or help with smartphone, show only text (tooltip hover can't works)
+		if (! empty($conf->dol_no_mouse_hover) && empty($tooltiptrigger))
+		{
+			if ($type == 'info' || $type == 'help') return $text;
+		}
+		// If info or help with smartphone, show only text (tooltip on lick does not works with dialog on smaprtphone)
+		if (! empty($conf->dol_no_mouse_hover) && ! empty($tooltiptrigger))
 		{
 			if ($type == 'info' || $type == 'help') return $text;
 		}
--- a/htdocs/core/db/DoliDB.class.php
+++ b/htdocs/core/db/DoliDB.class.php
@@ -85,10 +85,11 @@ abstract class DoliDB implements Database
 	 *   Function to use to build INSERT, UPDATE or WHERE predica
 	 *
 	 *   @param	    int		$param      	Date TMS to convert
-	 *   @return	string      			Date in a string YYYYMMDDHHMMSS
+	 *   @return	string      			Date in a string YYYY-MM-DD HH:MM:SS
 	 */
 	function idate($param)
 	{
+		// TODO GMT $param should be gmt, so we should add tzouptut to 'gmt'
 		return dol_print_date($param,"%Y-%m-%d %H:%M:%S");
 	}

@@ -279,6 +280,7 @@ abstract class DoliDB implements Database
 	 */
 	function jdate($string, $gm=false)
 	{
+		// TODO GMT must set param gm to true by default
 		if ($string==0 || $string=="0000-00-00 00:00:00") return '';
 		$string=preg_replace('/([^0-9])/i','',$string);
 		$tmp=$string.'000000';
--- a/htdocs/core/db/mssql.class.php
+++ b/htdocs/core/db/mssql.class.php
@@ -563,7 +563,7 @@ class DoliDBMssql extends DoliDB
 	 *   Function to use to build INSERT, UPDATE or WHERE predica
 	 *
 	 *   @param	    string	$param      Date TMS to convert
-	 *   @return	string      		Date in a string YYYYMMDDHHMMSS
+	 *   @return	string      		Date in a string YYYY-MM-DD HH:MM:SS
 	 */
 	function idate($param)
 	{
--- a/htdocs/core/db/pgsql.class.php
+++ b/htdocs/core/db/pgsql.class.php
@@ -658,7 +658,7 @@ class DoliDBPgsql extends DoliDB
 	 *   Function to use to build INSERT, UPDATE or WHERE predica
 	 *
 	 *   @param	    string	$param      Date TMS to convert
-	 *   @return	string   			Date in a string YYYYMMDDHHMMSS
+	 *   @return	string   			Date in a string YYYY-MM-DD HH:MM:SS
 	 */
 	function idate($param)
 	{
--- a/htdocs/core/lib/files.lib.php
+++ b/htdocs/core/lib/files.lib.php
@@ -1273,10 +1273,12 @@ function dol_delete_dir_recursive($dir, $count=0, $nophperrors=0, $onlysub=0, &$


 /**
- *  Delete all preview files linked to object instance
+ *  Delete all preview files linked to object instance.
+ *  Note that preview image of PDF files is generated when required, by dol_banner_tab() for example.
 *
 *  @param	object	$object		Object to clean
 *  @return	int					0 if error, 1 if OK
+ *  @see dol_convert_file
 */
 function dol_delete_preview($object)
 {
@@ -1297,19 +1299,39 @@ function dol_delete_preview($object)

 	$refsan = dol_sanitizeFileName($object->ref);
 	$dir = $dir . "/" . $refsan ;
-	$file = $dir . "/" . $refsan . ".pdf.png";
-	$multiple = $file . ".";
+	$filepreviewnew = $dir . "/" . $refsan . ".pdf_preview.png";
+	$filepreviewnewbis = $dir . "/" . $refsan . ".pdf_preview-0.png";
+	$filepreviewold = $dir . "/" . $refsan . ".pdf.png";

-	if (file_exists($file) && is_writable($file))
+	// For new preview files
+	if (file_exists($filepreviewnew) && is_writable($filepreviewnew))
 	{
-		if (! dol_delete_file($file,1))
+		if (! dol_delete_file($filepreviewnew,1))
 		{
-			$object->error=$langs->trans("ErrorFailedToDeleteFile",$file);
+			$object->error=$langs->trans("ErrorFailedToDeleteFile",$filepreviewnew);
+			return 0;
+		}
+	}
+	if (file_exists($filepreviewnewbis) && is_writable($filepreviewnewbis))
+	{
+		if (! dol_delete_file($filepreviewnewbis,1))
+		{
+			$object->error=$langs->trans("ErrorFailedToDeleteFile",$filepreviewnewbis);
+			return 0;
+		}
+	}
+	// For old preview files
+	if (file_exists($filepreviewold) && is_writable($filepreviewold))
+	{
+		if (! dol_delete_file($filepreviewold,1))
+		{
+			$object->error=$langs->trans("ErrorFailedToDeleteFile",$filepreviewold);
 			return 0;
 		}
 	}
 	else
 	{
+		$multiple = $filepreviewold . ".";
 		for ($i = 0; $i < 20; $i++)
 		{
 			$preview = $multiple.$i;
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -1357,12 +1357,13 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r
 					$dir_output = $conf->$modulepart->dir_output . "/";
 					if (in_array($modulepart, array('invoice_supplier', 'supplier_invoice')))
 					{
-						$subdir = get_exdir($object->id, 2, 0, 0, $object, $modulepart).$objectref;
+						$subdir = get_exdir($object->id, 2, 0, 0, $object, $modulepart).$objectref;		// the objectref dir is not include into get_exdir when used with level=2, so we add it here
 					}
 					else
 					{
-						$subdir = get_exdir($object->id, 0, 0, 0, $object, $modulepart).$objectref;
+						$subdir = get_exdir($object->id, 0, 0, 0, $object, $modulepart);
 					}
+
 					$filepath = $dir_output . $subdir . "/";
 					$file = $filepath . $objectref . ".pdf";
 					$relativepath = $subdir.'/'.$objectref.'.pdf';
@@ -1938,11 +1939,13 @@ function dol_mktime($hour,$minute,$second,$month,$day,$year,$gm=false,$check=1)
 		if (empty($localtz)) {
 			$localtz = new DateTimeZone('UTC');
 		}
-
+		//var_dump($localtz);
+		//var_dump($year.'-'.$month.'-'.$day.'-'.$hour.'-'.$minute);
 		$dt = new DateTime(null,$localtz);
 		$dt->setDate($year,$month,$day);
 		$dt->setTime((int) $hour, (int) $minute, (int) $second);
 		$date=$dt->getTimestamp();	// should include daylight saving time
+		//var_dump($date);
 		return $date;
 	}
 	else
@@ -4684,14 +4687,16 @@ function get_default_tva(Societe $thirdparty_seller, Societe $thirdparty_buyer,
 {
 	global $conf;

+	require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';
+
 	// Note: possible values for tva_assuj are 0/1 or franchise/reel
 	$seller_use_vat=((is_numeric($thirdparty_seller->tva_assuj) && ! $thirdparty_seller->tva_assuj) || (! is_numeric($thirdparty_seller->tva_assuj) && $thirdparty_seller->tva_assuj=='franchise'))?0:1;

-	$seller_country_code=$thirdparty_seller->country_code;
-	$seller_in_cee=$thirdparty_seller->isInEEC();
+	$seller_country_code = $thirdparty_seller->country_code;
+	$seller_in_cee = isInEEC($thirdparty_seller);

-	$buyer_country_code=$thirdparty_buyer->country_code;
-	$buyer_in_cee=$thirdparty_buyer->isInEEC();
+	$buyer_country_code = $thirdparty_buyer->country_code;
+	$buyer_in_cee = isInEEC($thirdparty_buyer);

 	dol_syslog("get_default_tva: seller use vat=".$seller_use_vat.", seller country=".$seller_country_code.", seller in cee=".$seller_in_cee.", buyer country=".$buyer_country_code.", buyer in cee=".$buyer_in_cee.", idprod=".$idprod.", idprodfournprice=".$idprodfournprice.", SERVICE_ARE_ECOMMERCE_200238EC=".(! empty($conf->global->SERVICES_ARE_ECOMMERCE_200238EC)?$conf->global->SERVICES_ARE_ECOMMERCE_200238EC:''));

@@ -4869,10 +4874,11 @@ function yn($yesno, $case=1, $color=0)


 /**
- *	Return a path to have a directory according to object.
+ *	Return a path to have a the directory according to object where files are stored.
 *  New usage:       $conf->module->multidir_output[$object->entity].'/'.get_exdir(0, 0, 0, 1, $object, $modulepart)
 *         or:       $conf->module->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, $modulepart)     if multidir_output not defined.
- *  Old usage:       '015' with level 3->"0/1/5/", '015' with level 1->"5/", 'ABC-1' with level 3 ->"0/0/1/"
+ *  Example our with new usage:       $object is invoice -> 'INYYMM-ABCD'
+ *  Example our with old usage:       '015' with level 3->"0/1/5/", '015' with level 1->"5/", 'ABC-1' with level 3 ->"0/0/1/"
 *
 *	@param	string	$num            Id of object (deprecated, $object will be used in future)
 *	@param  int		$level		    Level of subdirs to return (1, 2 or 3 levels). (deprecated, global option will be used in future)
@@ -4904,14 +4910,15 @@ function get_exdir($num, $level, $alpha, $withoutslash, $object, $modulepart)
 	{
 		// TODO
 		// We will enhance here a common way of forging path for document storage
-		// Here, object->id, object->ref and object->modulepart are required.
+		// Here, object->id, object->ref and modulepart are required.
 		if (in_array($modulepart, array('thirdparty','contact','member','propal','proposal','commande','order','facture','invoice','shipment')))
 		{
-			$path=$object->ref?$object->ref:$object->id;
+			$path=($object->ref?$object->ref:$object->id);
 		}
 	}

 	if (empty($withoutslash) && ! empty($path)) $path.='/';
+
 	return $path;
 }

--- a/htdocs/core/tpl/objectline_create.tpl.php
+++ b/htdocs/core/tpl/objectline_create.tpl.php
@@ -211,11 +211,11 @@ else {
 			if (! empty($conf->global->ENTREPOT_EXTRA_STATUS))
 			{
 				// hide products in closed warehouse, but show products for internal transfer
-				$form->select_produits(GETPOST('idprod'), 'idprod', $filtertype, $conf->product->limit_size, $buyer->price_level, 1, 2, '', 1, array(),$buyer->id, '1', 0, '', 0, 'warehouseopen,warehouseinternal', GETPOST('combinations', 'array'));
+				$form->select_produits(GETPOST('idprod'), 'idprod', $filtertype, $conf->product->limit_size, $buyer->price_level, 1, 2, '', 1, array(), $buyer->id, '1', 0, 'maxwidth300', 0, 'warehouseopen,warehouseinternal', GETPOST('combinations', 'array'));
 			}
 			else
 			{
-				$form->select_produits(GETPOST('idprod'), 'idprod', $filtertype, $conf->product->limit_size, $buyer->price_level, 1, 2, '', 1, array(),$buyer->id, '1', 0, '', 0, '', GETPOST('combinations', 'array'));
+				$form->select_produits(GETPOST('idprod'), 'idprod', $filtertype, $conf->product->limit_size, $buyer->price_level, 1, 2, '', 1, array(), $buyer->id, '1', 0, 'maxwidth300', 0, '', GETPOST('combinations', 'array'));
 			}
 		}
 		else
--- a/htdocs/core/triggers/interface_50_modBlockedlog_ActionsBlockedLog.class.php
+++ b/htdocs/core/triggers/interface_50_modBlockedlog_ActionsBlockedLog.class.php
@@ -1,5 +1,6 @@
 <?php
-/* Copyright (C) 2017 ATM Consulting <contact@atm-consulting.fr>
+/* Copyright (C) 2017       ATM Consulting      <contact@atm-consulting.fr>
+ * Copyright (C) 2017-2018  Laurent Destailleur	<eldy@users.sourceforge.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
--- a/htdocs/expedition/list.php
+++ b/htdocs/expedition/list.php
@@ -99,8 +99,8 @@ $arrayfields=array(
 	'e.datec'=>array('label'=>$langs->trans("DateCreation"), 'checked'=>0, 'position'=>500),
 	'e.tms'=>array('label'=>$langs->trans("DateModificationShort"), 'checked'=>0, 'position'=>500),
 	'e.fk_statut'=>array('label'=>$langs->trans("Status"), 'checked'=>1, 'position'=>1000),
-	'l.ref'=>array('label'=>$langs->trans("DeliveryRef"), 'checked'=>1, 'enabled'=>$conf->livraison_bon->enabled),
-	'l.date_delivery'=>array('label'=>$langs->trans("DateReceived"), 'checked'=>1, 'enabled'=>$conf->livraison_bon->enabled),
+	'l.ref'=>array('label'=>$langs->trans("DeliveryRef"), 'checked'=>1, 'enabled'=>(empty($conf->livraison_bon->enabled)?0:1)),
+	'l.date_delivery'=>array('label'=>$langs->trans("DateReceived"), 'checked'=>1, 'enabled'=>(empty($conf->livraison_bon->enabled)?0:1)),
 	'e.billed'=>array('label'=>$langs->trans("Billed"), 'checked'=>1, 'position'=>1000, 'enabled'=>(!empty($conf->global->WORKFLOW_BILL_ON_SHIPMENT)))
 );

--- a/htdocs/install/mysql/migration/6.0.0-7.0.0.sql
+++ b/htdocs/install/mysql/migration/6.0.0-7.0.0.sql
@@ -429,6 +429,7 @@ ALTER TABLE llx_user ADD COLUMN default_c_exp_tax_cat integer;
 ALTER TABLE llx_extrafields ADD COLUMN fk_user_author integer;
 ALTER TABLE llx_extrafields ADD COLUMN fk_user_modif integer;
 ALTER TABLE llx_extrafields ADD COLUMN datec datetime;
+ALTER TABLE llx_extrafields ADD COLUMN enabled varchar(255) DEFAULT '1';
 ALTER TABLE llx_extrafields ADD COLUMN tms timestamp;

 -- We fix value of 'list' from 0 to 1 for all extrafields created before this migration
--- a/htdocs/install/mysql/tables/llx_extrafields.sql
+++ b/htdocs/install/mysql/tables/llx_extrafields.sql
@@ -31,6 +31,7 @@ create table llx_extrafields
 	fieldunique     integer DEFAULT 0,
 	fieldrequired   integer DEFAULT 0,
 	perms			varchar(255),								-- not used yet
+	enabled         varchar(255),
 	pos             integer DEFAULT 0,
 	alwayseditable  integer DEFAULT 0,							-- 1 if field can be edited whatever is element status
 	param			text,										-- extra parameters to define possible values of field
--- a/htdocs/langs/en_US/blockedlog.lang
+++ b/htdocs/langs/en_US/blockedlog.lang
@@ -45,3 +45,5 @@ ImpossibleToReloadObject=Object (type %s, id %s) removed (see 'Full data' link f
 BlockedLogAreRequiredByYourCountryLegislation=Unalterable Logs module may be required by the legislation of your country. Disabling this module may render any future transactions invalid with respect to the law and the use of legal software as they can not be validated by a tax audit.
 BlockedLogActivatedBecauseRequiredByYourCountryLegislation=Unalterable Logs module was activated because of the legislation of your country. Disabling this module may render any future transactions invalid with respect to the law and the use of legal software as they can not be validated by a tax audit.
 BlockedLogDisableNotAllowedForCountry=List of countries where usage of this module is mandatory (just to prevent to disable the module by error, if your country is in this list, disable of module is not possible without editing this list first)
+OnlyNonValid=Non valid
+TooManyRecordToScanRestrictFilters=Too many record to scan/analyze. Please restrict list with more restrictive filters.
--- a/htdocs/modulebuilder/template/core/modules/modMyModule.class.php
+++ b/htdocs/modulebuilder/template/core/modules/modMyModule.class.php
@@ -314,11 +314,11 @@ class modMyModule extends DolibarrModules
 		include_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php';
 		$extrafields = new ExtraFields($this->db);

-		//$result1=$extrafields->addExtraField('myattr1', "New Attr 1 label", 'boolean', 1,  3, 'thirdparty',   0, 0, '', '', 1, '', 0, 0, '', '', 'mymodule@mymodule');
-		//$result2=$extrafields->addExtraField('myattr2', "New Attr 2 label", 'varchar', 1, 10, 'project',      0, 0, '', '', 1, '', 0, 0, '', '', 'mymodule@mymodule');
-		//$result3=$extrafields->addExtraField('myattr3', "New Attr 3 label", 'varchar', 1, 10, 'bank_account', 0, 0, '', '', 1, '', 0, 0, '', '', 'mymodule@mymodule');
-		//$result4=$extrafields->addExtraField('myattr4', "New Attr 4 label", 'select',  1,  3, 'thirdparty',   0, 1, '', array('options'=>array('code1'=>'Val1','code2'=>'Val2','code3'=>'Val3')), 1);
-		//$result5=$extrafields->addExtraField('myattr5', "New Attr 5 label", 'text',    1, 10, 'user',         0, 0, '', '', 1, '', 0, 0, '', '', 'mymodule@mymodule');
+		//$result1=$extrafields->addExtraField('myattr1', "New Attr 1 label", 'boolean', 1,  3, 'thirdparty',   0, 0, '', '', 1, '', 0, 0, '', '', 'mymodule@mymodule', '$conf->mymodule->enabled');
+		//$result2=$extrafields->addExtraField('myattr2', "New Attr 2 label", 'varchar', 1, 10, 'project',      0, 0, '', '', 1, '', 0, 0, '', '', 'mymodule@mymodule', '$conf->mymodule->enabled');
+		//$result3=$extrafields->addExtraField('myattr3', "New Attr 3 label", 'varchar', 1, 10, 'bank_account', 0, 0, '', '', 1, '', 0, 0, '', '', 'mymodule@mymodule', '$conf->mymodule->enabled');
+		//$result4=$extrafields->addExtraField('myattr4', "New Attr 4 label", 'select',  1,  3, 'thirdparty',   0, 1, '', array('options'=>array('code1'=>'Val1','code2'=>'Val2','code3'=>'Val3')), 1 '', 0, 0, '', '', 'mymodule@mymodule', '$conf->mymodule->enabled');
+		//$result5=$extrafields->addExtraField('myattr5', "New Attr 5 label", 'text',    1, 10, 'user',         0, 0, '', '', 1, '', 0, 0, '', '', 'mymodule@mymodule', '$conf->mymodule->enabled');

 		$sql = array();

--- a/htdocs/projet/list.php
+++ b/htdocs/projet/list.php
@@ -119,7 +119,7 @@ if (empty($user->socid)) $fieldstosearchall["p.note_private"]="NotePrivate";
 $arrayfields=array(
 	'p.ref'=>array('label'=>$langs->trans("Ref"), 'checked'=>1),
 	'p.title'=>array('label'=>$langs->trans("Label"), 'checked'=>1),
-	's.nom'=>array('label'=>$langs->trans("ThirdParty"), 'checked'=>1, 'enabled'=>$conf->societe->enabled),
+	's.nom'=>array('label'=>$langs->trans("ThirdParty"), 'checked'=>1, 'enabled'=>(empty($conf->societe->enabled)?0:1)),
 	'commercial'=>array('label'=>$langs->trans("SaleRepresentativesOfThirdParty"), 'checked'=>0),
 	'p.dateo'=>array('label'=>$langs->trans("DateStart"), 'checked'=>1, 'position'=>100),
 	'p.datee'=>array('label'=>$langs->trans("DateEnd"), 'checked'=>1, 'position'=>101),
--- a/htdocs/projet/tasks/time.php
+++ b/htdocs/projet/tasks/time.php
@@ -619,7 +619,7 @@ if (($id > 0 || ! empty($ref)) || $projectidforalltimes > 0)
 	    $arrayfields['author']=array('label'=>$langs->trans("By"), 'checked'=>1);
 	    $arrayfields['t.note']=array('label'=>$langs->trans("Note"), 'checked'=>1);
 	    $arrayfields['t.task_duration']=array('label'=>$langs->trans("Duration"), 'checked'=>1);
-	    $arrayfields['value']=array('label'=>$langs->trans("Value"), 'checked'=>1, 'enabled'=>$conf->salaries->enabled);
+	    $arrayfields['value'] =array('label'=>$langs->trans("Value"), 'checked'=>1, 'enabled'=>(empty($conf->salaries->enabled)?0:1));
 	    // Extra fields
 	    if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label))
 	    {
--- a/htdocs/public/payment/newpayment.php
+++ b/htdocs/public/payment/newpayment.php
@@ -847,21 +847,28 @@ if ($source == 'invoice')

 	// Amount
 	print '<tr class="CTableRow'.($var?'1':'2').'"><td class="CTableRow'.($var?'1':'2').'">'.$langs->trans("Amount");
-	if (empty($amount)) print ' ('.$langs->trans("ToComplete").')';
+	if (empty($amount) && empty($object->paye)) print ' ('.$langs->trans("ToComplete").')';
 	print '</td><td class="CTableRow'.($var?'1':'2').'">';
-	if (empty($amount) || ! is_numeric($amount))
+	if (empty($object->paye))
 	{
-		print '<input type="hidden" name="amount" value="'.GETPOST("amount",'int').'">';
-		print '<input class="flat" size=8 type="text" name="newamount" value="'.GETPOST("newamount","int").'">';
+		if (empty($amount) || ! is_numeric($amount))
+		{
+			print '<input type="hidden" name="amount" value="'.GETPOST("amount",'int').'">';
+			print '<input class="flat" size=8 type="text" name="newamount" value="'.GETPOST("newamount","int").'">';
+		}
+		else {
+			print '<b>'.price($amount).'</b>';
+			print '<input type="hidden" name="amount" value="'.$amount.'">';
+			print '<input type="hidden" name="newamount" value="'.$amount.'">';
+		}
+		// Currency
+		print ' <b>'.$langs->trans("Currency".$currency).'</b>';
+		print '<input type="hidden" name="currency" value="'.$currency.'">';
 	}
-	else {
-		print '<b>'.price($amount).'</b>';
-		print '<input type="hidden" name="amount" value="'.$amount.'">';
-		print '<input type="hidden" name="newamount" value="'.$amount.'">';
+	else
+	{
+		print price($object->total_ttc, 1, $langs);
 	}
-	// Currency
-	print ' <b>'.$langs->trans("Currency".$currency).'</b>';
-	print '<input type="hidden" name="currency" value="'.$currency.'">';
 	print '</td></tr>'."\n";

 	// Tag
@@ -1290,31 +1297,38 @@ if ($action != 'dopayment')
 {
 	if ($found && ! $error)	// We are in a management option and no error
 	{
-		// Buttons for all payments registration methods
-
-		if (! empty($conf->paybox->enabled))
+		if ($source == 'invoice' && $object->paye)
 		{
-			// If STRIPE_PICTO_FOR_PAYMENT is 'cb' we show a picto of a crdit card instead of paybox
-			print '<br><input class="button buttonpayment buttonpayment'.(empty($conf->global->PAYBOX_PICTO_FOR_PAYMENT)?'paybox':$conf->global->PAYBOX_PICTO_FOR_PAYMENT).'" type="submit" name="dopayment_paybox" value="'.$langs->trans("PayBoxDoPayment").'">';
+			print '<br><br>'.$langs->trans("InvoicePaid");
 		}
-
-		if (! empty($conf->stripe->enabled))
+		else
 		{
-			// If STRIPE_PICTO_FOR_PAYMENT is 'cb' we show a picto of a crdit card instead of stripe
-			print '<br><input class="button buttonpayment buttonpayment'.(empty($conf->global->STRIPE_PICTO_FOR_PAYMENT)?'stripe':$conf->global->STRIPE_PICTO_FOR_PAYMENT).'" type="submit" name="dopayment_stripe" value="'.$langs->trans("StripeDoPayment").'">';
-		}
+			// Buttons for all payments registration methods

-		if (! empty($conf->paypal->enabled))
-		{
-			if (empty($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY)) $conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY='integral';
-
-			if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'integral')
+			if (! empty($conf->paybox->enabled))
 			{
-				print '<br><input class="button buttonpayment buttonpaymentpaypal" type="submit" name="dopayment_paypal" value="'.$langs->trans("PaypalOrCBDoPayment").'">';
+				// If STRIPE_PICTO_FOR_PAYMENT is 'cb' we show a picto of a crdit card instead of paybox
+				print '<br><input class="button buttonpayment buttonpayment'.(empty($conf->global->PAYBOX_PICTO_FOR_PAYMENT)?'paybox':$conf->global->PAYBOX_PICTO_FOR_PAYMENT).'" type="submit" name="dopayment_paybox" value="'.$langs->trans("PayBoxDoPayment").'">';
 			}
-			if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'paypalonly')
+
+			if (! empty($conf->stripe->enabled))
 			{
-				print '<br><input class="button buttonpayment buttonpaymentpaypal" type="submit" name="dopayment_paypal" value="'.$langs->trans("PaypalDoPayment").'">';
+				// If STRIPE_PICTO_FOR_PAYMENT is 'cb' we show a picto of a crdit card instead of stripe
+				print '<br><input class="button buttonpayment buttonpayment'.(empty($conf->global->STRIPE_PICTO_FOR_PAYMENT)?'stripe':$conf->global->STRIPE_PICTO_FOR_PAYMENT).'" type="submit" name="dopayment_stripe" value="'.$langs->trans("StripeDoPayment").'">';
+			}
+
+			if (! empty($conf->paypal->enabled))
+			{
+				if (empty($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY)) $conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY='integral';
+
+				if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'integral')
+				{
+					print '<br><input class="button buttonpayment buttonpaymentpaypal" type="submit" name="dopayment_paypal" value="'.$langs->trans("PaypalOrCBDoPayment").'">';
+				}
+				if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'paypalonly')
+				{
+					print '<br><input class="button buttonpayment buttonpaymentpaypal" type="submit" name="dopayment_paypal" value="'.$langs->trans("PaypalDoPayment").'">';
+				}
 			}
 		}
 	}