Abandon package APS. Was never used.

Merge pull request #3933 from marcosgdf/bug-3980
FIX #3890 Expected transactions bank account page, shows negative numbers
2026-02-12 10:52:37 +01:00 · 2015-11-08 14:57:26 +01:00 · 2015-11-08 11:15:31 +01:00 · 2015-11-08 11:14:02 +01:00 · 2015-11-07 13:43:59 +01:00 · 2015-11-07 13:21:03 +01:00
188 changed files with 7891 additions and 7315 deletions
--- a/3
+++ b/3
@@ -52,6 +52,9 @@ http://www.fsf.org/licensing/licenses/index_html
 Copyright
 ---------

+Copyright (C) 2015
+- Marcos García <marcosgdf@gmail.com>
+
 Copyright (C) 2014
 - Laurent Destailleur <eldy@users.sourceforge.net>
 - Raphaël Doursenaud <rdoursenaud@gpcsolutions.fr>
--- a/100
+++ b/100
@@ -2,14 +2,63 @@
 English Dolibarr ChangeLog
 --------------------------------------------------------------

+***** ChangeLog for 3.6.5 compared to 3.6.4 *****
+- Fix: [ bug #1776 ] Undefined $deliverycompany variable in pdf_build_address
+- Fix: [ bug #1794 ] Error when cloning Proposal gives error in a malformed page
+
+***** ChangeLog for 3.6.4 compared to 3.6.3 *****
+- Fix: [ bug #2893 ] Dolibarr error when viewing an invoice after changing invoice mask
+
+***** ChangeLog for 3.6.3 compared to 3.6.2 *****
+- Fix: ref_ext was not saved when recording a customer order from web service
+- Fix: amarok is a bugged theme making dolidroid failed. We switch to eldy automatically with dolidroid.
+- Fix: [ bug #1788 ] Duplicated doActions hook in product/fournisseurs.php
+- Fix: withdrawal create error if in the same month are deleted previous withdrawals.
+- Fix: [ bug #1801 ] FAC_FORCE_DATE_VALIDATION constant alters supplier invoice date given to numeration modules
+- Fix: [ bug #1802 ] SQL error when updating a task with PostgreSQL database
+- Fix: [ bug #1785 ] Start date is lost in Project > Linked objects
+- Fix: [ bug #1804 ] SQL error when sending email without address
+- Fix: [ bug #1803 ] AJAX company contact input is not aligned
+- Fix: [ bug #1787 ] Incorrect behaviour of doActions hook
+- Fix: [ bug #1796 ] Unable to use numeration modules from an external module
+- Fix: [ bug #1783 ] SQL error when enabling 3rd party module with PostgreSQL and MySQL strict mode ON
+- Fix: [ bug #1717 ] Sorting unpaid invoices by amount received brings due amount
+- Fix: [ bug #1784 ] MOTD doesn't show up in Amarok theme
+- Fix: Tracking number not visible on shipment pdf
+- Fix: [ bug #1812 ] SQL Error message while sending emailing with PostgreSQL database
+- Fix: [ bug #1819 ] SQL error when searching for an invoice payment
+- Fix: [ bug #1827 ] Tax reports gives incorrect amounts when using external modules that create lines with special codes
+- Fix: [ bug #1822 ] SQL error in clientfourn.php report with PostgreSQL
+- Fix: [ bug #1832 ] SQL error when adding a product with no price defined to an object
+- Fix: [ bug #1833 ] user permissions in contact/note.php not working
+- Fix: [ bug #1826 ] Supplier payment types are not translated into fourn/facture/paiement.php
+- Fix: [ bug #1830 ] Salaries payment only allows checking accounts
+- Fix: [ bug #1825 ] External agenda: hide/show checkbox doesn't work
+- Fix: [ bug #1790 ] Email form behaves in an unexpected way when pressing Enter key
+- Fix: Bad SEPA xml file creation
+- Fix: [ bug #1892 ] PHP Fatal error when using USER_UPDATE_SESSION trigger and adding a supplier invoice payment
+- Fix: Showing system error if not enough stock of product into orders creation with lines
+- Fix: [ bug #2543 ] Untranslated "Contract" origin string when creating an invoice from a contract
+- Fix: [ bug #2534 ] SQL error when editing a supplier invoice line
+- Fix: [ bug #2535 ] Untranslated string in "Linked objects" page of a project
+- Fix: [ bug #2545 ] Missing object_margin.png in Amarok theme
+- Fix: [ bug #2542 ] Contracts store localtax preferences
+- Fix: Bad permission assignments for stock movements actions
+- Fix: [ bug #2891 ] Category hooks do not work
+- Fix: [ bug #2696 ] Adding complementary attribute fails if code is numerics
+- Fix: [ bug #3074 ] Accruals accounting use payment date instead of commitment date in turnover reports for salaries
+- Fix: Not showing product supplier reference when page break
+- Fix: [ bug #3341 ] Missing translation in /compta/paiement_charge.php
+- Fix: [ bug #3342 ] Taxes dictionary page does not accept localized decimals for localtax2 rate
+
 ***** ChangeLog for 3.6.2 compared to 3.6.1 *****
 - Fix: fix ErrorBadValueForParamNotAString error message in price customer multiprice.
 - Fix: bug 1588 : relative discount.
- Fix: label of input method not tranlated.
- Fix: box of customer and propsects were not correctly disabled.
+- Fix: label of input method not translated.
+- Fix: box of customer and prospects were not correctly disabled.
 - Fix: [ bug #1618 ] PHP Error thrown when saving a barcode
 - Fix: Civility & birthdate wasn't save into adherent module.
- Fix: webservice Thirdparty parameter lastname for invidual creation is now lastname and not ref
+- Fix: webservice Thirdparty parameter lastname for individual creation is now lastname and not ref
 - Fix: Chars - is no more allowed into value for code for extra fields.
 - Fix: [ bug #1622 ] Requesting holiday than spans across two years cause high CPU usage by Apache
 - Fix: [ bug #1595 ] Selected boolean extrafield in intervention creation page, does not save state
@@ -36,14 +85,14 @@ For users:
 - Fix: Iban was used instead of Bic into SEPA file.
 - Fix: Must unaccent strings into SEPA file.
 - Fix: Extrafield feature select from table should try to translate multiple column when not needed 
- Fix: cents for indian ruppes are calle paisa and paise.
+- Fix: cents for indian ruppes are called paisa and paise.
 - Fix: Invoices payments may be older than invoices.
 - Fix: Withdrawal total amount is double
 - Fix: [ bug #1593 ] Spanish Localtax IRPF not being calculated since 3.6.0 in supplier invoices when adding a line
 - Fix: Web service categorie WDSL declaration is correct
 - Fix: ErrorBadValueForParamNotAString was displayed in virtual product if no base price defined
 - Fix: Category creation failed and no message output
- Fix: Lanf for Payment Type
+- Fix: Lang for Payment Type
 - Fix: PHPCheckstyle 1.5.5

 ***** ChangeLog for 3.6 compared to 3.5.* *****
@@ -65,12 +114,12 @@ For users:
 - New: Improved Opensurvey module:
       Added options to disable comments and disable public votes.
       Limit dates use calendar popup.
-       Description of survey use wysiwig editor.
+       Description of survey use wysiwyg editor.
       More information shown on result tab.
       Renamed "survey" into "poll" (better translation).
 - New: Add filter on text and status into survey list. Can also sort on id, text and date end.
 - New: The box "balance of bank accounts" show all opened accounts.
- New: Add option MAIN_ADD_SALE_REP_SIGNATURE_IN_NOTE to add sale represnative into public
+- New: Add option MAIN_ADD_SALE_REP_SIGNATURE_IN_NOTE to add sale representative into public
       note of generated documents.
 - New: Add warning if supplier payment is higher that due amount.
 - New: Increase length of url into bookmark module.
@@ -83,7 +132,7 @@ For users:
 - New: Add barcode fields into user database.
 - New: Add manager name (ceo, director, president...) into main company information page.
 - New: Add field url as product properties.
- New: More options to create a credit note (can be filled autatically according to remain to pay).
+- New: More options to create a credit note (can be filled automatically according to remain to pay).
 - New: Can define custom fields for categories.
 - New: Prepare generation of SEPA files into module withdrawal.
 - New: [ task #1164 ] Add "Ref. supplier" search box in supplier orders
@@ -100,7 +149,7 @@ For users:
 - New: [ task #926 ] Add extrafield feature on order lines.
 - New: [ task #927 ] Add extrafield feature on Proposal lines.
 - New: [ task #928 ] Add extrafield feature on invoice lines.
- New: Paypal/paybox email sent after backcall of a payment is now a formated and translated
+- New: Paypal/paybox email sent after backcall of a payment is now a formatted and translated
       HTML content. For member subscription renewal, there is also a link to member.
 - New: When a subscription is recorded with invoice and payment:
       - the document (PDF) of invoice is also generated.
@@ -151,14 +200,37 @@ removed. You must now use the 6 parameters way. See file modMyModule.class.php f
  So check that return value is 0 to keep default standard behaviour after hook or 1 to disable
  default standard behaviour.
 - Properties "civilite_id" were renamed into "civility_id".
- Remove add_photo_web() that is ot used anymore by core code.
+- Remove add_photo_web() that is not used anymore by core code.


 ***** ChangeLog for 3.5.7 compared to 3.5.6 *****
-Fix: Paypal link were broken dur to SSL v3 closed.
+Fix: Paypal link were broken due to SSL v3 closed.
 Fix: [ bug #1769 ] Error when installing to a PostgreSQL DB that contains numbers
 Fix: [ bug #1752 ] Date filter of margins module, filters since 12H instead of 00H
 Fix: [ bug #1757 ] Sorting breaks product/service statistics
+Fix: [ bug #1797 ] Tulip supplier invoice module takes creation date instead of invoice date
+Fix: [ bug #1792 ] Users are not allowed to see margins module index page when no product view permission is enabled
+Fix: [ bug #1846 ] Browser IE11 not detected
+Fix: [ bug #1906 ] Deplacement does not allow translated decimal format
+Fix: [ bug #1905 ] Custom deplacement types do not get translated in deplacement card
+Fix: [ bug #2583 ] Unable to create a bank transfer with localized numbers
+Fix: [ bug #2577 ] Incorrect invoice status in "Linked objects" page of a project
+Fix: [ bug #2576 ] Unable to edit a dictionary entry that has # in its ref
+Fix: [ bug #2758 ] Product::update sets product note to "null" when $prod->note is null
+Fix: [ bug #2757 ] Deleting product category photo gives "Forbidden access" error
+Fix: [ bug #2976 ] "Report" tab is the current tab but it is not marked as selected by the UI
+Fix: [ bug #2861 ] Undefined variable $res when migrating
+Fix: [ bug #2837 ] Product list table column header does not match column body
+Fix: [ bug #2835 ] Customer prices of a product shows incorrect history order
+Fix: [ bug #2814 ] JPEG photos are not displayed in Product photos page
+Fix: [ bug #2715 ] Statistics page has broken layout with long thirdparty names
+Fix: [ bug #2570 ] [Contacts] Page should not process if ID is invalid
+Fix: [ bug #3268 ] SQL error when accessing thirdparty log page without a socid parameter
+Fix: [ bug #3180 ] formObjectOptions hook when editing thirdparty card does not print result
+Fix: [ bug #1791 ] Margin menu not available if any Finance module is not enabled
+Fix: [ bug #3310 ] OrderLine::fetch, FactureLigne::fetch and PropaleLigne::fetch do not return anything
+Fix: [ bug #3206 ] PropaleLigne, OrderLine and FactureLigne given to triggers through update function does not contain all the information
+Fix: [ bug #3313 ] Error enabling module with PostgreSQL database

 ***** ChangeLog for 3.5.6 compared to 3.5.5 *****
 Fix: Avoid missing class error for fetch_thirdparty method #1973
@@ -172,7 +244,7 @@ Fix: Bad days and month reported by function.
 Fix: Bad margin calculation.

 ***** ChangeLog for 3.5.5 compared to 3.5.4 *****
-Fix: Holiday module was broken. Initializaion of amount of holidays failed.
+Fix: Holiday module was broken. Initialization of amount of holidays failed.
 Fix: [ bug #1523 ] suite bug #1334 : filtre et ordre de tri conjoints ne s'appliquent pas.
 Fix: Fusion PDF button on unpaid invoice is no more displayed.
 Fix: Unpaid invoice launch fusion PDF action even if it is only search (with enter keyboard input instead of lens click).
@@ -207,7 +279,7 @@ Fix: When using option MAIN_MAIL_ALLOW_SENDMAIL_F, a mail was sent to sender.
 Fix: Question about warehouse must not be done when module stock is disabled.
 Fix: Option STOCK_SUPPORTS_SERVICES was not correctly implemented
     (missing test at some places).
-Fix: Renaming a project with uplaoded files failed.
+Fix: Renaming a project with uploaded files failed.
 Fix: [ bug #1476 ] Invoice creation form loses invoice date when there is a validation error.
 Fix: [ bug #1431 ] Reception and Send supplier order box has a weird top margin.
 Fix: [ bug #1428 ] "Nothing" is shown in the middle of the screen in a supplier order.
@@ -228,7 +300,7 @@ Fix: [ bug #1449 ] Trigger ORDER_CREATE, LINEORDER_DELETE, LINEORDER_UPDATE and
 Fix: [ bug #1450 ] Several Customer order's triggers do not report the error from the trigger handler.
 Fix: [ bug #1451 ] Interrupted order clone through trigger, loads nonexistent order.
 Fix: [ bug #1454 ] Mention de bas de page erroné
-Fix: Do not display dictionnay for non activated module 
+Fix: Do not display dictionary for non activated module 
 Fix: Link element from element project pages
 Fix: [ bug #1509 ] Expedition admin free text & watermark submit error
 Fix: [ bug #1349 ] AJAX contact selector does not work fine in Project card
--- a/build/debian/changelog
+++ b/build/debian/changelog
@@ -1,20 +1,6 @@
-dolibarr (3.6.2-3) unstable; urgency=low
+dolibarr (3.6.4-3) UNRELEASED; urgency=low

  [ Laurent Destailleur (eldy) ]
  * New upstream release.
    
- -- Laurent Destailleur (eldy) <eldy@users.sourceforge.net>  Sat, 27 dec 2014 12:00:00 +0100      
-
-dolibarr (3.6.1-3) unstable; urgency=low
-
-  [ Laurent Destailleur (eldy) ]
-  * New upstream release.
-    
- -- Laurent Destailleur (eldy) <eldy@users.sourceforge.net>  Tue, 23 Sep 2014 12:00:00 +0100      
-
-dolibarr (3.6.0-3) unstable; urgency=low
-
-  [ Laurent Destailleur (eldy) ]
-  * New upstream release.
-    
- -- Laurent Destailleur (eldy) <eldy@users.sourceforge.net>  Tue, 15 July 2014 12:00:00 +0100      
+ -- Laurent Destailleur (eldy) <eldy@users.sourceforge.net>  Tue, 12 May 2015 12:00:00 +0100     
--- a/build/exe/doliwamp/doliwamp.iss
+++ b/build/exe/doliwamp/doliwamp.iss
@@ -32,7 +32,7 @@ AppPublisherURL=http://www.nltechno.com
 AppSupportURL=http://www.dolibarr.org
 AppUpdatesURL=http://www.dolibarr.org
 AppComments=DoliWamp includes Dolibarr, Apache, PHP and Mysql softwares.
-AppCopyright=Copyright (C) 2008-2014 Laurent Destailleur, NLTechno
+AppCopyright=Copyright (C) 2008-2015 Laurent Destailleur, NLTechno
 DefaultDirName=c:\dolibarr
 DefaultGroupName=Dolibarr
 ;LicenseFile=COPYING
@@ -108,7 +108,7 @@ Source: "C:\Program Files\Wamp\bin\mysql\mysql5.0.45\*.*"; DestDir: "{app}\bin\m
 ; Mysql data files (does not overwrite if exists)
 Source: "build\exe\doliwamp\mysql\*.*"; DestDir: "{app}\bin\mysql\data\mysql"; Flags: onlyifdoesntexist ignoreversion recursesubdirs; Excludes: ".gitignore,.project,CVS\*,Thumbs.db"
 ; Dolibarr
-Source: "htdocs\*.*"; DestDir: "{app}\www\dolibarr\htdocs"; Flags: ignoreversion recursesubdirs; Excludes: ".gitignore,.project,CVS\*,Thumbs.db,custom\*,custom2\*,documents\*,nltechno*\*,includes\ckeditor\_source\*,includes\savant\*,includes\phpmailer\*,jquery\plugins\template\*,PHPExcel\Shared\PDF\*,PHPExcel\Shared\PCLZip\*,tcpdf\fonts\dejavu-fonts-ttf-2.33\*,tcpdf\fonts\freefont-20100919\*,tcpdf\fonts\utils\*,*\conf.php,*\conf.php.mysql,*\conf.php.old,*\conf.php.postgres,*\conf.php.sav,*\install.forced.php"
+Source: "htdocs\*.*"; DestDir: "{app}\www\dolibarr\htdocs"; Flags: ignoreversion recursesubdirs; Excludes: ".gitignore,.project,CVS\*,Thumbs.db,custom\*,custom2\*,documents\*,includes\ckeditor\_source\*,includes\savant\*,includes\phpmailer\*,jquery\plugins\template\*,nltechno*\*,PHPExcel\Shared\PDF\*,PHPExcel\Shared\PCLZip\*,tcpdf\fonts\dejavu-fonts-ttf-2.33\*,tcpdf\fonts\freefont-20100919\*,tcpdf\fonts\utils\*,*\conf.php,*\conf.php.mysql,*\conf.php.old,*\conf.php.postgres,*\conf.php.sav,*\install.forced.php"
 Source: "dev\*.*"; DestDir: "{app}\www\dolibarr\dev"; Flags: ignoreversion recursesubdirs; Excludes: ".gitignore,.project,CVS\*,Thumbs.db,dbmodel\*,fpdf\*,initdata\*,iso-normes\*,licence\*,phpcheckstyle\*,phpunit\*,samples\*,test\*,uml\*,vagrant\*,xdebug\*"
 Source: "doc\*.*"; DestDir: "{app}\www\dolibarr\doc"; Flags: ignoreversion recursesubdirs; Excludes: ".gitignore,.project,CVS\*,Thumbs.db,wiki\*,plaquette\*,dev\*,images\dolibarr_screenshot2.png,images\dolibarr_screenshot3.png,images\dolibarr_screenshot4.png,images\dolibarr_screenshot5.png,images\dolibarr_screenshot6.png,images\dolibarr_screenshot7.png,images\dolibarr_screenshot8.png,images\dolibarr_screenshot9.png,images\dolibarr_screenshot10.png,images\dolibarr_screenshot11.png,images\dolibarr_screenshot12.png"
 Source: "scripts\*.*"; DestDir: "{app}\www\dolibarr\scripts"; Flags: ignoreversion recursesubdirs; Excludes: ".gitignore,.project,CVS\*,Thumbs.db,product\materiel.net.php,product\import-product.php"
--- a/build/makepack-dolibarr.pl
+++ b/build/makepack-dolibarr.pl
--- a/build/makepack-howto.txt
+++ b/build/makepack-howto.txt
@@ -12,7 +12,6 @@ beta version of Dolibarr, step by step.
 - Update version number with x.y.z-w in htdocs/filefunc.inc.php
 - Update version number with x.y.z-w in build/debian/changelog
 - Update version number with x.y.z-w in build/exe/doliwamp/doliwamp.iss
- Update version number with x.y.z-w in build/rpm/*.spec
 - Commit all changes.
 - Add a Tag (x.y.betaz_YYYYMMDD) and push it: git push --tags
 - Create a branch (x.y).
@@ -34,7 +33,6 @@ complete release of Dolibarr, step by step.
 - Update version number with x.y.z in htdocs/filefunc.inc.php
 - Update version number with x.y.z in build/debian/changelog
 - Update version number with x.y.z in build/exe/doliwamp/doliwamp.iss
- Update version number with x.y.z in build/rpm/*.spec
 - Commit all changes.

 - Build Dolibarr and DoliWamp packages with makepack-dolibarr.pl
--- a/build/rpm/dolibarr_fedora.spec
+++ b/build/rpm/dolibarr_fedora.spec
@@ -333,11 +333,4 @@ fi

 # version x.y.z-0.1.a for alpha, x.y.z-0.2.b for beta, x.y.z-0.3 for release
 %changelog
-* Sat Dec 27 2014 Laurent Destailleur 3.6.2-0.3
- Upstream release
-
-* Wed Sep 24 2014 Laurent Destailleur 3.6.1-0.3
- Upstream release
-
-* Wed Jul 15 2014 Laurent Destailleur 3.6.0-0.3
- Upstream release
+__CHANGELOGSTRING__
--- a/build/rpm/dolibarr_generic.spec
+++ b/build/rpm/dolibarr_generic.spec
@@ -569,12 +569,4 @@ fi

 # version x.y.z-0.1.a for alpha, x.y.z-0.2.b for beta, x.y.z-0.3 for release
 %changelog
-* Sat Dec 27 2014 Laurent Destailleur 3.6.2-0.3
- Upstream release
-
-* Wed Sep 24 2014 Laurent Destailleur 3.6.1-0.3
- Upstream release
-
-* Wed Jul 15 2014 Laurent Destailleur 3.6.0-0.3
- Upstream release
-
+__CHANGELOGSTRING__
--- a/build/rpm/dolibarr_mandriva.spec
+++ b/build/rpm/dolibarr_mandriva.spec
@@ -338,12 +338,4 @@ fi

 # version x.y.z-0.1.a for alpha, x.y.z-0.2.b for beta, x.y.z-0.3 for release
 %changelog
-* Sat Dec 27 2014 Laurent Destailleur 3.6.2-0.3
- Upstream release
-
-* Wed Sep 24 2014 Laurent Destailleur 3.6.1-0.3
- Upstream release
-
-* Wed Jul 15 2014 Laurent Destailleur 3.6.0-0.3
- Upstream release
-
+__CHANGELOGSTRING__
--- a/build/rpm/dolibarr_opensuse.spec
+++ b/build/rpm/dolibarr_opensuse.spec
@@ -349,12 +349,4 @@ fi

 # version x.y.z-0.1.a for alpha, x.y.z-0.2.b for beta, x.y.z-0.3 for release
 %changelog
-* Sat Dec 27 2014 Laurent Destailleur 3.6.2-0.3
- Upstream release
-
-* Wed Sep 24 2014 Laurent Destailleur 3.6.1-0.3
- Upstream release
-
-* Wed Jul 15 2014 Laurent Destailleur 3.6.0-0.3
- Upstream release
-
+__CHANGELOGSTRING__
--- a/dev/codesniffer/ruleset.xml
+++ b/dev/codesniffer/ruleset.xml
@@ -213,6 +213,7 @@
    <rule ref="PEAR.Commenting.FunctionComment.Missing">
        <severity>0</severity>
    </rule>
+    
    <rule ref="PEAR.Commenting.ClassComment.Missing@authorTag">
        <severity>0</severity>
    </rule>
@@ -228,6 +229,23 @@
    <rule ref="PEAR.Commenting.ClassComment.Missing@packageTag">
        <severity>0</severity>
    </rule>
+    
+    <rule ref="PEAR.Commenting.ClassComment.MissingAuthorTag">
+        <severity>0</severity>
+    </rule>
+    <rule ref="PEAR.Commenting.ClassComment.MissingCategoryTag">
+        <severity>0</severity>
+    </rule>
+    <rule ref="PEAR.Commenting.ClassComment.MissingLicenseTag">
+        <severity>0</severity>
+    </rule>
+    <rule ref="PEAR.Commenting.ClassComment.MissingLinkTag">
+        <severity>0</severity>
+    </rule>
+    <rule ref="PEAR.Commenting.ClassComment.MissingPackageTag">
+        <severity>0</severity>
+    </rule>
+    
    <rule ref="PEAR.Commenting.FunctionComment.SpacingAfterParamType">
        <severity>0</severity>
    </rule>
--- a/htdocs/adherents/fiche.php
+++ b/htdocs/adherents/fiche.php
--- a/htdocs/adherents/liste.php
+++ b/htdocs/adherents/liste.php
@@ -2,7 +2,7 @@
 /* Copyright (C) 2001-2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
 * Copyright (C) 2002-2003 Jean-Louis Bergamo   <jlb@j1b.org>
 * Copyright (C) 2004-2014 Laurent Destailleur  <eldy@users.sourceforge.net>
- * Copyright (C) 2013      Raphaël Doursenaud   <rdoursenaud@gpcsolutions.fr>
+ * Copyright (C) 2013-2015 Raphaël Doursenaud   <rdoursenaud@gpcsolutions.fr>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -107,7 +107,7 @@ if ($sall)
        foreach ($scrit as $crit)
        {
            $sql.=" AND (";
-            if (is_numeric($sall)) $sql.= "d.rowid = ".$sall." OR ";
+            if (is_numeric($sall)) $sql.= "d.rowid = ".$db->escape($sall)." OR ";
            $sql.=" d.firstname LIKE '%".$db->escape($sall)."%' OR d.lastname LIKE '%".$db->escape($sall)."%' OR d.societe LIKE '%".$db->escape($sall)."%'";
            $sql.=" OR d.email LIKE '%".$db->escape($sall)."%' OR d.login LIKE '%".$db->escape($sall)."%' OR d.address LIKE '%".$db->escape($sall)."%'";
            $sql.=" OR d.town LIKE '%".$db->escape($sall)."%' OR d.note LIKE '%".$db->escape($sall)."%')";
@@ -115,7 +115,7 @@ if ($sall)
 }
 if ($type > 0)
 {
-	$sql.=" AND t.rowid=".$type;
+	$sql.=" AND t.rowid=".$db->escape($type);
 }
 if (isset($_GET["statut"]) || isset($_POST["statut"]))
 {
@@ -189,17 +189,17 @@ if ($resql)
 	}

 	$param="";
-	if ($statut != "") $param.="&statut=".$statut;
-	if ($search_nom)   $param.="&search_nom=".$search_nom;
-	if ($search_login) $param.="&search_login=".$search_login;
-	if ($search_email) $param.="&search_email=".$search_email;
-	if ($filter)       $param.="&filter=".$filter;
-	if ($type > 0)     $param.="&type=".$type;
+	if ($statut != "") $param.="&statut=".htmlspecialchars($statut);
+	if ($search_nom)   $param.="&search_nom=".htmlspecialchars($search_nom);
+	if ($search_login) $param.="&search_login=".htmlspecialchars($search_login);
+	if ($search_email) $param.="&search_email=".htmlspecialchars($search_email);
+	if ($filter)       $param.="&filter=".htmlspecialchars($filter);
+	if ($type > 0)     $param.="&type=".htmlspecialchars($type);
 	print_barre_liste($titre,$page,$_SERVER["PHP_SELF"],$param,$sortfield,$sortorder,'',$num,$nbtotalofrecords);

 	if ($sall)
 	{
-		print $langs->trans("Filter")." (".$langs->trans("Ref").", ".$langs->trans("Lastname").", ".$langs->trans("Firstname").", ".$langs->trans("EMail").", ".$langs->trans("Address")." ".$langs->trans("or")." ".$langs->trans("Town")."): ".$sall;
+		print $langs->trans("Filter")." (".$langs->trans("Ref").", ".$langs->trans("Lastname").", ".$langs->trans("Firstname").", ".$langs->trans("EMail").", ".$langs->trans("Address")." ".$langs->trans("or")." ".$langs->trans("Town")."): ".htmlspecialchars($sall);
 	}

 	print '<form method="POST" action="'.$_SERVER["PHP_SELF"].($param?'?'.$param:'').'">';
@@ -237,13 +237,13 @@ if ($resql)
 	print '<tr class="liste_titre">';

 	print '<td class="liste_titre" align="left">';
-	print '<input class="flat" type="text" name="search_ref" value="'.$search_ref.'" size="4"></td>';
+	print '<input class="flat" type="text" name="search_ref" value="'.htmlspecialchars($search_ref).'" size="4"></td>';

 	print '<td class="liste_titre" align="left">';
-	print '<input class="flat" type="text" name="search_lastname" value="'.$search_lastname.'" size="12"></td>';
+	print '<input class="flat" type="text" name="search_lastname" value="'.htmlspecialchars($search_lastname).'" size="12"></td>';

 	print '<td class="liste_titre" align="left">';
-	print '<input class="flat" type="text" name="search_login" value="'.$search_login.'" size="7"></td>';
+	print '<input class="flat" type="text" name="search_login" value="'.htmlspecialchars($search_login).'" size="7"></td>';

 	print '<td class="liste_titre">';
 	$listetype=$membertypestatic->liste_array();
@@ -253,7 +253,7 @@ if ($resql)
 	print '<td class="liste_titre">&nbsp;</td>';

 	print '<td class="liste_titre" align="left">';
-	print '<input class="flat" type="text" name="search_email" value="'.$search_email.'" size="12"></td>';
+	print '<input class="flat" type="text" name="search_email" value="'.htmlspecialchars($search_email).'" size="12"></td>';

 	print '<td class="liste_titre">&nbsp;</td>';

--- a/htdocs/admin/dict.php
+++ b/htdocs/admin/dict.php
@@ -6,7 +6,7 @@
 * Copyright (C) 2010-2013 Juanjo Menent        <jmenent@2byte.es>
 * Copyright (C) 2011      Philippe Grand       <philippe.grand@atoo-net.com>
 * Copyright (C) 2011      Remy Younes          <ryounes@gmail.com>
- * Copyright (C) 2012-2013 Marcos García        <marcosgdf@gmail.com>
+ * Copyright (C) 2012-2015 Marcos García        <marcosgdf@gmail.com>
 * Copyright (C) 2012      Christophe Battarel	<christophe.battarel@ltairis.fr>
 * Copyright (C) 2011-2012 Alexandre Spangaro	<alexandre.spangaro@gmail.com>
 *
@@ -516,7 +516,7 @@ if (GETPOST('actionadd') || GETPOST('actionmodify'))
        $i=0;
        foreach ($listfieldinsert as $f => $value)
        {
-            if ($value == 'price' || preg_match('/^amount/i',$value)) {
+            if ($value == 'price' || preg_match('/^amount/i',$value) || preg_match('/^localtax/i',$value) || $value == 'taux') {
            	$_POST[$listfieldvalue[$i]] = price2num($_POST[$listfieldvalue[$i]],'MU');
            }
            else if ($value == 'entity') {
@@ -564,7 +564,7 @@ if (GETPOST('actionadd') || GETPOST('actionmodify'))
        $i = 0;
        foreach ($listfieldmodify as $field)
        {
-            if ($field == 'price' || preg_match('/^amount/i',$field)) {
+            if ($field == 'price' || preg_match('/^amount/i',$field) || preg_match('/^localtax/i',$field) || $field == 'taux') {
            	$_POST[$listfieldvalue[$i]] = price2num($_POST[$listfieldvalue[$i]],'MU');
            }
            else if ($field == 'entity') {
@@ -1080,17 +1080,20 @@ if ($id)
 							  $align="center";
 							}
 							else if ($fieldlist[$field]=='localtax1') {
+                                $valuetoshow = price($valuetoshow, 0, $langs, 0, 0);
 							  if ($obj->localtax1 == 0)
 							    $valuetoshow = '';
 							  $align="right";
 							}
 							else if ($fieldlist[$field]=='localtax2') {
+                                $valuetoshow = price($valuetoshow, 0, $langs, 0, 0);
 							  if ($obj->localtax2 == 0)
 							    $valuetoshow = '';
 							  $align="right";
 							}
 							else if (in_array($fieldlist[$field],array('taux','localtax1','localtax2')))
 							{
+                                $valuetoshow = price($valuetoshow, 0, $langs, 0, 0);
 								$align="right";
 							}
 							else if (in_array($fieldlist[$field],array('recuperableonly')))
@@ -1116,7 +1119,7 @@ if ($id)

                    if (isset($obj->type) && in_array($obj->type, array('system', 'systemauto'))) $iserasable=0;

-                    $url = $_SERVER["PHP_SELF"].'?'.($page?'page='.$page.'&':'').'sortfield='.$sortfield.'&sortorder='.$sortorder.'&rowid='.(! empty($obj->rowid)?$obj->rowid:(! empty($obj->code)?$obj->code:'')).'&amp;code='.(! empty($obj->code)?$obj->code:'').'&amp;id='.$id.'&amp;';
+                    $url = $_SERVER["PHP_SELF"].'?'.($page?'page='.$page.'&':'').'sortfield='.$sortfield.'&sortorder='.$sortorder.'&rowid='.(! empty($obj->rowid)?$obj->rowid:(! empty($obj->code)?$obj->code:'')).'&amp;code='.(! empty($obj->code)?urlencode($obj->code):'').'&amp;id='.$id.'&amp;';

                    // Active
                    print '<td align="center" class="nowrap">';
--- a/htdocs/admin/index.php
+++ b/htdocs/admin/index.php
@@ -100,6 +100,7 @@ print '<br>';
 print '<br>';

 // Add hook to add information
+$parameters=array();
 $reshook=$hookmanager->executeHooks('addHomeSetup',$parameters,$object,$action);    // Note that $action and $object may have been modified by some hooks
 print $hookmanager->resPrint;
 if (empty($reshook))
--- a/htdocs/categories/edit.php
+++ b/htdocs/categories/edit.php
@@ -56,6 +56,9 @@ $object = new Categorie($db);
 $extrafields = new ExtraFields($db);
 $extralabels=$extrafields->fetch_name_optionals_label($object->table_element);

+// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array array
+$hookmanager->initHooks(array('categorycard'));
+
 /*
 * Actions
 */
--- a/htdocs/categories/fiche.php
+++ b/htdocs/categories/fiche.php
@@ -64,6 +64,9 @@ $object = new Categorie($db);
 $extrafields = new ExtraFields($db);
 $extralabels=$extrafields->fetch_name_optionals_label($object->table_element);

+// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array array
+$hookmanager->initHooks(array('categorycard'));
+
 /*
 *	Actions
 */
--- a/htdocs/categories/viewcat.php
+++ b/htdocs/categories/viewcat.php
@@ -63,6 +63,9 @@ $type=$object->type;
 $extrafields = new ExtraFields($db);
 $extralabels = $extrafields->fetch_name_optionals_label($object->table_element);

+// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array array
+$hookmanager->initHooks(array('categorycard'));
+
 /*
 *	Actions
 */
--- a/htdocs/comm/action/class/actioncomm.class.php
+++ b/htdocs/comm/action/class/actioncomm.class.php
@@ -1060,6 +1060,7 @@ class ActionComm extends CommonObject
        $this->datef=$now;
        $this->author=$user;
        $this->usermod=$user;
+        $this->usertodo=$user;
        $this->fulldayevent=0;
        $this->punctual=0;
        $this->percentage=0;
--- a/htdocs/comm/action/index.php
+++ b/htdocs/comm/action/index.php
@@ -1038,7 +1038,7 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
                    		$numicals[dol_string_nospecial($event->icalname)]++;
                    	}
                    	$color=$event->icalcolor;
-                    	$cssclass=(! empty($event->icalname)?'family_'.dol_string_nospecial($event->icalname):'family_other');
+                    	$cssclass=(! empty($event->icalname)?'family_ext'.md5($event->icalname):'family_other');
                    }
                    else if ($event->type_code == 'BIRTHDAY')  { $numbirthday++; $colorindex=2; $cssclass='family_birthday'; }
                    else { $numother++; $cssclass='family_other'; }
--- a/htdocs/comm/fiche.php
+++ b/htdocs/comm/fiche.php
@@ -79,76 +79,78 @@ $object = new Societe($db);
 $parameters = array('socid' => $id);
 $reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some

-//Some actions show a "cancel" input submit button with name="cancel"
-$cancelbutton = GETPOST('cancel');
+if (empty($reshook)) {
+	//Some actions show a "cancel" input submit button with name="cancel"
+	$cancelbutton = GETPOST('cancel');

-if ($action == 'setcustomeraccountancycode')
-{
-	if (!$cancelbutton) {
-		$result=$object->fetch($id);
-		$object->code_compta=$_POST["customeraccountancycode"];
-		$result=$object->update($object->id,$user,1,1,0);
-		if ($result < 0)
-		{
-			$mesgs[]=join(',',$object->errors);
+	if ($action == 'setcustomeraccountancycode')
+	{
+		if (!$cancelbutton) {
+			$result=$object->fetch($id);
+			$object->code_compta=$_POST["customeraccountancycode"];
+			$result=$object->update($object->id,$user,1,1,0);
+			if ($result < 0)
+			{
+				$mesgs[]=join(',',$object->errors);
+			}
+			$action="";
 		}
-		$action="";
 	}
-}

-// conditions de reglement
-if ($action == 'setconditions' && $user->rights->societe->creer)
-{
-	$object->fetch($id);
-	$result=$object->setPaymentTerms(GETPOST('cond_reglement_id','int'));
-	if ($result < 0) dol_print_error($db,$object->error);
-}
-// mode de reglement
-if ($action == 'setmode' && $user->rights->societe->creer)
-{
-	$object->fetch($id);
-	$result=$object->setPaymentMethods(GETPOST('mode_reglement_id','int'));
-	if ($result < 0) dol_print_error($db,$object->error);
-}
-// assujetissement a la TVA
-if ($action == 'setassujtva' && $user->rights->societe->creer)
-{
-	$object->fetch($id);
-	$object->tva_assuj=$_POST['assujtva_value'];
-
-	// TODO move to DAO class
-	$sql = "UPDATE ".MAIN_DB_PREFIX."societe SET tva_assuj='".$_POST['assujtva_value']."' WHERE rowid='".$id."'";
-	$result = $db->query($sql);
-	if (! $result) dol_print_error($result);
-}
-
-// set prospect level
-if ($action == 'setprospectlevel' && $user->rights->societe->creer)
-{
-	$object->fetch($id);
-	$object->fk_prospectlevel=GETPOST('prospect_level_id','alpha');
-	$result=$object->set_prospect_level($user);
-	if ($result < 0) setEventMessage($object->error,'errors');
-}
-
-// Update communication level
-if ($action == 'cstc')
-{
-	$object->fetch($id);
-	$object->stcomm_id=GETPOST('stcomm','int');
-	$result=$object->set_commnucation_level($user);
-	if ($result < 0) setEventMessage($object->error,'errors');
-}
-
-// Update communication level
-if ($action == 'setOutstandingBill')
-{
-	if (!$cancelbutton) {
+	// conditions de reglement
+	if ($action == 'setconditions' && $user->rights->societe->creer)
+	{
 		$object->fetch($id);
-		$object->outstanding_limit = GETPOST('OutstandingBill');
-		$result = $object->set_OutstandingBill($user);
-		if ($result < 0) {
-			setEventMessage($object->error, 'errors');
+		$result=$object->setPaymentTerms(GETPOST('cond_reglement_id','int'));
+		if ($result < 0) dol_print_error($db,$object->error);
+	}
+	// mode de reglement
+	if ($action == 'setmode' && $user->rights->societe->creer)
+	{
+		$object->fetch($id);
+		$result=$object->setPaymentMethods(GETPOST('mode_reglement_id','int'));
+		if ($result < 0) dol_print_error($db,$object->error);
+	}
+	// assujetissement a la TVA
+	if ($action == 'setassujtva' && $user->rights->societe->creer)
+	{
+		$object->fetch($id);
+		$object->tva_assuj=$_POST['assujtva_value'];
+
+		// TODO move to DAO class
+		$sql = "UPDATE ".MAIN_DB_PREFIX."societe SET tva_assuj='".$_POST['assujtva_value']."' WHERE rowid='".$id."'";
+		$result = $db->query($sql);
+		if (! $result) dol_print_error($result);
+	}
+
+	// set prospect level
+	if ($action == 'setprospectlevel' && $user->rights->societe->creer)
+	{
+		$object->fetch($id);
+		$object->fk_prospectlevel=GETPOST('prospect_level_id','alpha');
+		$result=$object->set_prospect_level($user);
+		if ($result < 0) setEventMessage($object->error,'errors');
+	}
+
+	// Update communication level
+	if ($action == 'cstc')
+	{
+		$object->fetch($id);
+		$object->stcomm_id=GETPOST('stcomm','int');
+		$result=$object->set_commnucation_level($user);
+		if ($result < 0) setEventMessage($object->error,'errors');
+	}
+
+	// Update communication level
+	if ($action == 'setOutstandingBill')
+	{
+		if (!$cancelbutton) {
+			$object->fetch($id);
+			$object->outstanding_limit = GETPOST('OutstandingBill');
+			$result = $object->set_OutstandingBill($user);
+			if ($result < 0) {
+				setEventMessage($object->error, 'errors');
+			}
 		}
 	}
 }
--- a/htdocs/comm/mailing/fiche.php
+++ b/htdocs/comm/mailing/fiche.php
@@ -102,446 +102,390 @@ $object->substitutionarrayfortest=array(
 $parameters=array();
 $reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action);    // Note that $action and $object may have been modified by some hooks

-// Action clone object
-if ($action == 'confirm_clone' && $confirm == 'yes')
-{
-	if (empty($_REQUEST["clone_content"]) && empty($_REQUEST["clone_receivers"]))
+if (empty($reshook)) {
+
+	// Action clone object
+	if ($action == 'confirm_clone' && $confirm == 'yes')
 	{
-		$mesg='<div class="error">'.$langs->trans("NoCloneOptionsSpecified").'</div>';
-	}
-	else
-	{
-		$result=$object->createFromClone($object->id,$_REQUEST["clone_content"],$_REQUEST["clone_receivers"]);
-		if ($result > 0)
+		if (empty($_REQUEST["clone_content"]) && empty($_REQUEST["clone_receivers"]))
 		{
-			header("Location: ".$_SERVER['PHP_SELF'].'?id='.$result);
-			exit;
+			$mesg='<div class="error">'.$langs->trans("NoCloneOptionsSpecified").'</div>';
 		}
 		else
 		{
-			$mesg=$object->error;
-		}
-	}
-    $action='';
-}
-
-// Action send emailing for everybody
-if ($action == 'sendallconfirmed' && $confirm == 'yes')
-{
-	if (empty($conf->global->MAILING_LIMIT_SENDBYWEB))
-	{
-		// Pour des raisons de securite, on ne permet pas cette fonction via l'IHM,
-		// on affiche donc juste un message
-		$mesg='<div class="warning">'.$langs->trans("MailingNeedCommand").'</div>';
-		$mesg.='<br><textarea cols="70" rows="'.ROWS_2.'" wrap="soft">php ./scripts/emailings/mailing-send.php '.$object->id.'</textarea>';
-		$mesg.='<br><br><div class="warning">'.$langs->trans("MailingNeedCommand2").'</div>';
-		$action='';
-	}
-	else if ($conf->global->MAILING_LIMIT_SENDBYWEB < 0)
-	{
-		$mesg='<div class="warning">'.$langs->trans("NotEnoughPermissions").'</div>';
-		$action='';
-	}
-	else
-	{
-		$upload_dir = $conf->mailing->dir_output . "/" . get_exdir($object->id,2,0,1);
-
-		if ($object->statut == 0)
-		{
-			dol_print_error('','ErrorMailIsNotValidated');
-			exit;
-		}
-
-		$id       = $object->id;
-		$subject  = $object->sujet;
-		$message  = $object->body;
-		$from     = $object->email_from;
-		$replyto  = $object->email_replyto;
-		$errorsto = $object->email_errorsto;
-		// Le message est-il en html
-		$msgishtml=-1;	// Unknown by default
-		if (preg_match('/[\s\t]*<html>/i',$message)) $msgishtml=1;
-
-		// Warning, we must not use begin-commit transaction here
-		// because we want to save update for each mail sent.
-
-		$nbok=0; $nbko=0;
-
-		// On choisit les mails non deja envoyes pour ce mailing (statut=0)
-		// ou envoyes en erreur (statut=-1)
-		$sql = "SELECT mc.rowid, mc.lastname, mc.firstname, mc.email, mc.other, mc.source_url, mc.source_id, mc.source_type, mc.tag";
-		$sql .= " FROM ".MAIN_DB_PREFIX."mailing_cibles as mc";
-		$sql .= " WHERE mc.statut < 1 AND mc.fk_mailing = ".$object->id;
-
-		dol_syslog("fiche.php: select targets sql=".$sql, LOG_DEBUG);
-		$resql=$db->query($sql);
-		if ($resql)
-		{
-			$num = $db->num_rows($resql);	// nb of possible recipients
-
-			if ($num)
+			$result=$object->createFromClone($object->id,$_REQUEST["clone_content"],$_REQUEST["clone_receivers"]);
+			if ($result > 0)
 			{
-				dol_syslog("comm/mailing/fiche.php: nb of targets = ".$num, LOG_DEBUG);
+				header("Location: ".$_SERVER['PHP_SELF'].'?id='.$result);
+				exit;
+			}
+			else
+			{
+				$mesg=$object->error;
+			}
+		}
+	    $action='';
+	}

-				$now=dol_now();
+	// Action send emailing for everybody
+	if ($action == 'sendallconfirmed' && $confirm == 'yes')
+	{
+		if (empty($conf->global->MAILING_LIMIT_SENDBYWEB))
+		{
+			// Pour des raisons de securite, on ne permet pas cette fonction via l'IHM,
+			// on affiche donc juste un message
+			$mesg='<div class="warning">'.$langs->trans("MailingNeedCommand").'</div>';
+			$mesg.='<br><textarea cols="70" rows="'.ROWS_2.'" wrap="soft">php ./scripts/emailings/mailing-send.php '.$object->id.'</textarea>';
+			$mesg.='<br><br><div class="warning">'.$langs->trans("MailingNeedCommand2").'</div>';
+			$action='';
+		}
+		else if ($conf->global->MAILING_LIMIT_SENDBYWEB < 0)
+		{
+			$mesg='<div class="warning">'.$langs->trans("NotEnoughPermissions").'</div>';
+			$action='';
+		}
+		else
+		{
+			$upload_dir = $conf->mailing->dir_output . "/" . get_exdir($object->id,2,0,1);

-				// Positionne date debut envoi
-				$sql="UPDATE ".MAIN_DB_PREFIX."mailing SET date_envoi=".$db->idate($now)." WHERE rowid=".$object->id;
+			if ($object->statut == 0)
+			{
+				dol_print_error('','ErrorMailIsNotValidated');
+				exit;
+			}
+
+			$id       = $object->id;
+			$subject  = $object->sujet;
+			$message  = $object->body;
+			$from     = $object->email_from;
+			$replyto  = $object->email_replyto;
+			$errorsto = $object->email_errorsto;
+			// Le message est-il en html
+			$msgishtml=-1;	// Unknown by default
+			if (preg_match('/[\s\t]*<html>/i',$message)) $msgishtml=1;
+
+			// Warning, we must not use begin-commit transaction here
+			// because we want to save update for each mail sent.
+
+			$nbok=0; $nbko=0;
+
+			// On choisit les mails non deja envoyes pour ce mailing (statut=0)
+			// ou envoyes en erreur (statut=-1)
+			$sql = "SELECT mc.rowid, mc.lastname, mc.firstname, mc.email, mc.other, mc.source_url, mc.source_id, mc.source_type, mc.tag";
+			$sql .= " FROM ".MAIN_DB_PREFIX."mailing_cibles as mc";
+			$sql .= " WHERE mc.statut < 1 AND mc.fk_mailing = ".$object->id;
+
+			dol_syslog("fiche.php: select targets sql=".$sql, LOG_DEBUG);
+			$resql=$db->query($sql);
+			if ($resql)
+			{
+				$num = $db->num_rows($resql);	// nb of possible recipients
+
+				if ($num)
+				{
+					dol_syslog("comm/mailing/fiche.php: nb of targets = ".$num, LOG_DEBUG);
+
+					$now=dol_now();
+
+					// Positionne date debut envoi
+					$sql="UPDATE ".MAIN_DB_PREFIX."mailing SET date_envoi='".$db->idate($now)."' WHERE rowid=".$object->id;
+					$resql2=$db->query($sql);
+					if (! $resql2)
+					{
+						dol_print_error($db);
+					}
+
+					// Loop on each email and send it
+					$i = 0;
+
+					while ($i < $num && $i < $conf->global->MAILING_LIMIT_SENDBYWEB)
+					{
+
+						$res=1;
+
+						$obj = $db->fetch_object($resql);
+
+						// sendto en RFC2822
+						$sendto = str_replace(',',' ',dolGetFirstLastname($obj->firstname, $obj->lastname))." <".$obj->email.">";
+
+						// Make substitutions on topic and body. From (AA=YY;BB=CC;...) we keep YY, CC, ...
+						$other=explode(';',$obj->other);
+						$tmpfield=explode('=',$other[0],2); $other1=(isset($tmpfield[1])?$tmpfield[1]:$tmpfield[0]);
+	                    $tmpfield=explode('=',$other[1],2); $other2=(isset($tmpfield[1])?$tmpfield[1]:$tmpfield[0]);
+	                    $tmpfield=explode('=',$other[2],2); $other3=(isset($tmpfield[1])?$tmpfield[1]:$tmpfield[0]);
+	                    $tmpfield=explode('=',$other[3],2); $other4=(isset($tmpfield[1])?$tmpfield[1]:$tmpfield[0]);
+	                    $tmpfield=explode('=',$other[4],2); $other5=(isset($tmpfield[1])?$tmpfield[1]:$tmpfield[0]);
+	                    // Array of possible substitutions (See also fie mailing-send.php that should manage same substitutions)
+						$substitutionarray=array(
+								'__ID__' => $obj->source_id,
+								'__EMAIL__' => $obj->email,
+								'__LASTNAME__' => $obj->lastname,
+								'__FIRSTNAME__' => $obj->firstname,
+								'__MAILTOEMAIL__' => '<a href="mailto:'.$obj->email.'">'.$obj->email.'</a>',
+								'__OTHER1__' => $other1,
+								'__OTHER2__' => $other2,
+								'__OTHER3__' => $other3,
+								'__OTHER4__' => $other4,
+								'__OTHER5__' => $other5,
+								'__CHECK_READ__' => '<img src="'.DOL_MAIN_URL_ROOT.'/public/emailing/mailing-read.php?tag='.$obj->tag.'&securitykey='.urlencode($conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY).'" width="1" height="1" style="width:1px;height:1px" border="0"/>',
+								'__UNSUBSCRIBE__' => '<a href="'.DOL_MAIN_URL_ROOT.'/public/emailing/mailing-unsubscribe.php?tag='.$obj->tag.'&unsuscrib=1&securitykey='.urlencode($conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY).'" target="_blank">'.$langs->trans("MailUnsubcribe").'</a>'
+						);
+						if (! empty($conf->paypal->enabled) && ! empty($conf->global->PAYPAL_SECURITY_TOKEN))
+						{
+							$substitutionarray['__SECUREKEYPAYPAL__']=dol_hash($conf->global->PAYPAL_SECURITY_TOKEN, 2);
+							if (empty($conf->global->PAYPAL_SECURITY_TOKEN_UNIQUE)) $substitutionarray['__SECUREKEYPAYPAL_MEMBER__']=dol_hash($conf->global->PAYPAL_SECURITY_TOKEN, 2);
+							else $substitutionarray['__SECUREKEYPAYPAL_MEMBER__']=dol_hash($conf->global->PAYPAL_SECURITY_TOKEN . 'membersubscription' . $obj->source_id, 2);
+						}
+						$substitutionisok=true;
+	                    complete_substitutions_array($substitutionarray, $langs);
+						$newsubject=make_substitutions($subject,$substitutionarray);
+						$newmessage=make_substitutions($message,$substitutionarray);
+
+						$arr_file = array();
+						$arr_mime = array();
+						$arr_name = array();
+						$arr_css  = array();
+
+						$listofpaths=dol_dir_list($upload_dir,'all',0,'','','name',SORT_ASC,0);
+						if (count($listofpaths))
+						{
+							foreach($listofpaths as $key => $val)
+							{
+								$arr_file[]=$listofpaths[$key]['fullname'];
+								$arr_mime[]=dol_mimetype($listofpaths[$key]['name']);
+								$arr_name[]=$listofpaths[$key]['name'];
+							}
+						}
+
+						// Fabrication du mail
+						$mail = new CMailFile($newsubject, $sendto, $from, $newmessage, $arr_file, $arr_mime, $arr_name, '', '', 0, $msgishtml, $errorsto, $arr_css);
+
+						if ($mail->error)
+						{
+							$res=0;
+						}
+						if (! $substitutionisok)
+						{
+							$mail->error='Some substitution failed';
+							$res=0;
+						}
+
+						// Send mail
+						if ($res)
+						{
+							$res=$mail->sendfile();
+						}
+
+						if ($res)
+						{
+							// Mail successful
+							$nbok++;
+
+							dol_syslog("comm/mailing/fiche.php: ok for #".$i.($mail->error?' - '.$mail->error:''), LOG_DEBUG);
+
+							$sql="UPDATE ".MAIN_DB_PREFIX."mailing_cibles";
+							$sql.=" SET statut=1, date_envoi='".$db->idate($now)."' WHERE rowid=".$obj->rowid;
+							$resql2=$db->query($sql);
+							if (! $resql2)
+							{
+								dol_print_error($db);
+							}
+							else
+							{
+								//if cheack read is use then update prospect contact status
+								if (strpos($message, '__CHECK_READ__') !== false)
+								{
+									//Update status communication of thirdparty prospect
+									$sql = "UPDATE ".MAIN_DB_PREFIX."societe SET fk_stcomm=2 WHERE rowid IN (SELECT source_id FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE rowid=".$obj->rowid.")";
+									dol_syslog("fiche.php: set prospect thirdparty status sql=".$sql, LOG_DEBUG);
+									$resql2=$db->query($sql);
+									if (! $resql2)
+									{
+										dol_print_error($db);
+									}
+
+								    //Update status communication of contact prospect
+									$sql = "UPDATE ".MAIN_DB_PREFIX."societe SET fk_stcomm=2 WHERE rowid IN (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."socpeople AS sc INNER JOIN ".MAIN_DB_PREFIX."mailing_cibles AS mc ON mc.rowid=".$obj->rowid." AND mc.source_type = 'contact' AND mc.source_id = sc.rowid)";
+									dol_syslog("fiche.php: set prospect contact status sql=".$sql, LOG_DEBUG);
+
+									$resql2=$db->query($sql);
+									if (! $resql2)
+									{
+										dol_print_error($db);
+									}
+								}
+							}
+
+
+							//test if CHECK READ change statut prospect contact
+						}
+						else
+						{
+							// Mail failed
+							$nbko++;
+
+							dol_syslog("comm/mailing/fiche.php: error for #".$i.($mail->error?' - '.$mail->error:''), LOG_WARNING);
+
+							$sql="UPDATE ".MAIN_DB_PREFIX."mailing_cibles";
+							$sql.=" SET statut=-1, date_envoi=".$db->idate($now)." WHERE rowid=".$obj->rowid;
+							$resql2=$db->query($sql);
+							if (! $resql2)
+							{
+								dol_print_error($db);
+							}
+						}
+
+						$i++;
+					}
+				}
+				else
+				{
+					setEventMessage($langs->transnoentitiesnoconv("NoMoreRecipientToSendTo"));
+				}
+
+				// Loop finished, set global statut of mail
+				if ($nbko > 0)
+				{
+					$statut=2;	// Status 'sent partially' (because at least one error)
+					if ($nbok > 0) 	setEventMessage($langs->transnoentitiesnoconv("EMailSentToNRecipients",$nbok));
+					else setEventMessage($langs->transnoentitiesnoconv("EMailSentToNRecipients",$nbok));
+				}
+				else
+				{
+					if ($nbok >= $num)
+					{
+						$statut=3;	// Send to everybody
+						setEventMessage($langs->transnoentitiesnoconv("EMailSentToNRecipients",$nbok));
+					}
+					else
+					{
+						$statut=2;	// Status 'sent partially' (because not send to everybody)
+						setEventMessage($langs->transnoentitiesnoconv("EMailSentToNRecipients",$nbok));
+					}
+				}
+
+				$sql="UPDATE ".MAIN_DB_PREFIX."mailing SET statut=".$statut." WHERE rowid=".$object->id;
+				dol_syslog("comm/mailing/fiche.php: update global status sql=".$sql, LOG_DEBUG);
 				$resql2=$db->query($sql);
 				if (! $resql2)
 				{
 					dol_print_error($db);
 				}
-
-				// Loop on each email and send it
-				$i = 0;
-
-				while ($i < $num && $i < $conf->global->MAILING_LIMIT_SENDBYWEB)
-				{
-
-					$res=1;
-
-					$obj = $db->fetch_object($resql);
-
-					// sendto en RFC2822
-					$sendto = str_replace(',',' ',dolGetFirstLastname($obj->firstname, $obj->lastname))." <".$obj->email.">";
-
-					// Make substitutions on topic and body. From (AA=YY;BB=CC;...) we keep YY, CC, ...
-					$other=explode(';',$obj->other);
-					$tmpfield=explode('=',$other[0],2); $other1=(isset($tmpfield[1])?$tmpfield[1]:$tmpfield[0]);
-                    $tmpfield=explode('=',$other[1],2); $other2=(isset($tmpfield[1])?$tmpfield[1]:$tmpfield[0]);
-                    $tmpfield=explode('=',$other[2],2); $other3=(isset($tmpfield[1])?$tmpfield[1]:$tmpfield[0]);
-                    $tmpfield=explode('=',$other[3],2); $other4=(isset($tmpfield[1])?$tmpfield[1]:$tmpfield[0]);
-                    $tmpfield=explode('=',$other[4],2); $other5=(isset($tmpfield[1])?$tmpfield[1]:$tmpfield[0]);
-                    // Array of possible substitutions (See also fie mailing-send.php that should manage same substitutions)
-					$substitutionarray=array(
-							'__ID__' => $obj->source_id,
-							'__EMAIL__' => $obj->email,
-							'__LASTNAME__' => $obj->lastname,
-							'__FIRSTNAME__' => $obj->firstname,
-							'__MAILTOEMAIL__' => '<a href="mailto:'.$obj->email.'">'.$obj->email.'</a>',
-							'__OTHER1__' => $other1,
-							'__OTHER2__' => $other2,
-							'__OTHER3__' => $other3,
-							'__OTHER4__' => $other4,
-							'__OTHER5__' => $other5,
-							'__CHECK_READ__' => '<img src="'.DOL_MAIN_URL_ROOT.'/public/emailing/mailing-read.php?tag='.$obj->tag.'&securitykey='.urlencode($conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY).'" width="1" height="1" style="width:1px;height:1px" border="0"/>',
-							'__UNSUBSCRIBE__' => '<a href="'.DOL_MAIN_URL_ROOT.'/public/emailing/mailing-unsubscribe.php?tag='.$obj->tag.'&unsuscrib=1&securitykey='.urlencode($conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY).'" target="_blank">'.$langs->trans("MailUnsubcribe").'</a>'
-					);
-					if (! empty($conf->paypal->enabled) && ! empty($conf->global->PAYPAL_SECURITY_TOKEN))
-					{
-						$substitutionarray['__SECUREKEYPAYPAL__']=dol_hash($conf->global->PAYPAL_SECURITY_TOKEN, 2);
-						if (empty($conf->global->PAYPAL_SECURITY_TOKEN_UNIQUE)) $substitutionarray['__SECUREKEYPAYPAL_MEMBER__']=dol_hash($conf->global->PAYPAL_SECURITY_TOKEN, 2);
-						else $substitutionarray['__SECUREKEYPAYPAL_MEMBER__']=dol_hash($conf->global->PAYPAL_SECURITY_TOKEN . 'membersubscription' . $obj->source_id, 2);
-					}
-					$substitutionisok=true;
-                    complete_substitutions_array($substitutionarray, $langs);
-					$newsubject=make_substitutions($subject,$substitutionarray);
-					$newmessage=make_substitutions($message,$substitutionarray);
-
-					$arr_file = array();
-					$arr_mime = array();
-					$arr_name = array();
-					$arr_css  = array();
-
-					$listofpaths=dol_dir_list($upload_dir,'all',0,'','','name',SORT_ASC,0);
-					if (count($listofpaths))
-					{
-						foreach($listofpaths as $key => $val)
-						{
-							$arr_file[]=$listofpaths[$key]['fullname'];
-							$arr_mime[]=dol_mimetype($listofpaths[$key]['name']);
-							$arr_name[]=$listofpaths[$key]['name'];
-						}
-					}
-
-					// Fabrication du mail
-					$mail = new CMailFile($newsubject, $sendto, $from, $newmessage, $arr_file, $arr_mime, $arr_name, '', '', 0, $msgishtml, $errorsto, $arr_css);
-
-					if ($mail->error)
-					{
-						$res=0;
-					}
-					if (! $substitutionisok)
-					{
-						$mail->error='Some substitution failed';
-						$res=0;
-					}
-
-					// Send mail
-					if ($res)
-					{
-						$res=$mail->sendfile();
-					}
-
-					if ($res)
-					{
-						// Mail successful
-						$nbok++;
-
-						dol_syslog("comm/mailing/fiche.php: ok for #".$i.($mail->error?' - '.$mail->error:''), LOG_DEBUG);
-
-						$sql="UPDATE ".MAIN_DB_PREFIX."mailing_cibles";
-						$sql.=" SET statut=1, date_envoi=".$db->idate($now)." WHERE rowid=".$obj->rowid;
-						$resql2=$db->query($sql);
-						if (! $resql2)
-						{
-							dol_print_error($db);
-						}
-						else
-						{
-							//if cheack read is use then update prospect contact status
-							if (strpos($message, '__CHECK_READ__') !== false)
-							{
-								//Update status communication of thirdparty prospect
-								$sql = "UPDATE ".MAIN_DB_PREFIX."societe SET fk_stcomm=2 WHERE rowid IN (SELECT source_id FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE rowid=".$obj->rowid.")";
-								dol_syslog("fiche.php: set prospect thirdparty status sql=".$sql, LOG_DEBUG);
-								$resql2=$db->query($sql);
-								if (! $resql2)
-								{
-									dol_print_error($db);
-								}
-
-							    //Update status communication of contact prospect
-								$sql = "UPDATE ".MAIN_DB_PREFIX."societe SET fk_stcomm=2 WHERE rowid IN (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."socpeople AS sc INNER JOIN ".MAIN_DB_PREFIX."mailing_cibles AS mc ON mc.rowid=".$obj->rowid." AND mc.source_type = 'contact' AND mc.source_id = sc.rowid)";
-								dol_syslog("fiche.php: set prospect contact status sql=".$sql, LOG_DEBUG);
-
-								$resql2=$db->query($sql);
-								if (! $resql2)
-								{
-									dol_print_error($db);
-								}
-							}
-						}
-
-
-						//test if CHECK READ change statut prospect contact
-					}
-					else
-					{
-						// Mail failed
-						$nbko++;
-
-						dol_syslog("comm/mailing/fiche.php: error for #".$i.($mail->error?' - '.$mail->error:''), LOG_WARNING);
-
-						$sql="UPDATE ".MAIN_DB_PREFIX."mailing_cibles";
-						$sql.=" SET statut=-1, date_envoi=".$db->idate($now)." WHERE rowid=".$obj->rowid;
-						$resql2=$db->query($sql);
-						if (! $resql2)
-						{
-							dol_print_error($db);
-						}
-					}
-
-					$i++;
-				}
 			}
 			else
 			{
-				setEventMessage($langs->transnoentitiesnoconv("NoMoreRecipientToSendTo"));
-			}
-
-			// Loop finished, set global statut of mail
-			if ($nbko > 0)
-			{
-				$statut=2;	// Status 'sent partially' (because at least one error)
-				if ($nbok > 0) 	setEventMessage($langs->transnoentitiesnoconv("EMailSentToNRecipients",$nbok));
-				else setEventMessage($langs->transnoentitiesnoconv("EMailSentToNRecipients",$nbok));
-			}
-			else
-			{
-				if ($nbok >= $num)
-				{
-					$statut=3;	// Send to everybody
-					setEventMessage($langs->transnoentitiesnoconv("EMailSentToNRecipients",$nbok));
-				}
-				else
-				{
-					$statut=2;	// Status 'sent partially' (because not send to everybody)
-					setEventMessage($langs->transnoentitiesnoconv("EMailSentToNRecipients",$nbok));
-				}
-			}
-
-			$sql="UPDATE ".MAIN_DB_PREFIX."mailing SET statut=".$statut." WHERE rowid=".$object->id;
-			dol_syslog("comm/mailing/fiche.php: update global status sql=".$sql, LOG_DEBUG);
-			$resql2=$db->query($sql);
-			if (! $resql2)
-			{
+				dol_syslog($db->error());
 				dol_print_error($db);
 			}
+
+			$action = '';
 		}
-		else
-		{
-			dol_syslog($db->error());
-			dol_print_error($db);
-		}
-
-		$action = '';
-	}
-}
-
-// Action send test emailing
-if ($action == 'send' && empty($_POST["cancel"]))
-{
-	$error=0;
-
-	$upload_dir = $conf->mailing->dir_output . "/" . get_exdir($object->id,2,0,1);
-
-	$object->sendto = $_POST["sendto"];
-	if (! $object->sendto)
-	{
-		$mesg='<div class="error">'.$langs->trans("ErrorFieldRequired",$langs->trans("MailTo")).'</div>';
-		$error++;
 	}

-	if (! $error)
+	// Action send test emailing
+	if ($action == 'send' && empty($_POST["cancel"]))
 	{
-		// Le message est-il en html
-		$msgishtml=-1;	// Inconnu par defaut
-		if (preg_match('/[\s\t]*<html>/i',$object->body)) $msgishtml=1;
+		$error=0;

-		// Pratique les substitutions sur le sujet et message
-		$tmpsujet=make_substitutions($object->sujet,$object->substitutionarrayfortest);
-		$tmpbody=make_substitutions($object->body,$object->substitutionarrayfortest);
+		$upload_dir = $conf->mailing->dir_output . "/" . get_exdir($object->id,2,0,1);

-		$arr_file = array();
-		$arr_mime = array();
-		$arr_name = array();
-		$arr_css  = array();
-
-        // Ajout CSS
-        if (!empty($object->bgcolor)) $arr_css['bgcolor'] = (preg_match('/^#/',$object->bgcolor)?'':'#').$object->bgcolor;
-        if (!empty($object->bgimage)) $arr_css['bgimage'] = $object->bgimage;
-
-        // Attached files
-		$listofpaths=dol_dir_list($upload_dir,'all',0,'','','name',SORT_ASC,0);
-		if (count($listofpaths))
+		$object->sendto = $_POST["sendto"];
+		if (! $object->sendto)
 		{
-			foreach($listofpaths as $key => $val)
+			$mesg='<div class="error">'.$langs->trans("ErrorFieldRequired",$langs->trans("MailTo")).'</div>';
+			$error++;
+		}
+
+		if (! $error)
+		{
+			// Le message est-il en html
+			$msgishtml=-1;	// Inconnu par defaut
+			if (preg_match('/[\s\t]*<html>/i',$object->body)) $msgishtml=1;
+
+			// Pratique les substitutions sur le sujet et message
+			$tmpsujet=make_substitutions($object->sujet,$object->substitutionarrayfortest);
+			$tmpbody=make_substitutions($object->body,$object->substitutionarrayfortest);
+
+			$arr_file = array();
+			$arr_mime = array();
+			$arr_name = array();
+			$arr_css  = array();
+
+	        // Ajout CSS
+	        if (!empty($object->bgcolor)) $arr_css['bgcolor'] = (preg_match('/^#/',$object->bgcolor)?'':'#').$object->bgcolor;
+	        if (!empty($object->bgimage)) $arr_css['bgimage'] = $object->bgimage;
+
+	        // Attached files
+			$listofpaths=dol_dir_list($upload_dir,'all',0,'','','name',SORT_ASC,0);
+			if (count($listofpaths))
 			{
-				$arr_file[]=$listofpaths[$key]['fullname'];
-				$arr_mime[]=dol_mimetype($listofpaths[$key]['name']);
-				$arr_name[]=$listofpaths[$key]['name'];
+				foreach($listofpaths as $key => $val)
+				{
+					$arr_file[]=$listofpaths[$key]['fullname'];
+					$arr_mime[]=dol_mimetype($listofpaths[$key]['name']);
+					$arr_name[]=$listofpaths[$key]['name'];
+				}
 			}
+
+			$mailfile = new CMailFile($tmpsujet,$object->sendto,$object->email_from,$tmpbody, $arr_file,$arr_mime,$arr_name,'', '', 0, $msgishtml,$object->email_errorsto,$arr_css);
+
+			$result=$mailfile->sendfile();
+			if ($result)
+			{
+				$mesg='<div class="ok">'.$langs->trans("MailSuccessfulySent",$mailfile->getValidAddress($object->email_from,2),$mailfile->getValidAddress($object->sendto,2)).'</div>';
+			}
+			else
+			{
+				$mesg='<div class="error">'.$langs->trans("ResultKo").'<br>'.$mailfile->error.' '.$result.'</div>';
+			}
+
+			$action='';
 		}
-
-		$mailfile = new CMailFile($tmpsujet,$object->sendto,$object->email_from,$tmpbody, $arr_file,$arr_mime,$arr_name,'', '', 0, $msgishtml,$object->email_errorsto,$arr_css);
-
-		$result=$mailfile->sendfile();
-		if ($result)
-		{
-			$mesg='<div class="ok">'.$langs->trans("MailSuccessfulySent",$mailfile->getValidAddress($object->email_from,2),$mailfile->getValidAddress($object->sendto,2)).'</div>';
-		}
-		else
-		{
-			$mesg='<div class="error">'.$langs->trans("ResultKo").'<br>'.$mailfile->error.' '.$result.'</div>';
-		}
-
-		$action='';
-	}
-}
-
-// Action add emailing
-if ($action == 'add')
-{
-	$object->email_from     = trim($_POST["from"]);
-	$object->email_replyto  = trim($_POST["replyto"]);
-	$object->email_errorsto = trim($_POST["errorsto"]);
-	$object->titre          = trim($_POST["titre"]);
-	$object->sujet          = trim($_POST["sujet"]);
-	$object->body           = trim($_POST["body"]);
-	$object->bgcolor        = trim($_POST["bgcolor"]);
-	$object->bgimage        = trim($_POST["bgimage"]);
-
-	if (! $object->titre) $mesg.=($mesg?'<br>':'').$langs->trans("ErrorFieldRequired",$langs->transnoentities("MailTitle"));
-	if (! $object->sujet) $mesg.=($mesg?'<br>':'').$langs->trans("ErrorFieldRequired",$langs->transnoentities("MailTopic"));
-	if (! $object->body)  $mesg.=($mesg?'<br>':'').$langs->trans("ErrorFieldRequired",$langs->transnoentities("MailMessage"));
-
-	if (! $mesg)
-	{
-		if ($object->create($user) >= 0)
-		{
-			header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id);
-			exit;
-		}
-		$mesg=$object->error;
 	}

-	$mesg='<div class="error">'.$mesg.'</div>';
-	$action="create";
-}
-
-// Action update description of emailing
-if ($action == 'settitre' || $action == 'setemail_from' || $actino == 'setreplyto' || $action == 'setemail_errorsto')
-{
-	$upload_dir = $conf->mailing->dir_output . "/" . get_exdir($object->id,2,0,1);
-
-	if ($action == 'settitre')					$object->titre          = trim(GETPOST('titre','alpha'));
-	else if ($action == 'setemail_from')		$object->email_from     = trim(GETPOST('email_from','alpha'));
-	else if ($action == 'setemail_replyto')		$object->email_replyto  = trim(GETPOST('email_replyto','alpha'));
-	else if ($action == 'setemail_errorsto')	$object->email_errorsto = trim(GETPOST('email_errorsto','alpha'));
-
-	else if ($action == 'settitre' && empty($object->titre))		$mesg.=($mesg?'<br>':'').$langs->trans("ErrorFieldRequired",$langs->transnoentities("MailTitle"));
-	else if ($action == 'setfrom' && empty($object->email_from))	$mesg.=($mesg?'<br>':'').$langs->trans("ErrorFieldRequired",$langs->transnoentities("MailFrom"));
-
-	if (! $mesg)
-	{
-		if ($object->update($user) >= 0)
-		{
-			header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id);
-			exit;
-		}
-		$mesg=$object->error;
-	}
-
-	$mesg='<div class="error">'.$mesg.'</div>';
-	$action="";
-}
-
-/*
- * Add file in email form
- */
-if (! empty($_POST['addfile']))
-{
-	$upload_dir = $conf->mailing->dir_output . "/" . get_exdir($object->id,2,0,1);
-
-	require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
-
-    // Set tmp user directory
-    dol_add_file_process($upload_dir,0,0);
-
-	$action="edit";
-}
-
-// Action remove file
-if (! empty($_POST["removedfile"]))
-{
-	$upload_dir = $conf->mailing->dir_output . "/" . get_exdir($object->id,2,0,1);
-
-	require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
-
-    dol_remove_file_process($_POST['removedfile'],0);
-
-	$action="edit";
-}
-
-// Action update emailing
-if ($action == 'update' && empty($_POST["removedfile"]) && empty($_POST["cancel"]))
-{
-	require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
-
-	$isupload=0;
-
-	if (! $isupload)
+	// Action add emailing
+	if ($action == 'add')
 	{
+		$object->email_from     = trim($_POST["from"]);
+		$object->email_replyto  = trim($_POST["replyto"]);
+		$object->email_errorsto = trim($_POST["errorsto"]);
+		$object->titre          = trim($_POST["titre"]);
 		$object->sujet          = trim($_POST["sujet"]);
 		$object->body           = trim($_POST["body"]);
 		$object->bgcolor        = trim($_POST["bgcolor"]);
 		$object->bgimage        = trim($_POST["bgimage"]);

+		if (! $object->titre) $mesg.=($mesg?'<br>':'').$langs->trans("ErrorFieldRequired",$langs->transnoentities("MailTitle"));
 		if (! $object->sujet) $mesg.=($mesg?'<br>':'').$langs->trans("ErrorFieldRequired",$langs->transnoentities("MailTopic"));
 		if (! $object->body)  $mesg.=($mesg?'<br>':'').$langs->trans("ErrorFieldRequired",$langs->transnoentities("MailMessage"));

+		if (! $mesg)
+		{
+			if ($object->create($user) >= 0)
+			{
+				header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id);
+				exit;
+			}
+			$mesg=$object->error;
+		}
+
+		$mesg='<div class="error">'.$mesg.'</div>';
+		$action="create";
+	}
+
+	// Action update description of emailing
+	if ($action == 'settitre' || $action == 'setemail_from' || $actino == 'setreplyto' || $action == 'setemail_errorsto')
+	{
+		$upload_dir = $conf->mailing->dir_output . "/" . get_exdir($object->id,2,0,1);
+
+		if ($action == 'settitre')					$object->titre          = trim(GETPOST('titre','alpha'));
+		else if ($action == 'setemail_from')		$object->email_from     = trim(GETPOST('email_from','alpha'));
+		else if ($action == 'setemail_replyto')		$object->email_replyto  = trim(GETPOST('email_replyto','alpha'));
+		else if ($action == 'setemail_errorsto')	$object->email_errorsto = trim(GETPOST('email_errorsto','alpha'));
+
+		else if ($action == 'settitre' && empty($object->titre))		$mesg.=($mesg?'<br>':'').$langs->trans("ErrorFieldRequired",$langs->transnoentities("MailTitle"));
+		else if ($action == 'setfrom' && empty($object->email_from))	$mesg.=($mesg?'<br>':'').$langs->trans("ErrorFieldRequired",$langs->transnoentities("MailFrom"));
+
 		if (! $mesg)
 		{
 			if ($object->update($user) >= 0)
@@ -553,78 +497,136 @@ if ($action == 'update' && empty($_POST["removedfile"]) && empty($_POST["cancel"
 		}

 		$mesg='<div class="error">'.$mesg.'</div>';
+		$action="";
+	}
+
+	/*
+	 * Add file in email form
+	 */
+	if (! empty($_POST['addfile']))
+	{
+		$upload_dir = $conf->mailing->dir_output . "/" . get_exdir($object->id,2,0,1);
+
+		require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
+
+	    // Set tmp user directory
+	    dol_add_file_process($upload_dir,0,0);
+
 		$action="edit";
 	}
-	else
+
+	// Action remove file
+	if (! empty($_POST["removedfile"]))
 	{
+		$upload_dir = $conf->mailing->dir_output . "/" . get_exdir($object->id,2,0,1);
+
+		require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
+
+	    dol_remove_file_process($_POST['removedfile'],0);
+
 		$action="edit";
 	}
-}

-// Action confirmation validation
-if ($action == 'confirm_valid' && $confirm == 'yes')
-{
-	if ($object->id > 0)
+	// Action update emailing
+	if ($action == 'update' && empty($_POST["removedfile"]) && empty($_POST["cancel"]))
 	{
-		$object->valid($user);
-		setEventMessage($langs->trans("MailingSuccessfullyValidated"));
-		header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id);
-		exit;
-	}
-	else
-	{
-		dol_print_error($db);
-	}
-}
+		require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';

-// Resend
-if ($action == 'confirm_reset' && $confirm == 'yes')
-{
-	if ($object->id > 0)
-	{
-		$db->begin();
+		$isupload=0;

-		$result=$object->valid($user);
-		if ($result > 0)
+		if (! $isupload)
 		{
-			$result=$object->reset_targets_status($user);
+			$object->sujet          = trim($_POST["sujet"]);
+			$object->body           = trim($_POST["body"]);
+			$object->bgcolor        = trim($_POST["bgcolor"]);
+			$object->bgimage        = trim($_POST["bgimage"]);
+
+			if (! $object->sujet) $mesg.=($mesg?'<br>':'').$langs->trans("ErrorFieldRequired",$langs->transnoentities("MailTopic"));
+			if (! $object->body)  $mesg.=($mesg?'<br>':'').$langs->trans("ErrorFieldRequired",$langs->transnoentities("MailMessage"));
+
+			if (! $mesg)
+			{
+				if ($object->update($user) >= 0)
+				{
+					header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id);
+					exit;
+				}
+				$mesg=$object->error;
+			}
+
+			$mesg='<div class="error">'.$mesg.'</div>';
+			$action="edit";
 		}
-
-		if ($result > 0)
+		else
 		{
-			$db->commit();
+			$action="edit";
+		}
+	}
+
+	// Action confirmation validation
+	if ($action == 'confirm_valid' && $confirm == 'yes')
+	{
+		if ($object->id > 0)
+		{
+			$object->valid($user);
+			setEventMessage($langs->trans("MailingSuccessfullyValidated"));
 			header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id);
 			exit;
 		}
 		else
 		{
-			$mesg=$object->error;
-			$db->rollback();
+			dol_print_error($db);
 		}
 	}
-	else
+
+	// Resend
+	if ($action == 'confirm_reset' && $confirm == 'yes')
 	{
-		dol_print_error($db);
+		if ($object->id > 0)
+		{
+			$db->begin();
+
+			$result=$object->valid($user);
+			if ($result > 0)
+			{
+				$result=$object->reset_targets_status($user);
+			}
+
+			if ($result > 0)
+			{
+				$db->commit();
+				header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id);
+				exit;
+			}
+			else
+			{
+				$mesg=$object->error;
+				$db->rollback();
+			}
+		}
+		else
+		{
+			dol_print_error($db);
+		}
+	}
+
+	// Action confirmation suppression
+	if ($action == 'confirm_delete' && $confirm == 'yes')
+	{
+		if ($object->delete($object->id))
+		{
+			$url= (! empty($urlfrom) ? $urlfrom : 'liste.php');
+			header("Location: ".$url);
+			exit;
+		}
+	}
+
+	if (! empty($_POST["cancel"]))
+	{
+		$action = '';
 	}
 }

-// Action confirmation suppression
-if ($action == 'confirm_delete' && $confirm == 'yes')
-{
-	if ($object->delete($object->id))
-	{
-		$url= (! empty($urlfrom) ? $urlfrom : 'liste.php');
-		header("Location: ".$url);
-		exit;
-	}
-}
-
-if (! empty($_POST["cancel"]))
-{
-	$action = '';
-}
-
-

 /*
 * View
--- a/htdocs/comm/propal.php
+++ b/htdocs/comm/propal.php
--- a/htdocs/comm/propal/class/propal.class.php
+++ b/htdocs/comm/propal/class/propal.class.php
@@ -535,13 +535,14 @@ class Propal extends CommonObject
                $price = $pu - $remise;
            }

-            // Update line
-            $this->line=new PropaleLigne($this->db);
+            //Fetch current line from the database and then clone the object and set it in $oldline property
+            $line = new PropaleLigne($this->db);
+            $line->fetch($rowid);

-            // Stock previous line records
-            $staticline=new PropaleLigne($this->db);
-            $staticline->fetch($rowid);
-            $this->line->oldline = $staticline;
+            $staticline = clone $line;
+
+            $line->oldline = $staticline;
+            $this->line = $line;

            // Reorder if fk_parent_line change
            if (! empty($fk_parent_line) && ! empty($staticline->fk_parent_line) && $fk_parent_line != $staticline->fk_parent_line)
@@ -955,35 +956,35 @@ class Propal extends CommonObject
 		foreach($this->lines as $line)
 			$line->fetch_optionals($line->rowid);

-        // Load source object
-        $objFrom = dol_clone($this);
+        // Load dest object
+        $clonedObj = clone $this;

        $objsoc=new Societe($this->db);

        // Change socid if needed
-        if (! empty($socid) && $socid != $this->socid)
+        if (! empty($socid) && $socid != $clonedObj->socid)
        {
            if ($objsoc->fetch($socid) > 0)
            {
-                $this->socid 				= $objsoc->id;
-                $this->cond_reglement_id	= (! empty($objsoc->cond_reglement_id) ? $objsoc->cond_reglement_id : 0);
-                $this->mode_reglement_id	= (! empty($objsoc->mode_reglement_id) ? $objsoc->mode_reglement_id : 0);
-                $this->fk_project			= '';
-                $this->fk_delivery_address	= '';
+                $clonedObj->socid 				= $objsoc->id;
+                $clonedObj->cond_reglement_id	= (! empty($objsoc->cond_reglement_id) ? $objsoc->cond_reglement_id : 0);
+                $clonedObj->mode_reglement_id	= (! empty($objsoc->mode_reglement_id) ? $objsoc->mode_reglement_id : 0);
+                $clonedObj->fk_project			= '';
+                $clonedObj->fk_delivery_address	= '';
            }

            // reset ref_client
-             $this->ref_client  = '';
+            $clonedObj->ref_client  = '';

            // TODO Change product price if multi-prices
        }
        else
        {
-            $objsoc->fetch($this->socid);
+            $objsoc->fetch($clonedObj->socid);
        }

-        $this->id=0;
-        $this->statut=0;
+        $clonedObj->id=0;
+        $clonedObj->statut=0;

        if (empty($conf->global->PROPALE_ADDON) || ! is_readable(DOL_DOCUMENT_ROOT ."/core/modules/propale/".$conf->global->PROPALE_ADDON.".php"))
        {
@@ -992,32 +993,32 @@ class Propal extends CommonObject
        }

        // Clear fields
-        $this->user_author	= $user->id;
-        $this->user_valid	= '';
-        $this->date			= $now;
-        $this->datep		= $now;    // deprecated
-        $this->fin_validite	= $this->date + ($this->duree_validite * 24 * 3600);
-        if (empty($conf->global->MAIN_KEEP_REF_CUSTOMER_ON_CLONING)) $this->ref_client	= '';
+        $clonedObj->user_author	= $user->id;
+        $clonedObj->user_valid	= '';
+        $clonedObj->date			= $now;
+        $clonedObj->datep		= $now;    // deprecated
+        $clonedObj->fin_validite	= $clonedObj->date + ($clonedObj->duree_validite * 24 * 3600);
+        if (empty($conf->global->MAIN_KEEP_REF_CUSTOMER_ON_CLONING)) $clonedObj->ref_client	= '';

        // Set ref
        require_once DOL_DOCUMENT_ROOT ."/core/modules/propale/".$conf->global->PROPALE_ADDON.'.php';
        $obj = $conf->global->PROPALE_ADDON;
        $modPropale = new $obj;
-        $this->ref = $modPropale->getNextValue($objsoc,$this);
+        $clonedObj->ref = $modPropale->getNextValue($objsoc,$clonedObj);

        // Create clone
-        $result=$this->create($user);
+        $result=$clonedObj->create($user);
        if ($result < 0) $error++;
        else
        {
 			// copy internal contacts
-    		if ($this->copy_linked_contact($objFrom, 'internal') < 0)
+    		if ($clonedObj->copy_linked_contact($this, 'internal') < 0)
            	$error++;

            // copy external contacts if same company
-            elseif ($objFrom->socid == $this->socid)
+            elseif ($this->socid == $clonedObj->socid)
            {
-		        if ($this->copy_linked_contact($objFrom, 'external') < 0)
+		        if ($clonedObj->copy_linked_contact($this, 'external') < 0)
 					$error++;
            }
        }
@@ -1027,16 +1028,16 @@ class Propal extends CommonObject
            // Hook of thirdparty module
            if (is_object($hookmanager))
            {
-                $parameters=array('objFrom'=>$objFrom);
+                $parameters=array('objFrom'=>$this);
                $action='';
-                $reshook=$hookmanager->executeHooks('createFrom',$parameters,$this,$action);    // Note that $action and $object may have been modified by some hooks
+                $reshook=$hookmanager->executeHooks('createFrom',$parameters,$clonedObj,$action);    // Note that $action and $object may have been modified by some hooks
                if ($reshook < 0) $error++;
            }

            // Appel des triggers
            include_once DOL_DOCUMENT_ROOT . '/core/class/interfaces.class.php';
            $interface=new Interfaces($this->db);
-            $result=$interface->run_triggers('PROPAL_CLONE',$this,$user,$langs,$conf);
+            $result=$interface->run_triggers('PROPAL_CLONE',$clonedObj,$user,$langs,$conf);
            if ($result < 0) {
                $error++; $this->errors=$interface->errors;
            }
@@ -1047,7 +1048,7 @@ class Propal extends CommonObject
        if (! $error)
        {
            $this->db->commit();
-            return $this->id;
+            return $clonedObj->id;
        }
        else
        {
@@ -2564,11 +2565,14 @@ class Propal extends CommonObject
            $classname = $conf->global->PROPALE_ADDON;

            // Include file with class
-            foreach ($conf->file->dol_document_root as $dirroot)
-            {
-            	$dir = $dirroot."/core/modules/propale/";
-            	// Load file with numbering class (if found)
-            	$mybool|=@include_once $dir.$file;
+            $dirmodels = array_merge(array('/'), (array) $conf->modules_parts['models']);
+
+            foreach ($dirmodels as $reldir) {
+
+                $dir = dol_buildpath($reldir."core/modules/propale/");
+
+                // Load file with numbering class (if found)
+                $mybool|=@include_once $dir.$file;
            }

            if (! $mybool)
@@ -2859,10 +2863,12 @@ class PropaleLigne  extends CommonObject
            $this->date_end         = $this->db->jdate($objp->date_end);

 			$this->db->free($result);
+
+            return 1;
 		}
 		else
 		{
-			dol_print_error($this->db);
+			return -1;
 		}
 	}

@@ -2890,11 +2896,12 @@ class PropaleLigne  extends CommonObject
        if (empty($this->total_localtax2)) $this->total_localtax2=0;
        if (empty($this->rang)) $this->rang=0;
        if (empty($this->remise)) $this->remise=0;
-        if (empty($this->remise_percent)) $this->remise_percent=0;
+        if (empty($this->remise_percent) || ! is_numeric($this->remise_percent)) $this->remise_percent=0;
        if (empty($this->info_bits)) $this->info_bits=0;
        if (empty($this->special_code)) $this->special_code=0;
        if (empty($this->fk_parent_line)) $this->fk_parent_line=0;
        if (empty($this->fk_fournprice)) $this->fk_fournprice=0;
+		if (! is_numeric($this->qty)) $this->qty = 0;

        if (empty($this->pa_ht)) $this->pa_ht=0;

--- a/htdocs/comm/propal/class/propalestats.class.php
+++ b/htdocs/comm/propal/class/propalestats.class.php
@@ -48,7 +48,7 @@ class PropaleStats extends Stats
 	 * Constructor
 	 *
 	 * @param 	DoliDB	$db		   Database handler
-	 * @param 	int		$socid	   Id third party for filter
+	 * @param 	int		$socid	   Id third party for filter. This value must be forced during the new to external user company if user is an external user.
     * @param   int		$userid    Id user for filter (creation user)
 	 */
 	function __construct($db, $socid=0, $userid=0)
--- a/htdocs/comm/propal/list.php
+++ b/htdocs/comm/propal/list.php
@@ -141,7 +141,9 @@ if (! $sortorder) $sortorder='DESC';
 $limit = $conf->liste_limit;


-$sql = 'SELECT s.rowid, s.nom, s.town, s.client, s.code_client,';
+if (! $sall) $sql = 'SELECT';
+else $sql = 'SELECT DISTINCT';
+$sql.= ' s.rowid, s.nom, s.town, s.client, s.code_client,';
 $sql.= ' p.rowid as propalid, p.note_private, p.total_ht, p.ref, p.ref_client, p.fk_statut, p.fk_user_author, p.datep as dp, p.fin_validite as dfv,';
 if (! $user->rights->societe->client->voir && ! $socid) $sql .= " sc.fk_soc, sc.fk_user,";
 $sql.= ' u.login';
@@ -388,7 +390,7 @@ if ($result)

 		// Date proposal
 		print '<td align="center">';
-		print dol_print_date($db->jdate($obj->dp), 'day');
+		print dol_print_date($db->jdate($objp->dp), 'day');
 		print "</td>\n";

 		// Date end validity
--- a/htdocs/comm/prospect/list.php
+++ b/htdocs/comm/prospect/list.php
@@ -162,11 +162,13 @@ $hookmanager->initHooks(array('prospectlist'));
 $parameters=array();
 $reshook=$hookmanager->executeHooks('doActions',$parameters);    // Note that $action and $object may have been modified by some hooks

-if ($action == 'cstc')
-{
-	$sql = "UPDATE ".MAIN_DB_PREFIX."societe SET fk_stcomm = ".$_GET["pstcomm"];
-	$sql .= " WHERE rowid = ".$_GET["socid"];
-	$result=$db->query($sql);
+if (empty($reshook)) {
+	if ($action == 'cstc')
+	{
+		$sql = "UPDATE ".MAIN_DB_PREFIX."societe SET fk_stcomm = ".$_GET["pstcomm"];
+		$sql .= " WHERE rowid = ".$_GET["socid"];
+		$result=$db->query($sql);
+	}
 }


--- a/htdocs/commande/class/commande.class.php
+++ b/htdocs/commande/class/commande.class.php
@@ -3,7 +3,7 @@
 * Copyright (C) 2004-2012 Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) 2005-2014 Regis Houssin        <regis.houssin@capnetworks.com>
 * Copyright (C) 2006      Andre Cianfarani     <acianfa@free.fr>
- * Copyright (C) 2010-2013 Juanjo Menent        <jmenent@2byte.es>
+ * Copyright (C) 2010-2015 Juanjo Menent        <jmenent@2byte.es>
 * Copyright (C) 2011      Jean Heimburger      <jean@tiaris.info>
 * Copyright (C) 2012-2014 Christophe Battarel  <christophe.battarel@altairis.fr>
 * Copyright (C) 2013      Florian Henry		<florian.henry@open-concept.pro>
@@ -100,6 +100,11 @@ class Commande extends CommonOrder
    // Pour board
    var $nbtodo;
    var $nbtodolate;
+    
+     /**
+     * ERR Not engouch stock
+     */
+    const STOCK_NOT_ENOUGH_FOR_ORDER = -3;


    /**
@@ -137,17 +142,20 @@ class Commande extends CommonOrder
            $classname = $conf->global->COMMANDE_ADDON;

            // Include file with class
-            foreach ($conf->file->dol_document_root as $dirroot)
-            {
-            	$dir = $dirroot."/core/modules/commande/";
-            	// Load file with numbering class (if found)
-            	$mybool|=@include_once $dir.$file;
+            $dirmodels = array_merge(array('/'), (array) $conf->modules_parts['models']);
+
+            foreach ($dirmodels as $reldir) {
+
+                $dir = dol_buildpath($reldir."core/modules/commande/");
+
+                // Load file with numbering class (if found)
+                $mybool|=@include_once $dir.$file;
            }

            if (! $mybool)
            {
-            	dol_print_error('',"Failed to include file ".$file);
-            	return '';
+                dol_print_error('',"Failed to include file ".$file);
+                return '';
            }

            $obj = new $classname();
@@ -368,7 +376,7 @@ class Commande extends CommonOrder
                    {
                        $mouvP = new MouvementStock($this->db);
                        // We increment stock of product (and sub-products)
-                        $result=$mouvP->reception($user, $this->lines[$i]->fk_product, $idwarehouse, $this->lines[$i]->qty, $this->lines[$i]->subprice, $langs->trans("OrderBackToDraftInDolibarr",$this->ref));
+                        $result=$mouvP->reception($user, $this->lines[$i]->fk_product, $idwarehouse, $this->lines[$i]->qty, 0, $langs->trans("OrderBackToDraftInDolibarr",$this->ref));
                        if ($result < 0) { $error++; }
                    }
                }
@@ -556,7 +564,7 @@ class Commande extends CommonOrder
 					{
 						$mouvP = new MouvementStock($this->db);
 						// We increment stock of product (and sub-products)
-						$result=$mouvP->reception($user, $this->lines[$i]->fk_product, $idwarehouse, $this->lines[$i]->qty, $this->lines[$i]->subprice, $langs->trans("OrderCanceledInDolibarr",$this->ref));
+						$result=$mouvP->reception($user, $this->lines[$i]->fk_product, $idwarehouse, $this->lines[$i]->qty, 0, $langs->trans("OrderCanceledInDolibarr",$this->ref));
 						if ($result < 0) {
 							$error++;
 						}
@@ -658,18 +666,19 @@ class Commande extends CommonOrder
        $this->db->begin();

        $sql = "INSERT INTO ".MAIN_DB_PREFIX."commande (";
-        $sql.= " ref, fk_soc, date_creation, fk_user_author, fk_projet, date_commande, source, note_private, note_public, ref_client, ref_int";
+        $sql.= " ref, fk_soc, date_creation, fk_user_author, fk_projet, date_commande, source, note_private, note_public, ref_ext, ref_client, ref_int";
        $sql.= ", model_pdf, fk_cond_reglement, fk_mode_reglement, fk_availability, fk_input_reason, date_livraison, fk_delivery_address";
        $sql.= ", remise_absolue, remise_percent";
        $sql.= ", entity";
        $sql.= ")";
        $sql.= " VALUES ('(PROV)',".$this->socid.", '".$this->db->idate($now)."', ".$user->id;
-        $sql.= ", ".($this->fk_project?$this->fk_project:"null");
+        $sql.= ", ".($this->fk_project>0?$this->fk_project:"null");
        $sql.= ", '".$this->db->idate($date)."'";
        $sql.= ", ".($this->source>=0 && $this->source != '' ?$this->source:'null');
        $sql.= ", '".$this->db->escape($this->note_private)."'";
        $sql.= ", '".$this->db->escape($this->note_public)."'";
-        $sql.= ", '".$this->db->escape($this->ref_client)."'";
+        $sql.= ", ".($this->ref_ext?"'".$this->db->escape($this->ref_ext)."'":"null");
+        $sql.= ", ".($this->ref_client?"'".$this->db->escape($this->ref_client)."'":"null");
        $sql.= ", ".($this->ref_int?"'".$this->db->escape($this->ref_int)."'":"null");
        $sql.= ", '".$this->modelpdf."'";
        $sql.= ", ".($this->cond_reglement_id>0?"'".$this->cond_reglement_id."'":"null");
@@ -730,8 +739,11 @@ class Commande extends CommonOrder
                    );
                    if ($result < 0)
                    {
-                        $this->error=$this->db->lasterror();
-                        dol_print_error($this->db);
+                    	if ($result != self::STOCK_NOT_ENOUGH_FOR_ORDER)
+                    	{
+                        	$this->error=$this->db->lasterror();
+                        	dol_print_error($this->db);
+                    	}
                        $this->db->rollback();
                        return -1;
                    }
@@ -894,6 +906,7 @@ class Commande extends CommonOrder
        // Clear fields
        $this->user_author_id     = $user->id;
        $this->user_valid         = '';
+		$this->date				  = dol_now();
        $this->date_creation      = '';
        $this->date_validation    = '';
        $this->ref_client         = '';
@@ -904,7 +917,7 @@ class Commande extends CommonOrder
        $modCommande = new $obj;
        $this->ref = $modCommande->getNextValue($objsoc,$this);

-        
+
        // Create clone
        $result=$this->create($user);
        if ($result < 0) $error++;
@@ -1165,10 +1178,12 @@ class Commande extends CommonOrder
 				$result=$product->fetch($fk_product);
 				$product_type=$product->type;

-				if($conf->global->STOCK_MUST_BE_ENOUGH_FOR_ORDER && $product_type == 0 && $product->stock_reel < $qty) {
+				if($conf->global->STOCK_MUST_BE_ENOUGH_FOR_ORDER && $product_type == 0 && $product->stock_reel < $qty)
+				{
 					$this->error=$langs->trans('ErrorStockIsNotEnough');
+					dol_syslog(get_class($this)."::addline error=Product ".$product->ref.": ".$this->error, LOG_ERR);
 					$this->db->rollback();
-					return -3;
+					return self::STOCK_NOT_ENOUGH_FOR_ORDER;
 				}
 			}

@@ -2389,13 +2404,14 @@ class Commande extends CommonOrder
                $price = ($pu - $remise);
            }

-            // Update line
-            $this->line=new OrderLine($this->db);
+            //Fetch current line from the database and then clone the object and set it in $oldline property
+            $line = new OrderLine($this->db);
+            $line->fetch($rowid);

-            // Stock previous line records
-            $staticline=new OrderLine($this->db);
-            $staticline->fetch($rowid);
-            $this->line->oldline = $staticline;
+            $staticline = clone $line;
+
+            $line->oldline = $staticline;
+            $this->line = $line;

            // Reorder if fk_parent_line change
            if (! empty($fk_parent_line) && ! empty($staticline->fk_parent_line) && $fk_parent_line != $staticline->fk_parent_line)
@@ -3204,10 +3220,12 @@ class OrderLine extends CommonOrderLine
            $this->date_end         = $this->db->jdate($objp->date_end);

            $this->db->free($result);
+
+            return 1;
        }
        else
        {
-            dol_print_error($this->db);
+            return -1;
        }
    }

--- a/htdocs/commande/class/commandestats.class.php
+++ b/htdocs/commande/class/commandestats.class.php
@@ -48,7 +48,7 @@ class CommandeStats extends Stats
 	 * Constructor
 	 *
 	 * @param 	DoliDB	$db		   Database handler
-	 * @param 	int		$socid	   Id third party for filter
+	 * @param 	int		$socid	   Id third party for filter. This value must be forced during the new to external user company if user is an external user.
 	 * @param 	string	$mode	   Option ('customer', 'supplier')
 	 * @param   int		$userid    Id user for filter (creation user)
 	 */
--- a/htdocs/commande/fiche.php
+++ b/htdocs/commande/fiche.php
--- a/htdocs/commande/liste.php
+++ b/htdocs/commande/liste.php
@@ -6,6 +6,7 @@
 * Copyright (C) 2012      Juanjo Menent          <jmenent@2byte.es>
 * Copyright (C) 2013      Christophe Battarel    <christophe.battarel@altairis.fr>
 * Copyright (C) 2013      Cédric Salvador        <csalvador@gpcsolutions.fr>
+ * Copyright (C) 2015      Marcos García          <marcosgdf@gmail.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -112,7 +113,7 @@ $help_url="EN:Module_Customers_Orders|FR:Module_Commandes_Clients|ES:Módulo_Ped
 llxHeader('',$langs->trans("Orders"),$help_url);

 $sql = 'SELECT s.nom, s.rowid as socid, s.client, c.rowid, c.ref, c.total_ht, c.ref_client,';
-$sql.= ' c.date_valid, c.date_commande, c.note_private, c.date_livraison, c.fk_statut, c.facture as facturee';
+$sql.= ' c.date_valid, c.date_commande, c.note_private, c.date_livraison as date_delivery, c.fk_statut, c.facture as facturee';
 $sql.= ' FROM '.MAIN_DB_PREFIX.'societe as s';
 $sql.= ', '.MAIN_DB_PREFIX.'commande as c';
 // We'll need this table joined to the select in order to filter by sale
@@ -306,11 +307,11 @@ if ($resql)
 	print '<td class="liste_titre" align="left">';
 	print '<input class="flat" type="text" name="snom" value="'.$snom.'">';
 	print '</td>';
-	print '<td class="liste_titre">';
+	print '<td class="liste_titre" align="right">';
    if (! empty($conf->global->MAIN_LIST_FILTER_ON_DAY)) print '<input class="flat" type="text" size="1" maxlength="2" name="orderday" value="'.$orderday.'">';
    print '<input class="flat" type="text" size="1" maxlength="2" name="ordermonth" value="'.$ordermonth.'">';
    $formother->select_year($orderyear?$orderyear:-1,'orderyear',1, 20, 5);
-	print '</td><td class="liste_titre">';
+	print '</td><td class="liste_titre" align="right">';
    if (! empty($conf->global->MAIN_LIST_FILTER_ON_DAY)) print '<input class="flat" type="text" size="1" maxlength="2" name="deliveryday" value="'.$deliveryday.'">';
    print '<input class="flat" type="text" size="1" maxlength="2" name="deliverymonth" value="'.$deliverymonth.'">';
    $formother->select_year($deliveryyear?$deliveryyear:-1,'deliveryyear',1, 20, 5);
@@ -340,7 +341,7 @@ if ($resql)
 		print '</td>';

 		print '<td style="min-width: 20px" class="nobordernopadding nowrap">';
-		if (($objp->fk_statut > 0) && ($objp->fk_statut < 3) && max($db->jdate($objp->date_commande),$db->jdate($objp->date_livraison)) < ($now - $conf->commande->client->warning_delay))
+		if (($objp->fk_statut > 0) && ($objp->fk_statut < 3) && max($db->jdate($objp->date_commande),$db->jdate($objp->date_delivery)) < ($now - $conf->commande->client->warning_delay))
 			print img_picto($langs->trans("Late"),"warning");
 		if(!empty($objp->note_private))
 		{
--- a/htdocs/compta/bank/class/account.class.php
+++ b/htdocs/compta/bank/class/account.class.php
@@ -1133,7 +1133,6 @@ class AccountLine extends CommonObject
        }
        else
        {
-            dol_print_error($this->db);
            return -1;
        }
    }
@@ -1152,7 +1151,7 @@ class AccountLine extends CommonObject
        if ($this->rappro)
        {
            // Protection to avoid any delete of consolidated lines
-            $this->error="DeleteNotPossibleLineIsConsolidated";
+            $this->error="ErrorDeleteNotPossibleLineIsConsolidated";
            return -1;
        }

--- a/htdocs/compta/bank/fiche.php
+++ b/htdocs/compta/bank/fiche.php
@@ -419,7 +419,7 @@ else

 		// State
 		print '<tr><td>'.$langs->trans('State').'</td><td>';
-		if ($account->fk_departement > 0) print getState($account->fk_departement);
+		if ($account->state_id > 0) print getState($account->state_id);
 		print '</td></tr>';

 		// Conciliate
--- a/htdocs/compta/bank/index.php
+++ b/htdocs/compta/bank/index.php
@@ -130,7 +130,7 @@ if (! $found) print '<tr '.$bc[$var].'><td colspan="6">'.$langs->trans("None").'
 // Total
 foreach ($total as $key=>$solde)
 {
-	print '<tr class="liste_total"><td colspan="5" class="liste_total">'.$langs->trans("Total ").$key.'</td><td align="right" class="liste_total">'.price($solde, 0, $langs, 0, 0, -1, $key).'</td></tr>';
+	print '<tr class="liste_total"><td colspan="5" class="liste_total">'.$langs->trans("Total").' '.$key.'</td><td align="right" class="liste_total">'.price($solde, 0, $langs, 0, 0, -1, $key).'</td></tr>';
 }

 print '</table>';
@@ -179,7 +179,7 @@ if (! $found) print '<tr '.$bc[$var].'><td colspan="6">'.$langs->trans("None").'
 // Total
 foreach ($total as $key=>$solde)
 {
-	print '<tr class="liste_total"><td colspan="5" class="liste_total">'.$langs->trans("Total ").$key.'</td><td align="right" class="liste_total">'.price($solde, 0, $langs, 0, 0, -1, $key).'</td></tr>';
+	print '<tr class="liste_total"><td colspan="5" class="liste_total">'.$langs->trans("Total").' '.$key.'</td><td align="right" class="liste_total">'.price($solde, 0, $langs, 0, 0, -1, $key).'</td></tr>';
 }

 print '</table>';
@@ -238,7 +238,7 @@ if (! $found) print '<tr '.$bc[$var].'><td colspan="6">'.$langs->trans("None").'
 // Total
 foreach ($total as $key=>$solde)
 {
-	print '<tr class="liste_total"><td colspan="5" class="liste_total">'.$langs->trans("Total ").$key.'</td><td align="right" class="liste_total">'.price($solde, 0, $langs, 0, 0, -1, $key).'</td></tr>';
+	print '<tr class="liste_total"><td colspan="5" class="liste_total">'.$langs->trans("Total").' '.$key.'</td><td align="right" class="liste_total">'.price($solde, 0, $langs, 0, 0, -1, $key).'</td></tr>';
 }

 print "</table>";
--- a/htdocs/compta/bank/ligne.php
+++ b/htdocs/compta/bank/ligne.php
@@ -360,7 +360,7 @@ if ($result)
                    print '</a>';
                }
                else if ($links[$key]['type']=='user') {
-                    print '<a href="'.DOL_URL_ROOT.'/user/fiche?id='.$links[$key]['url_id'].'">';
+                    print '<a href="'.DOL_URL_ROOT.'/user/fiche.php?id='.$links[$key]['url_id'].'">';
                    print img_object($langs->trans('ShowUser'),'user').' ';
                    print $langs->trans("User");
                    print '</a>';
--- a/htdocs/compta/bank/treso.php
+++ b/htdocs/compta/bank/treso.php
@@ -2,6 +2,7 @@
 /* Copytight (C) 2005-2009 Regis Houssin               <regis.houssin@capnetworks.com>
 * Copyright (C) 2008-2009 Laurent Destailleur (Eldy)  <eldy@users.sourceforge.net>
 * Copyright (C) 2008      Raphael Bertrand (Resultic) <raphael.bertrand@resultic.fr>
+ * Copyright (C) 2015	   Marcos García			   <marcosgdf@gmail.com
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -318,7 +319,7 @@ if ($_REQUEST["account"] || $_REQUEST["ref"])
    			print "</td>";
    			print "<td>".$ref."</td>";
    			print "<td>".$refcomp."</td>";
-    			if ($obj->total_ttc < 0) { print "<td align=\"right\">".price($total_ttc)."</td><td>&nbsp;</td>"; };
+    			if ($obj->total_ttc < 0) { print "<td align=\"right\">".price(abs($total_ttc))."</td><td>&nbsp;</td>"; };
    			if ($obj->total_ttc >= 0) { print "<td>&nbsp;</td><td align=\"right\">".price($total_ttc)."</td>"; };
    			print '<td align="right">'.price($solde).'</td>';
    			print "</tr>";
--- a/htdocs/compta/bank/virement.php
+++ b/htdocs/compta/bank/virement.php
@@ -1,8 +1,9 @@
 <?php
 /* Copyright (C) 2001-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
 * Copyright (C) 2004-2008 Laurent Destailleur  <eldy@users.sourceforge.net>
- * Copytight (C) 2005-2009 Regis Houssin        <regis.houssin@capnetworks.com>
+ * Copytight (C) 2005-2015 Regis Houssin        <regis.houssin@capnetworks.com>
 * Copytight (C) 2012	   Juanjo Menent        <jmenent@2byte.es>
+ * Copyright (C) 2015      Marcos García        <marcosgdf@gmail.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -48,7 +49,7 @@ if ($action == 'add')
 	$mesg='';
 	$dateo = dol_mktime(12,0,0,GETPOST('remonth','int'),GETPOST('reday','int'),GETPOST('reyear','int'));
 	$label = GETPOST('label','alpha');
-	$amount= GETPOST('amount','int');
+	$amount= GETPOST('amount');

 	if (! $label)
 	{
@@ -179,7 +180,7 @@ print $form->select_comptes($account_to,'account_to',0,'',1);
 print "</td>\n";

 print "<td>";
-$form->select_date($dateo,'','','','','add');
+$form->select_date((! empty($dateo)?$dateo:''),'','','','','add');
 print "</td>\n";
 print '<td><input name="label" class="flat" type="text" size="40" value="'.$label.'"></td>';
 print '<td><input name="amount" class="flat" type="text" size="8" value="'.$amount.'"></td>';
--- a/htdocs/compta/deplacement/fiche.php
+++ b/htdocs/compta/deplacement/fiche.php
@@ -4,6 +4,7 @@
 * Copyright (C) 2005-2012	Regis Houssin        <regis.houssin@capnetworks.com>
 * Copyright (C) 2012		Juanjo Menent        <jmenent@2byte.es>
 * Copyright (C) 2013       Florian Henry		  	<florian.henry@open-concept.pro>
+ * Copyright (C) 2015       Marcos García        <marcosgdf@gmail.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -98,8 +99,14 @@ else if ($action == 'add' && $user->rights->deplacement->creer)
    {
        $error=0;

+	    $km = GETPOST('km');
+
+	    if ($km) {
+		    $km = price2num($km);
+	    }
+
        $object->date			= dol_mktime(12, 0, 0, GETPOST('remonth','int'), GETPOST('reday','int'), GETPOST('reyear','int'));
-        $object->km				= GETPOST('km','int');
+        $object->km				= $km;
        $object->type			= GETPOST('type','alpha');
        $object->socid			= GETPOST('socid','int');
        $object->fk_user		= GETPOST('fk_user','int');
@@ -157,8 +164,14 @@ else if ($action == 'update' && $user->rights->deplacement->creer)
    {
        $result = $object->fetch($id);

+	    $km = GETPOST('km');
+
+	    if ($km) {
+		    $km = price2num($km);
+	    }
+
        $object->date			= dol_mktime(12, 0, 0, GETPOST('remonth','int'), GETPOST('reday','int'), GETPOST('reyear','int'));
-        $object->km				= GETPOST('km','int');
+        $object->km				= $km;
        $object->type			= GETPOST('type','alpha');
        $object->socid			= GETPOST('socid','int');
        $object->fk_user		= GETPOST('fk_user','int');
@@ -200,12 +213,6 @@ else if ($action == 'setdated' && $user->rights->deplacement->creer)
    $result=$object->setValueFrom('dated',$dated,'','','date');
    if ($result < 0) dol_print_error($db, $object->error);
 }
-else if ($action == 'setkm' && $user->rights->deplacement->creer)
-{
-    $object->fetch($id);
-    $result=$object->setValueFrom('km',GETPOST('km','int'));
-    if ($result < 0) dol_print_error($db, $object->error);
-}


 /*
@@ -348,7 +355,7 @@ else if ($id)

            // Km
            print '<tr><td class="fieldrequired">'.$langs->trans("FeesKilometersOrAmout").'</td><td>';
-            print '<input name="km" class="flat" size="10" value="'.$object->km.'">';
+            print '<input name="km" class="flat" size="10" value="'.price($object->km).'">';
            print '</td></tr>';

            // Where
@@ -416,10 +423,12 @@ else if ($id)
            print '</td></tr>';

            // Type
+	        $form->load_cache_types_fees();
+
            print '<tr><td>';
            print $form->editfieldkey("Type",'type',$langs->trans($object->type),$object,$conf->global->MAIN_EDIT_ALSO_INLINE && $user->rights->deplacement->creer,'select:types_fees');
            print '</td><td>';
-            print $form->editfieldval("Type",'type',$langs->trans($object->type),$object,$conf->global->MAIN_EDIT_ALSO_INLINE && $user->rights->deplacement->creer,'select:types_fees');
+            print $form->editfieldval("Type",'type', $form->cache_types_fees[$object->type],$object,$conf->global->MAIN_EDIT_ALSO_INLINE && $user->rights->deplacement->creer,'select:types_fees');
            print '</td></tr>';

            // Who
@@ -440,7 +449,7 @@ else if ($id)
            print '<tr><td valign="top">';
            print $form->editfieldkey("FeesKilometersOrAmout",'km',$object->km,$object,$conf->global->MAIN_EDIT_ALSO_INLINE && $user->rights->deplacement->creer,'numeric:6');
            print '</td><td>';
-            print $form->editfieldval("FeesKilometersOrAmout",'km',$object->km,$object,$conf->global->MAIN_EDIT_ALSO_INLINE && $user->rights->deplacement->creer,'numeric:6');
+            print $form->editfieldval("FeesKilometersOrAmout",'km',price($object->km),$object,$conf->global->MAIN_EDIT_ALSO_INLINE && $user->rights->deplacement->creer,'numeric:6');
            print "</td></tr>";

            // Where
--- a/htdocs/compta/facture.php
+++ b/htdocs/compta/facture.php
--- a/htdocs/compta/facture/class/facture.class.php
+++ b/htdocs/compta/facture/class/facture.class.php
@@ -1751,7 +1751,7 @@ class Facture extends CommonInvoice
 							$mouvP = new MouvementStock($this->db);
 							$mouvP->origin = &$this;
 							// We decrease stock for product
-							if ($this->type == self::TYPE_CREDIT_NOTE) $result=$mouvP->reception($user, $this->lines[$i]->fk_product, $idwarehouse, $this->lines[$i]->qty, $this->lines[$i]->subprice, $langs->trans("InvoiceValidatedInDolibarr",$num));
+							if ($this->type == self::TYPE_CREDIT_NOTE) $result=$mouvP->reception($user, $this->lines[$i]->fk_product, $idwarehouse, $this->lines[$i]->qty, 0, $langs->trans("InvoiceValidatedInDolibarr",$num));
 							else $result=$mouvP->livraison($user, $this->lines[$i]->fk_product, $idwarehouse, $this->lines[$i]->qty, $this->lines[$i]->subprice, $langs->trans("InvoiceValidatedInDolibarr",$num));
 							if ($result < 0) {
 								$error++;
@@ -2173,13 +2173,24 @@ class Facture extends CommonInvoice
 			$pu_tva = $tabprice[4];
 			$pu_ttc = $tabprice[5];

-			// Update line into database
-			$this->line=new FactureLigne($this->db);
+			// Old properties: $price, $remise (deprecated)
+			$price = $pu;
+			$remise = 0;
+			if ($remise_percent > 0)
+			{
+				$remise = round(($pu * $remise_percent / 100),2);
+				$price = ($pu - $remise);
+			}
+			$price    = price2num($price);

-			// Stock previous line records
-			$staticline=new FactureLigne($this->db);
-			$staticline->fetch($rowid);
-			$this->line->oldline = $staticline;
+			//Fetch current line from the database and then clone the object and set it in $oldline property
+			$line = new FactureLigne($this->db);
+			$line->fetch($rowid);
+
+			$staticline = clone $line;
+
+			$line->oldline = $staticline;
+			$this->line = $line;

 			// Reorder if fk_parent_line change
 			if (! empty($fk_parent_line) && ! empty($staticline->fk_parent_line) && $fk_parent_line != $staticline->fk_parent_line)
@@ -2504,52 +2515,65 @@ class Facture extends CommonInvoice
 		else if ($conf->global->FACTURE_ADDON=='terre') $conf->global->FACTURE_ADDON='mod_facture_terre';
 		else if ($conf->global->FACTURE_ADDON=='mercure') $conf->global->FACTURE_ADDON='mod_facture_mercure';

-		$mybool=false;
-
-		$file = $conf->global->FACTURE_ADDON.".php";
-		$classname = $conf->global->FACTURE_ADDON;
-		// Include file with class
-		foreach ($conf->file->dol_document_root as $dirroot)
+		if (! empty($conf->global->FACTURE_ADDON))
 		{
-			$dir = $dirroot."/core/modules/facture/";
-			// Load file with numbering class (if found)
-			$mybool|=@include_once $dir.$file;
-		}
+			$mybool=false;
+
+			$file = $conf->global->FACTURE_ADDON.".php";
+			$classname = $conf->global->FACTURE_ADDON;

-		// For compatibility
-		if (! $mybool)
-		{
-			$file = $conf->global->FACTURE_ADDON."/".$conf->global->FACTURE_ADDON.".modules.php";
-			$classname = "mod_facture_".$conf->global->FACTURE_ADDON;
-			$classname = preg_replace('/\-.*$/','',$classname);
 			// Include file with class
-			foreach ($conf->file->dol_document_root as $dirroot)
-			{
-				$dir = $dirroot."/core/modules/facture/";
+			$dirmodels = array_merge(array('/'), (array) $conf->modules_parts['models']);
+
+			foreach ($dirmodels as $reldir) {
+
+				$dir = dol_buildpath($reldir."core/modules/facture/");
+
 				// Load file with numbering class (if found)
 				$mybool|=@include_once $dir.$file;
 			}
-		}
-		//print "xx".$mybool.$dir.$file."-".$classname;

-		if (! $mybool)
-		{
-			dol_print_error('',"Failed to include file ".$file);
-			return '';
-		}
+			// For compatibility
+			if (! $mybool)
+			{
+				$file = $conf->global->FACTURE_ADDON."/".$conf->global->FACTURE_ADDON.".modules.php";
+				$classname = "mod_facture_".$conf->global->FACTURE_ADDON;
+				$classname = preg_replace('/\-.*$/','',$classname);
+				// Include file with class
+				foreach ($conf->file->dol_document_root as $dirroot)
+				{
+					$dir = $dirroot."/core/modules/facture/";
+					// Load file with numbering class (if found)
+					$mybool|=@include_once $dir.$file;
+				}
+			}

-		$obj = new $classname();
-		$numref = "";
-		$numref = $obj->getNumRef($soc,$this,$mode);
+			if (! $mybool)
+			{
+				dol_print_error('',"Failed to include file ".$file);
+				return '';
+			}
+
+			$obj = new $classname();
+			$numref = "";
+			$numref = $obj->getNextValue($soc,$this,$mode);
+
+			/**
+			 * $numref can be empty in case we ask for the last value because if there is no invoice created with the
+			 * set up mask.
+			 */
+			if ($mode != 'last' && !$numref) {
+				dol_print_error($db,"Facture::getNextNumRef ".$obj->error);
+				return "";
+			}

-		if ($numref != "")
-		{
 			return $numref;
 		}
 		else
 		{
-			//dol_print_error($db,get_class($this)."::getNextNumRef ".$obj->error);
-			return false;
+			$langs->load("errors");
+			print $langs->trans("Error")." ".$langs->trans("ErrorModuleSetupNotComplete");
+			return "";
 		}
 	}

@@ -3424,10 +3448,12 @@ class FactureLigne  extends CommonInvoiceLine
 			$this->product_desc			= $objp->product_desc;

 			$this->db->free($result);
+
+			return 1;
 		}
 		else
 		{
-			dol_print_error($this->db);
+			return -1;
 		}
 	}

@@ -3485,7 +3511,7 @@ class FactureLigne  extends CommonInvoiceLine
 				return -1;
 			}
 		}
-		
+
 		// POS or by external module, take lowest buying price
 		if (!empty($this->fk_product) && empty($this->fk_fournprice) && empty($this->pa_ht)) {
 		    include_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.product.class.php';
--- a/htdocs/compta/facture/class/facturestats.class.php
+++ b/htdocs/compta/facture/class/facturestats.class.php
@@ -45,7 +45,7 @@ class FactureStats extends Stats
     * 	Constructor
     *
 	 * 	@param	DoliDB		$db			Database handler
-	 * 	@param 	int			$socid		Id third party for filter
+	 * 	@param 	int			$socid		Id third party for filter. This value must be forced during the new to external user company if user is an external user.
 	 * 	@param 	string		$mode	   	Option ('customer', 'supplier')
     * 	@param	int			$userid    	Id user for filter (creation user)
 	 */
@@ -84,6 +84,8 @@ class FactureStats extends Stats
 			$this->where.=" AND f.fk_soc = ".$this->socid;
 		}
        if ($this->userid > 0) $this->where.=' AND f.fk_user_author = '.$this->userid;
+		if (! empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS)) $this->where.= " AND f.type IN (0,1,2)";
+		else $this->where.= " AND f.type IN (0,1,2,3)";
 	}


@@ -166,7 +168,7 @@ class FactureStats extends Stats

 		$sql = "SELECT date_format(datef,'%m') as dm, AVG(f.".$this->field.")";
 		$sql.= " FROM ".$this->from;
-		if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
+		if (!$user->rights->societe->client->voir && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
        $sql.= " WHERE f.datef BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'";
 		$sql.= " AND ".$this->where;
        $sql.= " GROUP BY dm";
@@ -186,7 +188,7 @@ class FactureStats extends Stats

 		$sql = "SELECT date_format(datef,'%Y') as year, COUNT(*) as nb, SUM(f.".$this->field.") as total, AVG(f.".$this->field.") as avg";
 		$sql.= " FROM ".$this->from;
-		if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
+		if (!$user->rights->societe->client->voir && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		$sql.= " WHERE ".$this->where;
 		$sql.= " GROUP BY year";
        $sql.= $this->db->order('year','DESC');
@@ -206,7 +208,7 @@ class FactureStats extends Stats

 		$sql = "SELECT product.ref, COUNT(product.ref) as nb, SUM(tl.".$this->field_line.") as total, AVG(tl.".$this->field_line.") as avg";
 		$sql.= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product";
-		//if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
+		if (!$user->rights->societe->client->voir && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		$sql.= " WHERE ".$this->where;
 		$sql.= " AND f.rowid = tl.fk_facture AND tl.fk_product = product.rowid";
    	$sql.= " AND f.datef BETWEEN '".$this->db->idate(dol_get_first_day($year,1,false))."' AND '".$this->db->idate(dol_get_last_day($year,12,false))."'";
--- a/htdocs/compta/facture/impayees.php
+++ b/htdocs/compta/facture/impayees.php
@@ -535,7 +535,7 @@ if ($resql)
 	print_liste_field_titre($langs->trans("Taxes"),$_SERVER["PHP_SELF"],"f.tva","",$param,'align="right"',$sortfield,$sortorder);
 	print_liste_field_titre($langs->trans("AmountTTC"),$_SERVER["PHP_SELF"],"f.total_ttc","",$param,'align="right"',$sortfield,$sortorder);
 	print_liste_field_titre($langs->trans("Received"),$_SERVER["PHP_SELF"],"am","",$param,'align="right"',$sortfield,$sortorder);
-	print_liste_field_titre($langs->trans("Rest"),$_SERVER["PHP_SELF"],"am","",$param,'align="right"',$sortfield,$sortorder);
+	print_liste_field_titre($langs->trans("Rest"),$_SERVER["PHP_SELF"],"","",$param,'align="right"',$sortfield,$sortorder);
 	print_liste_field_titre($langs->trans("Status"),$_SERVER["PHP_SELF"],"fk_statut,paye,am","",$param,'align="right"',$sortfield,$sortorder);
 	if (empty($mode))
 	{
@@ -649,13 +649,12 @@ if ($resql)
 			print '<td align="right">'.price($objp->total_ttc).'</td>';
 			print '<td align="right">';
 			$cn=$facturestatic->getSumCreditNotesUsed();
-			if (! empty($objp->am)) print price($objp->am);
-			if (! empty($objp->am) && ! empty($cn)) print '+';
-			if (! empty($cn)) print price($cn);
+			$dep=$facturestatic->getSumDepositsUsed();
+			print price($objp->am + $cn + $dep);
 			print '</td>';

 			// Remain to receive
-			print '<td align="right">'.((! empty($objp->am) || ! empty($cn))?price($objp->total_ttc-$objp->am-$cn):'&nbsp;').'</td>';
+			print '<td align="right">'.price($objp->total_ttc-$objp->am-$cn-$dep).'</td>';

 			// Status of invoice
 			print '<td align="right" class="nowrap">';
@@ -685,7 +684,7 @@ if ($resql)
 			$total_ht+=$objp->total_ht;
 			$total_tva+=($objp->total_tva + $tx1 + $tx2 + $revenuestamp);
 			$total_ttc+=$objp->total_ttc;
-			$total_paid+=$objp->am + $cn;
+			$total_paid+=$objp->am + $cn + $dep;

 			$i++;
 		}
--- a/htdocs/compta/facture/stats/index.php
+++ b/htdocs/compta/facture/stats/index.php
@@ -217,6 +217,13 @@ complete_head_from_modules($conf,$langs,null,$head,$h,$type);

 dol_fiche_head($head,'byyear',$langs->trans("Statistics"));

+$tmp_companies = $form->select_thirdparty_list($socid,'socid',$filter,1, 0, 0, array(), '', 1);
+//Array passed as an argument to Form::selectarray to build a proper select input
+$companies = array();
+
+foreach ($tmp_companies as $value) {
+	$companies[$value['value']] = $value['label'];
+}

 print '<div class="fichecenter"><div class="fichethirdleft">';

@@ -232,7 +239,7 @@ print '<div class="fichecenter"><div class="fichethirdleft">';
 	print '<tr><td>'.$langs->trans("ThirdParty").'</td><td>';
 	if ($mode == 'customer') $filter='s.client in (1,2,3)';
 	if ($mode == 'supplier') $filter='s.fournisseur = 1';
-	print $form->select_company($socid,'socid',$filter,1);
+	print $form->selectarray('socid', $companies, $socid, 1, 0, 0, 'style="width: 100%"');
 	print '</td></tr>';
 	// User
 	print '<tr><td>'.$langs->trans("CreatedBy").'</td><td>';
--- a/htdocs/compta/index.php
+++ b/htdocs/compta/index.php
@@ -1,7 +1,8 @@
 <?php
-/* Copyright (C) 2001-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
- * Copyright (C) 2004-2013 Laurent Destailleur  <eldy@users.sourceforge.net>
- * Copyright (C) 2005-2012 Regis Houssin        <regis.houssin@capnetworks.com>
+/* Copyright (C) 2001-2005  Rodolphe Quiedeville    <rodolphe@quiedeville.org>
+ * Copyright (C) 2004-2013  Laurent Destailleur     <eldy@users.sourceforge.net>
+ * Copyright (C) 2005-2012  Regis Houssin           <regis.houssin@capnetworks.com>
+ * Copyright (C) 2015       Raphaël Doursenaud      <rdoursenaud@gpcsolutions.fr>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -574,7 +575,7 @@ if (! empty($conf->tax->enabled) && $user->rights->tax->charges->lire)
 					$chargestatic->lib=$obj->libelle;
 					$chargestatic->paye=$obj->paye;
 					print '<td>'.$chargestatic->getNomUrl(1).'</td>';
-					print '<td align="center">'.dol_print_date($obj->date_ech,'day').'</td>';
+					print '<td align="center">'.dol_print_date($db->jdate($obj->date_ech),'day').'</td>';
 					print '<td align="right">'.price($obj->amount).'</td>';
 					print '<td align="right">'.price($obj->sumpaid).'</td>';
 					print '<td align="center">'.$chargestatic->getLibStatut(3).'</td>';
@@ -915,7 +916,7 @@ if ($resql)
 		$obj = $db->fetch_object($resql);
 		$var=!$var;

-		print "<tr ".$bc[$var]."><td>".dol_print_date($obj->da,"day")."</td>";
+		print "<tr ".$bc[$var]."><td>".dol_print_date($db->jdate($obj->da),"day")."</td>";
 		print "<td><a href=\"action/fiche.php\">$obj->libelle $obj->label</a></td></tr>";
 		$i++;
 	}
--- a/htdocs/compta/paiement.php
+++ b/htdocs/compta/paiement.php
@@ -71,182 +71,184 @@ $hookmanager->initHooks(array('paiementcard'));
 $parameters=array('socid'=>$socid);
 $reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action);    // Note that $action and $object may have been modified by some hooks

-/*
- * Actions
- */
-if ($action == 'add_paiement' || ($action == 'confirm_paiement' && $confirm=='yes'))
-{
-    $error = 0;
+if (empty($reshook)) {

-    $datepaye = dol_mktime(12, 0, 0, GETPOST('remonth'), GETPOST('reday'), GETPOST('reyear'));
-    $paiement_id = 0;
-    $totalpayment = 0;
-    $atleastonepaymentnotnull = 0;
-
-    // Generate payment array and check if there is payment higher than invoice and payment date before invoice date
-    $tmpinvoice=new Facture($db);
-    foreach ($_POST as $key => $value)
+    /*
+     * Actions
+     */
+    if ($action == 'add_paiement' || ($action == 'confirm_paiement' && $confirm=='yes'))
    {
-        if (substr($key,0,7) == 'amount_')
+        $error = 0;
+
+        $datepaye = dol_mktime(12, 0, 0, GETPOST('remonth'), GETPOST('reday'), GETPOST('reyear'));
+        $paiement_id = 0;
+        $totalpayment = 0;
+        $atleastonepaymentnotnull = 0;
+
+        // Generate payment array and check if there is payment higher than invoice and payment date before invoice date
+        $tmpinvoice=new Facture($db);
+        foreach ($_POST as $key => $value)
        {
-            $cursorfacid = substr($key,7);
-            $amounts[$cursorfacid] = price2num(trim(GETPOST($key)));
-            $totalpayment = $totalpayment + $amounts[$cursorfacid];
-            if (! empty($amounts[$cursorfacid])) $atleastonepaymentnotnull++;
-            $result=$tmpinvoice->fetch($cursorfacid);
-            if ($result <= 0) dol_print_error($db);
-            $amountsresttopay[$cursorfacid]=price2num($tmpinvoice->total_ttc - $tmpinvoice->getSommePaiement());
-            if ($amounts[$cursorfacid])
+            if (substr($key,0,7) == 'amount_')
            {
-	            // Check amount
-	            if ($amounts[$cursorfacid] && (abs($amounts[$cursorfacid]) > abs($amountsresttopay[$cursorfacid])))
-	            {
-	                $addwarning=1;
-	                $formquestion['text'] = img_warning($langs->trans("PaymentHigherThanReminderToPay")).' '.$langs->trans("HelpPaymentHigherThanReminderToPay");
-	            }
-	            // Check date
-	            if ($datepaye && ($datepaye < $tmpinvoice->date))
-	            {
-	            	$langs->load("errors");
-	                //$error++;
-	                setEventMessage($langs->transnoentities("WarningPaymentDateLowerThanInvoiceDate", dol_print_date($datepaye,'day'), dol_print_date($tmpinvoice->date, 'day'), $tmpinvoice->ref), 'warnings');
-	            }
-            }
+                $cursorfacid = substr($key,7);
+                $amounts[$cursorfacid] = price2num(trim(GETPOST($key)));
+                $totalpayment = $totalpayment + $amounts[$cursorfacid];
+                if (! empty($amounts[$cursorfacid])) $atleastonepaymentnotnull++;
+                $result=$tmpinvoice->fetch($cursorfacid);
+                if ($result <= 0) dol_print_error($db);
+                $amountsresttopay[$cursorfacid]=price2num($tmpinvoice->total_ttc - $tmpinvoice->getSommePaiement());
+                if ($amounts[$cursorfacid])
+                {
+                    // Check amount
+                    if ($amounts[$cursorfacid] && (abs($amounts[$cursorfacid]) > abs($amountsresttopay[$cursorfacid])))
+                    {
+                        $addwarning=1;
+                        $formquestion['text'] = img_warning($langs->trans("PaymentHigherThanReminderToPay")).' '.$langs->trans("HelpPaymentHigherThanReminderToPay");
+                    }
+                    // Check date
+                    if ($datepaye && ($datepaye < $tmpinvoice->date))
+                    {
+                        $langs->load("errors");
+                        //$error++;
+                        setEventMessage($langs->transnoentities("WarningPaymentDateLowerThanInvoiceDate", dol_print_date($datepaye,'day'), dol_print_date($tmpinvoice->date, 'day'), $tmpinvoice->ref), 'warnings');
+                    }
+                }

-            $formquestion[$i++]=array('type' => 'hidden','name' => $key,  'value' => $_POST[$key]);
-        }
-    }
-
-    // Check parameters
-    if (! GETPOST('paiementcode'))
-    {
-        setEventMessage($langs->transnoentities('ErrorFieldRequired',$langs->transnoentities('PaymentMode')), 'errors');
-        $error++;
-    }
-
-    if (! empty($conf->banque->enabled))
-    {
-        // If bank module is on, account is required to enter a payment
-        if (GETPOST('accountid') <= 0)
-        {
-            setEventMessage($langs->transnoentities('ErrorFieldRequired',$langs->transnoentities('AccountToCredit')), 'errors');
-            $error++;
-        }
-    }
-
-    if (empty($totalpayment) && empty($atleastonepaymentnotnull))
-    {
-        setEventMessage($langs->transnoentities('ErrorFieldRequired',$langs->trans('PaymentAmount')), 'errors');
-        $error++;
-    }
-
-    if (empty($datepaye))
-    {
-        setEventMessage($langs->transnoentities('ErrorFieldRequired',$langs->transnoentities('Date')), 'errors');
-        $error++;
-    }
-}
-
-/*
- * Action add_paiement
- */
-if ($action == 'add_paiement')
-{
-    if ($error)
-    {
-        $action = 'create';
-    }
-    // Le reste propre a cette action s'affiche en bas de page.
-}
-
-/*
- * Action confirm_paiement
- */
-if ($action == 'confirm_paiement' && $confirm == 'yes')
-{
-    $error=0;
-
-    $datepaye = dol_mktime(12, 0, 0, GETPOST('remonth'), GETPOST('reday'), GETPOST('reyear'));
-
-    $db->begin();
-
-    // Clean parameters amount if payment is for a credit note
-    if (GETPOST('type') == 2)
-    {
-	    foreach ($amounts as $key => $value)	// How payment is dispatch
-	    {
-	    	$newvalue = price2num($value,'MT');
-	    	$amounts[$key] = -$newvalue;
-	    }
-    }
-
-    if (! empty($conf->banque->enabled))
-    {
-    	// Si module bank actif, un compte est obligatoire lors de la saisie d'un paiement
-    	if (GETPOST('accountid') <= 0)
-    	{
-    		setEventMessage($langs->trans('ErrorFieldRequired',$langs->transnoentities('AccountToCredit')), 'errors');
-    		$error++;
-    	}
-    }
-
-    // Creation of payment line
-    $paiement = new Paiement($db);
-    $paiement->datepaye     = $datepaye;
-    $paiement->amounts      = $amounts;   // Array with all payments dispatching
-    $paiement->paiementid   = dol_getIdFromCode($db,$_POST['paiementcode'],'c_paiement');
-    $paiement->num_paiement = $_POST['num_paiement'];
-    $paiement->note         = $_POST['comment'];
-
-    if (! $error)
-    {
-    	$paiement_id = $paiement->create($user, (GETPOST('closepaidinvoices')=='on'?1:0));
-    	if ($paiement_id < 0)
-        {
-            setEventMessage($paiement->error, 'errors');
-            $error++;
-        }
-    }
-
-    if (! $error)
-    {
-    	$label='(CustomerInvoicePayment)';
-    	if (GETPOST('type') == 2) $label='(CustomerInvoicePaymentBack)';
-        $result=$paiement->addPaymentToBank($user,'payment',$label,GETPOST('accountid'),GETPOST('chqemetteur'),GETPOST('chqbank'));
-        if ($result < 0)
-        {
-            setEventMessage($paiement->error, 'errors');
-            $error++;
-        }
-    }
-
-    if (! $error)
-    {
-        $db->commit();
-
-        // If payment dispatching on more than one invoice, we keep on summary page, otherwise go on invoice card
-        $invoiceid=0;
-        foreach ($paiement->amounts as $key => $amount)
-        {
-            $facid = $key;
-            if (is_numeric($amount) && $amount <> 0)
-            {
-                if ($invoiceid != 0) $invoiceid=-1; // There is more than one invoice payed by this payment
-                else $invoiceid=$facid;
+                $formquestion[$i++]=array('type' => 'hidden','name' => $key,  'value' => $_POST[$key]);
            }
        }
-        if ($invoiceid > 0) $loc = DOL_URL_ROOT.'/compta/facture.php?facid='.$invoiceid;
-        else $loc = DOL_URL_ROOT.'/compta/paiement/fiche.php?id='.$paiement_id;
-        header('Location: '.$loc);
-        exit;
+
+        // Check parameters
+        if (! GETPOST('paiementcode'))
+        {
+            setEventMessage($langs->transnoentities('ErrorFieldRequired',$langs->transnoentities('PaymentMode')), 'errors');
+            $error++;
+        }
+
+        if (! empty($conf->banque->enabled))
+        {
+            // If bank module is on, account is required to enter a payment
+            if (GETPOST('accountid') <= 0)
+            {
+                setEventMessage($langs->transnoentities('ErrorFieldRequired',$langs->transnoentities('AccountToCredit')), 'errors');
+                $error++;
+            }
+        }
+
+        if (empty($totalpayment) && empty($atleastonepaymentnotnull))
+        {
+            setEventMessage($langs->transnoentities('ErrorFieldRequired',$langs->trans('PaymentAmount')), 'errors');
+            $error++;
+        }
+
+        if (empty($datepaye))
+        {
+            setEventMessage($langs->transnoentities('ErrorFieldRequired',$langs->transnoentities('Date')), 'errors');
+            $error++;
+        }
    }
-    else
+
+    /*
+     * Action add_paiement
+     */
+    if ($action == 'add_paiement')
    {
-        $db->rollback();
+        if ($error)
+        {
+            $action = 'create';
+        }
+        // Le reste propre a cette action s'affiche en bas de page.
+    }
+
+    /*
+     * Action confirm_paiement
+     */
+    if ($action == 'confirm_paiement' && $confirm == 'yes')
+    {
+        $error=0;
+
+        $datepaye = dol_mktime(12, 0, 0, GETPOST('remonth'), GETPOST('reday'), GETPOST('reyear'));
+
+        $db->begin();
+
+        // Clean parameters amount if payment is for a credit note
+        if (GETPOST('type') == 2)
+        {
+            foreach ($amounts as $key => $value)	// How payment is dispatch
+            {
+                $newvalue = price2num($value,'MT');
+                $amounts[$key] = -$newvalue;
+            }
+        }
+
+        if (! empty($conf->banque->enabled))
+        {
+            // Si module bank actif, un compte est obligatoire lors de la saisie d'un paiement
+            if (GETPOST('accountid') <= 0)
+            {
+                setEventMessage($langs->trans('ErrorFieldRequired',$langs->transnoentities('AccountToCredit')), 'errors');
+                $error++;
+            }
+        }
+
+        // Creation of payment line
+        $paiement = new Paiement($db);
+        $paiement->datepaye     = $datepaye;
+        $paiement->amounts      = $amounts;   // Array with all payments dispatching
+        $paiement->paiementid   = dol_getIdFromCode($db,$_POST['paiementcode'],'c_paiement');
+        $paiement->num_paiement = $_POST['num_paiement'];
+        $paiement->note         = $_POST['comment'];
+
+        if (! $error)
+        {
+            $paiement_id = $paiement->create($user, (GETPOST('closepaidinvoices')=='on'?1:0));
+            if ($paiement_id < 0)
+            {
+                setEventMessage($paiement->error, 'errors');
+                $error++;
+            }
+        }
+
+        if (! $error)
+        {
+            $label='(CustomerInvoicePayment)';
+            if (GETPOST('type') == 2) $label='(CustomerInvoicePaymentBack)';
+            $result=$paiement->addPaymentToBank($user,'payment',$label,GETPOST('accountid'),GETPOST('chqemetteur'),GETPOST('chqbank'));
+            if ($result < 0)
+            {
+                setEventMessage($paiement->error, 'errors');
+                $error++;
+            }
+        }
+
+        if (! $error)
+        {
+            $db->commit();
+
+            // If payment dispatching on more than one invoice, we keep on summary page, otherwise go on invoice card
+            $invoiceid=0;
+            foreach ($paiement->amounts as $key => $amount)
+            {
+                $facid = $key;
+                if (is_numeric($amount) && $amount <> 0)
+                {
+                    if ($invoiceid != 0) $invoiceid=-1; // There is more than one invoice payed by this payment
+                    else $invoiceid=$facid;
+                }
+            }
+            if ($invoiceid > 0) $loc = DOL_URL_ROOT.'/compta/facture.php?facid='.$invoiceid;
+            else $loc = DOL_URL_ROOT.'/compta/paiement/fiche.php?id='.$paiement_id;
+            header('Location: '.$loc);
+            exit;
+        }
+        else
+        {
+            $db->rollback();
+        }
    }
 }

-
 /*
 * View
 */
--- a/htdocs/compta/paiement/cheque/class/remisecheque.class.php
+++ b/htdocs/compta/paiement/cheque/class/remisecheque.class.php
@@ -2,7 +2,7 @@
 /* Copyright (C) 2006      Rodolphe Quiedeville <rodolphe@quiedeville.org>
 * Copyright (C) 2007-2011 Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) 2005-2009 Regis Houssin        <regis.houssin@capnetworks.com>
- * Copyright (C) 2011      Juanjo Menent        <jmenent@2byte.es>
+ * Copyright (C) 2011-2015 Juanjo Menent        <jmenent@2byte.es>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -744,7 +744,6 @@ class RemiseCheque extends CommonObject
 			$resql=$this->db->query($sql);
 			if ($resql)
 			{
-				$this->date_bordereau = $date;
 				return 1;
 			}
 			else
--- a/htdocs/compta/paiement/liste.php
+++ b/htdocs/compta/paiement/liste.php
@@ -3,6 +3,7 @@
 * Copyright (C) 2004-2011 Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) 2005-2009 Regis Houssin        <regis.houssin@capnetworks.com>
 * Copyright (C) 2013      Cédric Salvador      <csalvador@gpcsolutions.fr>
+ * Copyright (C) 2015      Marcos García        <marcosgdf@gmail.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -53,6 +54,8 @@ $limit = $conf->liste_limit;
 if (! $sortorder) $sortorder="DESC";
 if (! $sortfield) $sortfield="p.rowid";

+$search_ref = GETPOST("search_ref",'int');
+$search_account = GETPOST("search_account",'int');



@@ -109,11 +112,13 @@ else
        if ($userid == -1) $sql.= " AND f.fk_user_author IS NULL";
        else  $sql.= " AND f.fk_user_author = ".$userid;
    }
+
+
    // Search criteria
-    if (GETPOST("search_ref"))         		$sql .=" AND p.rowid=".GETPOST("search_ref",'int');
-    if (GETPOST("search_account") > 0)      $sql .=" AND b.fk_account=".GETPOST("search_account",'int');
-    if (GETPOST("search_paymenttype") != "")  $sql .=" AND c.code='".GETPOST("search_paymenttype")."'";
-    if (GETPOST("search_amount"))      		$sql .=" AND p.amount=".price2num(GETPOST("search_amount"));
+    if ($search_ref)         		$sql .=" AND p.rowid=".$search_ref;
+    if ($search_account > 0)      $sql .=" AND b.fk_account=".$search_account;
+    if (GETPOST("search_paymenttype") != "")  $sql .=" AND c.code='".$db->escape(GETPOST("search_paymenttype"))."'";
+    if (GETPOST("search_amount"))      		$sql .=" AND p.amount='".$db->escape(price2num(GETPOST("search_amount")))."'";
    if (GETPOST("search_company"))     		$sql .= natural_search('s.nom', GETPOST('search_company'));
 }
 $sql.= $db->order($sortfield,$sortorder);
@@ -129,7 +134,7 @@ if ($resql)

    $paramlist='';
    $paramlist.=(GETPOST("orphelins")?"&orphelins=1":"");
-    $paramlist.=($_REQUEST["search_ref"]?"&search_ref=".$_REQUEST["search_ref"]:"");
+    $paramlist.=($search_ref?"&search_ref=".$search_ref:"");
    $paramlist.=($_REQUEST["search_company"]?"&search_company=".$_REQUEST["search_company"]:"");
    $paramlist.=($_REQUEST["search_amount"]?"&search_amount=".$_REQUEST["search_amount"]:"");

@@ -154,7 +159,7 @@ if ($resql)
    // Lines for filters fields
    print '<tr class="liste_titre">';
    print '<td align="left">';
-    print '<input class="fat" type="text" size="4" name="search_ref" value="'.$_REQUEST["search_ref"].'">';
+    print '<input class="fat" type="text" size="4" name="search_ref" value="'.$search_ref.'">';
    print '</td>';
    print '<td>&nbsp;</td>';
    print '<td align="left">';
--- a/htdocs/compta/paiement_charge.php
+++ b/htdocs/compta/paiement_charge.php
@@ -178,7 +178,7 @@ if ($_GET["action"] == 'create')

 	print '<table cellspacing="0" class="border" width="100%" cellpadding="2">';

-	print "<tr class=\"liste_titre\"><td colspan=\"3\">Charge</td>";
+	print "<tr class=\"liste_titre\"><td colspan=\"3\">".$langs->trans('Charge')."</td>";

 	print '<tr><td>'.$langs->trans("Ref").'</td><td colspan="2"><a href="'.DOL_URL_ROOT.'/compta/sociales/charges.php?id='.$chid.'">'.$chid.'</a></td></tr>';
 	print '<tr><td>'.$langs->trans("Type")."</td><td colspan=\"2\">".$charge->type_libelle."</td></tr>\n";
--- a/htdocs/compta/prelevement/class/bonprelevement.class.php
+++ b/htdocs/compta/prelevement/class/bonprelevement.class.php
@@ -1,7 +1,7 @@
 <?php
 /* Copyright (C) 2004-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
 * Copyright (C) 2005-2012 Regis Houssin        <regis.houssin@capnetworks.com>
- * Copyright (C) 2010-2014 Juanjo Menent        <jmenent@2byte.es>
+ * Copyright (C) 2010-2015 Juanjo Menent        <jmenent@2byte.es>
 * Copyright (C) 2010-2014 Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) 2014 		Ferran Marcet       <fmarcet@2byte.es>
 *
@@ -890,29 +890,30 @@ class BonPrelevement extends CommonObject
             */
            if (!$error)
            {
-                $ref = "T".substr($year,-2).$month;
+				$ref = substr($year,-2).$month;

-                $sql = "SELECT count(*)";
-                $sql.= " FROM ".MAIN_DB_PREFIX."prelevement_bons";
-                $sql.= " WHERE ref LIKE '".$ref."%'";
-                $sql.= " AND entity = ".$conf->entity;
+				$sql = "SELECT substring(ref from char_length(ref) - 1)";
+				$sql.= " FROM ".MAIN_DB_PREFIX."prelevement_bons";
+				$sql.= " WHERE ref LIKE '%".$ref."%'";
+				$sql.= " AND entity = ".$conf->entity;
+				$sql.= " ORDER BY ref DESC LIMIT 1";

-                dol_syslog(get_class($this)."::Create sql=".$sql, LOG_DEBUG);
-                $resql = $this->db->query($sql);
+				dol_syslog(get_class($this)."::Create sql=".$sql, LOG_DEBUG);
+				$resql = $this->db->query($sql);

-                if ($resql)
-                {
-                    $row = $this->db->fetch_row($resql);
-                }
-                else
-                {
-                    $error++;
-                    dol_syslog("Erreur recherche reference");
-                }
+				if ($resql)
+				{
+					$row = $this->db->fetch_row($resql);
+				}
+				else
+				{
+					$error++;
+					dol_syslog("Erreur recherche reference");
+				}

-                $ref = $ref . substr("00".($row[0]+1), -2);
+				$ref = "T".$ref.str_pad(dol_substr("00".intval($row[0])+1),2,"0",STR_PAD_LEFT);

-                $filebonprev = $ref;
+				$filebonprev = $ref;

                // Create withdraw receipt in database
                $sql = "INSERT INTO ".MAIN_DB_PREFIX."prelevement_bons (";
@@ -1326,11 +1327,26 @@ class BonPrelevement extends CommonObject
 			$fileDebiteurSection = '';
 			$fileEmetteurSection = '';
 			$i = 0;
+			$j = 0;
 			$this->total = 0;

 			/*
 			 * section Debiteur (sepa Debiteurs bloc lines)
 			 */
+
+			$sql = "SELECT f.facnumber as fac FROM ".MAIN_DB_PREFIX."prelevement_lignes as pl, ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."prelevement_facture as pf, ".MAIN_DB_PREFIX."societe as soc, ".MAIN_DB_PREFIX."c_pays as p, ".MAIN_DB_PREFIX."societe_rib as rib WHERE pl.fk_prelevement_bons = ".$this->id." AND pl.rowid = pf.fk_prelevement_lignes AND pf.fk_facture = f.rowid AND soc.fk_pays = p.rowid AND soc.rowid = f.fk_soc AND rib.fk_soc = f.fk_soc AND rib.default_rib = 1";
+			$resql=$this->db->query($sql);
+			if ($resql)
+			{
+				$num = $this->db->num_rows($resql);
+				while ($j < $num)
+				{
+					$objfac = $this->db->fetch_object($resql);
+					$ListOfFactures = $ListOfFactures . $objfac->fac . ",";
+					$j++;
+				}
+			}
+
 			$sql = "SELECT soc.code_client as code, soc.address, soc.zip, soc.town, soc.datec, p.code as country_code,";
 			$sql.= " pl.client_nom as nom, pl.code_banque as cb, pl.code_guichet as cg, pl.number as cc, pl.amount as somme,";
 			$sql.= " f.facnumber as fac, pf.fk_facture as idfac, rib.iban_prefix as iban, rib.bic as bic, rib.rowid as drum";
@@ -1356,7 +1372,7 @@ class BonPrelevement extends CommonObject
 				while ($i < $num)
 				{
 					$obj = $this->db->fetch_object($resql);
-					$fileDebiteurSection .= $this->EnregDestinataireSEPA($obj->code, $obj->nom, $obj->address, $obj->zip, $obj->town, $obj->country_code, $obj->cb, $obj->cg, $obj->cc, $obj->somme, $obj->facnumber, $obj->idfac, $obj->iban, $obj->bic, $obj->datec, $obj->drum);
+					$fileDebiteurSection .= $this->EnregDestinataireSEPA($obj->code, $obj->nom, $obj->address, $obj->zip, $obj->town, $obj->country_code, $obj->cb, $obj->cg, $obj->cc, $obj->somme, $ListOfFactures, $obj->idfac, $obj->iban, $obj->bic, $obj->datec, $obj->drum);
 					$this->total = $this->total + $obj->somme;
 					$i++;
 				}
@@ -1393,13 +1409,14 @@ class BonPrelevement extends CommonObject
 			fputs($this->file, '			<CtrlSum>'.$this->total.'</CtrlSum>'.$CrLf);
 			fputs($this->file, '			<InitgPty>'.$CrLf);
 			fputs($this->file, '				<Nm>'.$this->raison_sociale.'</Nm>'.$CrLf);
-/*			fputs($this->file, '				<Id>'.$CrLf);
-			fputs($this->file, '					<Othr>'.$CrLf);
-			fputs($this->file, '						<Id>0533883248</Id>'.$CrLf);
-			fputs($this->file, '						<Issr>KBO-BCE</Issr>'.$CrLf);
+			fputs($this->file, '				<Id>'.$CrLf);
+			fputs($this->file, '				    <PrvtId>'.$CrLf);
 			fputs($this->file, '					<Othr>'.$CrLf);
+			fputs($this->file, '						<Id>'.$conf->global->PRELEVEMENT_ICS.'</Id>'.$CrLf);
+			fputs($this->file, '					</Othr>'.$CrLf);
+			fputs($this->file, '				    </PrvtId>'.$CrLf);
 			fputs($this->file, '				</Id>'.$CrLf);
-*/			fputs($this->file, '			</InitgPty>'.$CrLf);
+			fputs($this->file, '			</InitgPty>'.$CrLf);
 			fputs($this->file, '		</GrpHdr>'.$CrLf);
 			// SEPA File Emetteur
 			if ($result != -2)
@@ -1582,6 +1599,7 @@ class BonPrelevement extends CommonObject
 		$CrLf = "\n";
 		$Rowing = sprintf("%06d", $row_idfac);
 		$Date_Rum = strtotime($row_datec);
+		$DtOfSgntr = dol_print_date($row_datec, '%Y-%m-%d');
 		$pre = ($date_Rum > 1359673200) ? 'Rum' : '++R';
 		$Rum = $pre.$row_code_client.$row_drum.'-0'.date('U', $Date_Rum);
 		$XML_DEBITOR ='';
@@ -1589,11 +1607,11 @@ class BonPrelevement extends CommonObject
 		$XML_DEBITOR .='				<PmtId>'.$CrLf;
 		$XML_DEBITOR .='					<EndToEndId>'.('AS-'.$row_facnumber.'-'.$Rowing).'</EndToEndId>'.$CrLf;
 		$XML_DEBITOR .='				</PmtId>'.$CrLf;
-		$XML_DEBITOR .='				<InstdAmt Ccy.="EUR">'.round($row_somme, 2).'</InstdAmt>'.$CrLf;
+		$XML_DEBITOR .='				<InstdAmt Ccy="EUR">'.round($row_somme, 2).'</InstdAmt>'.$CrLf;
 		$XML_DEBITOR .='				<DrctDbtTx>'.$CrLf;
 		$XML_DEBITOR .='					<MndtRltdInf>'.$CrLf;
 		$XML_DEBITOR .='						<MndtId>'.$Rum.'</MndtId>'.$CrLf;
-		$XML_DEBITOR .='						<DtOfSgntr>'.$row_datec.'</DtOfSgntr>'.$CrLf;
+		$XML_DEBITOR .='						<DtOfSgntr>'.$DtOfSgntr.'</DtOfSgntr>'.$CrLf;
 		$XML_DEBITOR .='						<AmdmntInd>false</AmdmntInd>'.$CrLf;
 		$XML_DEBITOR .='					</MndtRltdInf>'.$CrLf;
 		$XML_DEBITOR .='				</DrctDbtTx>'.$CrLf;
@@ -1606,17 +1624,18 @@ class BonPrelevement extends CommonObject
 		$XML_DEBITOR .='					<Nm>'.strtoupper(dol_string_unaccent($row_nom)).'</Nm>'.$CrLf;
 		$XML_DEBITOR .='					<PstlAdr>'.$CrLf;
 		$XML_DEBITOR .='						<Ctry>'.$row_country_code.'</Ctry>'.$CrLf;
-		$XML_DEBITOR .='						<AdrLine>'.strtr($row_adr, array(CHR(13) => ", ", CHR(10) => "")).'</AdrLine>'.$CrLf;
+		$XML_DEBITOR .='						<AdrLine>'.strtr($row_address, array(CHR(13) => ", ", CHR(10) => "")).'</AdrLine>'.$CrLf;
 		$XML_DEBITOR .='						<AdrLine>'.dol_string_unaccent($row_zip.' '.$row_town).'</AdrLine>'.$CrLf;
 		$XML_DEBITOR .='					</PstlAdr>'.$CrLf;
 		$XML_DEBITOR .='				</Dbtr>'.$CrLf;
 		$XML_DEBITOR .='				<DbtrAcct>'.$CrLf;
 		$XML_DEBITOR .='					<Id>'.$CrLf;
-		$XML_DEBITOR .='						<IBAN>'.$row_iban.'</IBAN>'.$CrLf;
+		$XML_DEBITOR .='						<IBAN>'.preg_replace('/\s/', '', $row_iban).'</IBAN>'.$CrLf;
 		$XML_DEBITOR .='					</Id>'.$CrLf;
 		$XML_DEBITOR .='				</DbtrAcct>'.$CrLf;
 		$XML_DEBITOR .='				<RmtInf>'.$CrLf;
-		$XML_DEBITOR .='					<Ustrd>'.($row_facnumber.'/'.$Rowing.'/'.$Rum).'</Ustrd>'.$CrLf;
+	//	$XML_DEBITOR .='					<Ustrd>'.($row_facnumber.'/'.$Rowing.'/'.$Rum).'</Ustrd>'.$CrLf;
+		$XML_DEBITOR .='					<Ustrd>'.$row_facnumber.'</Ustrd>'.$CrLf;
 		$XML_DEBITOR .='				</RmtInf>'.$CrLf;
 		$XML_DEBITOR .='			</DrctDbtTxInf>'.$CrLf;
 		return $XML_DEBITOR;
--- a/htdocs/compta/prelevement/class/rejetprelevement.class.php
+++ b/htdocs/compta/prelevement/class/rejetprelevement.class.php
@@ -87,7 +87,7 @@ class RejetPrelevement

 		dol_syslog("RejetPrelevement::Create id $id");
 		$bankaccount = $conf->global->PRELEVEMENT_ID_BANKACCOUNT;
-		$facs = $this->getListInvoices();
+		$facs = $this->getListInvoices(1);

 		$this->db->begin();

@@ -132,7 +132,7 @@ class RejetPrelevement
 		for ($i = 0; $i < $num; $i++)
 		{
 			$fac = new Facture($this->db);
-			$fac->fetch($facs[$i]);
+			$fac->fetch($facs[$i][0]);

 			// Make a negative payment
 			$pai = new Paiement($this->db);
@@ -144,7 +144,7 @@ class RejetPrelevement
 			 * PHP installs sends only the part integer negative
 			*/

-			$pai->amounts[$facs[$i]] = price2num($fac->total_ttc * -1);
+			$pai->amounts[$facs[$i][0]] = price2num($facs[$i][1] * -1);
 			$pai->datepaye = $date_rejet;
 			$pai->paiementid = 3; // type of payment: withdrawal
 			$pai->num_paiement = $fac->ref;
@@ -152,7 +152,7 @@ class RejetPrelevement
 			if ($pai->create($this->user) < 0)  // we call with no_commit
 			{
 				$error++;
-				dol_syslog("RejetPrelevement::Create Error creation payment invoice ".$facs[$i]);
+				dol_syslog("RejetPrelevement::Create Error creation payment invoice ".$facs[$i][0]);
 			}
 			else
 			{
@@ -269,22 +269,24 @@ class RejetPrelevement
 	}

 	/**
-	 *    Retrieve the list of invoices
+	 * Retrieve the list of invoices
+	 * @param 	int		$amounts 	If you want to get the amount of the order for each invoice
 	 *
-	 *    @return	void
+	 * @return	Array List of invoices related to the withdrawal line
+	 * @TODO	A withdrawal line is today linked to one and only one invoice. So the function should return only one object ?
 	 */
-	private function getListInvoices()
+	private function getListInvoices($amounts=0)
 	{
 		global $conf;

 		$arr = array();

 		 //Returns all invoices of a withdrawal
-		$sql = "SELECT f.rowid as facid";
+		$sql = "SELECT f.rowid as facid, pl.amount";
 		$sql.= " FROM ".MAIN_DB_PREFIX."prelevement_facture as pf";
-		$sql.= ", ".MAIN_DB_PREFIX."facture as f";
+		$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."facture as f ON (pf.fk_facture = f.rowid)";
+		$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."prelevement_lignes as pl ON (pf.fk_prelevement_lignes = pl.rowid)";
 		$sql.= " WHERE pf.fk_prelevement_lignes = ".$this->id;
-		$sql.= " AND pf.fk_facture = f.rowid";
 		$sql.= " AND f.entity = ".$conf->entity;

 		$resql=$this->db->query($sql);
@@ -298,7 +300,14 @@ class RejetPrelevement
 				while ($i < $num)
 				{
 					$row = $this->db->fetch_row($resql);
-					$arr[$i] = $row[0];
+					if (!$amounts) $arr[$i] = $row[0];
+					else
+					{
+						$arr[$i] = array(
+							$row[0],
+							$row[1]
+						);
+					}
 					$i++;
 				}
 			}
--- a/htdocs/compta/resultat/clientfourn.php
+++ b/htdocs/compta/resultat/clientfourn.php
@@ -543,17 +543,23 @@ if ($mysoc->tva_assuj == 'franchise')	// Non assujeti
 * Salaries
 */

+if ($modecompta == 'CREANCES-DETTES') {
+    $column = 'p.datev';
+} else {
+    $column = 'p.datep';
+}
+
 print '<tr><td colspan="4">'.$langs->trans("Salaries").'</td></tr>';    
-$sql = "SELECT p.label as nom, date_format(p.datep,'%Y-%m') as dm, sum(p.amount) as amount, u.firstname, u.lastname, p.fk_user";
+$sql = "SELECT p.label as nom, date_format($column,'%Y-%m') as dm, sum(p.amount) as amount, u.firstname, u.lastname, p.fk_user";
 $sql.= " FROM ".MAIN_DB_PREFIX."payment_salary as p";
 $sql.= " INNER JOIN ".MAIN_DB_PREFIX."user as u ON u.rowid=p.fk_user";
 $sql.= " WHERE p.entity = ".$conf->entity;
 if (! empty($date_start) && ! empty($date_end))
-	$sql.= " AND p.datep >= '".$db->idate($date_start)."' AND p.datep <= '".$db->idate($date_end)."'";
+	$sql.= " AND $column >= '".$db->idate($date_start)."' AND $column <= '".$db->idate($date_end)."'";
 	
-$sql.= " GROUP BY u.rowid";
+$sql.= " GROUP BY u.rowid, p.label, p.datep, p.fk_user";
 $sql.= " ORDER BY u.firstname";
-    
+
 dol_syslog("get payment salaries sql=".$sql);
 $result=$db->query($sql);
 $subtotal_ht = 0;
--- a/htdocs/compta/resultat/index.php
+++ b/htdocs/compta/resultat/index.php
@@ -473,9 +473,16 @@ $reshook=$hookmanager->executeHooks('addStatisticLine',$parameters,$object,$acti
 /*
 * Salaries
 */
+
+if ($modecompta == 'CREANCES-DETTES') {
+	$column = 'p.datev';
+} else {
+	$column = 'p.datep';
+}
+
 $subtotal_ht = 0;
 $subtotal_ttc = 0;
-$sql = "SELECT p.label as nom, date_format(p.datep,'%Y-%m') as dm, sum(p.amount) as amount";
+$sql = "SELECT p.label as nom, date_format($column,'%Y-%m') as dm, sum(p.amount) as amount";
 $sql.= " FROM ".MAIN_DB_PREFIX."payment_salary as p";
 $sql.= " WHERE p.entity = ".$conf->entity;
 $sql.= " GROUP BY p.label, dm";
--- a/htdocs/compta/salaries/fiche.php
+++ b/htdocs/compta/salaries/fiche.php
@@ -248,7 +248,7 @@ if ($action == 'create')
 	if (! empty($conf->banque->enabled))
 	{
 		print '<tr><td class="fieldrequired">'.$langs->trans("Account").'</td><td>';
-		$form->select_comptes($_POST["accountid"],"accountid",0,"courant=1",1);  // Affiche liste des comptes courant
+		$form->select_comptes($_POST["accountid"],"accountid",0,'',1);
 		print '</td></tr>';
 	}

@@ -365,7 +365,7 @@ if ($id)
 	print "<div class=\"tabsAction\">\n";
 	if ($salpayment->rappro == 0)
 	{
-		if (! empty($user->rights->tax->charges->supprimer))
+		if (! empty($user->rights->salaries->delete))
 		{
 			print '<a class="butActionDelete" href="fiche.php?id='.$salpayment->id.'&action=delete">'.$langs->trans("Delete").'</a>';
 		}
--- a/htdocs/compta/sociales/charges.php
+++ b/htdocs/compta/sociales/charges.php
@@ -422,7 +422,7 @@ if ($id > 0)
 			}

 			// Emettre paiement
-			if ($object->paye == 0 && ((price2num($object->amount) < 0 && round($resteapayer) < 0) || (price2num($object->amount) > 0 && round($resteapayer) > 0)) && $user->rights->tax->charges->creer)
+			if ($object->paye == 0 && ((price2num($object->amount) < 0 && price2num($resteapayer, 'MT') < 0) || (price2num($object->amount) > 0 && price2num($resteapayer, 'MT') > 0)) && $user->rights->tax->charges->creer)
 			{
 				print "<a class=\"butAction\" href=\"".DOL_URL_ROOT."/compta/paiement_charge.php?id=$object->id&amp;action=create\">".$langs->trans("DoPayment")."</a>";
 			}
--- a/htdocs/compta/sociales/class/paymentsocialcontribution.class.php
+++ b/htdocs/compta/sociales/class/paymentsocialcontribution.class.php
@@ -313,17 +313,20 @@ class PaymentSocialContribution extends CommonObject
 	{
 		global $conf, $langs;
 		$error=0;
+		
+		dol_syslog(get_class($this)."::delete");

 		$this->db->begin();

-	    if (! $error)
+	    if ($this->bank_line > 0)
        {
-            $sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_url";
-            $sql.= " WHERE type='payment_sc' AND url_id=".$this->id;
-
-            dol_syslog(get_class($this)."::delete sql=".$sql);
-            $resql = $this->db->query($sql);
-            if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); }
+        	$accline = new AccountLine($this->db);
+			$accline->fetch($this->bank_line);
+			$result = $accline->delete();
+			if($result < 0) {
+				$this->errors[] = $accline->error;
+				$error++;
+			}
        }

 		if (! $error)
--- a/htdocs/contact/class/contact.class.php
+++ b/htdocs/contact/class/contact.class.php
@@ -140,6 +140,7 @@ class Contact extends CommonObject
 		$sql.= ", statut";
 		$sql.= ", canvas";
 		$sql.= ", entity";
+		$sql.= ",ref_ext";
 		$sql.= ", import_key";
 		$sql.= ") VALUES (";
 		$sql.= "'".$this->db->idate($now)."',";
@@ -152,6 +153,7 @@ class Contact extends CommonObject
 		$sql.= " ".$this->statut.",";
        $sql.= " ".(! empty($this->canvas)?"'".$this->canvas."'":"null").",";
        $sql.= " ".$conf->entity.",";
+	$sql.= "'".$this->db->escape($this->ref_ext)."',";
        $sql.= " ".(! empty($this->import_key)?"'".$this->import_key."'":"null");
 		$sql.= ")";

@@ -496,10 +498,12 @@ class Contact extends CommonObject
 	 *
 	 *  @param      int		$id          id du contact
 	 *  @param      User	$user        Utilisateur (abonnes aux alertes) qui veut les alertes de ce contact
+         *  @param      string          $ref_ext        External reference, not given by Dolibarr
 	 *  @return     int     		    -1 if KO, 0 if OK but not found, 1 if OK
 	 */
-	function fetch($id, $user=0)
+	function fetch($id, $user=0, $ref_ext='')
 	{
+		dol_syslog(get_class($this)."::fetch ".$this->error, LOG_ERR);
 		global $langs;

 		$langs->load("companies");
@@ -521,7 +525,8 @@ class Contact extends CommonObject
 		$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as d ON c.fk_departement = d.rowid";
 		$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user as u ON c.rowid = u.fk_socpeople";
 		$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON c.fk_soc = s.rowid";
-		$sql.= " WHERE c.rowid = ". $id;
+		if ($id) $sql.= " WHERE c.rowid = ". $id;
+		elseif ($ref_ext) $sql .= " WHERE c.ref_ext = '".$this->db->escape($ref_ext)."'";

 		dol_syslog(get_class($this)."::fetch sql=".$sql);
 		$resql=$this->db->query($sql);
@@ -550,7 +555,7 @@ class Contact extends CommonObject

 				$this->country_id 		= $obj->country_id;
 				$this->country_code		= $obj->country_id?$obj->country_code:'';
-				$this->country			= ($obj->country_id > 0)?$langs->transnoentitiesnoconv("Country".$obj->country_code):'';
+				$this->country			= $obj->country_id?($langs->trans('Country'.$obj->country_code)!='Country'.$obj->country_code?$langs->transnoentities('Country'.$obj->country_code):$obj->country):'';

 				$this->socid			= $obj->fk_soc;
 				$this->socname			= $obj->socname;
--- a/htdocs/contact/exportimport.php
+++ b/htdocs/contact/exportimport.php
@@ -33,80 +33,80 @@ $id = GETPOST('id', 'int');
 if ($user->societe_id) $socid=$user->societe_id;
 $result = restrictedArea($user, 'contact', $id, 'socpeople&societe');

+$contact = new Contact($db);
+

 /*
 *	View
 */

+$form = new Form($db);
+
 $title = (! empty($conf->global->SOCIETE_ADDRESSES_MANAGEMENT) ? $langs->trans("Contacts") : $langs->trans("ContactsAddresses"));

 llxHeader('',$title,'EN:Module_Third_Parties|FR:Module_Tiers|ES:M&oacute;dulo_Empresas');

-$form = new Form($db);
-
-$contact = new Contact($db);
-$contact->fetch($id, $user);
-
-
-$head = contact_prepare_head($contact);
-
-dol_fiche_head($head, 'exportimport', $title, 0, 'contact');
-
-
-/*
- * Fiche en mode visu
- */
-print '<table class="border" width="100%">';
-
-$linkback = '<a href="'.DOL_URL_ROOT.'/contact/list.php">'.$langs->trans("BackToList").'</a>';
-
-// Ref
-print '<tr><td>'.$langs->trans("Ref").'</td><td colspan="3">';
-print $form->showrefnav($contact, 'id', $linkback);
-print '</td></tr>';
-
-// Name
-print '<tr><td width="20%">'.$langs->trans("Lastname").' / '.$langs->trans("Label").'</td><td>'.$contact->lastname.'</td>';
-print '<td width="20%">'.$langs->trans("Firstname").'</td><td width="25%">'.$contact->firstname.'</td></tr>';
-
-// Company
-if (empty($conf->global->SOCIETE_DISABLE_CONTACTS))
+if ($id > 0)
 {
-    if ($contact->socid > 0)
-    {
-    	$objsoc = new Societe($db);
-    	$objsoc->fetch($contact->socid);
+	$contact->fetch($id, $user);

-    	print '<tr><td width="15%">'.$langs->trans("Company").'</td><td colspan="3">'.$objsoc->getNomUrl(1).'</td></tr>';
-    }
-    else
-    {
-    	print '<tr><td width="15%">'.$langs->trans("Company").'</td><td colspan="3">';
-    	print $langs->trans("ContactNotLinkedToCompany");
-    	print '</td></tr>';
-    }
+	$head = contact_prepare_head($contact);
+
+	dol_fiche_head($head, 'exportimport', $title, 0, 'contact');
+
+
+	/*
+	 * Fiche en mode visu
+	 */
+	print '<table class="border" width="100%">';
+
+	$linkback = '<a href="'.DOL_URL_ROOT.'/contact/list.php">'.$langs->trans("BackToList").'</a>';
+
+	// Ref
+	print '<tr><td>'.$langs->trans("Ref").'</td><td colspan="3">';
+	print $form->showrefnav($contact, 'id', $linkback);
+	print '</td></tr>';
+
+	// Name
+	print '<tr><td width="20%">'.$langs->trans("Lastname").' / '.$langs->trans("Label").'</td><td>'.$contact->lastname.'</td>';
+	print '<td width="20%">'.$langs->trans("Firstname").'</td><td width="25%">'.$contact->firstname.'</td></tr>';
+
+	// Company
+	if (empty($conf->global->SOCIETE_DISABLE_CONTACTS))
+	{
+	    if ($contact->socid > 0)
+	    {
+	        $objsoc = new Societe($db);
+	        $objsoc->fetch($contact->socid);
+
+	        print '<tr><td width="15%">'.$langs->trans("Company").'</td><td colspan="3">'.$objsoc->getNomUrl(1).'</td></tr>';
+	    }
+	    else
+	    {
+	        print '<tr><td width="15%">'.$langs->trans("Company").'</td><td colspan="3">';
+	        print $langs->trans("ContactNotLinkedToCompany");
+	        print '</td></tr>';
+	    }
+	}
+
+	// Civility
+	print '<tr><td>'.$langs->trans("UserTitle").'</td><td colspan="3">';
+	print $contact->getCivilityLabel();
+	print '</td></tr>';
+
+	print '</table>';
+
+	print '</div>';
+
+	print '<br>';
+
+	print $langs->trans("ExportCardToFormat").': ';
+	print '<a href="'.DOL_URL_ROOT.'/contact/vcard.php?id='.$contact->id.'">';
+	print img_picto($langs->trans("VCard"),'vcard.png').' ';
+	print $langs->trans("VCard");
+	print '</a>';
 }

-// Civility
-print '<tr><td>'.$langs->trans("UserTitle").'</td><td colspan="3">';
-print $contact->getCivilityLabel();
-print '</td></tr>';
-
-print '</table>';
-
-print '</div>';
-
-print '<br>';
-
-print $langs->trans("ExportCardToFormat").': ';
-print '<a href="'.DOL_URL_ROOT.'/contact/vcard.php?id='.$contact->id.'">';
-print img_picto($langs->trans("VCard"),'vcard.png').' ';
-print $langs->trans("VCard");
-print '</a>';
-
-
-
-
 $db->close();

 llxFooter();
--- a/htdocs/contact/info.php
+++ b/htdocs/contact/info.php
@@ -35,6 +35,8 @@ $contactid = GETPOST("id",'int');
 if ($user->societe_id) $socid=$user->societe_id;
 $result = restrictedArea($user, 'contact', $contactid, 'socpeople&societe');

+$contact = new Contact($db);
+


 /*
@@ -43,23 +45,25 @@ $result = restrictedArea($user, 'contact', $contactid, 'socpeople&societe');

 llxHeader('',$langs->trans("ContactsAddresses"),'EN:Module_Third_Parties|FR:Module_Tiers|ES:M&oacute;dulo_Empresas');

+if ($contactid > 0)
+{
+	$result = $contact->fetch($contactid, $user);

-$contact = new Contact($db);
-$contact->fetch($contactid, $user);
-$contact->info($contactid);
+	$contact->info($contactid);


-$head = contact_prepare_head($contact);
+	$head = contact_prepare_head($contact);

-dol_fiche_head($head, 'info', $langs->trans("ContactsAddresses"), 0, 'contact');
+	dol_fiche_head($head, 'info', $langs->trans("ContactsAddresses"), 0, 'contact');


-print '<table width="100%"><tr><td>';
-print '</td></tr></table>';
+	print '<table width="100%"><tr><td>';
+	print '</td></tr></table>';

-dol_print_object_info($contact);
+	dol_print_object_info($contact);

-print "</div>";
+	print "</div>";
+}

 llxFooter();

--- a/htdocs/contact/ldap.php
+++ b/htdocs/contact/ldap.php
@@ -40,37 +40,40 @@ if ($user->societe_id) $socid=$user->societe_id;
 $result = restrictedArea($user, 'contact', $id, 'socpeople&societe');

 $contact = new Contact($db);
-$contact->fetch($id, $user);

-
-/*
- * Actions
- */
-
-if ($action == 'dolibarr2ldap')
+if ($id > 0)
 {
-	$message="";
+	$contact->fetch($id, $user);

-	$db->begin();
+	/*
+	 * Actions
+	 */

-	$ldap=new Ldap();
-	$result=$ldap->connect_bind();
-
-	$info=$contact->_load_ldap_info();
-	$dn=$contact->_load_ldap_dn($info);
-	$olddn=$dn;	// We can say that old dn = dn as we force synchro
-
-	$result=$ldap->update($dn,$info,$user,$olddn);
-
-	if ($result >= 0)
+	if ($action == 'dolibarr2ldap')
 	{
-		$message.='<div class="ok">'.$langs->trans("ContactSynchronized").'</div>';
-		$db->commit();
-	}
-	else
-	{
-		$message.='<div class="error">'.$ldap->error.'</div>';
-		$db->rollback();
+		$message="";
+
+		$db->begin();
+
+		$ldap=new Ldap();
+		$result=$ldap->connect_bind();
+
+		$info=$contact->_load_ldap_info();
+		$dn=$contact->_load_ldap_dn($info);
+		$olddn=$dn;	// We can say that old dn = dn as we force synchro
+
+		$result=$ldap->update($dn,$info,$user,$olddn);
+
+		if ($result >= 0)
+		{
+			$message.='<div class="ok">'.$langs->trans("ContactSynchronized").'</div>';
+			$db->commit();
+		}
+		else
+		{
+			$message.='<div class="error">'.$ldap->error.'</div>';
+			$db->rollback();
+		}
 	}
 }

@@ -79,135 +82,137 @@ if ($action == 'dolibarr2ldap')
 *	View
 */

+$form = new Form($db);
+
 $title = (! empty($conf->global->SOCIETE_ADDRESSES_MANAGEMENT) ? $langs->trans("Contacts") : $langs->trans("ContactsAddresses"));

 llxHeader('',$title,'EN:Module_Third_Parties|FR:Module_Tiers|ES:M&oacute;dulo_Empresas');

-$form = new Form($db);
-
-$head = contact_prepare_head($contact);
-
-dol_fiche_head($head, 'ldap', $title, 0, 'contact');
-
-
-print '<table class="border" width="100%">';
-
-// Ref
-print '<tr><td width="20%">'.$langs->trans("Ref").'</td><td colspan="3">';
-print $form->showrefnav($contact,'id');
-print '</td></tr>';
-
-// Name
-print '<tr><td>'.$langs->trans("Lastname").' / '.$langs->trans("Label").'</td><td>'.$contact->lastname.'</td>';
-print '<td>'.$langs->trans("Firstname").'</td><td width="25%">'.$contact->firstname.'</td></tr>';
-
-// Company
-if ($contact->socid > 0)
+if ($id > 0)
 {
-	$objsoc = new Societe($db);
-	$objsoc->fetch($contact->socid);
+	$head = contact_prepare_head($contact);

-	print '<tr><td width="20%">'.$langs->trans("Company").'</td><td colspan="3">'.$objsoc->getNomUrl(1).'</td></tr>';
-}
-else
-{
-	print '<tr><td width="20%">'.$langs->trans("Company").'</td><td colspan="3">';
-	print $langs->trans("ContactNotLinkedToCompany");
+	dol_fiche_head($head, 'ldap', $title, 0, 'contact');
+
+
+	print '<table class="border" width="100%">';
+
+	// Ref
+	print '<tr><td width="20%">'.$langs->trans("Ref").'</td><td colspan="3">';
+	print $form->showrefnav($contact,'id');
 	print '</td></tr>';
-}

-// Civility
-print '<tr><td>'.$langs->trans("UserTitle").'</td><td colspan="3">';
-print $contact->getCivilityLabel();
-print '</td></tr>';
+	// Name
+	print '<tr><td>'.$langs->trans("Lastname").' / '.$langs->trans("Label").'</td><td>'.$contact->lastname.'</td>';
+	print '<td>'.$langs->trans("Firstname").'</td><td width="25%">'.$contact->firstname.'</td></tr>';

-// LDAP DN
-print '<tr><td>LDAP '.$langs->trans("LDAPContactDn").'</td><td class="valeur" colspan="3">'.$conf->global->LDAP_CONTACT_DN."</td></tr>\n";
-
-// LDAP Cle
-print '<tr><td>LDAP '.$langs->trans("LDAPNamingAttribute").'</td><td class="valeur" colspan="3">'.$conf->global->LDAP_KEY_CONTACTS."</td></tr>\n";
-
-// LDAP Server
-print '<tr><td>LDAP '.$langs->trans("LDAPPrimaryServer").'</td><td class="valeur" colspan="3">'.$conf->global->LDAP_SERVER_HOST."</td></tr>\n";
-print '<tr><td>LDAP '.$langs->trans("LDAPSecondaryServer").'</td><td class="valeur" colspan="3">'.$conf->global->LDAP_SERVER_HOST_SLAVE."</td></tr>\n";
-print '<tr><td>LDAP '.$langs->trans("LDAPServerPort").'</td><td class="valeur" colspan="3">'.$conf->global->LDAP_SERVER_PORT."</td></tr>\n";
-
-print '</table>';
-
-print '</div>';
-
-
-dol_htmloutput_mesg($message);
-
-
-/*
- * Barre d'actions
- */
-
-print '<div class="tabsAction">';
-
-if (! empty($conf->global->LDAP_CONTACT_ACTIVE) && $conf->global->LDAP_CONTACT_ACTIVE != 'ldap2dolibarr')
-{
-	print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$contact->id.'&amp;action=dolibarr2ldap">'.$langs->trans("ForceSynchronize").'</a>';
-}
-
-print "</div>\n";
-
-if (! empty($conf->global->LDAP_CONTACT_ACTIVE) && $conf->global->LDAP_CONTACT_ACTIVE != 'ldap2dolibarr') print "<br>\n";
-
-
-
-// Affichage attributs LDAP
-print_titre($langs->trans("LDAPInformationsForThisContact"));
-
-print '<table width="100%" class="noborder">';
-
-print '<tr class="liste_titre">';
-print '<td>'.$langs->trans("LDAPAttributes").'</td>';
-print '<td>'.$langs->trans("Value").'</td>';
-print '</tr>';
-
-// Lecture LDAP
-$ldap=new Ldap();
-$result=$ldap->connect_bind();
-if ($result > 0)
-{
-	$info=$contact->_load_ldap_info();
-	$dn=$contact->_load_ldap_dn($info,1);
-	$search = "(".$contact->_load_ldap_dn($info,2).")";
-	$records=$ldap->getAttribute($dn,$search);
-
-	//var_dump($records);
-
-	// Affichage arbre
-	if (count($records) && $records != false && (! isset($records['count']) || $records['count'] > 0))
+	// Company
+	if ($contact->socid > 0)
 	{
-		if (! is_array($records))
-		{
-			print '<tr '.$bc[false].'><td colspan="2"><font class="error">'.$langs->trans("ErrorFailedToReadLDAP").'</font></td></tr>';
-		}
-		else
-		{
-			$result=show_ldap_content($records,0,$records['count'],true);
-		}
+		$objsoc = new Societe($db);
+		$objsoc->fetch($contact->socid);
+
+		print '<tr><td width="20%">'.$langs->trans("Company").'</td><td colspan="3">'.$objsoc->getNomUrl(1).'</td></tr>';
 	}
 	else
 	{
-		print '<tr '.$bc[false].'><td colspan="2">'.$langs->trans("LDAPRecordNotFound").' (dn='.$dn.' - search='.$search.')</td></tr>';
+		print '<tr><td width="20%">'.$langs->trans("Company").'</td><td colspan="3">';
+		print $langs->trans("ContactNotLinkedToCompany");
+		print '</td></tr>';
 	}

-	$ldap->unbind();
-	$ldap->close();
+	// Civility
+	print '<tr><td>'.$langs->trans("UserTitle").'</td><td colspan="3">';
+	print $contact->getCivilityLabel();
+	print '</td></tr>';
+
+	// LDAP DN
+	print '<tr><td>LDAP '.$langs->trans("LDAPContactDn").'</td><td class="valeur" colspan="3">'.$conf->global->LDAP_CONTACT_DN."</td></tr>\n";
+
+	// LDAP Cle
+	print '<tr><td>LDAP '.$langs->trans("LDAPNamingAttribute").'</td><td class="valeur" colspan="3">'.$conf->global->LDAP_KEY_CONTACTS."</td></tr>\n";
+
+	// LDAP Server
+	print '<tr><td>LDAP '.$langs->trans("LDAPPrimaryServer").'</td><td class="valeur" colspan="3">'.$conf->global->LDAP_SERVER_HOST."</td></tr>\n";
+	print '<tr><td>LDAP '.$langs->trans("LDAPSecondaryServer").'</td><td class="valeur" colspan="3">'.$conf->global->LDAP_SERVER_HOST_SLAVE."</td></tr>\n";
+	print '<tr><td>LDAP '.$langs->trans("LDAPServerPort").'</td><td class="valeur" colspan="3">'.$conf->global->LDAP_SERVER_PORT."</td></tr>\n";
+
+	print '</table>';
+
+	print '</div>';
+
+
+	dol_htmloutput_mesg($message);
+
+
+	/*
+	 * Barre d'actions
+	 */
+
+	print '<div class="tabsAction">';
+
+	if (! empty($conf->global->LDAP_CONTACT_ACTIVE) && $conf->global->LDAP_CONTACT_ACTIVE != 'ldap2dolibarr')
+	{
+		print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$contact->id.'&amp;action=dolibarr2ldap">'.$langs->trans("ForceSynchronize").'</a>';
+	}
+
+	print "</div>\n";
+
+	if (! empty($conf->global->LDAP_CONTACT_ACTIVE) && $conf->global->LDAP_CONTACT_ACTIVE != 'ldap2dolibarr') print "<br>\n";
+
+
+
+	// Affichage attributs LDAP
+	print_titre($langs->trans("LDAPInformationsForThisContact"));
+
+	print '<table width="100%" class="noborder">';
+
+	print '<tr class="liste_titre">';
+	print '<td>'.$langs->trans("LDAPAttributes").'</td>';
+	print '<td>'.$langs->trans("Value").'</td>';
+	print '</tr>';
+
+	// Lecture LDAP
+	$ldap=new Ldap();
+	$result=$ldap->connect_bind();
+	if ($result > 0)
+	{
+		$info=$contact->_load_ldap_info();
+		$dn=$contact->_load_ldap_dn($info,1);
+		$search = "(".$contact->_load_ldap_dn($info,2).")";
+		$records=$ldap->getAttribute($dn,$search);
+
+		//var_dump($records);
+
+		// Affichage arbre
+		if (count($records) && $records != false && (! isset($records['count']) || $records['count'] > 0))
+		{
+			if (! is_array($records))
+			{
+				print '<tr '.$bc[false].'><td colspan="2"><font class="error">'.$langs->trans("ErrorFailedToReadLDAP").'</font></td></tr>';
+			}
+			else
+			{
+				$result=show_ldap_content($records,0,$records['count'],true);
+			}
+		}
+		else
+		{
+			print '<tr '.$bc[false].'><td colspan="2">'.$langs->trans("LDAPRecordNotFound").' (dn='.$dn.' - search='.$search.')</td></tr>';
+		}
+
+		$ldap->unbind();
+		$ldap->close();
+	}
+	else
+	{
+		dol_print_error('',$ldap->error);
+	}
+
+
+	print '</table>';
+
 }
-else
-{
-	dol_print_error('',$ldap->error);
-}
-
-
-print '</table>';
-
-


 $db->close();
--- a/htdocs/contact/list.php
+++ b/htdocs/contact/list.php
@@ -3,7 +3,7 @@
 * Copyright (C) 2003      Eric Seigne          <erics@rycks.com>
 * Copyright (C) 2004-2012 Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) 2005-2012 Regis Houssin        <regis.houssin@capnetworks.com>
- * Copyright (C) 2013      Raphaël Doursenaud   <rdoursenaud@gpcsolutions.fr>
+ * Copyright (C) 2013-2015 Raphaël Doursenaud   <rdoursenaud@gpcsolutions.fr>
 * Copyright (C) 2013      Cédric Salvador      <csalvador@gpcsolutions.fr>
 * Copyright (C) 2013      Alexandre Spangaro   <alexandre.spangaro@gmail.com>
 *
@@ -151,7 +151,7 @@ else
 	if ($search_priv == '1') $sql .= " AND (p.priv='1' AND p.fk_user_creat=".$user->id.")";
 }

-if ($search_categ > 0)   $sql.= " AND cs.fk_categorie = ".$search_categ;
+if ($search_categ > 0)   $sql.= " AND cs.fk_categorie = ".$db->escape($search_categ);
 if ($search_categ == -2) $sql.= " AND cs.fk_categorie IS NULL";

 if ($search_lastname) {      // filter on lastname
@@ -245,11 +245,11 @@ if ($result)
 {
 	$contactstatic=new Contact($db);

-    $param ='&begin='.urlencode($begin).'&view='.urlencode($view).'&userid='.urlencode($userid).'&contactname='.urlencode($sall);
-    $param.='&type='.urlencode($type).'&view='.urlencode($view).'&search_lastname='.urlencode($search_lastname).'&search_firstname='.urlencode($search_firstname).'&search_societe='.urlencode($search_societe).'&search_email='.urlencode($search_email);
-    if (!empty($search_categ)) $param.='&search_categ='.$search_categ;
-    if ($search_status != '') $param.='&amp;search_status='.$search_status;
-    if ($search_priv == '0' || $search_priv == '1') $param.="&search_priv=".urlencode($search_priv);
+    $param ='&begin='.htmlspecialchars($begin).'&view='.htmlspecialchars($view).'&userid='.htmlspecialchars($userid).'&contactname='.htmlspecialchars($sall);
+    $param.='&type='.htmlspecialchars($type).'&view='.htmlspecialchars($view).'&search_lastname='.htmlspecialchars($search_lastname).'&search_firstname='.htmlspecialchars($search_firstname).'&search_societe='.htmlspecialchars($search_societe).'&search_email='.htmlspecialchars($search_email);
+    if (!empty($search_categ)) $param.='&search_categ='.htmlspecialchars($search_categ);
+    if ($search_status != '') $param.='&amp;search_status='.htmlspecialchars($search_status);
+    if ($search_priv == '0' || $search_priv == '1') $param.="&search_priv=".htmlspecialchars($search_priv);

 	$num = $db->num_rows($result);
    $i = 0;
@@ -258,7 +258,7 @@ if ($result)

    print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
    print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
-    print '<input type="hidden" name="view" value="'.$view.'">';
+    print '<input type="hidden" name="view" value="'.htmlspecialchars($view).'">';
    print '<input type="hidden" name="sortfield" value="'.$sortfield.'">';
    print '<input type="hidden" name="sortorder" value="'.$sortorder.'">';

@@ -277,7 +277,7 @@ if ($result)

    if ($sall)
    {
-        print $langs->trans("Filter")." (".$langs->trans("Lastname").", ".$langs->trans("Firstname")." ".$langs->trans("or")." ".$langs->trans("EMail")."): ".$sall;
+        print $langs->trans("Filter")." (".$langs->trans("Lastname").", ".$langs->trans("Firstname")." ".$langs->trans("or")." ".$langs->trans("EMail")."): ".htmlspecialchars($sall);
    }

    print '<table class="liste" width="100%">';
@@ -302,36 +302,36 @@ if ($result)
    // Ligne des champs de filtres
    print '<tr class="liste_titre">';
    print '<td class="liste_titre">';
-    print '<input class="flat" type="text" name="search_lastname" size="9" value="'.$search_lastname.'">';
+    print '<input class="flat" type="text" name="search_lastname" size="9" value="'.htmlspecialchars($search_lastname).'">';
    print '</td>';
    print '<td class="liste_titre">';
-    print '<input class="flat" type="text" name="search_firstname" size="9" value="'.$search_firstname.'">';
+    print '<input class="flat" type="text" name="search_firstname" size="9" value="'.htmlspecialchars($search_firstname).'">';
    print '</td>';
    print '<td class="liste_titre">';
-    print '<input class="flat" type="text" name="search_poste" size="9" value="'.$search_poste.'">';
+    print '<input class="flat" type="text" name="search_poste" size="9" value="'.htmlspecialchars($search_poste).'">';
    print '</td>';
    if (empty($conf->global->SOCIETE_DISABLE_CONTACTS))
    {
        print '<td class="liste_titre">';
-        print '<input class="flat" type="text" name="search_societe" size="9" value="'.$search_societe.'">';
+        print '<input class="flat" type="text" name="search_societe" size="9" value="'.htmlspecialchars($search_societe).'">';
        print '</td>';
    }
    print '<td class="liste_titre">';
-    print '<input class="flat" type="text" name="search_phonepro" size="8" value="'.$search_phonepro.'">';
+    print '<input class="flat" type="text" name="search_phonepro" size="8" value="'.htmlspecialchars($search_phonepro).'">';
    print '</td>';
    print '<td class="liste_titre">';
-    print '<input class="flat" type="text" name="search_phonemob" size="8" value="'.$search_phonemob.'">';
+    print '<input class="flat" type="text" name="search_phonemob" size="8" value="'.htmlspecialchars($search_phonemob).'">';
    print '</td>';
    print '<td class="liste_titre">';
-    print '<input class="flat" type="text" name="search_fax" size="8" value="'.$search_fax.'">';
+    print '<input class="flat" type="text" name="search_fax" size="8" value="'.htmlspecialchars($search_fax).'">';
    print '</td>';
    print '<td class="liste_titre">';
-    print '<input class="flat" type="text" name="search_email" size="8" value="'.$search_email.'">';
+    print '<input class="flat" type="text" name="search_email" size="8" value="'.htmlspecialchars($search_email).'">';
    print '</td>';
    if (! empty($conf->skype->enabled))
    {
        print '<td class="liste_titre">';
-        print '<input class="flat" type="text" name="search_skype" size="8" value="'.$search_skype.'">';
+        print '<input class="flat" type="text" name="search_skype" size="8" value="'.htmlspecialchars($search_skype).'">';
        print '</td>';
    }
 	print '<td class="liste_titre">&nbsp;</td>';
--- a/htdocs/contact/note.php
+++ b/htdocs/contact/note.php
@@ -36,7 +36,7 @@ $langs->load("companies");
 // Security check
 $id = GETPOST('id','int');
 if ($user->societe_id) $id=$user->societe_id;
-$result = restrictedArea($user, 'societe', $id, '&societe');
+$result = restrictedArea($user, 'contact', $id, 'socpeople&societe');

 $object = new Contact($db);
 if ($id > 0) $object->fetch($id);
--- a/htdocs/contact/perso.php
+++ b/htdocs/contact/perso.php
@@ -38,210 +38,213 @@ if ($user->societe_id) $socid=$user->societe_id;
 $result = restrictedArea($user, 'contact', $id, 'socpeople&societe');
 $object = new Contact($db);

-/*
- * Action
- */
+$result = $object->fetch($id, $user);

-if ($action == 'update' && ! $_POST["cancel"] && $user->rights->societe->contact->creer)
+if ($id > 0)
 {
-	$ret = $object->fetch($id);
+    /*
+     * Action
+     */

-	// Note: Correct date should be completed with location to have exact GM time of birth.
-	$object->birthday = dol_mktime(0,0,0,$_POST["birthdaymonth"],$_POST["birthdayday"],$_POST["birthdayyear"]);
-	$object->birthday_alert = $_POST["birthday_alert"];
+    if ($action == 'update' && ! $_POST["cancel"] && $user->rights->societe->contact->creer)
+    {
+        // Note: Correct date should be completed with location to have exact GM time of birth.
+        $object->birthday = dol_mktime(0,0,0,$_POST["birthdaymonth"],$_POST["birthdayday"],$_POST["birthdayyear"]);
+        $object->birthday_alert = $_POST["birthday_alert"];

-	$result = $object->update_perso($id, $user);
-	if ($result > 0)
-	{
-		$object->old_name='';
-		$object->old_firstname='';
-	}
-	else
-	{
-		$error = $object->error;
-	}
+        $result = $object->update_perso($id, $user);
+        if ($result > 0)
+        {
+            $object->old_name='';
+            $object->old_firstname='';
+        }
+        else
+        {
+            $error = $object->error;
+        }
+    }
 }

-
 /*
 *	View
 */

+$form = new Form($db);
+
 $now=dol_now();

 $title = (! empty($conf->global->SOCIETE_ADDRESSES_MANAGEMENT) ? $langs->trans("Contacts") : $langs->trans("ContactsAddresses"));

 llxHeader('',$title,'EN:Module_Third_Parties|FR:Module_Tiers|ES:M&oacute;dulo_Empresas');

-$form = new Form($db);
-
-$object->fetch($id, $user);
-
-$head = contact_prepare_head($object);
-
-dol_fiche_head($head, 'perso', $title, 0, 'contact');
-
-if ($action == 'edit')
+if ($id > 0)
 {
-	/*
-	 * Fiche en mode edition
-	 */
+    $head = contact_prepare_head($object);

-    print '<form name="perso" method="POST" action="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'">';
-    print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
-    print '<input type="hidden" name="action" value="update">';
-    print '<input type="hidden" name="id" value="'.$object->id.'">';
+    dol_fiche_head($head, 'perso', $title, 0, 'contact');

-    print '<table class="border" width="100%">';
-
-    // Ref
-    print '<tr><td width="20%">'.$langs->trans("Ref").'</td><td colspan="3">';
-    print $object->id;
-    print '</td></tr>';
-
-    // Name
-    print '<tr><td width="20%">'.$langs->trans("Lastname").' / '.$langs->trans("Label").'</td><td width="30%">'.$object->lastname.'</td>';
-    print '<td width="20%">'.$langs->trans("Firstname").'</td><td width="30%">'.$object->firstname.'</td>';
-
-    // Company
-    if (empty($conf->global->SOCIETE_DISABLE_CONTACTS))
+    if ($action == 'edit')
    {
-        if ($object->socid > 0)
+        /*
+         * Fiche en mode edition
+         */
+
+        print '<form name="perso" method="POST" action="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'">';
+        print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
+        print '<input type="hidden" name="action" value="update">';
+        print '<input type="hidden" name="id" value="'.$object->id.'">';
+
+        print '<table class="border" width="100%">';
+
+        // Ref
+        print '<tr><td width="20%">'.$langs->trans("Ref").'</td><td colspan="3">';
+        print $object->id;
+        print '</td></tr>';
+
+        // Name
+        print '<tr><td width="20%">'.$langs->trans("Lastname").' / '.$langs->trans("Label").'</td><td width="30%">'.$object->lastname.'</td>';
+        print '<td width="20%">'.$langs->trans("Firstname").'</td><td width="30%">'.$object->firstname.'</td>';
+
+        // Company
+        if (empty($conf->global->SOCIETE_DISABLE_CONTACTS))
        {
-            $objsoc = new Societe($db);
-            $objsoc->fetch($object->socid);
+            if ($object->socid > 0)
+            {
+                $objsoc = new Societe($db);
+                $objsoc->fetch($object->socid);

-            print '<tr><td>'.$langs->trans("Company").'</td><td colspan="3">'.$objsoc->getNomUrl(1).'</td>';
-        }
-        else
-        {
-            print '<tr><td>'.$langs->trans("Company").'</td><td colspan="3">';
-            print $langs->trans("ContactNotLinkedToCompany");
-            print '</td></tr>';
-        }
-    }
-
-    // Civility
-    print '<tr><td>'.$langs->trans("UserTitle").'</td><td colspan="3">';
-    print $object->getCivilityLabel();
-    print '</td></tr>';
-
-    // Date To Birth
-    print '<tr><td>'.$langs->trans("DateToBirth").'</td><td>';
-    $form=new Form($db);
-    print $form->select_date($object->birthday,'birthday',0,0,1,"perso");
-    print '</td>';
-
-    print '<td colspan="2">'.$langs->trans("Alert").': ';
-    if (! empty($object->birthday_alert))
-    {
-        print '<input type="checkbox" name="birthday_alert" checked="checked"></td>';
-    }
-    else
-    {
-        print '<input type="checkbox" name="birthday_alert"></td>';
-    }
-    print '</tr>';
-
-    print "</table><br>";
-
-    print '<center>';
-    print '<input type="submit" class="button" name="save" value="'.$langs->trans("Save").'">';
-    print ' &nbsp; ';
-    print '<input type="submit" class="button" name="cancel" value="'.$langs->trans("Cancel").'">';
-    print '</center>';
-
-    print "</form>";
-}
-else
-{
-    /*
-     * Fiche en mode visu
-     */
-    print '<table class="border" width="100%">';
-
-    $linkback = '<a href="'.DOL_URL_ROOT.'/contact/list.php">'.$langs->trans("BackToList").'</a>';
-
-    // Ref
-    print '<tr><td width="20%">'.$langs->trans("Ref").'</td><td colspan="3">';
-    print $form->showrefnav($object, 'id', $linkback);
-    print '</td></tr>';
-
-    // Name
-    print '<tr><td width="20%">'.$langs->trans("Lastname").' / '.$langs->trans("Label").'</td><td width="30%">'.$object->lastname.'</td>';
-    print '<td width="20%">'.$langs->trans("Firstname").'</td><td width="30%">'.$object->firstname.'</td></tr>';
-
-    // Company
-    if (empty($conf->global->SOCIETE_DISABLE_CONTACTS))
-    {
-        if ($object->socid > 0)
-        {
-            $objsoc = new Societe($db);
-            $objsoc->fetch($object->socid);
-
-            print '<tr><td>'.$langs->trans("Company").'</td><td colspan="3">'.$objsoc->getNomUrl(1).'</td></tr>';
+                print '<tr><td>'.$langs->trans("Company").'</td><td colspan="3">'.$objsoc->getNomUrl(1).'</td>';
+            }
+            else
+            {
+                print '<tr><td>'.$langs->trans("Company").'</td><td colspan="3">';
+                print $langs->trans("ContactNotLinkedToCompany");
+                print '</td></tr>';
+            }
        }

-        else
-        {
-            print '<tr><td>'.$langs->trans("Company").'</td><td colspan="3">';
-            print $langs->trans("ContactNotLinkedToCompany");
-            print '</td></tr>';
-        }
-    }
+        // Civility
+        print '<tr><td>'.$langs->trans("UserTitle").'</td><td colspan="3">';
+        print $object->getCivilityLabel();
+        print '</td></tr>';

-    // Civility
-    print '<tr><td>'.$langs->trans("UserTitle").'</td><td colspan="3">';
-    print $object->getCivilityLabel();
-    print '</td></tr>';
-
-    // Date To Birth
-    print '<tr>';
-    if (! empty($object->birthday))
-    {
-        include_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
-
-        print '<td>'.$langs->trans("DateToBirth").'</td><td colspan="3">'.dol_print_date($object->birthday,"day");
-
-        print ' &nbsp; ';
-        //var_dump($birthdatearray);
-        $ageyear=convertSecondToTime($now-$object->birthday,'year')-1970;
-        $agemonth=convertSecondToTime($now-$object->birthday,'month')-1;
-        if ($ageyear >= 2) print '('.$ageyear.' '.$langs->trans("DurationYears").')';
-        else if ($agemonth >= 2) print '('.$agemonth.' '.$langs->trans("DurationMonths").')';
-        else print '('.$agemonth.' '.$langs->trans("DurationMonth").')';
-
-
-        print ' &nbsp; - &nbsp; ';
-        if ($object->birthday_alert) print $langs->trans("BirthdayAlertOn");
-        else print $langs->trans("BirthdayAlertOff");
+        // Date To Birth
+        print '<tr><td>'.$langs->trans("DateToBirth").'</td><td>';
+        $form=new Form($db);
+        print $form->select_date($object->birthday,'birthday',0,0,1,"perso");
        print '</td>';
+
+        print '<td colspan="2">'.$langs->trans("Alert").': ';
+        if (! empty($object->birthday_alert))
+        {
+            print '<input type="checkbox" name="birthday_alert" checked="checked"></td>';
+        }
+        else
+        {
+            print '<input type="checkbox" name="birthday_alert"></td>';
+        }
+        print '</tr>';
+
+        print "</table><br>";
+
+        print '<center>';
+        print '<input type="submit" class="button" name="save" value="'.$langs->trans("Save").'">';
+        print ' &nbsp; ';
+        print '<input type="submit" class="button" name="cancel" value="'.$langs->trans("Cancel").'">';
+        print '</center>';
+
+        print "</form>";
    }
    else
    {
-        print '<td>'.$langs->trans("DateToBirth").'</td><td colspan="3">'.$langs->trans("Unknown")."</td>";
-    }
-    print "</tr>";
+        /*
+         * Fiche en mode visu
+         */
+        print '<table class="border" width="100%">';

-    print "</table>";
+        $linkback = '<a href="'.DOL_URL_ROOT.'/contact/list.php">'.$langs->trans("BackToList").'</a>';

-}
+        // Ref
+        print '<tr><td width="20%">'.$langs->trans("Ref").'</td><td colspan="3">';
+        print $form->showrefnav($object, 'id', $linkback);
+        print '</td></tr>';

-dol_fiche_end();
+        // Name
+        print '<tr><td width="20%">'.$langs->trans("Lastname").' / '.$langs->trans("Label").'</td><td width="30%">'.$object->lastname.'</td>';
+        print '<td width="20%">'.$langs->trans("Firstname").'</td><td width="30%">'.$object->firstname.'</td></tr>';

-if ($action != 'edit')
-{
-    // Barre d'actions
-    if ($user->societe_id == 0)
-    {
-        print '<div class="tabsAction">';
-
-        if ($user->rights->societe->contact->creer)
+        // Company
+        if (empty($conf->global->SOCIETE_DISABLE_CONTACTS))
        {
-            print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=edit">'.$langs->trans('Modify').'</a>';
+            if ($object->socid > 0)
+            {
+                $objsoc = new Societe($db);
+                $objsoc->fetch($object->socid);
+
+                print '<tr><td>'.$langs->trans("Company").'</td><td colspan="3">'.$objsoc->getNomUrl(1).'</td></tr>';
+            }
+
+            else
+            {
+                print '<tr><td>'.$langs->trans("Company").'</td><td colspan="3">';
+                print $langs->trans("ContactNotLinkedToCompany");
+                print '</td></tr>';
+            }
        }

-        print "</div>";
+        // Civility
+        print '<tr><td>'.$langs->trans("UserTitle").'</td><td colspan="3">';
+        print $object->getCivilityLabel();
+        print '</td></tr>';
+
+        // Date To Birth
+        print '<tr>';
+        if (! empty($object->birthday))
+        {
+            include_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
+
+            print '<td>'.$langs->trans("DateToBirth").'</td><td colspan="3">'.dol_print_date($object->birthday,"day");
+
+            print ' &nbsp; ';
+            //var_dump($birthdatearray);
+            $ageyear=convertSecondToTime($now-$object->birthday,'year')-1970;
+            $agemonth=convertSecondToTime($now-$object->birthday,'month')-1;
+            if ($ageyear >= 2) print '('.$ageyear.' '.$langs->trans("DurationYears").')';
+            else if ($agemonth >= 2) print '('.$agemonth.' '.$langs->trans("DurationMonths").')';
+            else print '('.$agemonth.' '.$langs->trans("DurationMonth").')';
+
+
+            print ' &nbsp; - &nbsp; ';
+            if ($object->birthday_alert) print $langs->trans("BirthdayAlertOn");
+            else print $langs->trans("BirthdayAlertOff");
+            print '</td>';
+        }
+        else
+        {
+            print '<td>'.$langs->trans("DateToBirth").'</td><td colspan="3">'.$langs->trans("Unknown")."</td>";
+        }
+        print "</tr>";
+
+        print "</table>";
+
+    }
+
+    dol_fiche_end();
+
+    if ($action != 'edit')
+    {
+        // Barre d'actions
+        if ($user->societe_id == 0)
+        {
+            print '<div class="tabsAction">';
+
+            if ($user->rights->societe->contact->creer)
+            {
+                print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=edit">'.$langs->trans('Modify').'</a>';
+            }
+
+            print "</div>";
+        }
    }
 }

--- a/htdocs/contact/vcard.php
+++ b/htdocs/contact/vcard.php
@@ -35,69 +35,73 @@ $id = GETPOST('id', 'int');
 $result = restrictedArea($user, 'contact', $id, 'socpeople&societe');

 $contact = new Contact($db);
-$result=$contact->fetch($id);

-$physicalperson=1;
-
-$company = new Societe($db);
-if ($contact->socid)
+if ($id > 0)
 {
-	$result=$company->fetch($contact->socid);
-	//print "ee";
+	$result=$contact->fetch($id);
+
+	$physicalperson=1;
+
+	$company = new Societe($db);
+	if ($contact->socid)
+	{
+		$result=$company->fetch($contact->socid);
+		//print "ee";
+	}
+
+	// We create VCard
+	$v = new vCard();
+	$v->setProdId('Dolibarr '.DOL_VERSION);
+
+	$v->setUid('DOLIBARR-CONTACTID-'.$contact->id);
+	$v->setName($contact->lastname, $contact->firstname, "", "", "");
+	$v->setFormattedName($contact->getFullName($langs));
+
+	// By default, all informations are for work (except phone_perso and phone_mobile)
+	$v->setPhoneNumber($contact->phone_pro, "PREF;WORK;VOICE");
+	$v->setPhoneNumber($contact->phone_mobile, "CELL;VOICE");
+	$v->setPhoneNumber($contact->fax, "WORK;FAX");
+
+	$v->setAddress("", "", $contact->address, $contact->town, "", $contact->zip, ($contact->country_code?$contact->country_id:''), "WORK;POSTAL");
+	$v->setLabel("", "", $contact->address, $contact->town, "", $contact->zip, ($contact->country_code?$contact->country_id:''), "WORK");
+	$v->setEmail($contact->email,'internet,pref');
+	$v->setNote($contact->note);
+
+	$v->setTitle($contact->poste);
+
+	// Data from linked company
+	if ($company->id)
+	{
+		$v->setURL($company->url, "WORK");
+		if (! $contact->phone_pro) $v->setPhoneNumber($company->phone, "WORK;VOICE");
+		if (! $contact->fax)       $v->setPhoneNumber($company->fax, "WORK;FAX");
+		if (! $contact->zip)        $v->setAddress("", "", $company->address, $company->town, "", $company->zip, $company->country_code, "WORK;POSTAL");
+		if ($company->email != $contact->email) $v->setEmail($company->email,'internet');
+		// Si contact lie a un tiers non de type "particulier"
+		if ($contact->typent_code != 'TE_PRIVATE') $v->setOrg($company->nom);
+	}
+
+	// Personal informations
+	$v->setPhoneNumber($contact->phone_perso, "HOME;VOICE");
+	if ($contact->birthday) $v->setBirthday($contact->birthday);
+
+	$db->close();
+
+
+	// Renvoi la VCard au navigateur
+
+	$output = $v->getVCard();
+
+	$filename =trim(urldecode($v->getFileName()));      // "Nom prenom.vcf"
+	$filenameurlencoded = dol_sanitizeFileName(urlencode($filename));
+	//$filename = dol_sanitizeFileName($filename);
+
+
+	header("Content-Disposition: attachment; filename=\"".$filename."\"");
+	header("Content-Length: ".dol_strlen($output));
+	header("Connection: close");
+	header("Content-Type: text/x-vcard; name=\"".$filename."\"");
+
+	print $output;
 }

-// We create VCard
-$v = new vCard();
-$v->setProdId('Dolibarr '.DOL_VERSION);
-
-$v->setUid('DOLIBARR-CONTACTID-'.$contact->id);
-$v->setName($contact->lastname, $contact->firstname, "", "", "");
-$v->setFormattedName($contact->getFullName($langs));
-
-// By default, all informations are for work (except phone_perso and phone_mobile)
-$v->setPhoneNumber($contact->phone_pro, "PREF;WORK;VOICE");
-$v->setPhoneNumber($contact->phone_mobile, "CELL;VOICE");
-$v->setPhoneNumber($contact->fax, "WORK;FAX");
-
-$v->setAddress("", "", $contact->address, $contact->town, "", $contact->zip, ($contact->country_code?$contact->country_id:''), "WORK;POSTAL");
-$v->setLabel("", "", $contact->address, $contact->town, "", $contact->zip, ($contact->country_code?$contact->country_id:''), "WORK");
-$v->setEmail($contact->email,'internet,pref');
-$v->setNote($contact->note);
-
-$v->setTitle($contact->poste);
-
-// Data from linked company
-if ($company->id)
-{
-	$v->setURL($company->url, "WORK");
-	if (! $contact->phone_pro) $v->setPhoneNumber($company->phone, "WORK;VOICE");
-	if (! $contact->fax)       $v->setPhoneNumber($company->fax, "WORK;FAX");
-	if (! $contact->zip)        $v->setAddress("", "", $company->address, $company->town, "", $company->zip, $company->country_code, "WORK;POSTAL");
-	if ($company->email != $contact->email) $v->setEmail($company->email,'internet');
-	// Si contact lie a un tiers non de type "particulier"
-	if ($contact->typent_code != 'TE_PRIVATE') $v->setOrg($company->nom);
-}
-
-// Personal informations
-$v->setPhoneNumber($contact->phone_perso, "HOME;VOICE");
-if ($contact->birthday) $v->setBirthday($contact->birthday);
-
-$db->close();
-
-
-// Renvoi la VCard au navigateur
-
-$output = $v->getVCard();
-
-$filename =trim(urldecode($v->getFileName()));      // "Nom prenom.vcf"
-$filenameurlencoded = dol_sanitizeFileName(urlencode($filename));
-//$filename = dol_sanitizeFileName($filename);
-
-
-header("Content-Disposition: attachment; filename=\"".$filename."\"");
-header("Content-Length: ".dol_strlen($output));
-header("Connection: close");
-header("Content-Type: text/x-vcard; name=\"".$filename."\"");
-
-print $output;
-
--- a/htdocs/contrat/class/contrat.class.php
+++ b/htdocs/contrat/class/contrat.class.php
@@ -92,23 +92,31 @@ class Contrat extends CommonObject
 		global $db, $langs, $conf;
 		$langs->load("contracts");

-		$dir = DOL_DOCUMENT_ROOT . "/core/modules/contract";
-
-		if (empty($conf->global->CONTRACT_ADDON))
+		if (!empty($conf->global->CONTRACT_ADDON))
 		{
-		    $conf->global->CONTRACT_ADDON='mod_contract_serpis';
-		}
+			$mybool = false;

-		$file = $conf->global->CONTRACT_ADDON.".php";
+			$file = $conf->global->CONTRACT_ADDON.".php";
+			$classname = $conf->global->CONTRACT_ADDON;

-		// Chargement de la classe de numerotation
-		$classname = $conf->global->CONTRACT_ADDON;
+			// Include file with class
+			$dirmodels = array_merge(array('/'), (array) $conf->modules_parts['models']);
+
+			foreach ($dirmodels as $reldir) {
+
+				$dir = dol_buildpath($reldir."core/modules/contract/");
+
+				// Load file with numbering class (if found)
+				$mybool|=@include_once $dir.$file;
+			}
+
+			if (! $mybool)
+			{
+				dol_print_error('',"Failed to include file ".$file);
+				return '';
+			}

-		$result=include_once $dir.'/'.$file;
-		if ($result)
-		{
 			$obj = new $classname();
-
 			$numref = "";
 			$numref = $obj->getNextValue($soc,$this);

@@ -118,15 +126,17 @@ class Contrat extends CommonObject
 			}
 			else
 			{
+				$this->error = $obj->error;
 				dol_print_error($db,get_class($this)."::getNextValue ".$obj->error);
 				return "";
 			}
 		}
 		else
 		{
-			print $langs->trans("Error")." ".$langs->trans("Error_CONTRACT_ADDON_NotDefined");
+			$langs->load("errors");
+			print $langs->trans("Error")." ".$langs->trans("ErrorModuleSetupNotComplete");
 			return "";
-			}
+		}
 	}

 	/**
--- a/htdocs/contrat/fiche.php
+++ b/htdocs/contrat/fiche.php
@@ -1137,7 +1137,7 @@ else
        				$value = isset($_POST ["options_" . $key]) ? dol_mktime($_POST ["options_" . $key . "hour"], $_POST ["options_" . $key . "min"], 0, $_POST ["options_" . $key . "month"], $_POST ["options_" . $key . "day"], $_POST ["options_" . $key . "year"]) : $db->jdate($object->array_options ['options_' . $key]);
        			}

-        			if ($action == 'edit_extras' && $user->rights->commande->creer && GETPOST('attribute') == $key) {
+        			if ($action == 'edit_extras' && $user->rights->contrat->creer && GETPOST('attribute') == $key) {
        				print '<form enctype="multipart/form-data" action="' . $_SERVER["PHP_SELF"] . '" method="post" name="formcontract">';
        				print '<input type="hidden" name="action" value="update_extras">';
        				print '<input type="hidden" name="attribute" value="' . $key . '">';
@@ -1150,7 +1150,7 @@ else
        				print '</form>';
        			} else {
        				print $extrafields->showOutputField($key, $value);
-        				if ($object->statut == 0 && $user->rights->commande->creer)
+        				if ($object->statut == 0 && $user->rights->contrat->creer)
        					print '<a href="' . $_SERVER['PHP_SELF'] . '?id=' . $object->id . '&action=edit_extras&attribute=' . $key . '">' . img_picto('', 'edit') . ' ' . $langs->trans('Modify') . '</a>';
        			}
        			print '</td></tr>' . "\n";
--- a/htdocs/contrat/liste.php
+++ b/htdocs/contrat/liste.php
@@ -78,7 +78,7 @@ $sql.= ", ".MAIN_DB_PREFIX."contrat as c";
 $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat";
 $sql.= " WHERE c.fk_soc = s.rowid ";
 $sql.= " AND c.entity = ".$conf->entity;
-if ($socid) $sql.= " AND s.rowid = ".$socid;
+if ($socid) $sql.= " AND s.rowid = ".$db->escape($socid);
 if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
 if ($search_nom) {
    $sql .= natural_search('s.nom', $search_nom);
@@ -100,13 +100,13 @@ if ($resql)
    $num = $db->num_rows($resql);
    $i = 0;

-    print_barre_liste($langs->trans("ListOfContracts"), $page, $_SERVER["PHP_SELF"], '&search_contract='.$search_contract.'&search_nom='.$search_nom, $sortfield, $sortorder,'',$num);
+    print_barre_liste($langs->trans("ListOfContracts"), $page, $_SERVER["PHP_SELF"], '&search_contract='.htmlspecialchars($search_contract).'&search_nom='.htmlspecialchars($search_nom), $sortfield, $sortorder,'',$num);

    print '<table class="liste" width="100%">';

    print '<tr class="liste_titre">';
-    $param='&amp;search_contract='.$search_contract;
-    $param.='&amp;search_nom='.$search_nom;
+    $param='&amp;search_contract='.htmlspecialchars($search_contract);
+    $param.='&amp;search_nom='.htmlspecialchars($search_nom);
    print_liste_field_titre($langs->trans("Ref"), $_SERVER["PHP_SELF"], "c.rowid","","$param",'',$sortfield,$sortorder);
    print_liste_field_titre($langs->trans("Company"), $_SERVER["PHP_SELF"], "s.nom","","$param",'',$sortfield,$sortorder);
    //print_liste_field_titre($langs->trans("DateCreation"), $_SERVER["PHP_SELF"], "c.datec","","$param",'align="center"',$sortfield,$sortorder);
@@ -122,10 +122,10 @@ if ($resql)
    print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
    print '<tr class="liste_titre">';
    print '<td class="liste_titre">';
-    print '<input type="text" class="flat" size="3" name="search_contract" value="'.$search_contract.'">';
+    print '<input type="text" class="flat" size="3" name="search_contract" value="'.htmlspecialchars($search_contract).'">';
    print '</td>';
    print '<td class="liste_titre">';
-    print '<input type="text" class="flat" size="24" name="search_nom" value="'.$search_nom.'">';
+    print '<input type="text" class="flat" size="24" name="search_nom" value="'.htmlspecialchars($search_nom).'">';
    print '</td>';
    print '<td class="liste_titre">&nbsp;</td>';
    //print '<td class="liste_titre">&nbsp;</td>';
--- a/htdocs/core/actions_extrafields.inc.php
+++ b/htdocs/core/actions_extrafields.inc.php
@@ -118,7 +118,7 @@ if ($action == 'add')
 	    if (! $error)
 	    {
    		// attrname must be alphabetical and lower case only
-    		if (isset($_POST["attrname"]) && preg_match("/^[a-z0-9-_]+$/",$_POST['attrname']))
+    		if (isset($_POST["attrname"]) && preg_match("/^[a-z0-9-_]+$/",$_POST['attrname']) && !is_numeric($_POST["attrname"]))
    		{
    			// Construct array for parameter (value of select list)
        		$default_value = GETPOST('default_value');
--- a/htdocs/core/boxes/box_prospect.php
+++ b/htdocs/core/boxes/box_prospect.php
@@ -136,7 +136,6 @@ class box_prospect extends ModeleBoxes
 			}
 		}
 		else {
-			dol_syslog("box_prospect::loadBox not allowed de read this box content",LOG_ERR);
 			$this->info_box_contents[0][0] = array('td' => 'align="left"',
        'text' => $langs->trans("ReadPermissionNotAllowed"));
 		}
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -65,13 +65,15 @@ abstract class CommonObject
     */
    static function isExistingObject($element, $id, $ref='', $ref_ext='')
    {
-    	global $db;
+    	global $db,$conf;

 		$sql = "SELECT rowid, ref, ref_ext";
 		$sql.= " FROM ".MAIN_DB_PREFIX.$element;
-		if ($id > 0) $sql.= " WHERE rowid = ".$db->escape($id);
-		else if ($ref) $sql.= " WHERE ref = '".$db->escape($ref)."'";
-		else if ($ref_ext) $sql.= " WHERE ref_ext = '".$db->escape($ref_ext)."'";
+		$sql.= " WHERE entity IN (".getEntity($element, true).")" ;
+
+		if ($id > 0) $sql.= " AND rowid = ".$db->escape($id);
+		else if ($ref) $sql.= " AND ref = '".$db->escape($ref)."'";
+		else if ($ref_ext) $sql.= " AND ref_ext = '".$db->escape($ref_ext)."'";
 		else {
 			$error='ErrorWrongParameters';
 			dol_print_error(get_class()."::isExistingObject ".$error, LOG_ERR);
--- a/htdocs/core/class/extrafields.class.php
+++ b/htdocs/core/class/extrafields.class.php
@@ -753,7 +753,7 @@ class ExtraFields
 					$sqlwhere.= ' WHERE 1';
 				}
 				if (in_array($InfoFieldList[0],array('tablewithentity'))) $sqlwhere.= ' AND entity = '.$conf->entity;	// Some tables may have field, some other not. For the moment we disable it.
-				//$sql.=preg_replace('/^ AND /','',$sqlwhere);
+				$sql.=preg_replace('/^ AND /','',$sqlwhere);
 				//print $sql;

 				dol_syslog(get_class($this).'::showInputField type=sellist sql='.$sql);
--- a/htdocs/core/class/hookmanager.class.php
+++ b/htdocs/core/class/hookmanager.class.php
@@ -184,7 +184,7 @@ class HookManager
                    		}*/
                    	}

-                    	if (is_array($actionclassinstance->results))  $this->resArray =array_merge($this->resArray, $actionclassinstance->results);
+                    	if (isset($actionclassinstance->results) && is_array($actionclassinstance->results))  $this->resArray =array_merge($this->resArray, $actionclassinstance->results);
                    	if (! empty($actionclassinstance->resprints)) $this->resPrint.=$actionclassinstance->resprints;
                    }
                    // Generic hooks that return a string or array (printSearchForm, printLeftBlock, formAddObjectLine, formBuilddocOptions, ...)
--- a/htdocs/core/class/html.form.class.php
+++ b/htdocs/core/class/html.form.class.php
@@ -203,7 +203,7 @@ class Form
            else
 			{
 				if ($typeofdata == 'email')   $ret.=dol_print_email($value,0,0,0,0,1);
-                elseif ($typeofdata == 'amount')   $ret.=($value != '' ? price($value,'',$langs,0,0,-1,$conf->currency) : '');
+                elseif ($typeofdata == 'amount')   $ret.=($value != '' ? price($value,'',$langs,0,-1,-1,$conf->currency) : '');
                elseif (preg_match('/^text/',$typeofdata) || preg_match('/^note/',$typeofdata))  $ret.=dol_htmlentitiesbr($value);
                elseif ($typeofdata == 'day' || $typeofdata == 'datepicker') $ret.=dol_print_date($value,'day');
                elseif ($typeofdata == 'datehourpicker') $ret.=dol_print_date($value,'dayhour');
@@ -847,7 +847,7 @@ class Form
                        $out.= '<option value="'.$obj->rowid.'">'.$label.'</option>';
                    }

-                    array_push($outarray, array('key'=>$obj->rowid, 'value'=>$obj->name, 'label'=>$obj->name));
+                    array_push($outarray, array('key'=>$obj->rowid, 'value'=>$obj->rowid, 'label'=>$label));

                    $i++;
                    if (($i % 10) == 0) $out.="\n";
@@ -4172,7 +4172,7 @@ class Form
                {
                    global $dolibarr_main_url_root;
                    $ret.='<!-- Put link to gravatar -->';
-                    $ret.='<img alt="Photo found on Gravatar" title="Photo Gravatar.com - email '.$email.'" border="0" width="'.$width.'" src="http://www.gravatar.com/avatar/'.dol_hash($email).'?s='.$width.'&d='.urlencode(dol_buildpath('/theme/common/nophoto.jpg',2)).'">';
+                    $ret.='<img alt="Photo found on Gravatar" title="Photo Gravatar.com - email '.$email.'" border="0" width="'.$width.'" src="https://www.gravatar.com/avatar/'.dol_hash($email).'?s='.$width.'&d='.urlencode(dol_buildpath('/theme/common/nophoto.jpg',2)).'">';
                }
                else
                {
--- a/htdocs/core/class/html.formcompany.class.php
+++ b/htdocs/core/class/html.formcompany.class.php
@@ -610,8 +610,6 @@ class FormCompany
                }

 				print "\n".'<!-- Input text for third party with Ajax.Autocompleter (selectCompaniesForNewContact) -->'."\n";
-				print '<table class="nobordernopadding"><tr class="nobordernopadding">';
-				print '<td class="nobordernopadding">';
 				if ($obj->rowid == 0)
 				{
 					print '<input type="text" size="30" id="search_'.$htmlname.'" name="search_'.$htmlname.'" value="" '.$htmloption.' />';
@@ -621,9 +619,6 @@ class FormCompany
 					print '<input type="text" size="30" id="search_'.$htmlname.'" name="search_'.$htmlname.'" value="'.$obj->nom.'" '.$htmloption.' />';
 				}
 				print ajax_autocompleter(($socid?$socid:-1),$htmlname,DOL_URL_ROOT.'/societe/ajaxcompanies.php','',$minLength);
-				print '</td>';
-				print '</tr>';
-				print '</table>';
 				print "\n";
 				return $socid;
 			}
--- a/htdocs/core/class/html.formmail.class.php
+++ b/htdocs/core/class/html.formmail.class.php
@@ -2,6 +2,7 @@
 /* Copyright (C) 2005-2012 Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) 2005-2012 Regis Houssin		<regis.houssin@capnetworks.com>
 * Copyright (C) 2010-2011 Juanjo Menent		<jmenent@2byte.es>
+ * Copyright (C) 2015      Marcos García        <marcosgdf@gmail.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -254,6 +255,7 @@ class FormMail
        	if ($this->withform == 1)
        	{
        		$out.= '<form method="POST" name="mailform" enctype="multipart/form-data" action="'.$this->param["returnurl"].'">'."\n";
+				$out.= '<input style="display:none" type="submit" id="sendmail" name="sendmail">';
        		$out.= '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'" />';
        	}
        	foreach ($this->param as $key=>$value)
--- a/htdocs/core/class/menubase.class.php
+++ b/htdocs/core/class/menubase.class.php
@@ -152,7 +152,7 @@ class Menubase
        $sql.= " '".$this->fk_menu."',";
        $sql.= " ".($this->fk_mainmenu?"'".$this->fk_mainmenu."'":"null").",";
        $sql.= " ".($this->fk_leftmenu?"'".$this->fk_leftmenu."'":"null").",";
-        $sql.= " '".$this->position."',";
+        $sql.= " '".(int) $this->position."',";
        $sql.= " '".$this->db->escape($this->url)."',";
        $sql.= " '".$this->db->escape($this->target)."',";
        $sql.= " '".$this->db->escape($this->titre)."',";
--- a/htdocs/core/class/vcard.class.php
+++ b/htdocs/core/class/vcard.class.php
@@ -150,7 +150,7 @@ class vCard
    {
        $this->properties["N;CHARSET=".$this->encoding] = encode($family).";".encode($first).";".encode($additional).";".encode($prefix).";".encode($suffix);
        $this->filename = "$first%20$family.vcf";
-        if ($this->properties["FN"]=="") $this->setFormattedName(trim("$prefix $first $additional $family $suffix"));
+        if (empty($this->properties["FN"])) $this->setFormattedName(trim("$prefix $first $additional $family $suffix"));
    }

    /**
--- a/htdocs/core/lib/agenda.lib.php
+++ b/htdocs/core/lib/agenda.lib.php
@@ -130,7 +130,6 @@ function print_actions_filter($form, $canedit, $status, $year, $month, $day, $sh
 		print '<td align="center" valign="middle" class="nowrap">';
 		print '<script type="text/javascript">' . "\n";
 		print 'jQuery(document).ready(function () {' . "\n";
-		print 'jQuery("#check_mytasks").click(function() { jQuery(".family_mytasks").toggle(); jQuery(".family_other").toggle(); });' . "\n";
 		print 'jQuery("#check_birthday").click(function() { jQuery(".family_birthday").toggle(); });' . "\n";
 		print 'jQuery(".family_birthday").toggle();' . "\n";
 		print '});' . "\n";
@@ -140,20 +139,24 @@ function print_actions_filter($form, $canedit, $status, $year, $month, $day, $sh
 		{
 			if (count($showextcals) > 0)
 			{
-				print '<tr><td><input type="checkbox" id="check_mytasks" name="check_mytasks" checked="true" disabled="disabled"> ' . $langs->trans("LocalAgenda") . '</td></tr>';
+				print '<tr><td>';
+				print '<script type="text/javascript">
+					jQuery(document).ready(function () {
+
+						jQuery("form.listactionsfilter input[name^=\"check_\"]").click(function() {
+							var name = $(this).attr("name");
+
+							jQuery(".family_" + name.replace("check_", "")).toggle();
+						});
+				    });
+				</script>';
+				print '<input type="checkbox" id="check_mytasks" name="check_mytasks" checked="true" disabled="disabled"> ' . $langs->trans("LocalAgenda") . '</td></tr>';
 				foreach ($showextcals as $val)
 				{
-					$htmlname = dol_string_nospecial($val['name']);
+					$htmlname = md5($val['name']);
+
 					print '<tr><td>';
-					print '<script type="text/javascript">' . "\n";
-					print 'jQuery(document).ready(function () {' . "\n";
-					print '		jQuery("#check_' . $htmlname . '").click(function() {';
-					print ' 		/* alert("'.$htmlname.'"); */';
-					print ' 		jQuery(".family_' . $htmlname . '").toggle();';
-					print '		});' . "\n";
-					print '});' . "\n";
-					print '</script>' . "\n";
-					print '<input type="checkbox" id="check_' . $htmlname . '" name="check_' . $htmlname . '" checked="true"> ' . $val ['name'];
+					print '<input type="checkbox" id="check_' . $htmlname . '" name="check_ext' . $htmlname . '" checked="true"> ' . $val ['name'];
 					print '</td></tr>';
 				}
 			}
--- a/htdocs/core/lib/company.lib.php
+++ b/htdocs/core/lib/company.lib.php
@@ -937,9 +937,10 @@ function show_actions_todo($conf,$langs,$db,$object,$objcon='',$noprint=0)
        $sql.= " u.login, u.rowid";
        if (get_class($object) == 'Adherent') $sql.= ", m.lastname, m.firstname";
        if (get_class($object) == 'Societe')  $sql.= ", sp.lastname, sp.firstname";
-        $sql.= " FROM ".MAIN_DB_PREFIX."c_actioncomm as c, ".MAIN_DB_PREFIX."user as u, ".MAIN_DB_PREFIX."actioncomm as a";
+        $sql.= " FROM ".MAIN_DB_PREFIX."user as u, ".MAIN_DB_PREFIX."actioncomm as a";
        if (get_class($object) == 'Adherent') $sql.= ", ".MAIN_DB_PREFIX."adherent as m";
        if (get_class($object) == 'Societe')  $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople as sp ON a.fk_contact = sp.rowid";
+        $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_actioncomm as c ON a.fk_action = c.id ";
        $sql.= " WHERE u.rowid = a.fk_user_author";
        $sql.= " AND a.entity IN (".getEntity('agenda', 1).")";
        if (get_class($object) == 'Adherent') {
@@ -949,7 +950,7 @@ function show_actions_todo($conf,$langs,$db,$object,$objcon='',$noprint=0)
        }
        if (get_class($object) == 'Societe'  && $object->id) $sql.= " AND a.fk_soc = ".$object->id;
        if (! empty($objcon->id)) $sql.= " AND a.fk_contact = ".$objcon->id;
-        $sql.= " AND c.id=a.fk_action";
+        // $sql.= " AND c.id=a.fk_action";
        $sql.= " AND ((a.percent >= 0 AND a.percent < 100) OR (a.percent = -1 AND a.datep > '".$db->idate($now)."'))";
        $sql.= " ORDER BY a.datep DESC, a.id DESC";

@@ -1076,16 +1077,17 @@ function show_actions_done($conf,$langs,$db,$object,$objcon='',$noprint=0)
        $sql.= " u.login, u.rowid as user_id";
        if (get_class($object) == 'Adherent') $sql.= ", m.lastname, m.firstname";
        if (get_class($object) == 'Societe')  $sql.= ", sp.lastname, sp.firstname";
-        $sql.= " FROM ".MAIN_DB_PREFIX."c_actioncomm as c, ".MAIN_DB_PREFIX."user as u, ".MAIN_DB_PREFIX."actioncomm as a";
+        $sql.= " FROM ".MAIN_DB_PREFIX."user as u, ".MAIN_DB_PREFIX."actioncomm as a";
        if (get_class($object) == 'Adherent') $sql.= ", ".MAIN_DB_PREFIX."adherent as m";
        if (get_class($object) == 'Societe')  $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople as sp ON a.fk_contact = sp.rowid";
+        $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_actioncomm as c ON a.fk_action = c.id ";
        $sql.= " WHERE u.rowid = a.fk_user_author";
        $sql.= " AND a.entity IN (".getEntity('agenda', 1).")";
        if (get_class($object) == 'Adherent') $sql.= " AND a.fk_element = m.rowid AND a.elementtype = 'member'";
        if (get_class($object) == 'Adherent' && $object->id) $sql.= " AND a.fk_element = ".$object->id;
        if (get_class($object) == 'Societe'  && $object->id) $sql.= " AND a.fk_soc = ".$object->id;
        if (is_object($objcon) && $objcon->id) $sql.= " AND a.fk_contact = ".$objcon->id;
-        $sql.= " AND c.id=a.fk_action";
+        // $sql.= " AND c.id=a.fk_action";
        $sql.= " AND (a.percent = 100 OR (a.percent = -1 AND a.datep <= '".$db->idate($now)."'))";
        $sql.= " ORDER BY a.datep DESC, a.id DESC";

@@ -1202,7 +1204,7 @@ function show_actions_done($conf,$langs,$db,$object,$objcon='',$noprint=0)
 		{
            $out.='<a href="'.DOL_URL_ROOT.'/comm/action/fiche.php?action=create';
            if (get_class($object) == 'Societe') $out.='&amp;socid='.$object->id;
-            $out.=(! empty($objcon->id)?'&amp;contactid='.$objcon->id:'').'&amp;backtopage=1&amp;percentage=-1">';
+            $out.=(! empty($objcon->id)?'&amp;contactid='.$objcon->id:'').'&amp;backtopage=1&amp;percentage=100">';
    		$out.=$langs->trans("AddAnAction").' ';
    		$out.=img_picto($langs->trans("AddAnAction"),'filenew');
    		$out.="</a>";
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -10,6 +10,7 @@
 * Copyright (C) 2010-2011 Juanjo Menent        <jmenent@2byte.es>
 * Copyright (C) 2013      Cédric Salvador      <csalvador@gpcsolutions.fr>
 * Copyright (C) 2013      Alexandre Spangaro   <alexandre.spangaro@gmail.com>
+ * Copyright (C) 2014-2015 Marcos García        <marcosgdf@gmail.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -146,7 +147,7 @@ function getBrowserInfo()
 	elseif (preg_match('/epiphany/i',$_SERVER["HTTP_USER_AGENT"]))                       { $name='epiphany';  $version=$reg[2]; }
 	elseif ((empty($phone) || preg_match('/iphone/i',$_SERVER["HTTP_USER_AGENT"])) && preg_match('/safari(\/|\s)([\d\.]*)/i',$_SERVER["HTTP_USER_AGENT"], $reg)) { $name='safari'; $version=$reg[2]; }	// Safari is often present in string for mobile but its not.
 	elseif (preg_match('/opera(\/|\s)([\d\.]*)/i',  $_SERVER["HTTP_USER_AGENT"], $reg))  { $name='opera';     $version=$reg[2]; }
-	elseif (preg_match('/msie(\/|\s)([\d\.]*)/i',   $_SERVER["HTTP_USER_AGENT"], $reg))  { $name='ie';        $version=$reg[2]; }    // MS products at end
+	elseif (preg_match('/(MSIE\s([0-9]+\.[0-9]))|.*(Trident\/[0-9]+.[0-9];\srv:([0-9]+\.[0-9]+))/i',   $_SERVER["HTTP_USER_AGENT"], $reg))  { $name='ie';        $version= end($reg); }    // MS products at end
 	// Other
 	$firefox=0;
 	if (in_array($name,array('firefox','iceweasel'))) $firefox=1;
@@ -164,7 +165,7 @@ function dol_shutdown()
 	global $conf,$user,$langs,$db;
 	$disconnectdone=false; $depth=0;
 	if (is_object($db) && ! empty($db->connected)) { $depth=$db->transaction_opened; $disconnectdone=$db->close(); }
-	dol_syslog("--- End access to ".$_SERVER["PHP_SELF"].(($disconnectdone && $depth)?' (Warn: db disconnection forced, transaction depth was '.$depth.')':''), (($disconnectdone && $depth)?LOG_WARNING:LOG_DEBUG));
+	dol_syslog("--- End access to ".$_SERVER["PHP_SELF"].(($disconnectdone && $depth)?' (Warn: db disconnection forced, transaction depth was '.$depth.')':''), (($disconnectdone && $depth)?LOG_WARNING:LOG_INFO));
 }


@@ -1054,11 +1055,11 @@ function dol_mktime($hour,$minute,$second,$month,$day,$year,$gm=false,$check=1)
 				$default_timezone=@date_default_timezone_get();
 			}
 		}
-		
+
 		if (empty($localtz)) {
 			$localtz = new DateTimeZone('UTC');
 		}
-		
+
 		$dt = new DateTime(null,$localtz);
 		$dt->setDate($year,$month,$day);
 		$dt->setTime((int) $hour, (int) $minute, (int) $second);
@@ -2540,7 +2541,7 @@ function load_fiche_titre($titre, $mesg='', $picto='title.png', $pictoisfullpath
 	$return='';

 	if ($picto == 'setup') $picto='title.png';
-	if (!empty($conf->browser->ie) && $picto=='title.png') $picto='title.gif';
+	if (($conf->browser->name == 'ie') && $picto=='title.png') $picto='title.gif';

 	$return.= "\n";
 	$return.= '<table '.($id?'id="'.$id.'" ':'').'summary="" width="100%" border="0" class="notopnoleftnoright" style="margin-bottom: 2px;"><tr>';
@@ -2578,7 +2579,7 @@ function print_barre_liste($titre, $page, $file, $options='', $sortfield='', $so
 	global $conf,$langs;

 	if ($picto == 'setup') $picto='title.png';
-	if (!empty($conf->browser->ie) && $picto=='title.png') $picto='title.gif';
+	if (($conf->browser->name == 'ie') && $picto=='title.png') $picto='title.gif';

 	if (($num > $conf->liste_limit) || ($num == -1))
 	{
@@ -2952,7 +2953,7 @@ function get_localtax($tva, $local, $thirdparty_buyer="", $thirdparty_seller="")
 	$sql  = "SELECT t.localtax1, t.localtax2, t.localtax1_type, t.localtax2_type";
 	$sql .= " FROM ".MAIN_DB_PREFIX."c_tva as t, ".MAIN_DB_PREFIX."c_pays as p";
 	$sql .= " WHERE t.fk_pays = p.rowid AND p.code = '".$thirdparty_seller->country_code."'";
-	$sql .= " AND t.taux = ".$tva." AND t.active = 1";
+	$sql .= " AND t.taux = ".((float) $tva)." AND t.active = 1";

 	dol_syslog("get_localtax sql=".$sql);
 	$resql=$db->query($sql);
@@ -2988,7 +2989,7 @@ function getLocalTaxesFromRate($vatrate, $local, $thirdparty)
 	$sql  = "SELECT t.localtax1, t.localtax1_type, t.localtax2, t.localtax2_type, t.accountancy_code_sell, t.accountancy_code_buy";
 	$sql .= " FROM ".MAIN_DB_PREFIX."c_tva as t, ".MAIN_DB_PREFIX."c_pays as p";
 	$sql .= " WHERE t.fk_pays = p.rowid AND p.code = '".$thirdparty->country_code."'";
-	$sql .= " AND t.taux = ".$vatrate." AND t.active = 1";
+	$sql .= " AND t.taux = ".((float) $vatrate)." AND t.active = 1";

 	$resql=$db->query($sql);
 	if ($resql)
@@ -4305,6 +4306,8 @@ function picto_from_langcode($codelang)
 {
 	global $langs;

+	if (empty($codelang)) return '';
+
 	if ($codelang == 'auto')
 	{
 		return img_picto_common($langs->trans('AutoDetectLang'), 'flags/int.png');
--- a/htdocs/core/lib/geturl.lib.php
+++ b/htdocs/core/lib/geturl.lib.php
@@ -52,7 +52,6 @@ function getURLContent($url,$postorget='GET',$param='',$followlocation=1,$addhea
     exit;*/
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_VERBOSE, 1);
-    curl_setopt($ch, CURLOPT_SSLVERSION, 3); // Force SSLv3
 	curl_setopt($ch, CURLOPT_USERAGENT, 'Dolibarr geturl function');

 	curl_setopt($ch, CURLOPT_FOLLOWLOCATION, ($followlocation?true:false));
--- a/htdocs/core/lib/pdf.lib.php
+++ b/htdocs/core/lib/pdf.lib.php
@@ -301,7 +301,6 @@ function pdf_build_address($outputlangs,$sourcecompany,$targetcompany='',$target

 	if ($mode == 'source' && ! is_object($sourcecompany)) return -1;
 	if ($mode == 'target' && ! is_object($targetcompany)) return -1;
-	if ($mode == 'delivery' && ! is_object($deliverycompany)) return -1;

 	if (! empty($sourcecompany->state_id) && empty($sourcecompany->departement)) $sourcecompany->departement=getState($sourcecompany->state_id); //TODO: Deprecated
 	if (! empty($sourcecompany->state_id) && empty($sourcecompany->state)) $sourcecompany->state=getState($sourcecompany->state_id);
--- a/htdocs/core/lib/project.lib.php
+++ b/htdocs/core/lib/project.lib.php
@@ -416,7 +416,7 @@ function projectLinesa(&$inc, $parent, &$lines, &$level, $var, $showproject, &$t

 	if (($total_projectlinesa_planned > 0 || $total_projectlinesa_spent > 0) && $level==0)
 	{
-		print '<tr class="liste_total">';
+		print '<tr class="liste_total nodrag nodrop">';
 		print '<td class="liste_total">'.$langs->trans("Total").'</td>';
 		if ($showproject) print '<td></td><td></td>';
 		print '<td></td>';
--- a/htdocs/core/lib/report.lib.php
+++ b/htdocs/core/lib/report.lib.php
@@ -39,7 +39,7 @@
 */
 function report_header($nom,$variante,$period,$periodlink,$description,$builddate,$exportlink='',$moreparam=array(),$calcmode='')
 {
-	global $langs, $hselected;
+	global $langs;

 	print "\n\n<!-- debut cartouche rapport -->\n";

@@ -48,7 +48,7 @@ function report_header($nom,$variante,$period,$periodlink,$description,$builddat
 	$head[$h][1] = $langs->trans("Report");
 	$head[$h][2] = 'report';

-	dol_fiche_head($head, $hselected);
+	dol_fiche_head($head, 'report');

 	print '<form method="POST" action="'.$_SERVER["PHP_SELF"].'">';
 	foreach($moreparam as $key => $value)
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -446,15 +446,15 @@ function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature
                else if (! empty($conf->societe->enabled) && ($user->rights->societe->lire && ! $user->rights->societe->client->voir))
                {
                	if (empty($dbt_keyfield)) dol_print_error('','Param dbt_keyfield is required but not defined');
-                    $sql = "SELECT sc.fk_soc";
+                   
+
+				    $sql = "SELECT dbt.".$dbt_keyfield;
                    $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
-                    $sql.= ", ".MAIN_DB_PREFIX."societe as s";
-                    $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
+                    $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON (dbt.".$dbt_keyfield." = s.rowid)";
+                    $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON (sc.fk_soc = dbt.".$dbt_keyfield.")";
                    $sql.= " WHERE dbt.".$dbt_select." = ".$objectid;
-                    $sql.= " AND sc.fk_soc = dbt.".$dbt_keyfield;
-                    $sql.= " AND dbt.".$dbt_keyfield." = s.rowid";
-                    $sql.= " AND s.entity IN (".getEntity($sharedelement, 1).")";
-                    $sql.= " AND sc.fk_user = ".$user->id;
+                    $sql.= " AND ((s.entity IN (".getEntity($sharedelement, 1).")";
+                    $sql.= " AND sc.fk_user = ".$user->id." ) OR dbt.fk_soc IS NULL)";
                }
                // If multicompany and internal users with all permissions, check user is in correct entity
                else if (! empty($conf->multicompany->enabled))
--- a/htdocs/core/lib/tax.lib.php
+++ b/htdocs/core/lib/tax.lib.php
@@ -3,6 +3,7 @@
 * Copyright (C) 2006-2007	Yannick Warnier		<ywarnier@beeznest.org>
 * Copyright (C) 2011		Regis Houssin		<regis.houssin@capnetworks.com>
 * Copyright (C) 2012		Juanjo Menent		<jmenent@2byte.es>
+ * Copyright (C) 2015       Marcos García       <marcosgdf@gmail.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -86,26 +87,18 @@ function vat_by_thirdparty($db, $y, $date_start, $date_end, $modetax, $direction
    global $conf;

    $list=array();
-    //print "xx".$conf->global->MAIN_MODULE_ACCOUNTING;
-    //print "xx".$conf->global->MAIN_MODULE_COMPTABILITE;

    if ($direction == 'sell')
    {
        $invoicetable='facture';
-        $invoicedettable='facturedet';
-        $fk_facture='fk_facture';
-        $total_tva='total_tva';
-        $total_localtax1='total_localtax1';
-        $total_localtax2='total_localtax2';
+        $total_ht='total';
+        $total_tva='tva';
    }
    if ($direction == 'buy')
    {
        $invoicetable='facture_fourn';
-        $invoicedettable='facture_fourn_det';
-        $fk_facture='fk_facture_fourn';
-        $total_tva='tva';
-        $total_localtax1='total_localtax1';
-        $total_localtax2='total_localtax2';
+        $total_ht='total_ht';
+        $total_tva='total_tva';
    }

    // Define sql request
@@ -125,11 +118,10 @@ function vat_by_thirdparty($db, $y, $date_start, $date_end, $modetax, $direction
        if (! empty($conf->global->MAIN_MODULE_COMPTABILITE))
        {
            $sql = "SELECT s.rowid as socid, s.nom as nom, s.siren as tva_intra, s.tva_assuj as assuj,";
-            $sql.= " sum(fd.total_ht) as amount, sum(fd.".$total_tva.") as tva,";
-            $sql.= " sum(fd.".$total_localtax1.") as localtax1,";
-            $sql.= " sum(fd.".$total_localtax2.") as localtax2";
+            $sql.= " sum(f.$total_ht) as amount, sum(f.".$total_tva.") as tva,";
+            $sql.= " sum(f.localtax1) as localtax1,";
+            $sql.= " sum(f.localtax2) as localtax2";
            $sql.= " FROM ".MAIN_DB_PREFIX.$invoicetable." as f,";
-            $sql.= " ".MAIN_DB_PREFIX.$invoicedettable." as fd,";
            $sql.= " ".MAIN_DB_PREFIX."societe as s";
            $sql.= " WHERE f.entity = " . $conf->entity;
            $sql.= " AND f.fk_statut in (1,2)"; // Validated or paid (partially or completely)
@@ -146,7 +138,7 @@ function vat_by_thirdparty($db, $y, $date_start, $date_end, $modetax, $direction
                $sql.= " AND f.datef <= '".$db->idate(dol_get_last_day($y,12,false))."'";
            }
            if ($date_start && $date_end) $sql.= " AND f.datef >= '".$db->idate($date_start)."' AND f.datef <= '".$db->idate($date_end)."'";
-            $sql.= " AND s.rowid = f.fk_soc AND f.rowid = fd.".$fk_facture;
+            $sql.= " AND s.rowid = f.fk_soc";
            $sql.= " GROUP BY s.rowid, s.nom, s.tva_intra, s.tva_assuj";
        }
    }
--- a/htdocs/core/menus/init_menu_auguria.sql
+++ b/htdocs/core/menus/init_menu_auguria.sql
@@ -102,8 +102,8 @@ insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, left
 insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->stock->enabled', __HANDLER__, 'left', 3102__+MAX_llx_menu__, 'products', '', 3100__+MAX_llx_menu__, '/product/stock/liste.php', 'List', 1, 'stocks', '$user->rights->stock->lire', '', 2, 1, __ENTITY__);
 insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->stock->enabled', __HANDLER__, 'left', 3103__+MAX_llx_menu__, 'products', '', 3100__+MAX_llx_menu__, '/product/stock/valo.php', 'EnhancedValue', 1, 'stocks', '$user->rights->stock->lire', '', 2, 2, __ENTITY__);
 insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->stock->enabled', __HANDLER__, 'left', 3104__+MAX_llx_menu__, 'products', '', 3100__+MAX_llx_menu__, '/product/stock/mouvement.php', 'Movements', 1, 'stocks', '$user->rights->stock->mouvement->lire', '', 2, 3, __ENTITY__);
-insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->stock->enabled && $conf->fournisseur->enabled', __HANDLER__, 'left', 3105__+MAX_llx_menu__, 'products', '', 3100__+MAX_llx_menu__, '/product/stock/replenish.php', 'Replenishments', 1, 'stocks', '$user->rights->stock->mouvement->lire && $user->rights->fournisseur->lire', '', 2, 4, __ENTITY__);
-insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->stock->enabled && $conf->fournisseur->enabled', __HANDLER__, 'left', 3106__+MAX_llx_menu__, 'products', '', 3100__+MAX_llx_menu__, '/product/stock/massstockmove.php', 'StockTransfer', 1, 'stocks', '$user->rights->stock->mouvement->lire && $user->rights->fournisseur->lire', '', 2, 5, __ENTITY__);
+insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->stock->enabled && $conf->fournisseur->enabled', __HANDLER__, 'left', 3105__+MAX_llx_menu__, 'products', '', 3100__+MAX_llx_menu__, '/product/stock/replenish.php', 'Replenishments', 1, 'stocks', '$user->rights->stock->mouvement->creer && $user->rights->fournisseur->lire', '', 2, 4, __ENTITY__);
+insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->stock->enabled', __HANDLER__, 'left', 3106__+MAX_llx_menu__, 'products', '', 3100__+MAX_llx_menu__, '/product/stock/massstockmove.php', 'StockTransfer', 1, 'stocks', '$user->rights->stock->mouvement->creer', '', 2, 5, __ENTITY__);

 -- Product - Categories
 insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->categorie->enabled', __HANDLER__, 'left', 3200__+MAX_llx_menu__, 'products', 'cat', 3__+MAX_llx_menu__, '/categories/index.php?leftmenu=cat&amp;type=0', 'Categories', 0, 'categories', '$user->rights->categorie->lire', '', 2, 4, __ENTITY__);
--- a/htdocs/core/menus/standard/eldy.lib.php
+++ b/htdocs/core/menus/standard/eldy.lib.php
@@ -1,7 +1,7 @@
 <?php
 /* Copyright (C) 2010-2014 Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) 2010      Regis Houssin        <regis.houssin@capnetworks.com>
- * Copyright (C) 2012-2013 Juanjo Menent        <jmenent@2byte.es>
+ * Copyright (C) 2012-2015 Juanjo Menent        <jmenent@2byte.es>
 * Copyright (C) 2013      Cédric Salvador      <csalvador@gpcsolutions.fr>
 *
 * This program is free software; you can redistribute it and/or modify
@@ -134,9 +134,11 @@ function print_eldy_menu($db,$atarget,$type_user,&$tabMenu,&$menu,$noout=0)
 	}

 	// Financial
-	$tmpentry=array('enabled'=>(! empty($conf->comptabilite->enabled) || ! empty($conf->accounting->enabled) || ! empty($conf->facture->enabled) || ! empty($conf->don->enabled) || ! empty($conf->tax->enabled) || ! empty($conf->salaries->enabled)),
-	'perms'=>(! empty($user->rights->compta->resultat->lire) || ! empty($user->rights->accounting->plancompte->lire) || ! empty($user->rights->facture->lire) || ! empty($user->rights->don->lire) || ! empty($user->rights->tax->charges->lire) || ! empty($user->rights->salaries->read)),
-	'module'=>'comptabilite|accounting|facture|don|tax|salaries');
+	$tmpentry=array(
+		'enabled' => (! empty($conf->comptabilite->enabled) || ! empty($conf->accounting->enabled) || ! empty($conf->facture->enabled) || ! empty($conf->don->enabled) || ! empty($conf->tax->enabled) || ! empty($conf->margin->enabled) || ! empty($conf->salaries->enabled) || ! empty($conf->fournisseur->enabled)),
+		'perms' => (! empty($user->rights->compta->resultat->lire) || ! empty($user->rights->accounting->plancompte->lire) || ! empty($user->rights->facture->lire) || ! empty($user->rights->don->lire) || ! empty($user->rights->tax->charges->lire) || !empty($user->rights->margins->liretous) || ! empty($user->rights->salaries->read) || ! empty($user->rights->fournisseur->facture->lire)),
+		'module' => 'comptabilite|accounting|facture|don|tax|salaries|margin'
+	);
 	$showmode=dol_eldy_showmenu($type_user, $tmpentry, $listofmodulesforexternal);
 	if ($showmode)
 	{
@@ -1000,8 +1002,8 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu
 				if (empty($leftmenu) || $leftmenu=="stock") $newmenu->add("/product/stock/liste.php", $langs->trans("List"), 1, $user->rights->stock->lire);
 				if (empty($leftmenu) || $leftmenu=="stock") $newmenu->add("/product/stock/valo.php", $langs->trans("EnhancedValue"), 1, $user->rights->stock->lire);
 				if (empty($leftmenu) || $leftmenu=="stock") $newmenu->add("/product/stock/mouvement.php", $langs->trans("Movements"), 1, $user->rights->stock->mouvement->lire);
-                if ($conf->fournisseur->enabled) if (empty($leftmenu) || $leftmenu=="stock") $newmenu->add("/product/stock/replenish.php", $langs->trans("Replenishment"), 1, $user->rights->stock->mouvement->lire && $user->rights->fournisseur->lire);
-                if ($conf->fournisseur->enabled) if (empty($leftmenu) || $leftmenu=="stock") $newmenu->add("/product/stock/massstockmove.php", $langs->trans("StockTransfer"), 1, $user->rights->stock->mouvement->lire && $user->rights->fournisseur->lire);
+                if ($conf->fournisseur->enabled) if (empty($leftmenu) || $leftmenu=="stock") $newmenu->add("/product/stock/replenish.php", $langs->trans("Replenishment"), 1, $user->rights->stock->mouvement->creer && $user->rights->fournisseur->lire);
+                if (empty($leftmenu) || $leftmenu=="stock") $newmenu->add("/product/stock/massstockmove.php", $langs->trans("StockTransfer"), 1, $user->rights->stock->mouvement->creer);
 			}

 			// Expeditions
--- a/htdocs/core/modules/DolibarrModules.class.php
+++ b/htdocs/core/modules/DolibarrModules.class.php
@@ -748,6 +748,8 @@ abstract class DolibarrModules

        $err=0;

+        if (empty($this->const)) return 0;
+
        foreach ($this->const as $key => $value)
        {
            $name      = $this->const[$key][0];
@@ -816,6 +818,8 @@ abstract class DolibarrModules

        $err=0;

+        if (empty($this->const)) return 0;
+
        foreach ($this->const as $key => $value)
        {
            $name      = $this->const[$key][0];
@@ -1009,7 +1013,6 @@ abstract class DolibarrModules

        $this->db->begin();

-        //var_dump($this->menu); exit;
        foreach ($this->menu as $key => $value)
        {
            $menu = new Menubase($this->db);
@@ -1018,11 +1021,9 @@ abstract class DolibarrModules
            if (! $this->menu[$key]['fk_menu'])
            {
                $menu->fk_menu=0;
-                //print 'aaa'.$this->menu[$key]['fk_menu'];
            }
            else
            {
-                //print 'xxx'.$this->menu[$key]['fk_menu'];exit;
                $foundparent=0;
                $fk_parent=$this->menu[$key]['fk_menu'];
                if (preg_match('/^r=/',$fk_parent))	// old deprecated method
--- a/htdocs/core/modules/expedition/doc/pdf_merou.modules.php
+++ b/htdocs/core/modules/expedition/doc/pdf_merou.modules.php
@@ -534,13 +534,18 @@ class pdf_merou extends ModelePdfExpedition

 		// Date Expedition
 		$Yoff = $Yoff+7;
-		$pdf->SetXY($blSocX-80,$blSocY+20);
+		$pdf->SetXY($blSocX-80,$blSocY+17);
 		$pdf->SetFont('','B', $default_font_size - 2);
 		$pdf->SetTextColor(0,0,0);
 		$pdf->MultiCell(50, 8, $outputlangs->transnoentities("Date")." : " . dol_print_date($object->date_delivery,'day',false,$outputlangs,true), '', 'L');

+		$pdf->SetXY($blSocX-80,$blSocY+20);
+		$pdf->SetFont('','B', $default_font_size - 2);
+		$pdf->SetTextColor(0,0,0);
+		$pdf->MultiCell(50, 8, $outputlangs->transnoentities("TrackingNumber")." : " . $object->tracking_number, '', 'L');
+
 		// Deliverer
-		$pdf->SetXY($blSocX-80,$blSocY+23);
+		$pdf->SetXY($blSocX-80,$blSocY+24);
 		$pdf->SetFont('','', $default_font_size - 2);
 		$pdf->SetTextColor(0,0,0);

@@ -554,13 +559,8 @@ class pdf_merou extends ModelePdfExpedition
 					// Get code using getLabelFromKey
 					$code=$outputlangs->getLabelFromKey($this->db,$object->shipping_method_id,'c_shipment_mode','rowid','code');
 					$label=$outputlangs->trans("SendingMethod".strtoupper($code))." :";
+					$pdf->writeHTMLCell(50, 8, '', '', $label." ".$object->tracking_url, '', 'L');
 				}
-				else
-				{
-					$label=$outputlangs->transnoentities("Deliverer");
-				}
-
-				$pdf->writeHTMLCell(50, 8, '', '', $label." ".$object->tracking_url, '', 'L');
 			}
 		}
 		else
--- a/htdocs/core/modules/expedition/doc/pdf_rouget.modules.php
+++ b/htdocs/core/modules/expedition/doc/pdf_rouget.modules.php
@@ -180,11 +180,17 @@ class pdf_rouget extends ModelePdfExpedition
 				$tab_height = 130;
 				$tab_height_newpage = 150;

-				if (! empty($object->note_public) || (! empty($object->tracking_number) && ! empty($object->shipping_method_id)))
+				if (! empty($object->note_public) || ! empty($object->tracking_number))
 				{
 					$tab_top = 88;
 					$tab_top_alt = $tab_top;

+					$pdf->SetFont('','B', $default_font_size - 2);
+					$pdf->writeHTMLCell(60, 4, $this->posxdesc-1, $tab_top-1, $outputlangs->transnoentities("TrackingNumber")." : " . $object->tracking_number, 0, 1, false, true, 'L');
+
+					$tab_top_alt = $pdf->GetY();
+					//$tab_top_alt += 1;
+
 					// Tracking number
 					if (! empty($object->tracking_number))
 					{
@@ -198,14 +204,14 @@ class pdf_rouget extends ModelePdfExpedition
 								$label=$outputlangs->trans("LinkToTrackYourPackage")."<br>";
 								$label.=$outputlangs->trans("SendingMethod".strtoupper($code))." :";
 								$pdf->SetFont('','B', $default_font_size - 2);
-								$pdf->writeHTMLCell(60, 7, $this->posxdesc-1, $tab_top-1, $label." ".$object->tracking_url, 0, 1, false, true, 'L');
+								$pdf->writeHTMLCell(60, 4, $this->posxdesc-1, $tab_top+6, $label." ".$object->tracking_url, 0, 1, false, true, 'L');

-								$tab_top_alt += 7;
+								$tab_top_alt = $pdf->GetY();
 							}
 						}
 					}

-					// Affiche notes
+					// Notes
 					if (! empty($object->note_public))
 					{
 						$pdf->SetFont('','', $default_font_size - 1);   // Dans boucle pour gerer multi-page
--- a/htdocs/core/modules/expedition/modules_expedition.php
+++ b/htdocs/core/modules/expedition/modules_expedition.php
@@ -141,15 +141,18 @@ abstract class ModelNumRefExpedition
 }

 /**
- * 	Cree un bon d'expedition sur disque
+ * Cree un bon d'expedition sur disque
 *
- * 	@param	DoliDB		$db  			Objet base de donnee
- * 	@param	Object		$object			Object expedition
- * 	@param	string		$modele			Force le modele a utiliser ('' to not force)
- * 	@param	Translate	$outputlangs	Objet lang a utiliser pour traduction
- *  @return int             			<=0 if KO, >0 if OK
+ * @param	DoliDB		$db  			Objet base de donnee
+ * @param	Object		$object			Object expedition
+ * @param	string		$modele			Force le modele a utiliser ('' to not force)
+ * @param	Translate	$outputlangs	Objet lang a utiliser pour traduction
+ * @param	int			$hidedetails	Hide details of lines
+ * @param	int			$hidedesc		Hide description
+ * @param	int			$hideref		Hide ref
+ * @return	int			<=0 if KO, >0 if OK
 */
-function expedition_pdf_create($db, $object, $modele, $outputlangs)
+function expedition_pdf_create($db, $object, $modele, $outputlangs, $hidedetails=0, $hidedesc=0, $hideref=0)
 {
 	global $conf,$user,$langs;

@@ -214,7 +217,7 @@ function expedition_pdf_create($db, $object, $modele, $outputlangs)
 		// We save charset_output to restore it because write_file can change it if needed for
 		// output format that does not support UTF8.
 		$sav_charset_output=$outputlangs->charset_output;
-		if ($obj->write_file($object, $outputlangs, $srctemplatepath) > 0)
+		if ($obj->write_file($object, $outputlangs, $srctemplatepath, $hidedetails, $hidedesc, $hideref) > 0)
 		{
 			$outputlangs->charset_output=$sav_charset_output;

--- a/htdocs/core/modules/export/export_csv.modules.php
+++ b/htdocs/core/modules/export/export_csv.modules.php
@@ -252,6 +252,13 @@ class ExportCsv extends ModeleExports

 			$newvalue=$this->csv_clean($newvalue,$outputlangs->charset_output);

+			if (preg_match('/^Select:/i', $typefield, $reg) && $typefield = substr($typefield, 7))
+			{
+				$array = unserialize($typefield);
+				$array = $array['options'];
+				$newvalue = $array[$newvalue];
+			}
+			
 			fwrite($this->handle,$newvalue.$this->separator);
 			$this->col++;
 		}
--- a/htdocs/core/modules/export/export_excel.modules.php
+++ b/htdocs/core/modules/export/export_excel.modules.php
@@ -305,7 +305,14 @@ class ExportExcel extends ModeleExports

 			$newvalue=$this->excel_clean($newvalue);
 			$typefield=isset($array_types[$code])?$array_types[$code]:'';
-
+			
+			if (preg_match('/^Select:/i', $typefield, $reg) && $typefield = substr($typefield, 7))
+			{
+				$array = unserialize($typefield);
+				$array = $array['options'];
+				$newvalue = $array[$newvalue];
+			}
+			
 			// Traduction newvalue
 			if (preg_match('/^\((.*)\)$/i',$newvalue,$reg))
 			{
--- a/htdocs/core/modules/export/export_tsv.modules.php
+++ b/htdocs/core/modules/export/export_tsv.modules.php
@@ -226,7 +226,14 @@ class ExportTsv extends ModeleExports
 			if (preg_match('/^\((.*)\)$/i',$newvalue,$reg)) $newvalue=$outputlangs->transnoentities($reg[1]);

 			$newvalue=$this->tsv_clean($newvalue,$outputlangs->charset_output);
-
+			
+			if (preg_match('/^Select:/i', $typefield, $reg) && $typefield = substr($typefield, 7))
+			{
+				$array = unserialize($typefield);
+				$array = $array['options'];
+				$newvalue = $array[$newvalue];
+			}
+			
 			fwrite($this->handle,$newvalue.$this->separator);
            $this->col++;
 		}
--- a/htdocs/core/modules/import/import_csv.modules.php
+++ b/htdocs/core/modules/import/import_csv.modules.php
@@ -607,7 +607,7 @@ class ImportCsv extends ModeleImports
 					    //var_dump($objimport->array_import_convertvalue); exit;

 						// Build SQL request
-						if (empty($tablewithentity[$tablename]))
+						if (empty($tablewithentity_cache[$tablename]))
 						{
 							$sql ='INSERT INTO '.$tablename.'('.$listfields.', import_key';
 							if (! empty($objimport->array_import_tables_creator[0][$alias])) $sql.=', '.$objimport->array_import_tables_creator[0][$alias];
--- a/htdocs/core/modules/modProjet.class.php
+++ b/htdocs/core/modules/modProjet.class.php
@@ -182,7 +182,7 @@ class modProjet extends DolibarrModules
 		$this->export_code[$r]=$this->rights_class.'_'.$r;
 		$this->export_label[$r]='ProjectsAndTasksLines';	// Translation key (used only if key ExportDataset_xxx_z not found)
 		$this->export_permission[$r]=array(array("projet","export"));
-		$this->export_dependencies_array[$r]=array('task_time'=>'ppt.rowid');
+		$this->export_dependencies_array[$r]=array('task_time'=>'pt.rowid');
 		
 		$this->export_TypeFields_array[$r]=array('s.rowid'=>"List:societe:nom",'s.nom'=>'Text','s.address'=>'Text','s.zip'=>'Text','s.town'=>'Text','s.fk_pays'=>'List:c_pays:libelle',
 		's.phone'=>'Text','s.siren'=>'Text','s.siret'=>'Text','s.ape'=>'Text','s.idprof4'=>'Text','s.code_compta'=>'Text','s.code_compta_fournisseur'=>'Text',
@@ -280,11 +280,9 @@ class modProjet extends DolibarrModules
        $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'projet_extrafields as extra ON p.rowid = extra.fk_object';
 		$this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX."projet_task as pt ON p.rowid = pt.fk_projet";
        $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'projet_task_extrafields as extra2 ON pt.rowid = extra2.fk_object';
-		$this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX."projet_task_time as ptt ON pt.rowid = ptt.fk_task,";
-		$this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'societe as s';
-		$this->export_sql_end[$r] .=' WHERE p.fk_soc = s.rowid';
-		$this->export_sql_end[$r] .=' AND p.entity = '.$conf->entity;
-
+		$this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX."projet_task_time as ptt ON pt.rowid = ptt.fk_task";
+		$this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe as s ON p.fk_soc = s.rowid';
+		$this->export_sql_end[$r] .=' WHERE p.entity = '.$conf->entity;
 	}


--- a/htdocs/core/modules/modSociete.class.php
+++ b/htdocs/core/modules/modSociete.class.php
@@ -355,6 +355,9 @@ class modSociete extends DolibarrModules
        			case 'sellist':
        				$typeFilter="List:".$obj->param;
        				break;
+					case 'select':
+						$typeFilter="Select:".$obj->param;
+						break;
        		}
        		$this->export_fields_array[$r][$fieldname]=$fieldlabel;
        		$this->export_TypeFields_array[$r][$fieldname]=$typeFilter;
--- a/htdocs/core/modules/societe/mod_codecompta_aquarium.php
+++ b/htdocs/core/modules/societe/mod_codecompta_aquarium.php
@@ -44,8 +44,8 @@ class mod_codecompta_aquarium extends ModeleAccountancyCode
 	function __construct()
 	{
 	    global $conf;
-		if (empty($conf->global->COMPANY_AQUARIUM_MASK_CUSTOMER)) $conf->global->COMPANY_AQUARIUM_MASK_CUSTOMER='411';
-        if (empty($conf->global->COMPANY_AQUARIUM_MASK_SUPPLIER)) $conf->global->COMPANY_AQUARIUM_MASK_SUPPLIER='401';
+		if (! isset($conf->global->COMPANY_AQUARIUM_MASK_CUSTOMER) || trim($conf->global->COMPANY_AQUARIUM_MASK_CUSTOMER) == '') $conf->global->COMPANY_AQUARIUM_MASK_CUSTOMER='411';
+        if (! isset($conf->global->COMPANY_AQUARIUM_MASK_SUPPLIER) || trim($conf->global->COMPANY_AQUARIUM_MASK_SUPPLIER) == '') $conf->global->COMPANY_AQUARIUM_MASK_SUPPLIER='401';
 		$this->prefixcustomeraccountancycode=$conf->global->COMPANY_AQUARIUM_MASK_CUSTOMER;
 	    $this->prefixsupplieraccountancycode=$conf->global->COMPANY_AQUARIUM_MASK_SUPPLIER;
 	}
--- a/htdocs/core/modules/supplier_invoice/mod_facture_fournisseur_tulip.php
+++ b/htdocs/core/modules/supplier_invoice/mod_facture_fournisseur_tulip.php
@@ -125,7 +125,8 @@ class mod_facture_fournisseur_tulip extends ModeleNumRefSuppliersInvoices
 			return 0;
 		}

-		$numFinal=get_next_value($db,$mask,'facture_fourn','ref','',$objsoc->code_fournisseur,$object->datef);
+	    //Supplier invoices take invoice date instead of creation date for the mask
+		$numFinal=get_next_value($db,$mask,'facture_fourn','ref','',$objsoc->code_fournisseur,$object->date);

 		return  $numFinal;
 	}
--- a/htdocs/core/modules/supplier_invoice/pdf/pdf_canelle.modules.php
+++ b/htdocs/core/modules/supplier_invoice/pdf/pdf_canelle.modules.php
@@ -301,7 +301,7 @@ class pdf_canelle extends ModelePDFSuppliersInvoices
 						$pageposafter=$pageposbefore;
 						//print $pageposafter.'-'.$pageposbefore;exit;
 						$pdf->setPageOrientation('', 1, $heightforfooter);	// The only function to edit the bottom margin of current page to set it.
-						pdf_writelinedesc($pdf,$object,$i,$outputlangs,$this->posxtva-$curX,4,$curX,$curY,$hideref,$hidedesc);
+						pdf_writelinedesc($pdf,$object,$i,$outputlangs,$this->posxtva-$curX,4,$curX,$curY,$hideref,$hidedesc,1);
 						$posyafter=$pdf->GetY();
 						if ($posyafter > ($this->page_hauteur - ($heightforfooter+$heightforfreetext+$heightforinfotot)))	// There is no space left for total+free text
 						{
--- a/Show More
+++ b/Show More