From 8aabe1efb7874efac9c7fa2c3374baf7d8205ea4 Mon Sep 17 00:00:00 2001
From: noec764 <58433943+noec764@users.noreply.github.com>
Date: Tue, 21 Oct 2025 02:16:49 +0200
Subject: [PATCH 01/15] Fix load all line unecessary (#35783)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* FIX: Unecessary load of all order lines

* FIX: Unecessary load of all order lines

* FIX: Tabs indent instead of space

---------

Co-authored-by: Noé <noe@scopen.fr>
---
 htdocs/commande/list_det.php | 58 ++++++++++++++++++++----------------
 1 file changed, 33 insertions(+), 25 deletions(-)

diff --git a/htdocs/commande/list_det.php b/htdocs/commande/list_det.php
index 00b43fbfe59..21ba3a490d2 100644
--- a/htdocs/commande/list_det.php
+++ b/htdocs/commande/list_det.php
@@ -384,37 +384,41 @@ $title = $langs->trans("Orders");
 $help_url = "EN:Module_Customers_Orders|FR:Module_Commandes_Clients|ES:Módulo_Pedidos_de_clientes";
 // llxHeader('',$title,$help_url);
 
-$sql = 'SELECT';
-if ($search_all || $search_product_category_array > 0 || $search_user > 0) {
-	$sql = 'SELECT DISTINCT';
+$sql = '';
+$sqlSelect = 'SELECT';
+
+if ($search_all || !empty($search_product_category_array) || $search_user > 0) {
+	$sqlSelect = 'SELECT DISTINCT';
 }
-$sql .= ' s.rowid as socid, s.nom as name, s.name_alias as alias, s.email, s.phone, s.fax, s.address, s.town, s.zip, s.fk_pays, s.client, s.code_client,';
-$sql .= " typent.code as typent_code,";
-$sql .= " state.code_departement as state_code, state.nom as state_name,";
-$sql .= " country.code as country_code,";
-$sql .= ' c.rowid as c_rowid, c.ref, c.ref_client, c.fk_user_author,';
-$sql .= ' c.fk_multicurrency, c.multicurrency_code, c.multicurrency_tx, c.multicurrency_total_ht, c.multicurrency_total_tva as multicurrency_total_vat, c.multicurrency_total_ttc,';
-$sql .= ' c.total_ht as c_total_ht, c.total_tva as c_total_tva, c.total_ttc as c_total_ttc, c.fk_warehouse as warehouse,';
-$sql .= ' c.date_valid, c.date_commande, c.note_public, c.note_private, c.date_livraison as delivery_date, c.fk_statut, c.facture as billed,';
-$sql .= ' c.date_creation as date_creation, c.tms as date_modification, c.date_cloture as date_cloture,';
-$sql .= ' p.rowid as project_id, p.ref as project_ref, p.title as project_label,';
-$sql .= ' u.login, u.lastname, u.firstname, u.email as user_email, u.statut as user_statut, u.entity, u.photo, u.office_phone, u.office_fax, u.user_mobile, u.job, u.gender,';
-$sql .= ' c.fk_cond_reglement,c.deposit_percent,c.fk_mode_reglement,c.fk_shipping_method,';
-$sql .= ' c.fk_input_reason, c.import_key,';
+$sqlSelect .= ' s.rowid as socid, s.nom as name, s.name_alias as alias, s.email, s.phone, s.fax, s.address, s.town, s.zip, s.fk_pays, s.client, s.code_client,';
+$sqlSelect .= " typent.code as typent_code,";
+$sqlSelect .= " state.code_departement as state_code, state.nom as state_name,";
+$sqlSelect .= " country.code as country_code,";
+$sqlSelect .= ' c.rowid as c_rowid, c.ref, c.ref_client, c.fk_user_author,';
+$sqlSelect .= ' c.fk_multicurrency, c.multicurrency_code, c.multicurrency_tx, c.multicurrency_total_ht, c.multicurrency_total_tva as multicurrency_total_vat, c.multicurrency_total_ttc,';
+$sqlSelect .= ' c.total_ht as c_total_ht, c.total_tva as c_total_tva, c.total_ttc as c_total_ttc, c.fk_warehouse as warehouse,';
+$sqlSelect .= ' c.date_valid, c.date_commande, c.note_public, c.note_private, c.date_livraison as delivery_date, c.fk_statut, c.facture as billed,';
+$sqlSelect .= ' c.date_creation as date_creation, c.tms as date_modification, c.date_cloture as date_cloture,';
+$sqlSelect .= ' p.rowid as project_id, p.ref as project_ref, p.title as project_label,';
+$sqlSelect .= ' u.login, u.lastname, u.firstname, u.email as user_email, u.statut as user_statut, u.entity, u.photo, u.office_phone, u.office_fax, u.user_mobile, u.job, u.gender,';
+$sqlSelect .= ' c.fk_cond_reglement,c.deposit_percent,c.fk_mode_reglement,c.fk_shipping_method,';
+$sqlSelect .= ' c.fk_input_reason, c.import_key,';
 // Lines or order
-$sql .= ' cdet.rowid, cdet.description, cdet.qty, cdet.product_type, cdet.fk_product, cdet.total_ht, cdet.total_tva, cdet.total_ttc,';
-$sql .= ' pr.rowid as product_rowid, pr.ref as product_ref, pr.label as product_label, pr.barcode as product_barcode, pr.tobatch as product_batch, pr.tosell as product_status, pr.tobuy as product_status_buy';
+$sqlSelect .= ' cdet.rowid, cdet.description, cdet.qty, cdet.product_type, cdet.fk_product, cdet.total_ht, cdet.total_tva, cdet.total_ttc,';
+$sqlSelect .= ' pr.rowid as product_rowid, pr.ref as product_ref, pr.label as product_label, pr.barcode as product_barcode, pr.tobatch as product_batch, pr.tosell as product_status, pr.tobuy as product_status_buy';
 // Add fields from extrafields
 if (!empty($extrafields->attributes[$object->table_element]['label'])) {
 	foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) {
-		$sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : '');
+		$sqlSelect .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : '');
 	}
 }
+
 // Add fields from hooks
 $parameters = array();
 $reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters); // Note that $action and $object may have been modified by hook
-$sql .= $hookmanager->resPrint;
-$sql .= ' FROM '.MAIN_DB_PREFIX.'societe as s';
+$sqlSelect .= $hookmanager->resPrint;
+
+$sql = ' FROM '.MAIN_DB_PREFIX.'societe as s';
 $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as country on (country.rowid = s.fk_pays)";
 $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_typent as typent on (typent.id = s.fk_typent)";
 $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as state on (state.rowid = s.fk_departement)";
@@ -672,8 +676,13 @@ $sql .= $db->order($sortfield, $sortorder);
 // Count total nb of records
 $nbtotalofrecords = '';
 if (!getDolGlobalInt('MAIN_DISABLE_FULL_SCANLIST')) {
-	$result = $db->query($sql);
-	$nbtotalofrecords = $db->num_rows($result);
+	$result = $db->query('SELECT COUNT(*) as numrows ' .  $sql);
+	$obj = $db->fetch_object($result);
+	if (empty($obj)) {
+		$nbtotalofrecords = 0;
+	} else {
+		$nbtotalofrecords = $obj->numrows;
+	}
 
 	if (($page * $limit) > $nbtotalofrecords) {	// if total resultset is smaller then paging size (filtering), goto and load page 0
 		$page = 0;
@@ -683,8 +692,7 @@ if (!getDolGlobalInt('MAIN_DISABLE_FULL_SCANLIST')) {
 
 $sql .= $db->plimit($limit + 1, $offset);
 //print $sql;
-
-$resql = $db->query($sql);
+$resql = $db->query($sqlSelect . $sql);
 if ($resql) {
 	if ($socid > 0) {
 		$soc = new Societe($db);

From 4d88608f1f07e5040c2777f71a17cee7fb677cb4 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis.houssin@inodbox.com>
Date: Wed, 22 Oct 2025 00:50:34 +0200
Subject: [PATCH 02/15] FIX check if zip file of website exists (#35879)

---
 htdocs/website/class/website.class.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/htdocs/website/class/website.class.php b/htdocs/website/class/website.class.php
index 9751b464045..3db29e26907 100644
--- a/htdocs/website/class/website.class.php
+++ b/htdocs/website/class/website.class.php
@@ -1282,6 +1282,11 @@ class Website extends CommonObject
 		$error = 0;
 
 		$pathtofile = dol_sanitizePathName($pathtofile);
+		if (!file_exists($pathtofile)) {
+			$this->error = 'The zip file "'.$pathtofile.'" is not found';
+			return -9;
+		}
+
 		$object = $this;
 		if (empty($object->ref)) {
 			$this->error = 'Function importWebSite called on object not loaded (object->ref is empty)';

From c80858e71285362dd7f0d0b73817d70a08653163 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?=
 <frederic34@users.noreply.github.com>
Date: Wed, 22 Oct 2025 00:51:20 +0200
Subject: [PATCH 03/15] fix CI branch v21 (#35876)

* fix CI

* add same fix than in develop
---
 .github/workflows/ci-on-pull_request.yml | 18 +++++++++---------
 htdocs/core/class/CMailFile.class.php    |  1 +
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/ci-on-pull_request.yml b/.github/workflows/ci-on-pull_request.yml
index 4e118d8bff9..201e91cb8c6 100644
--- a/.github/workflows/ci-on-pull_request.yml
+++ b/.github/workflows/ci-on-pull_request.yml
@@ -25,15 +25,15 @@ jobs:
   #  uses: ./.github/workflows/windows-ci.yml
   #  with:
   #    gh_event: ${{ github.event_name }}
-  gh-travis:  # Runs travis script on github runner (not on travis)
-    if: false
-    # needs: [pre-commit, phan]
-    # needs: [windows-ci]
-    secrets: inherit
-    needs: [pre-commit, phan, phpstan]
-    uses: ./.github/workflows/gh-travis.yml
-    with:
-      gh_event: ${{ github.event_name }}
+  #gh-travis:  # Runs travis script on github runner (not on travis)
+  #  if: false
+  #  # needs: [pre-commit, phan]
+  #  # needs: [windows-ci]
+  #  secrets: inherit
+  #  needs: [pre-commit, phan, phpstan]
+  #  uses: ./.github/workflows/gh-travis.yml
+  #  with:
+  #    gh_event: ${{ github.event_name }}
 
 # Note (not tested, from https://github.com/orgs/community/discussions/38361)
 # To cancel jobs if one fails, the following action may help
diff --git a/htdocs/core/class/CMailFile.class.php b/htdocs/core/class/CMailFile.class.php
index 89a3b921328..bc812485d2f 100644
--- a/htdocs/core/class/CMailFile.class.php
+++ b/htdocs/core/class/CMailFile.class.php
@@ -1863,6 +1863,7 @@ class CMailFile
 					}
 
 					// Skip files that have a CID (they will be added as inline images instead)
+					// @phpstan-ignore-next-line
 					if (!empty($cidlist) && is_array($cidlist) && isset($cidlist[$i]) && $cidlist[$i] !== null && $cidlist[$i] !== '') {
 						continue; // Skip this file as it will be processed as inline image
 					}

From 111dcd174fbff6c9566de6503446705070050d0f Mon Sep 17 00:00:00 2001
From: Florian Mortgat <50440633+atm-florianm@users.noreply.github.com>
Date: Wed, 22 Oct 2025 00:56:01 +0200
Subject: [PATCH 04/15] FIX: no emails sent when closing a ticket (#35874)

---
 .../core/triggers/interface_50_modTicket_TicketEmail.class.php | 2 +-
 htdocs/ticket/card.php                                         | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/htdocs/core/triggers/interface_50_modTicket_TicketEmail.class.php b/htdocs/core/triggers/interface_50_modTicket_TicketEmail.class.php
index 1e5e81f38f6..39cee230d3e 100644
--- a/htdocs/core/triggers/interface_50_modTicket_TicketEmail.class.php
+++ b/htdocs/core/triggers/interface_50_modTicket_TicketEmail.class.php
@@ -276,7 +276,7 @@ class InterfaceTicketEmail extends DolibarrTriggers
 						// Refuse email if not
 						$contactObj = new Contact($this->db);
 						$res = $contactObj->fetch($contactid);
-						if (! in_array($contactObj, $linked_contacts)) {
+						if (! in_array($contactObj->id, array_column($linked_contacts, 'id'))) {
 							$error_msg = $langs->trans('Error'). ': ';
 							$error_msg .= $langs->transnoentities('TicketWrongContact');
 							setEventMessages($error_msg, [], 'errors');
diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php
index 4a238b15cf7..4e6555eaff1 100644
--- a/htdocs/ticket/card.php
+++ b/htdocs/ticket/card.php
@@ -451,6 +451,9 @@ if (empty($reshook)) {
 
 	if (($action == "confirm_close" || $action == "confirm_abandon") && GETPOST('confirm', 'alpha') == 'yes' && $permissiontoadd) {
 		$object->fetch(GETPOSTINT('id'), '', GETPOST('track_id', 'alpha'));
+		if (GETPOSTISSET('contactid')) {
+			$object->context['contactid'] = GETPOSTINT('contactid');
+		}
 
 		if ($object->close($user, ($action == "confirm_abandon" ? 1 : 0))) {
 			setEventMessages($langs->trans('TicketMarkedAsClosed'), null, 'mesgs');

From c04359f99579cd17d3bc38834012deb764c99f6c Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis.houssin@inodbox.com>
Date: Wed, 22 Oct 2025 00:56:57 +0200
Subject: [PATCH 05/15] FIX missing entity filters + wrong widget name (#35873)

---
 htdocs/admin/boxes.php                                | 2 +-
 htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php | 3 ++-
 htdocs/core/boxes/box_graph_nb_tickets_type.php       | 6 ++++--
 htdocs/core/boxes/box_graph_ticket_by_severity.php    | 8 +++++---
 htdocs/core/modules/modTicket.class.php               | 2 +-
 5 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/htdocs/admin/boxes.php b/htdocs/admin/boxes.php
index 07f6779fd90..017a355d527 100644
--- a/htdocs/admin/boxes.php
+++ b/htdocs/admin/boxes.php
@@ -238,7 +238,7 @@ $sql .= " bd.rowid as boxid";
 $sql .= " FROM ".MAIN_DB_PREFIX."boxes as b, ".MAIN_DB_PREFIX."boxes_def as bd";
 $sql .= " WHERE b.box_id = bd.rowid";
 $sql .= " AND b.entity IN (0,".$conf->entity.")";
-$sql .= " AND b.fk_user=0";
+$sql .= " AND b.fk_user = 0";
 $sql .= " ORDER by b.position, b.box_order";
 //print $sql;
 
diff --git a/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php b/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php
index 55ba0451351..6fad3295598 100644
--- a/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php
+++ b/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php
@@ -109,7 +109,8 @@ class box_graph_nb_ticket_last_x_days extends ModeleBoxes
 		if ($user->hasRight('ticket', 'read')) {
 			$sql = "SELECT CAST(t.datec AS DATE) as datec, COUNT(t.datec) as nb";
 			$sql .= " FROM ".MAIN_DB_PREFIX."ticket as t";
-			$sql .= " WHERE CAST(t.datec AS DATE) > '".$this->db->idate($minimumdatec)."'";
+			$sql .= " WHERE t.entity IN (".getEntity('ticket').")";
+			$sql .= " AND CAST(t.datec AS DATE) > '".$this->db->idate($minimumdatec)."'";
 			$sql .= " GROUP BY CAST(t.datec AS DATE)";
 
 			$resql = $this->db->query($sql);
diff --git a/htdocs/core/boxes/box_graph_nb_tickets_type.php b/htdocs/core/boxes/box_graph_nb_tickets_type.php
index adbf831c989..09e2b543cdb 100644
--- a/htdocs/core/boxes/box_graph_nb_tickets_type.php
+++ b/htdocs/core/boxes/box_graph_nb_tickets_type.php
@@ -84,7 +84,8 @@ class box_graph_nb_tickets_type extends ModeleBoxes
 		if ($user->hasRight('ticket', 'read')) {
 			$sql = "SELECT ctt.rowid, ctt.label, ctt.code";
 			$sql .= " FROM " . MAIN_DB_PREFIX . "c_ticket_type as ctt";
-			$sql .= " WHERE ctt.active = 1";
+			$sql .= " WHERE ctt.entity IN (".getEntity('c_ticket_type').")";
+			$sql .= " AND ctt.active = 1";
 			$sql .= $this->db->order('ctt.rowid', 'ASC');
 			$resql = $this->db->query($sql);
 
@@ -116,7 +117,8 @@ class box_graph_nb_tickets_type extends ModeleBoxes
 			$data = array();
 			$sql = "SELECT t.type_code, COUNT(t.type_code) as nb";
 			$sql .= " FROM " . MAIN_DB_PREFIX . "ticket as t";
-			$sql .= " WHERE t.fk_statut <> 8";
+			$sql .= " WHERE t.entity IN (".getEntity('ticket').")";
+			$sql .= " AND t.fk_statut <> 8";
 			$sql .= " GROUP BY t.type_code";
 			$resql = $this->db->query($sql);
 			if ($resql) {
diff --git a/htdocs/core/boxes/box_graph_ticket_by_severity.php b/htdocs/core/boxes/box_graph_ticket_by_severity.php
index e45e114cc73..e168aaf3ed2 100644
--- a/htdocs/core/boxes/box_graph_ticket_by_severity.php
+++ b/htdocs/core/boxes/box_graph_ticket_by_severity.php
@@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT."/core/boxes/modules_boxes.php";
  */
 class box_graph_ticket_by_severity extends ModeleBoxes
 {
-	public $boxcode = "box_ticket_by_severity";
+	public $boxcode = "box_graph_ticket_by_severity";
 	public $boximg = "ticket";
 	/**
 	 * @var string
@@ -96,7 +96,8 @@ class box_graph_ticket_by_severity extends ModeleBoxes
 		if ($user->hasRight('ticket', 'read')) {
 			$sql = "SELECT cts.rowid, cts.label, cts.code";
 			$sql .= " FROM " . MAIN_DB_PREFIX . "c_ticket_severity as cts";
-			$sql .= " WHERE cts.active = 1";
+			$sql .= " WHERE cts.entity IN (".getEntity('c_ticket_severity').")";
+			$sql .= " AND cts.active = 1";
 			$sql .= $this->db->order('cts.rowid', 'ASC');
 			$resql = $this->db->query($sql);
 
@@ -133,7 +134,8 @@ class box_graph_ticket_by_severity extends ModeleBoxes
 			$data = array();
 			$sql = "SELECT t.severity_code, COUNT(t.severity_code) as nb";
 			$sql .= " FROM " . MAIN_DB_PREFIX . "ticket as t";
-			$sql .= " WHERE t.fk_statut <> 8";
+			$sql .= " WHERE t.entity IN (".getEntity('ticket').")";
+			$sql .= " AND t.fk_statut <> 8";
 			$sql .= " GROUP BY t.severity_code";
 			$resql = $this->db->query($sql);
 			if ($resql) {
diff --git a/htdocs/core/modules/modTicket.class.php b/htdocs/core/modules/modTicket.class.php
index 3560fbea5ef..6c8079649eb 100644
--- a/htdocs/core/modules/modTicket.class.php
+++ b/htdocs/core/modules/modTicket.class.php
@@ -211,7 +211,7 @@ class modTicket extends DolibarrModules
 		$this->boxes = array(
 			0 => array('file' => 'box_last_ticket.php', 'enabledbydefaulton' => 'Home'),
 			1 => array('file' => 'box_last_modified_ticket.php', 'enabledbydefaulton' => 'Home'),
-			2 => array('file' => 'box_ticket_by_severity.php', 'enabledbydefaulton' => 'ticketindex'),
+			2 => array('file' => 'box_graph_ticket_by_severity.php', 'enabledbydefaulton' => 'ticketindex'),
 			3 => array('file' => 'box_graph_nb_ticket_last_x_days.php', 'enabledbydefaulton' => 'ticketindex'),
 			4 => array('file' => 'box_graph_nb_tickets_type.php', 'enabledbydefaulton' => 'ticketindex'),
 			5 => array('file' => 'box_new_vs_close_ticket.php', 'enabledbydefaulton' => 'ticketindex')

From 7aa9633901979c742093b401107fd023f0d6e97b Mon Sep 17 00:00:00 2001
From: VIAL-GOUTEYRON Quentin <quentin.vial-gouteyron@atm-consulting.fr>
Date: Wed, 22 Oct 2025 00:58:55 +0200
Subject: [PATCH 06/15] FIX : Perf for bom select (#35871)

* ADD: Option to optimize BOM combo list performance with search-based loading

* FIX: Remove debug backtrace and exit statement in security.lib.php

* FIX: Use dynamic database prefix in BOM combo list query

* FIX: Correct spacing issue in 'elseif' condition in bom.php
---
 htdocs/admin/bom.php                  | 34 +++++++++++++++++++++++++++
 htdocs/admin/system/perf.php          | 23 +++++++++++++++++-
 htdocs/core/ajax/selectobject.php     |  3 ++-
 htdocs/core/class/html.form.class.php |  3 ++-
 htdocs/langs/en_US/mrp.lang           |  1 +
 htdocs/langs/fr_FR/mrp.lang           |  1 +
 6 files changed, 62 insertions(+), 3 deletions(-)

diff --git a/htdocs/admin/bom.php b/htdocs/admin/bom.php
index ae657998bba..0ae647ef7b6 100644
--- a/htdocs/admin/bom.php
+++ b/htdocs/admin/bom.php
@@ -171,6 +171,13 @@ if ($action == 'updateMask') {
 	} else {
 		setEventMessages($langs->trans("Error"), null, 'errors');
 	}
+} elseif ($action == 'updateoptions') {
+	if (GETPOST('BOM_USE_SEARCH_TO_SELECT')) {
+		$bomsearch = GETPOST('activate_BOM_USE_SEARCH_TO_SELECT', 'alpha');
+		if (dolibarr_set_const($db, "BOM_USE_SEARCH_TO_SELECT", $bomsearch, 'chaine', 0, '', $conf->entity)) {
+			$conf->global->BOM_USE_SEARCH_TO_SELECT = $bomsearch;
+		}
+	}
 }
 
 
@@ -463,6 +470,31 @@ print '<td class="center" width="60"></td>';
 print "<td>&nbsp;</td>\n";
 print "</tr>\n";
 
+
+print '<tr class="oddeven">';
+print '<form method="POST" action="'.$_SERVER['PHP_SELF'].'">';
+print '<input type="hidden" name="token" value="'.newToken().'">';
+print '<input type="hidden" name="action" value="updateoptions">';
+print '<td>'.$langs->trans("UseSearchToSelectBom").'</td>';
+if (!$conf->use_javascript_ajax) {
+	print '<td></td>';
+	print '<td class="nowrap right">';
+	print $langs->trans("NotAvailableWhenAjaxDisabled");
+	print "</td>";
+} else {
+	print '<td class="right">';
+	$arrval = array('0' => $langs->trans("No"),
+		'1' => $langs->trans("Yes").' ('.$langs->trans("NumberOfKeyToSearch", 1).')',
+		'2' => $langs->trans("Yes").' ('.$langs->trans("NumberOfKeyToSearch", 2).')',
+		'3' => $langs->trans("Yes").' ('.$langs->trans("NumberOfKeyToSearch", 3).')',
+	);
+	print $form->selectarray("activate_BOM_USE_SEARCH_TO_SELECT", $arrval, getDolGlobalString("BOM_USE_SEARCH_TO_SELECT")).'</td>';
+	print '<td class="right"><input type="submit" class="button small reposition" name="BOM_USE_SEARCH_TO_SELECT" value="'.$langs->trans("Modify").'">';
+	print "</td>";
+}
+print '</form>';
+print '</tr>';
+
 $substitutionarray = pdf_getSubstitutionArray($langs, null, null, 2);
 $substitutionarray['__(AnyTranslationKey)__'] = $langs->trans("Translation");
 $htmltext = '<i>'.$langs->trans("AvailableVariables").':<br>';
@@ -508,6 +540,8 @@ print '</div>';
 print '<br>';
 
 
+
+
 // End of page
 llxFooter();
 $db->close();
diff --git a/htdocs/admin/system/perf.php b/htdocs/admin/system/perf.php
index 61a91db6d66..27fc69bfc4c 100644
--- a/htdocs/admin/system/perf.php
+++ b/htdocs/admin/system/perf.php
@@ -37,7 +37,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
  */
 
 // Load translation files required by the page
-$langs->loadLangs(array("install", "other", "admin", "products"));
+$langs->loadLangs(array("install", "other", "admin", "products", "mrp"));
 
 if (!$user->admin) {
 	accessforbidden();
@@ -614,6 +614,27 @@ if ($resql) {
 	print '<br>';
 	$db->free($resql);
 }
+// Bom combo list
+$sql = "SELECT COUNT(*) as nb";
+$sql .= " FROM ".$db->prefix()."bom_bom as s";
+$resql = $db->query($sql);
+if ($resql) {
+	$limitforoptim = 5000;
+	$num = $db->num_rows($resql);
+	$obj = $db->fetch_object($resql);
+	$nb = $obj->nb;
+	if ($nb > $limitforoptim) {
+		if (!getDolGlobalString('BOM_USE_SEARCH_TO_SELECT')) {
+			print img_picto('', 'warning.png', 'class="pictofixedwidth"').' '.$langs->trans("YouHaveXObjectUseComboOptim", $nb, $langs->transnoentitiesnoconv("Bom"), 'BOM_USE_SEARCH_TO_SELECT');
+		} else {
+			print img_picto('', 'tick.png', 'class="pictofixedwidth"').' '.$langs->trans("YouHaveXObjectAndSearchOptimOn", $nb, $langs->transnoentitiesnoconv("Bom"), 'BOM_USE_SEARCH_TO_SELECT', getDolGlobalString('BOM_USE_SEARCH_TO_SELECT'));
+		}
+	} else {
+		print img_picto('', 'tick.png', 'class="pictofixedwidth"').' '.$langs->trans("NbOfObjectIsLowerThanNoPb", $nb, $langs->transnoentitiesnoconv("Bom"));
+	}
+	print '<br>';
+	$db->free($resql);
+}
 print '</div>';
 
 
diff --git a/htdocs/core/ajax/selectobject.php b/htdocs/core/ajax/selectobject.php
index 0176203b55a..f00e5785c2a 100644
--- a/htdocs/core/ajax/selectobject.php
+++ b/htdocs/core/ajax/selectobject.php
@@ -147,7 +147,8 @@ if ($usesublevelpermission && !isset($user->rights->$module->$element)) {	// The
 $searchkey = (($id && GETPOST((string) $id, 'alpha')) ? GETPOST((string) $id, 'alpha') : (($htmlname && GETPOST($htmlname, 'alpha')) ? GETPOST($htmlname, 'alpha') : ''));
 
 // Add a security test to avoid to get content of all tables
-if ($objecttmp !== null && !empty($objecttmp->module)) {
+$allowModules = ['bom'];
+if ($objecttmp !== null && !empty($objecttmp->module) && !in_array($objecttmp->module, $allowModules)) {
 	restrictedArea($user, $objecttmp->module, $id, $objecttmp->table_element, $objecttmp->element);
 } else {
 	restrictedArea($user, $objecttmp !== null ? $objecttmp->element : '', $id);
diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php
index e69a0eb0bdc..a01fd60f567 100644
--- a/htdocs/core/class/html.form.class.php
+++ b/htdocs/core/class/html.form.class.php
@@ -2989,7 +2989,7 @@ class Form
 		if (!$forcecombo) {
 			include_once DOL_DOCUMENT_ROOT . '/core/lib/ajax.lib.php';
 			$events = array();
-			$out .= ajax_combobox($htmlname, $events, getDolGlobalInt("PRODUIT_USE_SEARCH_TO_SELECT"));
+			$out .= ajax_combobox($htmlname, $events, getDolGlobalInt("BOM_USE_SEARCH_TO_SELECT"));
 		}
 
 		$out .= '<select class="flat' . ($morecss ? ' ' . $morecss : '') . '" name="' . $htmlname . '" id="' . $htmlname . '">';
@@ -9013,6 +9013,7 @@ class Form
 		if ($prefixforautocompletemode == 'product') {
 			$prefixforautocompletemode = 'produit';
 		}
+
 		$confkeyforautocompletemode = strtoupper($prefixforautocompletemode) . '_USE_SEARCH_TO_SELECT'; // For example COMPANY_USE_SEARCH_TO_SELECT
 
 		dol_syslog(get_class($this) . "::selectForForms filter=" . $filter, LOG_DEBUG);
diff --git a/htdocs/langs/en_US/mrp.lang b/htdocs/langs/en_US/mrp.lang
index b66dcb7ebe5..f68fd0a912f 100644
--- a/htdocs/langs/en_US/mrp.lang
+++ b/htdocs/langs/en_US/mrp.lang
@@ -169,3 +169,4 @@ ErrorModifyMoDateStart = You must choose a start date earlier than the current s
 ErrorModifyMoDateEnd = You must choose an end date later than the start date. %s
 ErrorCancelMo=Error updating cancellation
 ErrorModifyMoDate=Error updating date modification
+UseSearchToSelectBom=Wait until a key is pressed before loading content of Boms combo list.<br>This may improve performance if you have a large number of projects, but it is less convenient.
diff --git a/htdocs/langs/fr_FR/mrp.lang b/htdocs/langs/fr_FR/mrp.lang
index 5a0a4d0129a..79599a5504d 100644
--- a/htdocs/langs/fr_FR/mrp.lang
+++ b/htdocs/langs/fr_FR/mrp.lang
@@ -169,3 +169,4 @@ ErrorModifyMoDateStart = Vous devez choisir une date de début antérieure à la
 ErrorModifyMoDateEnd = Vous devez choisir une date de fin postérieure à la date de début. %s
 ErrorCancelMo=Erreur lors de la mise à jour de l'annulation
 ErrorModifyMoDate=Erreur lors de la mise à jour de la modification de la date
+UseSearchToSelectBom=Attendre que vous ayez appuyé sur une touche avant de charger le contenu de la liste déroulante des nomenclatures (Cela peut augmenter les performances si vous avez un grand nombre de nomenclatures, mais cela est moins convivial)
\ No newline at end of file

From d37cf4b38a91a27f8a367be8021107cfeecd9c0e Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis.houssin@inodbox.com>
Date: Wed, 22 Oct 2025 02:29:05 +0200
Subject: [PATCH 07/15] FIX wrong socpeople id when multiple assigned + avoid
 php warnings (#35878)

---
 htdocs/comm/action/list.php       |  2 +-
 htdocs/comm/action/peruser.php    | 16 ++++++++--------
 htdocs/core/lib/functions.lib.php |  6 +++---
 3 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/htdocs/comm/action/list.php b/htdocs/comm/action/list.php
index 8e41e1d4c69..227bae4e700 100644
--- a/htdocs/comm/action/list.php
+++ b/htdocs/comm/action/list.php
@@ -432,7 +432,7 @@ if ($usergroup > 0) {
 	$sql .= " DISTINCT";
 }
 $sql .= " s.nom as societe, s.rowid as socid, s.client, s.email as socemail,";
-$sql .= " a.id, a.code, a.label, a.note, a.datep as dp, a.datep2 as dp2, a.fulldayevent, a.location,";
+$sql .= " a.id, a.code, a.label, a.note, a.datep as dp, a.datep2 as dp2, a.fulldayevent, a.location, a.entity,";
 $sql .= " a.fk_user_author, a.fk_user_action,";
 $sql .= " a.fk_contact, a.note, a.percent as percent,";
 $sql .= " a.fk_element, a.elementtype, a.datec, a.tms as datem,";
diff --git a/htdocs/comm/action/peruser.php b/htdocs/comm/action/peruser.php
index 15547507ffe..3a606119be3 100644
--- a/htdocs/comm/action/peruser.php
+++ b/htdocs/comm/action/peruser.php
@@ -2255,10 +2255,10 @@ function show_day_events2($username, $day, $month, $year, $monthshown, $style, &
 				$style1 .= 'peruser_busy ';
 			}
 			foreach ($cases1[$h] as $id => $ev) {
-				if ($ev['busy']) {
+				if (!empty($ev['busy'])) {
 					$style1 = 'onclickopenref peruser_busy';
 				}
-				if ($ev['css']) {
+				if (!empty($ev['css'])) {
 					$style1 .= ' '.$ev['css'];
 				}
 			}
@@ -2275,10 +2275,10 @@ function show_day_events2($username, $day, $month, $year, $monthshown, $style, &
 				$style2 .= 'peruser_busy ';
 			}
 			foreach ($cases2[$h] as $id => $ev) {
-				if ($ev['busy']) {
+				if (!empty($ev['busy'])) {
 					$style2 = 'onclickopenref peruser_busy';
 				}
-				if ($ev['css']) {
+				if (!empty($ev['css'])) {
 					$style2 .= ' '.$ev['css'];
 				}
 			}
@@ -2295,10 +2295,10 @@ function show_day_events2($username, $day, $month, $year, $monthshown, $style, &
 				$style3 .= 'peruser_busy ';
 			}
 			foreach ($cases3[$h] as $id => $ev) {
-				if ($ev['busy']) {
+				if (!empty($ev['busy'])) {
 					$style3 = 'onclickopenref peruser_busy';
 				}
-				if ($ev['css']) {
+				if (!empty($ev['css'])) {
 					$style3 .= ' '.$ev['css'];
 				}
 			}
@@ -2315,10 +2315,10 @@ function show_day_events2($username, $day, $month, $year, $monthshown, $style, &
 				$style4 .= 'peruser_busy ';
 			}
 			foreach ($cases4[$h] as $id => $ev) {
-				if ($ev['busy']) {
+				if (!empty($ev['busy'])) {
 					$style4 = 'onclickopenref peruser_busy';
 				}
-				if ($ev['css']) {
+				if (!empty($ev['css'])) {
 					$style4 .= ' '.$ev['css'];
 				}
 			}
diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index 7d6bd6598e5..eaf87871a67 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -15079,12 +15079,12 @@ function show_actions_messaging($conf, $langs, $db, $filterobj, $objcon = null,
 			if (isset($histo[$key]['socpeopleassigned']) && is_array($histo[$key]['socpeopleassigned']) && count($histo[$key]['socpeopleassigned']) > 0) {
 				$contactList = '';
 				foreach ($histo[$key]['socpeopleassigned'] as $cid => $Tab) {
-					if (empty($conf->cache['contact'][$histo[$key]['contact_id']])) {
+					if (empty($conf->cache['contact'][$cid])) {
 						$contact = new Contact($db);
 						$contact->fetch($cid);
-						$conf->cache['contact'][$histo[$key]['contact_id']] = $contact;
+						$conf->cache['contact'][$cid] = $contact;
 					} else {
-						$contact = $conf->cache['contact'][$histo[$key]['contact_id']];
+						$contact = $conf->cache['contact'][$cid];
 					}
 
 					if ($contact) {

From 4c5e17f7e6dfda4f989d3a0e17d4b4c1f282ccd5 Mon Sep 17 00:00:00 2001
From: Benjamin Chanudet <bchanudet@users.noreply.github.com>
Date: Wed, 22 Oct 2025 02:30:58 +0200
Subject: [PATCH 08/15] allow deactivation of document models on Donation
 module (#35882)

---
 htdocs/don/admin/donation.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/don/admin/donation.php b/htdocs/don/admin/donation.php
index ef2af45fedb..b88ac4b6b5d 100644
--- a/htdocs/don/admin/donation.php
+++ b/htdocs/don/admin/donation.php
@@ -268,7 +268,7 @@ if (is_resource($handle)) {
 						print '</td>';
 					} else {
 						print "<td class=\"center\">\n";
-						print '<a href="'.$_SERVER["PHP_SELF"].'?action=setdoc&token='.newToken().'&value='.urlencode($name).'&scan_dir='.urlencode($module->scandir).'&label='.urlencode($module->name).'">'.img_picto($langs->trans("Enabled"), 'switch_on').'</a>';
+						print '<a href="'.$_SERVER["PHP_SELF"].'?action=del&token='.newToken().'&value='.urlencode($name).'&scan_dir='.urlencode($module->scandir).'&label='.urlencode($module->name).'">'.img_picto($langs->trans("Enabled"), 'switch_on').'</a>';
 						print '</td>';
 					}
 				} else {

From ae711c02f3e822d35944879a6a5f60c09a8610a7 Mon Sep 17 00:00:00 2001
From: Florian Mortgat <50440633+atm-florianm@users.noreply.github.com>
Date: Wed, 22 Oct 2025 17:45:15 +0200
Subject: [PATCH 09/15] FIX: my previous fix was incompatible with Thomas' fix
 from PR#35590 (#35890)

---
 htdocs/ticket/card.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php
index 4e6555eaff1..a94cd7ab623 100644
--- a/htdocs/ticket/card.php
+++ b/htdocs/ticket/card.php
@@ -452,7 +452,7 @@ if (empty($reshook)) {
 	if (($action == "confirm_close" || $action == "confirm_abandon") && GETPOST('confirm', 'alpha') == 'yes' && $permissiontoadd) {
 		$object->fetch(GETPOSTINT('id'), '', GETPOST('track_id', 'alpha'));
 		if (GETPOSTISSET('contactid')) {
-			$object->context['contactid'] = GETPOSTINT('contactid');
+			$object->context['contact_id'] = GETPOSTINT('contactid');
 		}
 
 		if ($object->close($user, ($action == "confirm_abandon" ? 1 : 0))) {

From f54b5618fb1d236222f6c55c8f43a0808c36a8c1 Mon Sep 17 00:00:00 2001
From: Pierre Ardoin <32256817+mapiolca@users.noreply.github.com>
Date: Wed, 22 Oct 2025 22:25:36 +0200
Subject: [PATCH 10/15] Update invoice stats query to filter by entity (#35904)

---
 htdocs/core/boxes/box_graph_invoices_supplier_permonth.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php b/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php
index f3d556b0933..d96991c36fa 100644
--- a/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php
+++ b/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php
@@ -132,7 +132,7 @@ class box_graph_invoices_supplier_permonth extends ModeleBoxes
 			$HEIGHT = '192';
 
 			$stats = new FactureStats($this->db, $socid, $mode, 0);
-			$stats->where = "f.fk_statut > 0";
+			$stats->where = "f.entity IN (".getEntity('supplier_invoice').") AND f.fk_statut > 0";
 
 			// Build graphic number of object. $data = array(array('Lib',val1,val2,val3),...)
 			if ($shownb) {

From 80c1fe6ae022602acd143bb22ac77240675bb1b4 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis.houssin@inodbox.com>
Date: Thu, 23 Oct 2025 14:32:07 +0200
Subject: [PATCH 11/15] FIX broken feature ! (#35906)

* FIX broken feature !

* FIX Enhance SQL query with conditional entity filtering

Added conditional filtering for usergroup entity in SQL query based on MULTICOMPANY_TRANSVERSE_MODE setting.

* Update perms.php

---------

Co-authored-by: Laurent Destailleur <eldy@destailleur.fr>
---
 htdocs/user/perms.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php
index 7ac8be06174..7fbebc7f03a 100644
--- a/htdocs/user/perms.php
+++ b/htdocs/user/perms.php
@@ -236,11 +236,15 @@ $permsgroupbyentity = array();
 $sql = "SELECT DISTINCT gr.fk_id, gu.entity";	// fk_id are permission id and entity is entity of the group
 $sql .= " FROM ".MAIN_DB_PREFIX."usergroup_rights as gr,";
 $sql .= " ".MAIN_DB_PREFIX."usergroup_user as gu";	// all groups of a user
-$sql .= " WHERE gr.entity = ".((int) $entity);
+$sql .= " WHERE gr.entity = ".((int) $entity); // it's very important, don't change please !
 // The entity on the table gu=usergroup_user should be useless and should never be used because it is already into gr and r.
 // but when using MULTICOMPANY_TRANSVERSE_MODE, we may have inserted record that make rubbish result here due to the duplicate record of
 // other entities, so we are forced to add a filter on gu here
-$sql .= " AND gu.entity IN (0,".$conf->entity.")";
+if (getDolGlobalString("MULTICOMPANY_TRANSVERSE_MODE_FIX_WHEN_GU_CONTAINS_0")) {
+	$sql .= " AND gu.entity IN (0,". ((int) $entity).")";
+} else {
+	$sql .= " AND gu.entity = ".((int) $entity);
+}
 $sql .= " AND gr.fk_usergroup = gu.fk_usergroup";
 $sql .= " AND gu.fk_user = ".((int) $object->id);
 

From f3b8e64ec0f3c6aed3e2b80f0c283f77c4f4cc3a Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Fri, 24 Oct 2025 17:11:35 +0200
Subject: [PATCH 12/15] Fix translation of label in export

---
 .../modules/export/export_tsv.modules.php     | 22 ++++++++++++++-----
 .../core/modules/export/exportcsv.class.php   |  7 +++---
 htdocs/exports/class/export.class.php         | 12 +++++-----
 htdocs/exports/export.php                     |  2 ++
 4 files changed, 28 insertions(+), 15 deletions(-)

diff --git a/htdocs/core/modules/export/export_tsv.modules.php b/htdocs/core/modules/export/export_tsv.modules.php
index 3a40da916f3..7eb876abda3 100644
--- a/htdocs/core/modules/export/export_tsv.modules.php
+++ b/htdocs/core/modules/export/export_tsv.modules.php
@@ -77,7 +77,7 @@ class ExportTsv extends ModeleExports
 	 */
 	public function __construct($db)
 	{
-		global $conf, $langs;
+		global $langs;
 		$this->db = $db;
 
 		$this->id = 'tsv'; // Same value then xxx in file name export_xxx.modules.php
@@ -218,8 +218,6 @@ class ExportTsv extends ModeleExports
 	public function write_title($array_export_fields_label, $array_selected_sorted, $outputlangs, $array_types)
 	{
 		// phpcs:enable
-		$outputlangs->charset_output = getDolGlobalString('EXPORT_TSV_FORCE_CHARSET');
-
 		$selectlabel = array();
 		foreach ($array_selected_sorted as $code => $value) {
 			if (strpos($code, ' as ') == 0) {
@@ -232,8 +230,12 @@ class ExportTsv extends ModeleExports
 				continue;
 			}
 
-			$newvalue = $outputlangs->transnoentities($array_export_fields_label[$code]); // newvalue is now $outputlangs->charset_output encoded
-			$newvalue = $this->tsv_clean($newvalue, $outputlangs->charset_output);
+			$newvalue = $array_export_fields_label[$code];
+			if ($newvalue) {
+				$newvalue = $outputlangs->transnoentitiesnoconv($newvalue);
+			}
+
+			$newvalue = $this->tsv_clean($newvalue, getDolGlobalString('EXPORT_TSV_FORCE_CHARSET'));
 
 			fwrite($this->handle, $newvalue.$this->separator);
 			$typefield = isset($array_types[$code]) ? $array_types[$code] : '';
@@ -347,9 +349,17 @@ class ExportTsv extends ModeleExports
 	 * @param	string	$charset	Input AND Output character set
 	 * @return 	string				Value cleaned
 	 */
-	public function tsv_clean($newvalue, $charset)
+	public function tsv_clean($newvalue, $charset = '')
 	{
 		// phpcs:enable
+		global $langs;
+
+		if (empty($charset)) {
+			$charset = getDolGlobalString('EXPORT_TSV_FORCE_CHARSET');
+		}
+
+		$newvalue = $langs->convToOutputCharset($newvalue, 'UTF-8', $charset); // newvalue is now encoded into $charset
+
 
 		// Rule Dolibarr: No HTML
 		$newvalue = dol_string_nohtmltag($newvalue, 1, $charset);
diff --git a/htdocs/core/modules/export/exportcsv.class.php b/htdocs/core/modules/export/exportcsv.class.php
index 4b9f8dcd361..db3516c1bd8 100644
--- a/htdocs/core/modules/export/exportcsv.class.php
+++ b/htdocs/core/modules/export/exportcsv.class.php
@@ -194,8 +194,6 @@ class ExportCsv extends ModeleExports
 	public function write_title($array_export_fields_label, $array_selected_sorted, $outputlangs, $array_types)
 	{
 		// phpcs:enable
-		$outputlangs->charset_output = getDolGlobalString('EXPORT_CSV_FORCE_CHARSET');
-
 		$selectlabel = array();
 		foreach ($array_selected_sorted as $code => $value) {
 			if (strpos($code, ' as ') == 0) {
@@ -209,10 +207,13 @@ class ExportCsv extends ModeleExports
 			}
 
 			$newvalue = $array_export_fields_label[$code];
+			if ($newvalue) {
+				$newvalue = $outputlangs->transnoentitiesnoconv($newvalue);
+			}
 
 			// Clean data and add encloser if required (depending on value of USE_STRICT_CSV_RULES)
 			include_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
-			$newvalue = csvClean($newvalue, $outputlangs->charset_output, $this->separator);
+			$newvalue = csvClean($newvalue, getDolGlobalString('EXPORT_CSV_FORCE_CHARSET'), $this->separator);
 
 			fwrite($this->handle, $newvalue.$this->separator);
 			$typefield = isset($array_types[$code]) ? $array_types[$code] : '';
diff --git a/htdocs/exports/class/export.class.php b/htdocs/exports/class/export.class.php
index f8da3efa128..06f8093ef82 100644
--- a/htdocs/exports/class/export.class.php
+++ b/htdocs/exports/class/export.class.php
@@ -80,7 +80,7 @@ class Export
 	/**
 	 * @var string[]
 	 */
-	public $array_export_label = array(); // Tableau de "libelle de lots"
+	public $array_export_label = array(); // Array of "Translation key" to use for each export profile
 	/**
 	 * @var string[]
 	 */
@@ -117,7 +117,7 @@ class Export
 	/**
 	 * @var array<array<array{rule:string,file:string,classfile:string,class:string,method:string,method_params:string[]}>>
 	 */
-	public $array_export_special = array(); // array of special operations to do on field
+	public $array_export_special = array(); // array of special operations to do on fields
 	/**
 	 * @var array<array<string,string>>
 	 */
@@ -269,13 +269,13 @@ class Export
 									$this->array_export_perms[$i] = $bool;
 									// Icon
 									$this->array_export_icon[$i] = (isset($module->export_icon[$r]) ? $module->export_icon[$r] : $module->picto);
-									// Code of the export dataset / Code du dataset export
+									// Code of the export dataset
 									$this->array_export_code[$i] = $module->export_code[$r];
 									// Define a key for sort
 									$this->array_export_code_for_sort[$i] = $module->module_position.'_'.$module->export_code[$r]; // Add a key into the module
-									// Export Dataset Label / Libelle du dataset export
+									// Export Dataset Label
 									$this->array_export_label[$i] = $module->getExportDatasetLabel($r);
-									// Table of fields to export / Tableau des champ a exporter (cle=champ, valeur=libelle)
+									// Table of fields to export
 									$this->array_export_fields[$i] = $module->export_fields_array[$r];
 									// Table of fields to be filtered (key=field, value1=data type) Verifies that the module has filters
 									$this->array_export_TypeFields[$i] = (isset($module->export_TypeFields_array[$r]) ? $module->export_TypeFields_array[$r] : '');
@@ -283,7 +283,7 @@ class Export
 									$this->array_export_entities[$i] = $module->export_entities_array[$r];
 									// Table of entities requiring to abandon DISTINCT (key=entity, valeur=field id child records)
 									$this->array_export_dependencies[$i] = (!empty($module->export_dependencies_array[$r]) ? $module->export_dependencies_array[$r] : '');
-									// Table of special field operations / Tableau des operations speciales sur champ
+									// Table of special field operations
 									$this->array_export_special[$i] = (!empty($module->export_special_array[$r]) ? $module->export_special_array[$r] : '');
 									// Array of examples
 									$this->array_export_examplevalues[$i] = (!empty($module->export_examplevalues_array[$r]) ? $module->export_examplevalues_array[$r] : null);
diff --git a/htdocs/exports/export.php b/htdocs/exports/export.php
index 6aecea6fdc5..d57ef24ec22 100644
--- a/htdocs/exports/export.php
+++ b/htdocs/exports/export.php
@@ -149,6 +149,7 @@ $entitytolang = array(
 	'inventory_line' => 'InventoryLine'
 );
 
+
 $array_selected = isset($_SESSION["export_selected_fields"]) ? $_SESSION["export_selected_fields"] : array();
 $array_filtervalue = isset($_SESSION["export_filtered_fields"]) ? $_SESSION["export_filtered_fields"] : array();
 $datatoexport = GETPOST("datatoexport", "aZ09");
@@ -163,6 +164,7 @@ $field = GETPOST("field", "alpha");
 $objexport = new Export($db);
 $objexport->load_arrays($user, $datatoexport);
 
+
 $objmodelexport = new ModeleExports($db);
 $form = new Form($db);
 $htmlother = new FormOther($db);

From 5259819fc57248cc35d7c3aa9333958c4846b74f Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis.houssin@inodbox.com>
Date: Fri, 24 Oct 2025 18:22:30 +0200
Subject: [PATCH 13/15] FIX access problem when label is used for next/prev
 (#35933)

---
 htdocs/categories/viewcat.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php
index af754a0e96c..173e64777db 100644
--- a/htdocs/categories/viewcat.php
+++ b/htdocs/categories/viewcat.php
@@ -90,9 +90,6 @@ if ($id == "" && $label == "") {
 // Initialize a technical object to manage hooks. Note that conf->hooks_modules contains array array
 $hookmanager->initHooks(array('categorycard', 'globalcard'));
 
-// Security check
-$result = restrictedArea($user, 'categorie', $id, '&category');
-
 $object = new Categorie($db);
 $result = $object->fetch($id, $label);
 if ($result <= 0) {
@@ -100,6 +97,9 @@ if ($result <= 0) {
 	exit;
 }
 
+// Security check
+$result = restrictedArea($user, 'categorie', $object->id, '&category');
+
 $type = $object->type;
 if (is_numeric($type)) {
 	$type = array_search($type, $object->MAP_ID);	// For backward compatibility

From 5b7d358c4e6a8a19d9cc451da57557af4af4a7db Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis.houssin@inodbox.com>
Date: Fri, 24 Oct 2025 18:46:20 +0200
Subject: [PATCH 14/15] FIX #35634 (#35912)

* FIX #35634

* FIX phan error
---
 htdocs/product/price.php | 46 ----------------------------------------
 1 file changed, 46 deletions(-)

diff --git a/htdocs/product/price.php b/htdocs/product/price.php
index 6427f28c854..f7b428194cb 100644
--- a/htdocs/product/price.php
+++ b/htdocs/product/price.php
@@ -519,52 +519,6 @@ if (empty($reshook)) {
 				// If price has changed, we update it
 				if (!array_key_exists($key, $object->multiprices) || $object->multiprices[$key] != $newprice || $object->multiprices_min[$key] != $newprice_min || $object->multiprices_base_type[$key] != $val['price_base_type'] || $object->multiprices_tva_tx[$key] != $newvattx) {
 					$res = $object->updatePrice((float) $newprice, $val['price_base_type'], $user, (float) $val['vat_tx'], (float) $newprice_min, $key, $val['npr'], $psq, 0, $val['localtaxes_array'], $val['default_vat_code'], $val['price_label']);
-					if ($res > 0) {
-						$extralabels = $extrafields->fetch_name_optionals_label("product");
-						if (!getDolGlobalString('PRODUIT_MULTIPRICES') && !getDolGlobalString('PRODUIT_CUSTOMER_PRICES_AND_MULTIPRICES') && !empty($extralabels)) {
-							// Default price
-							$extrafield_values = $extrafields->getOptionalsFromPost("product");
-							foreach ($extrafield_values as $efkey => $value) {
-								$object->array_options[$efkey] = $value;
-							}
-							$result = $object->insertExtraFields();
-							if ($result < 0) {
-								$error++;
-							}
-						} elseif ((getDolGlobalString('PRODUIT_MULTIPRICES') || getDolGlobalString('PRODUIT_CUSTOMER_PRICES_AND_MULTIPRICES')) && !empty($extralabels)) {
-							$price_extralabels = $extrafields->fetch_name_optionals_label("product_price");
-							$sql = "SELECT rowid";
-							$sql .= " FROM ".$object->db->prefix()."product_price";
-							$sql .= " WHERE entity IN (".getEntity('productprice').")";
-							$sql .= " AND price_level=".((int) $key); // $i
-							$sql .= " AND fk_product = ".((int) $object->id);
-							$sql .= " ORDER BY date_price DESC, rowid DESC";
-							$sql .= " LIMIT 1";
-							$resql = $object->db->query($sql);
-							if ($resql) {
-								$lineid = $object->db->fetch_object($resql);
-								$db->free($resql);
-							}
-							if (!empty($lineid->rowid)) {
-								if (!empty($price_extralabels) && is_array($price_extralabels)) {
-									foreach ($price_extralabels as $code => $label) {
-										$code_array = GETPOST($code, 'array');
-										$object->array_options['options_'.$code] = $code_array[$key];
-									}
-									// We need to force table to update product_price and not product extrafields
-									$object->id = $lineid->rowid;
-									$object->table_element = 'product_price';
-									$result = $object->insertExtraFields();
-								}
-								// Back to product table
-								$object->id = $id;
-								$object->table_element = 'product';
-								if ($result < 0) {
-									$error++;
-								}
-							}
-						}
-					}
 				} else {
 					$res = 0;
 				}

From e98fe358d3498e8188538833c75637fbdd67e0e8 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Fri, 24 Oct 2025 19:36:34 +0200
Subject: [PATCH 15/15] Fix responsive

---
 htdocs/product/composition/card.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/htdocs/product/composition/card.php b/htdocs/product/composition/card.php
index 2005090f333..83cd89f20f7 100644
--- a/htdocs/product/composition/card.php
+++ b/htdocs/product/composition/card.php
@@ -554,6 +554,7 @@ if ($id > 0 || !empty($ref)) {
 		print '<input type="hidden" name="action" value="save_composed_product" />';
 		print '<input type="hidden" name="id" value="'.$id.'" />';
 
+		print '<div class="div-table-responsive-no-min">';
 		print '<table id="tablelines" class="ui-sortable liste noborder nobottom">';
 
 		print '<tr class="liste_titre nodrag nodrop">';
@@ -793,6 +794,7 @@ if ($id > 0 || !empty($ref)) {
 		}
 
 		print '</table>';
+		print '</div>';
 
 		/*if($user->rights->produit->creer || $user->hasRight('service', 'creer')) {
 			print '<input type="submit" class="button button-save" value="'.$langs->trans("Save").'">';