Update changelog

Merge branch '5.0' of git@github.com:Dolibarr/dolibarr.git into 6.0
Merge branch '5.0' of git@github.com:Dolibarr/dolibarr.git into 5.0
2026-02-14 08:54:21 +01:00 · 2017-12-02 14:17:49 +01:00 · 2017-12-02 14:14:26 +01:00 · 2017-12-02 14:13:44 +01:00 · 2017-12-02 14:13:29 +01:00 · 2017-12-02 14:12:43 +01:00
203 changed files with 2892 additions and 1688 deletions
--- a/100
+++ b/100
@@ -2,8 +2,88 @@
 English Dolibarr ChangeLog
 --------------------------------------------------------------

-***** ChangeLog for 6.0.1 compared to 6.0.* *****
+***** ChangeLog for 6.0.4 compared to 6.0.3 *****
+FIX: #7737
+FIX: #7751
+FIX: #7756 Add better error message
+FIX: #7786
+FIX: #7806
+FIX: #7824
+FIX: add line bad price and ref
+FIX: A lot of several fix on local taxes and NPR tax
+FIX: createfromorder
+FIX: CSS for IE10
+FIX: external user cannot be set as internal
+FIX: Filter type on actioncomm with multiselect doesn't work
+FIX: list of donation not filtered on multicompany
+FIX: list of module not complete when module mb_strlen not available
+FIX: Locatax were not propagated when cloning order or proposal
+FIX: Searching translation should not be case sensitive
+FIX: Search into language is ok for file into external modules two.
+FIX: test for filter fk_status
+FIX: too much users on holiday list
+FIX: Wrong alias sql

+***** ChangeLog for 6.0.3 compared to 6.0.2 *****
+FIX: #7211 Update qty dispatched on qty change
+FIX: #7458
+FIX: #7593
+FIX: #7616
+FIX: #7619
+FIX: #7626
+FIX: #7648
+FIX: #7675
+FIX: Agenda events are not exported in the ICAL, VCAL if begin exactly with the same $datestart
+FIX: API to get object does not return data of linked objects
+FIX: Bad localtax apply
+FIX: Bad ressource list in popup in gantt view
+FIX: bankentries search conciliated if val 0
+FIX: hook formObjectOptions() must use $expe and not $object
+FIX: make of link to other object during creation
+FIX: Missing function getLinesArray
+FIX: old batch not shown in multi shipping
+FIX: paid supplier invoices are shown as abandoned
+FIX: selection of thirdparty was lost on stats page of invoices
+FIX: sql syntax error because of old field accountancy_journal
+FIX: Stats on invoices show nothing
+FIX: substitution in ODT of thirdparties documents
+FIX: wrong key in selectarray
+FIX: wrong personnal project time spent
+
+***** ChangeLog for 6.0.2 compared to 6.0.1 *****
+FIX: #7148
+FIX: #7288
+FIX: #7366 renaming table with pgsql
+FIX: #7435 Can't add payment term
+FIX: #7461
+FIX: #7464
+FIX: #7471
+FIX: #7473 Mass update of vat rates and other bugs on localtax
+FIX: #7475
+FIX: #7486 Empty value for multicurrency rate must be forbidden
+FIX: #7490
+FIX: #7505
+FIX: #7510 Bug: extrafield content disappear when generate pdf within intervention
+FIX: #7514
+FIX: #7531 #7537
+FIX: #7541
+FIX: #7546
+FIX: #7550
+FIX: #7554
+FIX: #7567
+FIX: Accountancy export model for Agiris Isacompta
+FIX: Allow create shipping if STOCK_SUPPORTS_SERVICES option is enabled
+FIX: Bad preview on scroping when special file names
+FIX: Generation of invoice from bulk action "Bill Orders"
+FIX: Implementation of a Luracast recommandation for the REST api server (#7370)
+FIX: Missing space in request
+FIX: Only modified values must be modified
+FIX: replenish if line test GETPOST on line 0
+FIX: Stripe not working on live mode
+FIX: wrong basePath in the swagger view
+FIX: Implementation of a Luracast recommandation for the REST api server
+
+***** ChangeLog for 6.0.1 compared to 6.0.* *****
 FIX: #7000 Dashboard link for late pending payment supplier invoices do not work
 FIX: #7325 Default VAT rate when editing template invoices is 0%
 FIX: #7330
@@ -45,7 +125,6 @@ FIX: CVE-2017-9840, CVE-2017-14238, CVE-2017-14239, CVE-2017-14240, CVE-2017-142
     CVE-2017-14242 

 ***** ChangeLog for 6.0.0 compared to 5.0.* *****
-
 NEW: Add experimental BlockeLog module (to log business events in a non reversible log file).
 NEW: Add a payment module for Stripe. 
 NEW: Add module "Product variant" (like red, blue for the product shoes)
@@ -194,6 +273,23 @@ Following changes may create regression for some external modules, but were nece
 content by doing a print into function, sometimes by returning content into "resprint". This has been fixed to follow
 hook specifications so you must return output into "resprint".

+
+***** ChangeLog for 5.0.7 compared to 5.0.6 *****
+FIX: #7000 Dashboard link for late pending payment supplier invoices do not work
+FIX: #7148
+FIX: #7325 Default VAT rate when editing template invoices is 0%
+FIX: #7366 renaming table with pgsql
+FIX: #7391
+FIX: #7510 Bug: extrafield content disappear when generate pdf within intervention
+FIX: Agenda events are not exported in the ICAL, VCAL if begin exactly with the same $datestart
+FIX: Bad link to unpayed suppliers invoices
+FIX: bankentries search conciliated if val 0
+FIX: multicompany better accuracy in rounding and with revenue stamp.
+FIX: PDF output was sharing 2 different currencies in same total
+FIX: Upgrade missing on field
+FIX: wrong key in selectarray
+FIX: wrong personnal project time spent
+
 ***** ChangeLog for 5.0.6 compared to 5.0.5 *****
 FIX: Removed a bad symbolic link into custom directory.
 FIX: Renaming a resource ref rename also the directory of attached files.
--- a/build/exe/doliwamp/doliwamp.iss
+++ b/build/exe/doliwamp/doliwamp.iss
@@ -353,7 +353,7 @@ begin
    begin
      // TODO Copy file or ask to install package ?
      //CustomMessage('YouWillInstallDoliWamp')+#13#13
-      MsgBox('The package vcredist_x86.exe must have been installed first. It seems it is not. Please install it first from <a href="http://www.microsoft.com/en-us/download/details.aspx?id=30679">http://www.microsoft.com/en-us/download/details.aspx?id=30679</a> then restart DoliWamp installation/upgrade.',mbInformation,MB_OK);
+      MsgBox('The Visual C++ Redistributable package should be installed, it seems it is not. Please install the 32-bit version from http://www.microsoft.com/en-us/download/details.aspx?id=30679, then restart the DoliWAMP installation/upgrade.',mbInformation,MB_OK);
    end;
 	// Pb seems similar with msvcp110.dll
 	//vcredist_x64.exe
--- a/build/makepack-dolibarr.pl
+++ b/build/makepack-dolibarr.pl
@@ -571,6 +571,7 @@ if ($nboftargetok) {
        $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/mobiledetect/mobiledetectlib/.gitmodules`;
        $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/nusoap/lib/Mail`;
        $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/nusoap/samples`;
+        $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/parsedown/LICENSE.txt`;
        $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/php-iban/docs`;
        $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/phpoffice/phpexcel/.gitattributes`;
        $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/phpoffice/phpexcel/Classes/license.md`;
@@ -579,6 +580,7 @@ if ($nboftargetok) {
        $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/phpoffice/phpexcel/Examples`;
        $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/phpoffice/phpexcel/unitTests`;
        $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/phpoffice/phpexcel/license.md`;
+        $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/stripe/LICENSE`;
        $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/tcpdf/fonts/dejavu-fonts-ttf-*`;
        $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/tcpdf/fonts/freefont-*`;
        $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/tcpdf/fonts/ae_fonts_*`;
@@ -590,6 +592,8 @@ if ($nboftargetok) {
        $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/tecnickcom/tcpdf/fonts/utils`;
        $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/includes/tecnickcom/tcpdf/tools`;
        $ret=`rm -f  $BUILDROOT/$PROJECT/htdocs/includes/tecnickcom/tcpdf/LICENSE.TXT`;
+        $ret=`rm -f  $BUILDROOT/$PROJECT/htdocs/theme/common/octicons/LICENSE`;
+        
        
        print "Remove subdir of custom dir\n";
   	    print "find $BUILDROOT/$PROJECT/htdocs/custom/* -type d -exec rm -fr {} \\;\n";
--- a/dev/dolibarr_changes.txt
+++ b/dev/dolibarr_changes.txt
@@ -99,7 +99,7 @@ JQUERYFILETREE:
 RESTLER:
 --------

-* Add 2 lines into function     
+* Add 2 lines into file AutoLoader.php to complete function     
 	private function alias($className, $currentClass)
    {
 		...
@@ -110,4 +110,17 @@ to get
        if ($className == 'Luracast\Restler\string') return;
        if ($className == 'Luracast\Restler\mixed') return;
 		...
-        
+    	
+    	
+PARSEDOWN
+---------
+
+* Fix to avoid fatal error when mb_strlen not available:
+
+	// @CHANGE LDR Fix when mb_strlen is not available
+	//$shortage = 4 - mb_strlen($line, 'utf-8') % 4;
+	if (function_exists('mb_strlen')) $len = mb_strlen($line, 'utf-8');
+	else $len = strlen($line);
+	$shortage = 4 - $len % 4;
+                	
+    	
--- a/dev/initdemo/savedemo.sh
+++ b/dev/initdemo/savedemo.sh
@@ -187,6 +187,7 @@ export list="
 	--ignore-table=$base.llx_bt_webseedfiles
 	--ignore-table=$base.llx_c_civilite
 	--ignore-table=$base.llx_c_dolicloud_plans
+	--ignore-table=$base.llx_c_pays
 	--ignore-table=$base.llx_c_source
 	--ignore-table=$base.llx_cabinetmed_c_banques
 	--ignore-table=$base.llx_cabinetmed_c_ccam
--- a/htdocs/accountancy/bookkeeping/card.php
+++ b/htdocs/accountancy/bookkeeping/card.php
@@ -631,7 +631,7 @@ if ($action == 'create') {
 					print "</tr>\n";
 				}

-				if ($total_debit != $total_credit)
+				if (price2num($total_debit) != price2num($total_credit))
 				{
 					setEventMessages(null, array($langs->trans('MvtNotCorrectlyBalanced', $total_credit, $total_debit)), 'warnings');
 				}
--- a/htdocs/accountancy/class/accountancyexport.class.php
+++ b/htdocs/accountancy/class/accountancyexport.class.php
@@ -419,7 +419,7 @@ class AccountancyExport


 	/**
-	 * Export format : Agiris
+	 * Export format : Agiris Isacompta
 	 *
 	 * @param array $objectLines data
 	 *
@@ -433,30 +433,23 @@ class AccountancyExport

 			$date = dol_print_date($line->doc_date, '%d%m%Y');

-			print $line->id . $this->separator;
-			print '"'.dol_trunc($line->piece_num,15,'right','UTF-8',1).'"'.$this->separator;
+			print $line->piece_num . $this->separator;
+			print $line->label_operation . $this->separator;
 			print $date . $this->separator;
-			print '"'.dol_trunc($line->piece_num,15,'right','UTF-8',1).'"'.$this->separator;
+			print $line->label_operation . $this->separator;

 			if (empty($line->subledger_account)) {
 				print length_accountg($line->numero_compte) . $this->separator;
 			} else {
-			    // FIXME Because the subledger_account is already an accounting account, does we really need
-			    // to concat 4011 or 401 to it ?
-				if (substr($line->numero_compte, 0, 1) == 'C' || substr($line->numero_compte, 0, 1) == '9') {
-					print '411' . substr(str_replace(" ", "", $line->subledger_account), 0, 5) . $this->separator;
-				}
-				if (substr($line->numero_compte, 0, 1) == 'F' || substr($line->numero_compte, 0, 1) == '0') {
-					print '401' . substr(str_replace(" ", "", $line->subledger_account), 0, 5) . $this->separator;
-				}
+				print length_accounta($line->subledger_account) . $this->separator;
 			}

-			print length_accounta($line->subledger_account) . $this->separator;
+			print $line->doc_ref . $this->separator;
 			print price($line->debit) . $this->separator;
 			print price($line->credit) . $this->separator;
 			print price($line->montant).$this->separator;
 			print $line->sens.$this->separator;
-			print $line->code_journal . $this->separator;
+			print $line->code_journal;
 			print $this->end_line;
 		}
 	}
--- a/htdocs/accountancy/customer/index.php
+++ b/htdocs/accountancy/customer/index.php
@@ -322,7 +322,6 @@ if ($resql) {
 		}
 		else print $row[1];
 		print '</td>';
-		print '<td align="left">' . $row[1] . '</td>';
 		for($i = 2; $i <= 12; $i ++) {
 			print '<td align="right">' . price($row[$i]) . '</td>';
 		}
--- a/htdocs/accountancy/customer/list.php
+++ b/htdocs/accountancy/customer/list.php
@@ -85,6 +85,9 @@ if ($user->societe_id > 0)
 if (! $user->rights->accounting->bind->write)
 	accessforbidden();

+// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
+$hookmanager->initHooks(array('accountancycustomerlist'));
+
 $formaccounting = new FormAccounting($db);
 $accounting = new AccountingAccount($db);
 $aarowid_s = $accounting->fetch('', $conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT, 1);
@@ -98,26 +101,33 @@ $aarowid_p = $accounting->fetch('', $conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOU
 if (GETPOST('cancel')) { $action='list'; $massaction=''; }
 if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }

-// Purge search criteria
-if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x','alpha') || GETPOST('button_removefilter','alpha')) // All test are required to be compatible with all browsers
+$parameters=array();
+$reshook=$hookmanager->executeHooks('doActions',$parameters, $object, $action);    // Note that $action and $object may have been modified by some hooks
+if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
+
+if (empty($reshook))
 {
-	$search_lineid = '';
-	$search_ref = '';
-	$search_invoice = '';
-	$search_label = '';
-	$search_desc = '';
-	$search_amount = '';
-	$search_account = '';
-	$search_vat = '';
+	// Purge search criteria
+	if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x','alpha') || GETPOST('button_removefilter','alpha')) // All test are required to be compatible with all browsers
+	{
+		$search_lineid = '';
+		$search_ref = '';
+		$search_invoice = '';
+		$search_label = '';
+		$search_desc = '';
+		$search_amount = '';
+		$search_account = '';
+		$search_vat = '';
+	}
+
+	// Mass actions
+	$objectclass='AccountingAccount';
+	$permtoread = $user->rights->accounting->read;
+	$permtodelete = $user->rights->accounting->delete;
+	$uploaddir = $conf->accounting->dir_output;
+	include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
 }

-// Mass actions
-$objectclass='Skeleton';
-$objectlabel='Skeleton';
-$permtoread = $user->rights->accounting->read;
-$permtodelete = $user->rights->accounting->delete;
-$uploaddir = $conf->accounting->dir_output;
-include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';

 if ($massaction == 'ventil') {
    $msg='';
@@ -182,6 +192,9 @@ $sql = "SELECT f.facnumber, f.rowid as facid, f.datef, f.type as ftype,";
 $sql .= " l.rowid, l.fk_product, l.description, l.total_ht, l.fk_code_ventilation, l.product_type as type_l, l.tva_tx as tva_tx_line, l.vat_src_code,";
 $sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type, p.accountancy_code_sell as code_sell, p.tva_tx as tva_tx_prod,";
 $sql .= " aa.rowid as aarowid";
+$parameters=array();
+$reshook=$hookmanager->executeHooks('printFieldListSelect',$parameters);    // Note that $action and $object may have been modified by hook
+$sql.=$hookmanager->resPrint;
 $sql .= " FROM " . MAIN_DB_PREFIX . "facture as f";
 $sql .= " INNER JOIN " . MAIN_DB_PREFIX . "facturedet as l ON f.rowid = l.fk_facture";
 $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product as p ON p.rowid = l.fk_product";
@@ -223,6 +236,11 @@ if (! empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS)) {
 }
 $sql .= " AND f.entity IN (" . getEntity('facture', 0) . ")";    // We don't share object for accountancy

+// Add where from hooks
+$parameters=array();
+$reshook=$hookmanager->executeHooks('printFieldListWhere',$parameters);    // Note that $action and $object may have been modified by hook
+$sql.=$hookmanager->resPrint;
+
 $sql .= $db->order($sortfield, $sortorder);

 // Count total nb of records
--- a/htdocs/accountancy/supplier/list.php
+++ b/htdocs/accountancy/supplier/list.php
@@ -85,6 +85,9 @@ if ($user->societe_id > 0)
 if (! $user->rights->accounting->bind->write)
 	accessforbidden();

+// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
+$hookmanager->initHooks(array('accountancysupplierlist'));
+
 $formaccounting = new FormAccounting($db);
 $accounting = new AccountingAccount($db);
 // TODO: we should need to check if result is a really exist accountaccount rowid.....
@@ -99,26 +102,32 @@ $aarowid_p = $accounting->fetch('', $conf->global->ACCOUNTING_PRODUCT_BUY_ACCOUN
 if (GETPOST('cancel')) { $action='list'; $massaction=''; }
 if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction=''; }

-// Purge search criteria
-if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x','alpha') || GETPOST('button_removefilter','alpha')) // All test are required to be compatible with all browsers
-{
-    $search_lineid = '';
-    $search_ref = '';
-    $search_invoice = '';
-    $search_label = '';
-    $search_desc = '';
-    $search_amount = '';
-    $search_account = '';
-    $search_vat = '';
-}
+$parameters=array();
+$reshook=$hookmanager->executeHooks('doActions',$parameters, $object, $action);    // Note that $action and $object may have been modified by some hooks
+if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');

-// Mass actions
-$objectclass='Skeleton';
-$objectlabel='Skeleton';
-$permtoread = $user->rights->accounting->read;
-$permtodelete = $user->rights->accounting->delete;
-$uploaddir = $conf->accounting->dir_output;
-include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
+if (empty($reshook))
+{
+	// Purge search criteria
+	if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x','alpha') || GETPOST('button_removefilter','alpha')) // All test are required to be compatible with all browsers
+	{
+	    $search_lineid = '';
+	    $search_ref = '';
+	    $search_invoice = '';
+	    $search_label = '';
+	    $search_desc = '';
+	    $search_amount = '';
+	    $search_account = '';
+	    $search_vat = '';
+	}
+
+	// Mass actions
+		$objectclass='AccountingAccount';
+	$permtoread = $user->rights->accounting->read;
+	$permtodelete = $user->rights->accounting->delete;
+	$uploaddir = $conf->accounting->dir_output;
+	include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
+}

 if ($massaction == 'ventil') {
    $msg='';
@@ -184,6 +193,9 @@ $sql = "SELECT f.rowid as facid, f.ref, f.ref_supplier, f.libelle as invoice_lab
 $sql.= " l.rowid, l.fk_product, l.description, l.total_ht as price, l.fk_code_ventilation, l.product_type as type_l, l.tva_tx as tva_tx_line, l.vat_src_code,";
 $sql.= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type, p.accountancy_code_buy as code_buy, p.tva_tx as tva_tx_prod,";
 $sql.= " aa.rowid as aarowid";
+$parameters=array();
+$reshook=$hookmanager->executeHooks('printFieldListSelect',$parameters);    // Note that $action and $object may have been modified by hook
+$sql.=$hookmanager->resPrint;
 $sql.= " FROM " . MAIN_DB_PREFIX . "facture_fourn as f";
 $sql.= " INNER JOIN " . MAIN_DB_PREFIX . "facture_fourn_det as l ON f.rowid = l.fk_facture_fourn";
 $sql.= " LEFT JOIN " . MAIN_DB_PREFIX . "product as p ON p.rowid = l.fk_product";
@@ -220,6 +232,11 @@ if (strlen(trim($search_vat))) {
 }
 $sql .= " AND f.entity IN (" . getEntity('facture_fourn', 0) . ")";  // We don't share object for accountancy

+// Add where from hooks
+$parameters=array();
+$reshook=$hookmanager->executeHooks('printFieldListWhere',$parameters);    // Note that $action and $object may have been modified by hook
+$sql.=$hookmanager->resPrint;
+
 $sql .= $db->order($sortfield, $sortorder);

 // Count total nb of records
--- a/htdocs/adherents/card.php
+++ b/htdocs/adherents/card.php
@@ -1730,8 +1730,8 @@ else
 		//$filedir = $conf->adherent->dir_output . '/' . get_exdir($object->id, 2, 0, 0, $object, 'member') . dol_sanitizeFileName($object->ref);
 		$filedir = $conf->adherent->dir_output . '/' . get_exdir(0, 0, 0, 0, $object, 'member');
 		$urlsource = $_SERVER['PHP_SELF'] . '?id=' . $object->id;
-		$genallowed = $user->rights->adherent->creer;
-		$delallowed = $user->rights->adherent->supprimer;
+		$genallowed = $user->rights->adherent->lire;
+		$delallowed = $user->rights->adherent->creer;

 		print $formfile->showdocuments('member', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', '', '', $object->default_lang, '', $object);
 		$somethingshown = $formfile->numoffiles;
--- a/htdocs/adherents/class/subscription.class.php
+++ b/htdocs/adherents/class/subscription.class.php
@@ -33,7 +33,7 @@ class Subscription extends CommonObject
 	public $element='subscription';
 	public $table_element='subscription';
    public $picto='payment';
-    
+
 	var $datec;				// Date creation
 	var $datem;				// Date modification
 	var $dateh;				// Subscription start date (date subscription)
@@ -193,12 +193,11 @@ class Subscription extends CommonObject
 	 */
 	function delete($user)
 	{
-		$accountline=new AccountLine($this->db);
-
 		// It subscription is linked to a bank transaction, we get it
 		if ($this->fk_bank > 0)
 		{
 			require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
+			$accountline=new AccountLine($this->db);
 			$result=$accountline->fetch($this->fk_bank);
 		}

@@ -288,7 +287,7 @@ class Subscription extends CommonObject
 	{
 	    return '';
 	}
-	
+
 	/**
 	 *  Renvoi le libelle d'un statut donne
 	 *
@@ -301,7 +300,7 @@ class Subscription extends CommonObject
 	    $langs->load("members");
 	    return '';
 	}
-	
+
    /**
     *  Load information of the subscription object
 	 *
--- a/htdocs/adherents/list.php
+++ b/htdocs/adherents/list.php
@@ -100,6 +100,7 @@ $fieldstosearchall = array(
    'd.note_public'=>'NotePublic',
    'd.note_private'=>'NotePrivate',
 );
+if($db->type == 'pgsql') unset($fieldstosearchall['d.rowid']);
 $arrayfields=array(
    'd.ref'=>array('label'=>$langs->trans("Ref"), 'checked'=>1),
    'd.lastname'=>array('label'=>$langs->trans("Lastname"), 'checked'=>1),
--- a/htdocs/adherents/subscription.php
+++ b/htdocs/adherents/subscription.php
@@ -1,8 +1,8 @@
 <?php
-/* Copyright (C) 2001-2004	Rodolphe Quiedeville	<rodolphe@quiedeville.org>
+/* Copyright (C) 2001-2004	Rodolphe Quiedeville		<rodolphe@quiedeville.org>
 * Copyright (C) 2002-2003	Jean-Louis Bergamo		<jlb@j1b.org>
 * Copyright (C) 2004-2014	Laurent Destailleur		<eldy@users.sourceforge.net>
- * Copyright (C) 2012		Regis Houssin			<regis.houssin@capnetworks.com>
+ * Copyright (C) 2012-2017	Regis Houssin			<regis.houssin@capnetworks.com>
 * Copyright (C) 2015-2016	Alexandre Spangaro		<aspangaro.dolibarr@gmail.com>
 *
 * This program is free software; you can redistribute it and/or modify
@@ -31,10 +31,10 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
 require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php';
 require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent_type.class.php';
 require_once DOL_DOCUMENT_ROOT.'/adherents/class/subscription.class.php';
-require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
-require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
 require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php';
-if (! empty($conf->accounting->enabled)) require_once DOL_DOCUMENT_ROOT . '/accountancy/class/accountingjournal.class.php';
+require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
+require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
+require_once DOL_DOCUMENT_ROOT.'/accountancy/class/accountingjournal.class.php';

 $langs->load("companies");
 $langs->load("bills");
@@ -819,7 +819,6 @@ if ($rowid > 0)
        if ($result)
        {
            $subscriptionstatic=new Subscription($db);
-            $accountstatic=new Account($db);

            $num = $db->num_rows($result);
            $i = 0;
@@ -838,6 +837,8 @@ if ($rowid > 0)
            }
            print "</tr>\n";

+            $accountstatic=new Account($db);
+		
            while ($i < $num)
            {
                $objp = $db->fetch_object($result);
@@ -849,20 +850,23 @@ if ($rowid > 0)
                print '<td align="center">'.dol_print_date($db->jdate($objp->dateh),'day')."</td>\n";
                print '<td align="center">'.dol_print_date($db->jdate($objp->datef),'day')."</td>\n";
                print '<td align="right">'.price($objp->subscription).'</td>';
-                if (! empty($conf->banque->enabled))
-                {
-                    print '<td align="right">';
-                    if ($objp->bid)
-                    {
-                        $accountstatic->label=$objp->label;
-                        $accountstatic->id=$objp->baid;
-                        $accountstatic->number=$objp->number;
-                        $accountstatic->account_number=$objp->account_number;
+				if (! empty($conf->banque->enabled))
+				{
+					print '<td align="right">';
+					if ($objp->bid)
+					{
+						$accountstatic->label=$objp->label;
+						$accountstatic->id=$objp->baid;
+						$accountstatic->number=$objp->number;
+						$accountstatic->account_number=$objp->account_number;

-                        $accountingjournal = new AccountingJournal($db);
-                        $accountingjournal->fetch($objp->fk_accountancy_journal);
+						if (! empty($conf->accounting->enabled))
+						{
+							$accountingjournal = new AccountingJournal($db);
+							$accountingjournal->fetch($objp->fk_accountancy_journal);

-                        $accountstatic->accountancy_journal = $accountingjournal->getNomUrl(0,1,1,'',1);
+							$accountstatic->accountancy_journal = $accountingjournal->getNomUrl(0,1,1,'',1);
+						}

                        $accountstatic->ref=$objp->ref;
                        print $accountstatic->getNomUrl(1);
@@ -1093,12 +1097,12 @@ if ($rowid > 0)
                    	print '</a>)';
                    }
                    if (empty($conf->global->ADHERENT_VAT_FOR_SUBSCRIPTIONS) || $conf->global->ADHERENT_VAT_FOR_SUBSCRIPTIONS != 'defaultforfoundationcountry') print '. '.$langs->trans("NoVatOnSubscription",0);
-                    if (! empty($conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS) && (! empty($conf->product->enabled) || ! empty($conf->service->enabled)))
-                    {
-                    	$prodtmp=new Product($db);
-                    	$prodtmp->fetch($conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS);
-                    	print '. '.$langs->transnoentitiesnoconv("ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS", $prodtmp->getNomUrl(1));	// must use noentitiesnoconv to avoid to encode html into getNomUrl of product
-                    }
+					if (! empty($conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS) && (! empty($conf->product->enabled) || ! empty($conf->service->enabled)))
+					{
+						$prodtmp=new Product($db);
+						$prodtmp->fetch($conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS);
+						print '. '.$langs->transnoentitiesnoconv("ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS", $prodtmp->getNomUrl(1));	// must use noentitiesnoconv to avoid to encode html into getNomUrl of product
+					}
                    print '<br>';
                }
                // Add invoice with payments
@@ -1118,12 +1122,12 @@ if ($rowid > 0)
                    	print '</a>)';
                    }
                    if (empty($conf->global->ADHERENT_VAT_FOR_SUBSCRIPTIONS) || $conf->global->ADHERENT_VAT_FOR_SUBSCRIPTIONS != 'defaultforfoundationcountry') print '. '.$langs->trans("NoVatOnSubscription",0);
-                    if (! empty($conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS) && (! empty($conf->product->enabled) || ! empty($conf->service->enabled)))
-                    {
-                    	$prodtmp=new Product($db);
-                    	$prodtmp->fetch($conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS);
-                    	print '. '.$langs->transnoentitiesnoconv("ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS", $prodtmp->getNomUrl(1));	// must use noentitiesnoconv to avoid to encode html into getNomUrl of product
-                    }
+					if (! empty($conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS) && (! empty($conf->product->enabled) || ! empty($conf->service->enabled)))
+					{
+						$prodtmp=new Product($db);
+						$prodtmp->fetch($conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS);
+						print '. '.$langs->transnoentitiesnoconv("ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS", $prodtmp->getNomUrl(1));	// must use noentitiesnoconv to avoid to encode html into getNomUrl of product
+					}
                    print '<br>';
                }
                print '</td></tr>';
--- a/htdocs/adherents/subscription/card.php
+++ b/htdocs/adherents/subscription/card.php
@@ -25,7 +25,9 @@ require '../../main.inc.php';
 require_once DOL_DOCUMENT_ROOT.'/core/lib/member.lib.php';
 require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php';
 require_once DOL_DOCUMENT_ROOT.'/adherents/class/subscription.class.php';
-require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
+if (! empty($conf->banque->enabled)) {
+	require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
+}

 $langs->load("companies");
 $langs->load("bills");
@@ -231,20 +233,20 @@ if ($user->rights->adherent->cotisation->creer && $action == 'edit')
 	if (! empty($conf->banque->enabled))
 	{
 		if ($conf->global->ADHERENT_BANK_USE || $object->fk_bank)
-	    {
-    		print '<tr><td>'.$langs->trans("BankTransactionLine").'</td><td class="valeur" colspan="2">';
+		{
+			print '<tr><td>'.$langs->trans("BankTransactionLine").'</td><td class="valeur" colspan="2">';
 			if ($object->fk_bank)
 			{
-	    		$bankline=new AccountLine($db);
-		    	$result=$bankline->fetch($object->fk_bank);
+				$bankline=new AccountLine($db);
+				$result=$bankline->fetch($object->fk_bank);
 				print $bankline->getNomUrl(1,0,'showall');
 			}
 			else
 			{
 				print $langs->trans("NoneF");
 			}
-	    	print '</td></tr>';
-	    }
+			print '</td></tr>';
+		}
 	}

 	print '</table>';
@@ -326,27 +328,26 @@ if ($rowid && $action != 'edit')
    // Amount
    print '<tr><td>'.$langs->trans("Label").'</td><td class="valeur">'.$object->note.'</td></tr>';

-    // Bank line
+	// Bank line
 	if (! empty($conf->banque->enabled))
 	{
 		if ($conf->global->ADHERENT_BANK_USE || $object->fk_bank)
-	    {
-    		print '<tr><td>'.$langs->trans("BankTransactionLine").'</td><td class="valeur">';
+		{
+			print '<tr><td>'.$langs->trans("BankTransactionLine").'</td><td class="valeur">';
 			if ($object->fk_bank)
 			{
-	    		$bankline=new AccountLine($db);
-		    	$result=$bankline->fetch($object->fk_bank);
-		    	print $bankline->getNomUrl(1,0,'showall');
+				$bankline=new AccountLine($db);
+				$result=$bankline->fetch($object->fk_bank);
+				print $bankline->getNomUrl(1,0,'showall');
 			}
 			else
 			{
 				print $langs->trans("NoneF");
 			}
-	    	print '</td></tr>';
-	    }
+			print '</td></tr>';
+		}
 	}

-
    print "</table>\n";
    print '</div>';

@@ -389,8 +390,8 @@ if ($rowid && $action != 'edit')
    $filename = dol_sanitizeFileName($object->ref);
    $filedir = $conf->facture->dir_output . '/' . dol_sanitizeFileName($object->ref);
    $urlsource = $_SERVER['PHP_SELF'] . '?facid=' . $object->id;
-    $genallowed = $user->rights->facture->creer;
-    $delallowed = $user->rights->facture->supprimer;
+    $genallowed = $user->rights->facture->lire;
+    $delallowed = $user->rights->facture->creer;

    print $formfile->showdocuments('facture', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', '', '', $soc->default_lang);
    $somethingshown = $formfile->numoffiles;
--- a/htdocs/adherents/subscription/list.php
+++ b/htdocs/adherents/subscription/list.php
@@ -304,22 +304,22 @@ if ($result)
        print dol_trunc($obj->note,32);
        print '</td>';

-        // Banque
-        if (! empty($conf->banque->enabled))
-        {
-            if ($obj->fk_account)
-            {
-                $accountstatic->id=$obj->fk_account;
-                $accountstatic->fetch($obj->fk_account);
-                //$accountstatic->label=$obj->label;
-                print '<td>'.$accountstatic->getNomUrl(1).'</td>';
-            }
-            else
-            {
-                print "<td>";
-                print "</td>\n";
-            }
-        }
+		// Banque
+		if (! empty($conf->banque->enabled))
+		{
+			if ($obj->fk_account > 0)
+			{
+				$accountstatic->id=$obj->fk_account;
+				$accountstatic->fetch($obj->fk_account);
+				//$accountstatic->label=$obj->label;
+				print '<td>'.$accountstatic->getNomUrl(1).'</td>';
+			}
+			else
+			{
+				print "<td>";
+				print "</td>\n";
+			}
+		}

        // Date start
        print '<td align="center">'.dol_print_date($db->jdate($obj->dateadh),'day')."</td>\n";
--- a/htdocs/admin/dict.php
+++ b/htdocs/admin/dict.php
@@ -600,7 +600,8 @@ if (GETPOST('actionadd') || GETPOST('actionmodify'))
        if ($value == 'localtax2' && empty($_POST['localtax2_type'])) continue;
        if ($value == 'color' && empty($_POST['color'])) continue;
 		if ($value == 'formula' && empty($_POST['formula'])) continue;
-        if ((! isset($_POST[$value]) || $_POST[$value]=='')
+		if ($value == 'sortorder') continue;		// For a column name 'sortorder', we use the field name 'position'
+		if ((! isset($_POST[$value]) || $_POST[$value]=='')
        	&& (! in_array($listfield[$f], array('decalage','module','accountancy_code','accountancy_code_sell','accountancy_code_buy'))  // Fields that are not mandatory
        	&& (! ($id == 10 && $listfield[$f] == 'code')) // Code is mandatory fir table 10
        	)
@@ -715,7 +716,11 @@ if (GETPOST('actionadd') || GETPOST('actionmodify'))
            	$_POST[$listfieldvalue[$i]] = $conf->entity;
            }
            if ($i) $sql.=",";
-            if ($_POST[$listfieldvalue[$i]] == '' && ! ($listfieldvalue[$i] == 'code' && $id == 10)) $sql.="null";  // For vat, we want/accept code = ''
+            if ($listfieldvalue[$i] == 'sortorder')		// For column name 'sortorder', we use the field name 'position'
+            {
+            	$sql.="'".(int) $db->escape($_POST['position'])."'";
+            }
+            elseif ($_POST[$listfieldvalue[$i]] == '' && ! ($listfieldvalue[$i] == 'code' && $id == 10)) $sql.="null";  // For vat, we want/accept code = ''
            else $sql.="'".$db->escape($_POST[$listfieldvalue[$i]])."'";
            $i++;
        }
@@ -764,7 +769,11 @@ if (GETPOST('actionadd') || GETPOST('actionmodify'))
            }
            if ($i) $sql.=",";
            $sql.= $field."=";
-            if ($_POST[$listfieldvalue[$i]] == '' && ! ($listfieldvalue[$i] == 'code' && $id == 10)) $sql.="null";  // For vat, we want/accept code = ''
+            if ($listfieldvalue[$i] == 'sortorder')		// For column name 'sortorder', we use the field name 'position'
+            {
+            	$sql.="'".(int) $db->escape($_POST['position'])."'";
+            }
+            elseif ($_POST[$listfieldvalue[$i]] == '' && ! ($listfieldvalue[$i] == 'code' && $id == 10)) $sql.="null";  // For vat, we want/accept code = ''
            else $sql.="'".$db->escape($_POST[$listfieldvalue[$i]])."'";
            $i++;
        }
@@ -1839,6 +1848,8 @@ function fieldList($fieldlist, $obj='', $tabname='', $context='')
 		}
 		else
 		{
+			if ($fieldlist[$field]=='sortorder') $fieldlist[$field]='position';
+
 			$classtd=''; $class='';
 			if ($fieldlist[$field]=='code') $classtd='width100';
 			if ($fieldlist[$field]=='affect') $class='maxwidth50';
--- a/htdocs/admin/modulehelp.php
+++ b/htdocs/admin/modulehelp.php
@@ -365,7 +365,7 @@ if ($mode == 'desc')
 if ($mode == 'feature')
 {
    $text.='<br><strong>'.$langs->trans("DependsOn").':</strong> ';
-    if (count($objMod->requiredby)) $text.=join(',', $objMod->depends);
+    if (count($objMod->depends)) $text.=join(',', $objMod->depends);
 	else $text.=$langs->trans("None");
    $text.='<br><strong>'.$langs->trans("RequiredBy").':</strong> ';
 	if (count($objMod->requiredby)) $text.=join(',', $objMod->requiredby);
--- a/htdocs/admin/multicurrency.php
+++ b/htdocs/admin/multicurrency.php
@@ -78,34 +78,54 @@ if (preg_match('/del_(.*)/',$action,$reg))

 if ($action == 'add_currency')
 {
+	$error=0;
+
 	$langs->loadCacheCurrencies('');

 	$code = GETPOST('code', 'alpha');
-	$rate = GETPOST('rate', 'alpha');
+	$rate = price2num(GETPOST('rate', 'alpha'));
 	$currency = new MultiCurrency($db);
 	$currency->code = $code;
 	$currency->name = !empty($langs->cache_currencies[$code]['label']) ? $langs->cache_currencies[$code]['label'].' ('.$langs->getCurrencySymbol($code).')' : $code;

-	if ($currency->create($user) > 0)
+	if (empty($rate))
 	{
-		if ($currency->addRate($rate)) setEventMessages($langs->trans('RecordSaved'), array());
-		else setEventMessages($langs->trans('ErrorAddRateFail'), array(), 'errors');
+		setEventMessages($langs->trans('ErrorFieldRequired', $langs->transnoentitiesnoconv("Rate")), null, 'errors');
+		$error++;
+	}
+	if (! $error)
+	{
+		if ($currency->create($user) > 0)
+		{
+			if ($currency->addRate($rate)) setEventMessages($langs->trans('RecordSaved'), array());
+			else setEventMessages($langs->trans('ErrorAddRateFail'), array(), 'errors');
+		}
+		else setEventMessages($langs->trans('ErrorAddCurrencyFail'), $currency->errors, 'errors');
 	}
-	else setEventMessages($langs->trans('ErrorAddCurrencyFail'), $currency->errors, 'errors');
 }
 elseif ($action == 'update_currency')
 {
+	$error = 0;
+
 	$submit = GETPOST('submit', 'alpha');

 	if ($submit == $langs->trans('Modify'))
 	{
 		$fk_multicurrency = GETPOST('fk_multicurrency', 'int');
-		$rate = GETPOST('rate', 'float');
+		$rate = price2num(GETPOST('rate', 'alpha'));
 		$currency = new MultiCurrency($db);

-		if ($currency->fetch($fk_multicurrency) > 0)
+		if (empty($rate))
 		{
-			$currency->updateRate($rate);
+			setEventMessages($langs->trans('ErrorFieldRequired', $langs->transnoentitiesnoconv("Rate")), null, 'errors');
+			$error++;
+		}
+		if (! $error)
+		{
+			if ($currency->fetch($fk_multicurrency) > 0)
+			{
+				$currency->updateRate($rate);
+			}
 		}
 	}
 	elseif ($submit == $langs->trans('Delete'))
@@ -235,7 +255,7 @@ print '</td></tr>';
 */

 print '</table>';
-print '<br />';
+print '<br>';

 if (!empty($conf->global->MAIN_MULTICURRENCY_ALLOW_SYNCHRONIZATION))
 {
@@ -279,7 +299,6 @@ if (!empty($conf->global->MAIN_MULTICURRENCY_ALLOW_SYNCHRONIZATION))
 	print '</form>';
 	print '</td></tr>';

-
 	print '<tr class="oddeven">';
 	print '<td>'.$langs->transnoentitiesnoconv("multicurrency_alternateCurrencySource").'</td>';
 	print '<td align="center" width="20">&nbsp;</td>';
@@ -325,8 +344,7 @@ print '</td></form></tr>';

 foreach ($TCurrency as &$currency)
 {
-	if($currency->code == $conf->currency) continue;
-
+	if ($currency->code == $conf->currency) continue;

 	print '<tr class="oddeven">';
 	print '<td>'.$currency->code.' - '.$currency->name.'</td>';
--- a/htdocs/admin/translation.php
+++ b/htdocs/admin/translation.php
@@ -338,6 +338,9 @@ if ($mode == 'searchkey')

    $recordtoshow=array();

+    // Search modules dirs
+    $modulesdir = dolGetModulesDirs();
+
    $nbempty=0;
    /*var_dump($langcode);
     var_dump($transkey);
@@ -351,29 +354,30 @@ if ($mode == 'searchkey')
    }
    else
    {
-        // Load all translations keys
-        foreach($conf->file->dol_document_root as $keydir => $searchdir)
+        // Search into dir of modules (the $modulesdir is already a list that loop on $conf->file->dol_document_root)
+        foreach($modulesdir as $keydir => $tmpsearchdir)
        {
-            // Directory of translation files
-            $dir_lang = $searchdir."/langs/".$langcode;
-            $dir_lang_osencoded=dol_osencode($dir_lang);
+        	$searchdir = $tmpsearchdir;		// $searchdir can be '.../htdocs/core/modules/' or '.../htdocs/custom/mymodule/core/modules/'

-            $filearray=dol_dir_list($dir_lang_osencoded,'files',0,'','',$sortfield,(strtolower($sortorder)=='asc'?SORT_ASC:SORT_DESC),1);
+        	// Directory of translation files
+        	$dir_lang = dirname(dirname($searchdir))."/langs/".$langcode;	// The 2 dirname is to go up in dir for 2 levels
+        	$dir_lang_osencoded=dol_osencode($dir_lang);

-            foreach($filearray as $file)
-            {
-                $tmpfile=preg_replace('/.lang/i', '', basename($file['name']));
-                $newlang->load($tmpfile, 0, 0, '', 0);                              // Load translation files + database overwrite
-                $newlangfileonly->load($tmpfile, 0, 0, '', 1);                      // Load translation files only
-                //print 'After loading lang '.$tmpfile.', newlang has '.count($newlang->tab_translate).' records<br>'."\n";
-            }
+        	$filearray=dol_dir_list($dir_lang_osencoded,'files',0,'','',$sortfield,(strtolower($sortorder)=='asc'?SORT_ASC:SORT_DESC),1);
+        	foreach($filearray as $file)
+        	{
+        		$tmpfile=preg_replace('/.lang/i', '', basename($file['name']));
+        		$newlang->load($tmpfile, 0, 0, '', 0);                              // Load translation files + database overwrite
+        		$newlangfileonly->load($tmpfile, 0, 0, '', 1);                      // Load translation files only
+        		//print 'After loading lang '.$tmpfile.', newlang has '.count($newlang->tab_translate).' records<br>'."\n";
+        	}
        }

        // Now search into translation array
        foreach($newlang->tab_translate as $key => $val)
        {
-            if ($transkey && ! preg_match('/'.preg_quote($transkey).'/', $key)) continue;
-            if ($transvalue && ! preg_match('/'.preg_quote($transvalue).'/', $val)) continue;
+            if ($transkey && ! preg_match('/'.preg_quote($transkey).'/i', $key)) continue;
+            if ($transvalue && ! preg_match('/'.preg_quote($transvalue).'/i', $val)) continue;
            $recordtoshow[$key]=$val;
        }
    }
--- a/htdocs/api/class/api.class.php
+++ b/htdocs/api/class/api.class.php
@@ -48,7 +48,7 @@ class DolibarrApi
     */
    function __construct($db, $cachedir='', $refreshCache=false)
    {
-        global $conf;
+        global $conf, $dolibarr_main_url_root;

        if (empty($cachedir)) $cachedir = $conf->api->dir_temp;
        Defaults::$cacheDirectory = $cachedir;
@@ -57,6 +57,13 @@ class DolibarrApi
        $production_mode = ( empty($conf->global->API_PRODUCTION_MODE) ? false : true );
        $this->r = new Restler($production_mode, $refreshCache);

+        $urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim($dolibarr_main_url_root));
+        $urlwithroot=$urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
+
+        $urlwithouturlrootautodetect=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim(DOL_MAIN_URL_ROOT));
+        $urlwithrootautodetect=$urlwithouturlroot.DOL_URL_ROOT; // This is to use local domain autodetected by dolibarr from url
+
+        $this->r->setBaseUrls($urlwithouturlroot, $urlwithouturlrootautodetect);
        $this->r->setAPIVersion(1);
    }

@@ -129,6 +136,9 @@ class DolibarrApi
        unset($object->table_element_line);
        unset($object->picto);

+        unset($object->skip_update_total);
+        unset($object->context);
+
        // Remove the $oldcopy property because it is not supported by the JSON
        // encoder. The following error is generated when trying to serialize
        // it: "Error encoding/decoding JSON: Type is not supported"
--- a/htdocs/api/class/api_access.class.php
+++ b/htdocs/api/class/api_access.class.php
@@ -69,7 +69,7 @@ class DolibarrApiAccess implements iAuthenticate
 	 */
 	public function __isAllowed()
 	{
-		global $db;
+		global $conf, $db;

 		$login = '';
 		$stored_key = '';
@@ -100,10 +100,13 @@ class DolibarrApiAccess implements iAuthenticate

 		if ($api_key)
 		{
+			$userentity = 0;
+
 			$sql = "SELECT u.login, u.datec, u.api_key, ";
 			$sql.= " u.tms as date_modification, u.entity";
 			$sql.= " FROM ".MAIN_DB_PREFIX."user as u";
 			$sql.= " WHERE u.api_key = '".$db->escape($api_key)."'";
+			// TODO Check if 2 users has same API key.

 			$result = $db->query($sql);
 			if ($result)
@@ -113,24 +116,34 @@ class DolibarrApiAccess implements iAuthenticate
 					$obj = $db->fetch_object($result);
 					$login = $obj->login;
 					$stored_key = $obj->api_key;
+					$userentity = $obj->entity;
+
+					if (! defined("DOLENTITY") && $conf->entity != ($obj->entity?$obj->entity:1))		// If API was not forced with HTTP_DOLENTITY, and user is on another entity, so we reset entity to entity of user
+					{
+						$conf->entity = ($obj->entity?$obj->entity:1);
+						// We must also reload global conf to get params from the entity
+						dol_syslog("Entity was not set on http header with HTTP_DOLAPIENTITY (recommanded for performance purpose), so we switch now on entity of user (".$conf->entity .") and we have to reload configuration.", LOG_WARNING);
+						$conf->setValues($db);
+					}
 				}
 			}
 			else {
 				throw new RestException(503, 'Error when fetching user api_key :'.$db->error_msg);
 			}

-			if ($stored_key != $api_key) {
+			if ($stored_key != $api_key) {		// This should not happen since we did a search on api_key
 				$userClass::setCacheIdentifier($api_key);
 				return false;
 			}

 			if (! $login)
 			{
-			    throw new RestException(503, 'Error when searching logn user fro mapi key');
+			    throw new RestException(503, 'Error when searching login user from api key');
 			}
 			$fuser = new User($db);
-			if(! $fuser->fetch('',$login)) {
-				throw new RestException(503, 'Error when fetching user :'.$fuser->error);
+			$result = $fuser->fetch('', $login, '', 0, (empty($userentity) ? -1 : $conf->entity));	// If user is not entity 0, we search in working entity $conf->entity  (that may have been forced to a different value than user entity)
+			if ($result <= 0) {
+				throw new RestException(503, 'Error when fetching user :'.$fuser->error.' (conf->entity='.$conf->entity.')');
 			}
 			$fuser->getrights();
 			static::$user = $fuser;
@@ -143,14 +156,14 @@ class DolibarrApiAccess implements iAuthenticate
        }
 		else
 		{
-		    throw new RestException(401, "Failed to login to API. No parameter 'DOLAPIKEY' on HTTP header (neither in URL).");
+		    throw new RestException(401, "Failed to login to API. No parameter 'HTTP_DOLAPIKEY' on HTTP header (and no parameter DOLAPIKEY in URL).");
 		}

-    $userClass::setCacheIdentifier(static::$role);
-    Resources::$accessControlFunction = 'DolibarrApiAccess::verifyAccess';
-    $requirefortest = static::$requires;
-    if (! is_array($requirefortest)) $requirefortest=explode(',',$requirefortest);
-    return in_array(static::$role, (array) $requirefortest) || static::$role == 'admin';
+	    $userClass::setCacheIdentifier(static::$role);
+	    Resources::$accessControlFunction = 'DolibarrApiAccess::verifyAccess';
+	    $requirefortest = static::$requires;
+	    if (! is_array($requirefortest)) $requirefortest=explode(',',$requirefortest);
+	    return in_array(static::$role, (array) $requirefortest) || static::$role == 'admin';
 	}

 	/**
--- a/htdocs/api/class/api_login.class.php
+++ b/htdocs/api/class/api_login.class.php
@@ -36,7 +36,7 @@ class Login
 	 *
 	 * Request the API token for a couple username / password.
 	 * Using method POST is recommanded for security reasons (method GET is often logged by default by web servers with parameters so with login and pass into server log file).
-	 * Both methods are provided for developer conveniance. Best is to not use at all the login API method and enter directly the "api_key" into field at the top right of page (Note: "api_key" can be found/set on the user page).
+	 * Both methods are provided for developer conveniance. Best is to not use at all the login API method and enter directly the "DOLAPIKEY" into field at the top right of page. Note: Tha API key (DOLAPIKEY) can be found/set on the user page.
 	 *
 	 * @param   string  $login			User login
 	 * @param   string  $password		User password
--- a/htdocs/api/index.php
+++ b/htdocs/api/index.php
@@ -37,6 +37,10 @@ if (! defined('NOREQUIREAJAX'))  define('NOREQUIREAJAX','1');       // Do not lo
 if (! defined("NOLOGIN"))        define("NOLOGIN",'1');				// If this page is public (can be called outside logged session)


+// Force entity if a value is provided into HTTP header. Otherwise, will use the entity of user of token used.
+if (! empty($_SERVER['HTTP_DOLAPIENTITY'])) define("DOLENTITY", (int) $_SERVER['HTTP_DOLAPIENTITY']);
+
+
 $res=0;
 if (! $res && file_exists("../main.inc.php")) $res=include '../main.inc.php';
 if (! $res) die("Include of main fails");
@@ -124,7 +128,7 @@ if (! empty($reg[1]) && $reg[1] == 'explorer' && ($reg[2] == '/resources.json' |
    foreach ($modulesdir as $dir)
    {
        // Search available module
-        dol_syslog("Scan directory ".$dir." for module descriptor to after search for API files");
+        dol_syslog("Scan directory ".$dir." for module descriptor files, then search for API files");

        $handle=@opendir(dol_osencode($dir));
        if (is_resource($handle))
@@ -135,14 +139,14 @@ if (! empty($reg[1]) && $reg[1] == 'explorer' && ($reg[2] == '/resources.json' |
                {
                    $module = strtolower($regmod[1]);
                    $moduledirforclass = getModuleDirForApiClass($module);
-                    $moduleforperm = $module;
-                    if ($module == 'propale') { $moduleforperm='propal'; }
+                    $modulenameforenabled = $module;
+                    if ($module == 'propale') { $modulenameforenabled='propal'; }

-                    //dol_syslog("Found module file ".$file." - module=".$module." - moduledirforclass=".$moduledirforclass);
+                    dol_syslog("Found module file ".$file." - module=".$module." - moduledirforclass=".$moduledirforclass);

                    // Defined if module is enabled
                    $enabled=true;
-                    if (empty($conf->$moduleforperm->enabled)) $enabled=false;
+                    if (empty($conf->$modulenameforenabled->enabled)) $enabled=false;

                    if ($enabled)
                    {
@@ -231,7 +235,13 @@ if (! empty($reg[1]) && ($reg[1] != 'explorer' || ($reg[2] != '/resources.json'
        if ($module == 'order')    { $classname='Commande'; }
        //var_dump($classfile);var_dump($classname);exit;

-        require_once $dir_part_file;
+        $res = include_once $dir_part_file;
+        if (! $res) 
+        {
+        	print 'API not found (failed to include API file)';
+        	header('HTTP/1.1 501 API not found (failed to include API file)');
+        	exit(0);
+        }
        if (class_exists($classname.'Api')) $api->r->addAPIClass($classname.'Api', '/');
    }
    else
@@ -242,7 +252,14 @@ if (! empty($reg[1]) && ($reg[1] != 'explorer' || ($reg[2] != '/resources.json'
        $dir_part_file = dol_buildpath('/'.$moduledirforclass.'/class/api_'.$classfile.'.class.php');
        $classname=ucwords($module);

-        require_once $dir_part_file;
+        $res = include_once $dir_part_file;
+        if (! $res) 
+        {
+        	print 'API not found (failed to include API file)';
+        	header('HTTP/1.1 501 API not found (failed to include API file)');
+        	exit(0);
+        }
+        	
        if (class_exists($classname)) $api->r->addAPIClass($classname);
    }
 }
--- a/htdocs/blockedlog/class/blockedlog.class.php
+++ b/htdocs/blockedlog/class/blockedlog.class.php
@@ -108,6 +108,17 @@ class BlockedLog
 				$this->error++;
 			}
 		}
+		if($this->element === 'invoice_supplier') {
+			require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.facture.class.php';
+
+			$object = new FactureFournisseur($this->db);
+			if($object->fetch($this->fk_object)>0) {
+				return $object->getNomUrl(1);
+			}
+			else{
+				$this->error++;
+			}
+		}
 		else if($this->element === 'payment') {
 			require_once DOL_DOCUMENT_ROOT.'/compta/paiement/class/paiement.class.php';

@@ -119,6 +130,17 @@ class BlockedLog
 				$this->error++;
 			}
 		}
+		else if($this->element === 'payment_supplier') {
+			require_once DOL_DOCUMENT_ROOT.'/fourn/class/paiementfourn.class.php';
+
+			$object = new PaiementFourn($this->db);
+			if($object->fetch($this->fk_object)>0) {
+				return $object->getNomUrl(1);
+			}
+			else{
+				$this->error++;
+			}
+		}

 		return $langs->trans('ImpossibleToReloadObject', $this->element, $this->fk_object);

@@ -153,7 +175,7 @@ class BlockedLog
 	 */
 	public function setObjectData(&$object) {

-		if($object->element=='payment') {
+		if($object->element=='payment' || $object->element=='payment_supplier') {
 			$this->date_object = $object->datepaye;
 		}
 		else{
@@ -183,13 +205,28 @@ class BlockedLog
 			$this->object_data->note_private= (double) $object->note_private;

 		}
-		elseif($this->element==='payment'){
+		if($this->element === 'invoice_supplier') {
+			if(empty($object->thirdparty))$object->fetch_thirdparty();
+			$this->object_data->thirdparty = new stdClass();
+
+			foreach($object->thirdparty as $key=>$value) {
+				if(!is_object($value)) $this->object_data->thirdparty->{$key} = $value;
+			}
+
+			$this->object_data->total_ht 	= (double) $object->total_ht;
+			$this->object_data->total_tva	= (double) $object->total_tva;
+			$this->object_data->total_ttc	= (double) $object->total_ttc;
+			$this->object_data->total_localtax1= (double) $object->total_localtax1;
+			$this->object_data->total_localtax2= (double) $object->total_localtax2;
+			$this->object_data->note_public	= (double) $object->note_public;
+			$this->object_data->note_private= (double) $object->note_private;
+
+		}
+		elseif($this->element==='payment'|| $object->element=='payment_supplier'){

 			$this->object_data->amounts = $object->amounts;

 		}
-
-
 	}

 	/**
@@ -511,6 +548,15 @@ class BlockedLog
 				$this->amounts = (double) $obj->amount;
 			}
 		}
+		if($this->element === 'payment_supplier') {
+			$sql="SELECT amount FROM ".MAIN_DB_PREFIX."paiementfourn WHERE rowid=".$this->fk_object;
+
+			$res = $this->db->query($sql);
+
+			if($res && $obj = $this->db->fetch_object($res)) {
+				$this->amounts = (double) $obj->amount;
+			}
+		}
 		elseif($this->element === 'facture') {
 			$sql="SELECT total_ttc FROM ".MAIN_DB_PREFIX."facture WHERE rowid=".$this->fk_object;

--- a/htdocs/cashdesk/facturation_verif.php
+++ b/htdocs/cashdesk/facturation_verif.php
@@ -114,10 +114,13 @@ switch($action)
 					    {
 					        if (count($prodcustprice->lines) > 0)
 					        {
-					            $pu_ht = price($prodcustprice->lines [0]->price);
-					            $pu_ttc = price($prodcustprice->lines [0]->price_ttc);
-					            $price_base_type = $prodcustprice->lines [0]->price_base_type;
-					            $tva_tx = $prodcustprice->lines [0]->tva_tx;
+					            $pu_ht = price($prodcustprice->lines[0]->price);
+					            $pu_ttc = price($prodcustprice->lines[0]->price_ttc);
+					            $price_base_type = $prodcustprice->lines[0]->price_base_type;
+					            $tva_tx = $prodcustprice->lines[0]->tva_tx;
+					            if ($prodcustprice->lines[0]->default_vat_code && ! preg_match('/\(.*\)/', $tva_tx)) $tva_tx.= ' ('.$prodcustprice->lines[0]->default_vat_code.')';
+					            $tva_npr = $prodcustprice->lines[0]->recuperableonly;
+					            if (empty($tva_tx)) $tva_npr=0;
 					        }
 					    }
 					    else
--- a/htdocs/comm/action/card.php
+++ b/htdocs/comm/action/card.php
@@ -579,7 +579,7 @@ if ($action == 'mupdate')

 // Actions to delete doc
 $upload_dir = $conf->agenda->dir_output.'/'.dol_sanitizeFileName($object->ref);
-$permissioncreate = ($user->rights->agenda->allactions->delete ||	(($object->authorid == $user->id || $object->userownerid == $user->id) && $user->rights->agenda->myactions->delete));
+$permissioncreate = ($user->rights->agenda->allactions->create || (($object->authorid == $user->id || $object->userownerid == $user->id) && $user->rights->agenda->myactions->read));
 include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php';


@@ -1329,6 +1329,8 @@ if ($id > 0)
 		print '</div>';
 		if ($object->datep != $object->datef && in_array($user->id,array_keys($listofuserid)))
 		{
+			//var_dump($object->userassigned);
+			//var_dump($listofuserid);
 			print '<div class="myavailability">';
 			print $langs->trans("MyAvailability").': '.(($object->userassigned[$user->id]['transparency'] > 0)?$langs->trans("Busy"):$langs->trans("Available"));	// We show nothing if event is assigned to nobody
 			print '</div>';
@@ -1483,8 +1485,8 @@ if ($id > 0)
            $filedir=$conf->agenda->multidir_output[$conf->entity].'/'.$object->id;
            $urlsource=$_SERVER["PHP_SELF"]."?id=".$object->id;

-            $genallowed=$user->rights->agenda->myactions->create;
-	        $delallowed=$user->rights->agenda->myactions->delete;
+            $genallowed=$user->rights->agenda->myactions->read;
+	        $delallowed=$user->rights->agenda->myactions->create;

            $var=true;

--- a/htdocs/comm/action/class/actioncomm.class.php
+++ b/htdocs/comm/action/class/actioncomm.class.php
@@ -2,8 +2,8 @@
 /* Copyright (C) 2002-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
 * Copyright (C) 2004-2011 Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) 2005-2012 Regis Houssin        <regis.houssin@capnetworks.com>
- * Copyright (C) 2011	   Juanjo Menent        <jmenent@2byte.es>
- * Copyright (C) 2015       Marcos García           <marcosgdf@gmail.com>
+ * Copyright (C) 2011-2017 Juanjo Menent        <jmenent@2byte.es>
+ * Copyright (C) 2015	   Marcos García		<marcosgdf@gmail.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -225,11 +225,11 @@ class ActionComm extends CommonObject
        if ($this->elementtype=='commande') $this->elementtype='order';
        if ($this->elementtype=='contrat')  $this->elementtype='contract';

-        if (! is_array($this->userassigned) && ! empty($this->userassigned))	// For backward compatibility
+        if (! is_array($this->userassigned) && ! empty($this->userassigned))	// For backward compatibility when userassigned was an int instead fo array
        {
        	$tmpid=$this->userassigned;
        	$this->userassigned=array();
-        	$this->userassigned[$tmpid]=array('id'=>$tmpid);
+        	$this->userassigned[$tmpid]=array('id'=>$tmpid, 'transparency'=>$this->transparency);
        }

        if (is_object($this->contact) && isset($this->contact->id) && $this->contact->id > 0 && ! ($this->contactid > 0)) $this->contactid = $this->contact->id;		// For backward compatibility. Using this->contact->xx is deprecated
@@ -240,7 +240,7 @@ class ActionComm extends CommonObject

        // Be sure assigned user is defined as an array of array('id'=>,'mandatory'=>,...).
        if (empty($this->userassigned) || count($this->userassigned) == 0 || ! is_array($this->userassigned))
-        	$this->userassigned = array($userownerid=>array('id'=>$userownerid));
+        	$this->userassigned = array($userownerid=>array('id'=>$userownerid, 'transparency'=>$this->transparency));

        if (! $this->type_id || ! $this->type_code)
        {
@@ -1333,6 +1333,7 @@ class ActionComm extends CommonObject
            {
                // Note: Output of sql request is encoded in $conf->file->character_set_client
                // This assignment in condition is not a bug. It allows walking the results.
+				$diff = 0;
                while ($obj=$this->db->fetch_object($resql))
                {
                    $qualified=true;
@@ -1367,8 +1368,9 @@ class ActionComm extends CommonObject

                    if ($qualified && $datestart)
                    {
-                        $eventarray[$datestart]=$event;
+                        $eventarray[$datestart+$diff]=$event;
                    }
+                    $diff++;
                }
            }
            else
--- a/htdocs/comm/action/document.php
+++ b/htdocs/comm/action/document.php
@@ -75,7 +75,7 @@ if (! $sortorder) $sortorder="ASC";
 if (! $sortfield) $sortfield="name";

 $upload_dir = $conf->agenda->dir_output.'/'.dol_sanitizeFileName($object->ref);
-$modulepart='contract';
+$modulepart='actions';


 /*
--- a/htdocs/comm/action/index.php
+++ b/htdocs/comm/action/index.php
@@ -297,7 +297,11 @@ if ($status == 'done') $title=$langs->trans("DoneActions");
 if ($status == 'todo') $title=$langs->trans("ToDoActions");

 $param='';
-if ($actioncode || isset($_GET['actioncode']) || isset($_POST['actioncode'])) $param.="&actioncode=".$actioncode;
+if ($actioncode || isset($_GET['actioncode']) || isset($_POST['actioncode'])) {
+	if(is_array($actioncode)) {
+		foreach($actioncode as $str_action) $param.="&actioncode[]=".$str_action;
+	} else $param.="&actioncode=".$actioncode;
+}
 if ($resourceid > 0)  $param.="&resourceid=".$resourceid;
 if ($status || isset($_GET['status']) || isset($_POST['status'])) $param.="&status=".$status;
 if ($filter)  $param.="&filter=".$filter;
@@ -482,7 +486,14 @@ if (! empty($actioncode))
        elseif ($actioncode == 'AC_ALL_AUTO') $sql.= " AND ca.type = 'systemauto'";
        else
        {
-            $sql.=" AND ca.code IN ('".implode("','", explode(',',$actioncode))."')";
+		if (is_array($actioncode))
+		{
+	        	$sql.=" AND ca.code IN ('".implode("','", $actioncode)."')";
+		}
+		else
+		{
+	        	$sql.=" AND ca.code IN ('".implode("','", explode(',', $actioncode))."')";
+		}
        }
    }
 }
--- a/htdocs/comm/action/listactions.php
+++ b/htdocs/comm/action/listactions.php
@@ -169,7 +169,11 @@ $listofextcals=array();
 $param='';
 if (! empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param.='&contextpage='.$contextpage;
 if ($limit > 0 && $limit != $conf->liste_limit) $param.='&limit='.$limit;
-if ($actioncode != '') $param.="&actioncode=".$actioncode;
+if ($actioncode != '') {
+	if(is_array($actioncode)) {
+		foreach($actioncode as $str_action) $param.="&actioncode[]=".$str_action;
+	} else $param.="&actioncode=".$actioncode;
+}
 if ($resourceid > 0) $param.="&resourceid=".$resourceid;
 if ($status != '' && $status > -1) $param.="&status=".$status;
 if ($filter) $param.="&filter=".$filter;
@@ -227,7 +231,14 @@ if (! empty($actioncode))
        elseif ($actioncode == 'AC_ALL_AUTO') $sql.= " AND c.type = 'systemauto'";
        else
        {
-            $sql.=" AND c.code IN ('".implode("','", explode(',',$actioncode))."')";
+		if (is_array($actioncode))
+ 		{
+ 	        	$sql.=" AND c.code IN ('".implode("','", $actioncode)."')";
+ 		}
+ 		else
+ 		{
+ 	        	$sql.=" AND c.code IN ('".implode("','", explode(',', $actioncode))."')";
+ 		}		
        }
    }
 }
--- a/htdocs/comm/action/peruser.php
+++ b/htdocs/comm/action/peruser.php
@@ -203,7 +203,11 @@ if ($status == 'done') $title=$langs->trans("DoneActions");
 if ($status == 'todo') $title=$langs->trans("ToDoActions");

 $param='';
-if ($actioncode || isset($_GET['actioncode']) || isset($_POST['actioncode'])) $param.="&actioncode=".$actioncode;
+if ($actioncode || isset($_GET['actioncode']) || isset($_POST['actioncode'])) {
+	if(is_array($actioncode)) {
+		foreach($actioncode as $str_action) $param.="&actioncode[]=".$str_action;
+	} else $param.="&actioncode=".$actioncode;
+}
 if ($resourceid > 0) $param.="&resourceid=".$resourceid;
 if ($status || isset($_GET['status']) || isset($_POST['status'])) $param.="&status=".$status;
 if ($filter)  $param.="&filter=".$filter;
@@ -394,7 +398,14 @@ if (! empty($actioncode))
        elseif ($actioncode == 'AC_ALL_AUTO') $sql.= " AND ca.type = 'systemauto'";
        else
        {
-            $sql.=" AND ca.code IN ('".implode("','", explode(',',$actioncode))."')";
+		if (is_array($actioncode))
+  		{
+  	        	$sql.=" AND ca.code IN ('".implode("','", $actioncode)."')";
+  		}
+  		else
+  		{
+  	        	$sql.=" AND ca.code IN ('".implode("','", explode(',', $actioncode))."')";
+  		}
        }
    }
 }
--- a/htdocs/comm/propal/card.php
+++ b/htdocs/comm/propal/card.php
@@ -611,7 +611,7 @@ if (empty($reshook))
 			// prevent browser refresh from closing proposal several times
 			if ($object->statut == Propal::STATUS_VALIDATED)
 			{
-				$result=$object->cloture($user, GETPOST('statut'), GETPOST('note'));
+				$result=$object->cloture($user, GETPOST('statut','int'), GETPOST('note','none'));
 				if ($result < 0)
 				{
 					setEventMessages($object->error, $object->errors, 'errors');
@@ -805,6 +805,9 @@ if (empty($reshook))
 							$pu_ttc = price($prodcustprice->lines[0]->price_ttc);
 							$price_base_type = $prodcustprice->lines[0]->price_base_type;
 							$tva_tx = ($prodcustprice->lines[0]->default_vat_code ? $prodcustprice->lines[0]->tva_tx . ' ('.$prodcustprice->lines[0]->default_vat_code.' )' : $prodcustprice->lines[0]->tva_tx);
+							if ($prodcustprice->lines[0]->default_vat_code && ! preg_match('/\(.*\)/', $tva_tx)) $tva_tx.= ' ('.$prodcustprice->lines[0]->default_vat_code.')';
+							$tva_npr = $prodcustprice->lines[0]->recuperableonly;
+							if (empty($tva_tx)) $tva_npr=0;
 						}
 					}
 				}
@@ -2173,7 +2176,7 @@ if ($action == 'create')
 	// Show object lines
 	$result = $object->getLinesArray();

-	print '	<form name="addproduct" id="addproduct" action="' . $_SERVER["PHP_SELF"] . '?id=' . $object->id . (($action != 'editline') ? '#add' : '#line_' . GETPOST('lineid')) . '" method="POST">
+	print '	<form name="addproduct" id="addproduct" action="' . $_SERVER["PHP_SELF"] . '?id=' . $object->id . (($action != 'editline') ? '#addline' : '#line_' . GETPOST('lineid')) . '" method="POST">
 	<input type="hidden" name="token" value="' . $_SESSION ['newtoken'] . '">
 	<input type="hidden" name="action" value="' . (($action != 'editline') ? 'addline' : 'updateligne') . '">
 	<input type="hidden" name="mode" value="">
@@ -2355,8 +2358,8 @@ if ($action == 'create')
 		$filename = dol_sanitizeFileName($object->ref);
 		$filedir = $conf->propal->dir_output . "/" . dol_sanitizeFileName($object->ref);
 		$urlsource = $_SERVER["PHP_SELF"] . "?id=" . $object->id;
-		$genallowed = $user->rights->propal->creer;
-		$delallowed = $user->rights->propal->supprimer;
+		$genallowed = $user->rights->propal->lire;
+		$delallowed = $user->rights->propal->creer;

 		$var = true;

--- a/htdocs/comm/propal/class/api_proposals.class.php
+++ b/htdocs/comm/propal/class/api_proposals.class.php
@@ -239,21 +239,25 @@ class Proposals extends DolibarrApi
     *
     * @return int
     */
-    function postLine($id, $request_data = NULL) {
-      if(! DolibarrApiAccess::$user->rights->propal->creer) {
+    function postLine($id, $request_data = NULL)
+    {
+		if(! DolibarrApiAccess::$user->rights->propal->creer) {
 		  	throw new RestException(401);
-		  }
+		}

-      $result = $this->propal->fetch($id);
-      if( ! $result ) {
-         throw new RestException(404, 'Commercial Proposal not found');
-      }
+	    $result = $this->propal->fetch($id);
+	    if (! $result) {
+	       throw new RestException(404, 'Commercial Proposal not found');
+	    }

-		  if( ! DolibarrApi::_checkAccessToResource('propal',$this->propal->id)) {
-			  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
-      }
-			$request_data = (object) $request_data;
-      $updateRes = $this->propal->addline(
+		if (! DolibarrApi::_checkAccessToResource('propal',$this->propal->id))
+		{
+			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+		}
+
+		$request_data = (object) $request_data;
+
+      	$updateRes = $this->propal->addline(
                        $request_data->desc,
                        $request_data->subprice,
                        $request_data->qty,
@@ -276,14 +280,14 @@ class Proposals extends DolibarrApi
                        $request_data->date_end,
                        $request_data->array_options,
                        $request_data->fk_unit,
-                        $this->element,
-                        $request_data->id,
-                        $request_data->pu_ht_devise,
+                        $request_data->origin,
+                        $request_data->origin_id,
+                        $request_data->multicurrency_subprice,
                        $request_data->fk_remise_except
      );

      if ($updateRes > 0) {
-        return $this->get($id)->line->rowid;
+        return $updateRes;

      }
      return false;
@@ -300,42 +304,52 @@ class Proposals extends DolibarrApi
     *
     * @return object
     */
-    function putLine($id, $lineid, $request_data = NULL) {
-      if(! DolibarrApiAccess::$user->rights->propal->creer) {
-		  	throw new RestException(401);
-		  }
+    function putLine($id, $lineid, $request_data = NULL)
+    {
+    	if(! DolibarrApiAccess::$user->rights->propal->creer) {
+			throw new RestException(401);
+		}

-      $result = $this->propal->fetch($id);
-      if( ! $result ) {
-         throw new RestException(404, 'Proposal not found');
-      }
+    	$result = $this->propal->fetch($id);
+    	if($result <= 0) {
+        	throw new RestException(404, 'Proposal not found');
+    	}

-		  if( ! DolibarrApi::_checkAccessToResource('propal',$this->propal->id)) {
-			  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
-      }
-			$request_data = (object) $request_data;
-      $updateRes = $this->propal->updateline(
+		if( ! DolibarrApi::_checkAccessToResource('propal',$this->propal->id)) {
+			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+      	}
+
+      	$request_data = (object) $request_data;
+
+      	$propalline = new PropaleLigne($this->db);
+      	$result = $propalline->fetch($lineid);
+      	if ($result <= 0) {
+      		throw new RestException(404, 'Proposal line not found');
+      	}
+
+      	$updateRes = $this->propal->updateline(
                        $lineid,
-                        $request_data->desc,
-                        $request_data->subprice,
-                        $request_data->qty,
-                        $request_data->remise_percent,
-                        $request_data->tva_tx,
-                        $request_data->localtax1_tx,
-                        $request_data->localtax2_tx,
-                        'HT',
-                        $request_data->info_bits,
-                        $request_data->date_start,
-                        $request_data->date_end,
-                        $request_data->product_type,
-                        $request_data->fk_parent_line,
-                        0,
-                        $request_data->fk_fournprice,
-                        $request_data->pa_ht,
-                        $request_data->label,
-                        $request_data->special_code,
-                        $request_data->array_options,
-                        $request_data->fk_unit
+                        isset($request_data->subprice)?$request_data->subprice:$propalline->subprice,
+                        isset($request_data->qty)?$request_data->qty:$propalline->qty,
+                        isset($request_data->remise_percent)?$request_data->remise_percent:$propalline->remise_percent,
+                        isset($request_data->tva_tx)?$request_data->tva_tx:$propalline->tva_tx,
+                        isset($request_data->localtax1_tx)?$request_data->localtax1_tx:$propalline->localtax1_tx,
+                        isset($request_data->localtax2_tx)?$request_data->localtax2_tx:$propalline->localtax2_tx,
+                        isset($request_data->desc)?$request_data->desc:$propalline->desc,
+      					'HT',
+                        isset($request_data->info_bits)?$request_data->info_bits:$propalline->info_bits,
+                        isset($request_data->special_code)?$request_data->special_code:$propalline->special_code,
+                        isset($request_data->fk_parent_line)?$request_data->fk_parent_line:$propalline->fk_parent_line,
+      					0,
+      					isset($request_data->fk_fournprice)?$request_data->fk_fournprice:$propalline->fk_fournprice,
+      					isset($request_data->pa_ht)?$request_data->pa_ht:$propalline->pa_ht,
+      					isset($request_data->label)?$request_data->label:$propalline->label,
+				      	isset($request_data->product_type)?$request_data->product_type:$propalline->product_type,
+      					isset($request_data->date_start)?$request_data->date_start:$propalline->date_start,
+                        isset($request_data->date_end)?$request_data->date_end:$propalline->date_end,
+                        isset($request_data->array_options)?$request_data->array_options:$propalline->array_options,
+                        isset($request_data->fk_unit)?$request_data->fk_unit:$propalline->fk_unit,
+      					isset($request_data->multicurrency_subprice)?$request_data->multicurrency_subprice:$propalline->subprice
      );

      if ($updateRes > 0) {
@@ -508,4 +522,23 @@ class Proposals extends DolibarrApi
        }
        return $propal;
    }
+
+    /**
+     * Clean sensible object datas
+     *
+     * @param   object  $object    Object to clean
+     * @return    array    Array of cleaned object properties
+     */
+    function _cleanObjectDatas($object) {
+
+    	$object = parent::_cleanObjectDatas($object);
+
+    	unset($object->name);
+    	unset($object->lastname);
+    	unset($object->firstname);
+    	unset($object->civility_id);
+    	unset($object->address);
+
+    	return $object;
+    }
 }
--- a/htdocs/comm/propal/class/propal.class.php
+++ b/htdocs/comm/propal/class/propal.class.php
@@ -371,12 +371,12 @@ class Propal extends CommonObject
     *      by whose calling the method get_default_tva (societe_vendeuse, societe_acheteuse, '' product)
     *      and desc must already have the right value (it's up to the caller to manage multilanguage)
     *
-     * 		@param    	string		$desc				Description de la ligne
-     * 		@param    	float		$pu_ht				Prix unitaire
-     * 		@param    	float		$qty             	Quantite
-     * 		@param    	float		$txtva           	Taux de tva
-     * 		@param		float		$txlocaltax1		Local tax 1 rate
-     *  	@param		float		$txlocaltax2		Local tax 2 rate
+     * 		@param    	string		$desc				Description of line
+     * 		@param    	float		$pu_ht				Unit price
+     * 		@param    	float		$qty             	Quantity
+     * 		@param    	float		$txtva           	Force Vat rate, -1 for auto (Can contain the vat_src_code too with syntax '9.9 (CODE)')
+     * 		@param		float		$txlocaltax1		Local tax 1 rate (deprecated, use instead txtva with code inside)
+     *  	@param		float		$txlocaltax2		Local tax 2 rate (deprecated, use instead txtva with code inside)
     *		@param    	int			$fk_product      	Id du produit/service predefini
     * 		@param    	float		$remise_percent  	Pourcentage de remise de la ligne
     * 		@param    	string		$price_base_type	HT or TTC
@@ -590,6 +590,11 @@ class Propal extends CommonObject
                return -2;
            }
        }
+		else
+		{
+			dol_syslog(get_class($this)."::addline status of order must be Draft to allow use of ->addline()", LOG_ERR);
+			return -3;
+		}
    }


@@ -639,6 +644,7 @@ class Propal extends CommonObject
    	$pa_ht=price2num($pa_ht);
        if (empty($qty) && empty($special_code)) $special_code=3;    // Set option tag
        if (! empty($qty) && $special_code == 3) $special_code=0;    // Remove option tag
+        if (empty($type)) $type=0;

        if ($this->statut == self::STATUS_DRAFT)
        {
@@ -830,8 +836,9 @@ class Propal extends CommonObject
        if (empty($this->availability_id)) $this->availability_id=0;
        if (empty($this->demand_reason_id)) $this->demand_reason_id=0;

-		// Multicurrency
-		if (!empty($this->multicurrency_code)) list($this->fk_multicurrency,$this->multicurrency_tx) = MultiCurrency::getIdAndTxFromCode($this->db, $this->multicurrency_code, $this->date);
+		// Multicurrency (test on $this->multicurrency_tx because we should take the default rate only if not using origin rate)
+		if (!empty($this->multicurrency_code) && empty($this->multicurrency_tx)) list($this->fk_multicurrency,$this->multicurrency_tx) = MultiCurrency::getIdAndTxFromCode($this->db, $this->multicurrency_code, $this->date);
+		else $this->fk_multicurrency = MultiCurrency::getIdFromCode($this->db, $this->multicurrency_code);
 		if (empty($this->fk_multicurrency))
 		{
 			$this->multicurrency_code = $conf->currency;
@@ -954,9 +961,51 @@ class Propal extends CommonObject
                $resql=$this->db->query($sql);
                if (! $resql) $error++;

+                if (! empty($this->linkedObjectsIds) && empty($this->linked_objects))	// To use new linkedObjectsIds instead of old linked_objects
+                {
+                	$this->linked_objects = $this->linkedObjectsIds;	// TODO Replace linked_objects with linkedObjectsIds
+                }
+
+                // Add object linked
+                if (! $error && $this->id && is_array($this->linked_objects) && ! empty($this->linked_objects))
+                {
+                	foreach($this->linked_objects as $origin => $tmp_origin_id)
+                	{
+                		if (is_array($tmp_origin_id))       // New behaviour, if linked_object can have several links per type, so is something like array('contract'=>array(id1, id2, ...))
+                		{
+                			foreach($tmp_origin_id as $origin_id)
+                			{
+                				$ret = $this->add_object_linked($origin, $origin_id);
+                				if (! $ret)
+                				{
+                					$this->error=$this->db->lasterror();
+                					$error++;
+                				}
+                			}
+                		}
+                		else                                // Old behaviour, if linked_object has only one link per type, so is something like array('contract'=>id1))
+                		{
+                			$origin_id = $tmp_origin_id;
+                			$ret = $this->add_object_linked($origin, $origin_id);
+                			if (! $ret)
+                			{
+                				$this->error=$this->db->lasterror();
+                				$error++;
+                			}
+                		}
+                	}
+                }
+
+                // Add linked object (deprecated, use ->linkedObjectsIds instead)
+                if (! $error && $this->origin && $this->origin_id)
+                {
+                	$ret = $this->add_object_linked();
+                	if (! $ret)	dol_print_error($this->db);
+                }
+
                /*
                 *  Insertion du detail des produits dans la base
-                */
+                 */
                if (! $error)
                {
                    $fk_parent_line=0;
@@ -969,11 +1018,15 @@ class Propal extends CommonObject
                            $fk_parent_line = 0;
                        }

+                        // Complete vat rate with code
+						$vatrate = $this->lines[$i]->tva_tx;
+						if ($this->lines[$i]->vat_src_code && ! preg_match('/\(.*\)/', $vatrate)) $vatrate.=' ('.$this->lines[$i]->vat_src_code.')';
+
 						$result = $this->addline(
 							$this->lines[$i]->desc,
 							$this->lines[$i]->subprice,
 							$this->lines[$i]->qty,
-							$this->lines[$i]->tva_tx,
+							$vatrate,
 							$this->lines[$i]->localtax1_tx,
 							$this->lines[$i]->localtax2_tx,
 							$this->lines[$i]->fk_product,
@@ -1010,13 +1063,6 @@ class Propal extends CommonObject
                    }
                }

-                // Add linked object
-                if (! $error && $this->origin && $this->origin_id)
-                {
-                    $ret = $this->add_object_linked();
-                    if (! $ret)	dol_print_error($this->db);
-                }
-
                // Set delivery address
                if (! $error && $this->fk_delivery_address)
                {
@@ -1185,7 +1231,6 @@ class Propal extends CommonObject
        if (empty($conf->global->MAIN_KEEP_REF_CUSTOMER_ON_CLONING)) $clonedObj->ref_client	= '';

        // Create clone
-
        $result=$clonedObj->create($user);
        if ($result < 0) $error++;
        else
@@ -1404,7 +1449,7 @@ class Propal extends CommonObject
 	{
 		$this->lines=array();

-		$sql = 'SELECT d.rowid, d.fk_propal, d.fk_parent_line, d.label as custom_label, d.description, d.price, d.vat_src_code, d.tva_tx, d.localtax1_tx, d.localtax2_tx, d.qty, d.fk_remise_except, d.remise_percent, d.subprice, d.fk_product,';
+		$sql = 'SELECT d.rowid, d.fk_propal, d.fk_parent_line, d.label as custom_label, d.description, d.price, d.vat_src_code, d.tva_tx, d.localtax1_tx, d.localtax2_tx, d.localtax1_type, d.localtax2_type, d.qty, d.fk_remise_except, d.remise_percent, d.subprice, d.fk_product,';
 		$sql.= ' d.info_bits, d.total_ht, d.total_tva, d.total_localtax1, d.total_localtax2, d.total_ttc, d.fk_product_fournisseur_price as fk_fournprice, d.buy_price_ht as pa_ht, d.special_code, d.rang, d.product_type,';
 		$sql.= ' d.fk_unit,';
 		$sql.= ' p.ref as product_ref, p.description as product_desc, p.fk_product_type, p.label as product_label,';
@@ -1443,6 +1488,8 @@ class Propal extends CommonObject
 				$line->tva_tx           = $objp->tva_tx;
 				$line->localtax1_tx		= $objp->localtax1_tx;
 				$line->localtax2_tx		= $objp->localtax2_tx;
+				$line->localtax1_type	= $objp->localtax1_type;
+				$line->localtax2_type	= $objp->localtax2_type;
 				$line->subprice         = $objp->subprice;
 				$line->fk_remise_except = $objp->fk_remise_except;
 				$line->remise_percent   = $objp->remise_percent;
@@ -3366,8 +3413,8 @@ class Propal extends CommonObject
        $this->lines = array();

        $sql = 'SELECT pt.rowid, pt.label as custom_label, pt.description, pt.fk_product, pt.fk_remise_except,';
-        $sql.= ' pt.qty, pt.vat_src_code, pt.tva_tx, pt.remise_percent, pt.subprice, pt.info_bits,';
-        $sql.= ' pt.total_ht, pt.total_tva, pt.total_ttc, pt.fk_product_fournisseur_price as fk_fournprice, pt.buy_price_ht as pa_ht, pt.special_code, pt.localtax1_tx, pt.localtax2_tx,';
+        $sql.= ' pt.qty, pt.vat_src_code, pt.tva_tx, pt.localtax1_tx, pt.localtax2_tx, pt.localtax1_type, pt.localtax2_type, pt.remise_percent, pt.subprice, pt.info_bits,';
+        $sql.= ' pt.total_ht, pt.total_tva, pt.total_ttc, pt.total_localtax1, pt.total_localtax2, pt.fk_product_fournisseur_price as fk_fournprice, pt.buy_price_ht as pa_ht, pt.special_code,';
        $sql.= ' pt.date_start, pt.date_end, pt.product_type, pt.rang, pt.fk_parent_line,';
 	    $sql.= ' pt.fk_unit,';
        $sql.= ' p.label as product_label, p.ref, p.fk_product_type, p.rowid as prodid, p.description as product_desc, p.tobatch as product_tobatch,';
@@ -3411,11 +3458,17 @@ class Propal extends CommonObject

                $this->lines[$i]->vat_src_code      = $obj->vat_src_code;
                $this->lines[$i]->tva_tx			= $obj->tva_tx;
+                $this->lines[$i]->localtax1_tx		= $obj->localtax1_tx;
+                $this->lines[$i]->localtax2_tx		= $obj->localtax2_tx;
+                $this->lines[$i]->localtax1_type	= $obj->localtax1_type;
+                $this->lines[$i]->localtax2_type	= $obj->localtax2_type;
                $this->lines[$i]->info_bits			= $obj->info_bits;
                $this->lines[$i]->total_ht			= $obj->total_ht;
                $this->lines[$i]->total_tva			= $obj->total_tva;
                $this->lines[$i]->total_ttc			= $obj->total_ttc;
-				$this->lines[$i]->fk_fournprice		= $obj->fk_fournprice;
+                $this->lines[$i]->total_localtax1	= $obj->total_localtax1;
+                $this->lines[$i]->total_localtax2	= $obj->total_localtax2;
+                $this->lines[$i]->fk_fournprice		= $obj->fk_fournprice;
 				$marginInfos						= getMarginInfos($obj->subprice, $obj->remise_percent, $obj->tva_tx, $obj->localtax1_tx, $obj->localtax2_tx, $this->lines[$i]->fk_fournprice, $obj->pa_ht);
 				$this->lines[$i]->pa_ht				= $marginInfos[0];
 				$this->lines[$i]->marge_tx			= $marginInfos[1];
@@ -3645,59 +3698,66 @@ class PropaleLigne extends CommonObjectLine
 		{
 			$objp = $this->db->fetch_object($result);

-			$this->id               = $objp->rowid;
-			$this->rowid			= $objp->rowid;     // deprecated
-			$this->fk_propal		= $objp->fk_propal;
-			$this->fk_parent_line	= $objp->fk_parent_line;
-			$this->label			= $objp->custom_label;
-			$this->desc				= $objp->description;
-			$this->qty				= $objp->qty;
-			$this->price			= $objp->price;		// deprecated
-			$this->subprice			= $objp->subprice;
-			$this->vat_src_code		= $objp->vat_src_code;
-			$this->tva_tx			= $objp->tva_tx;
-			$this->remise			= $objp->remise;    // deprecated
-			$this->remise_percent	= $objp->remise_percent;
-			$this->fk_remise_except = $objp->fk_remise_except;
-			$this->fk_product		= $objp->fk_product;
-			$this->info_bits		= $objp->info_bits;
+			if ($objp)
+			{
+				$this->id               = $objp->rowid;
+				$this->rowid			= $objp->rowid;     // deprecated
+				$this->fk_propal		= $objp->fk_propal;
+				$this->fk_parent_line	= $objp->fk_parent_line;
+				$this->label			= $objp->custom_label;
+				$this->desc				= $objp->description;
+				$this->qty				= $objp->qty;
+				$this->price			= $objp->price;		// deprecated
+				$this->subprice			= $objp->subprice;
+				$this->vat_src_code		= $objp->vat_src_code;
+				$this->tva_tx			= $objp->tva_tx;
+				$this->remise			= $objp->remise;    // deprecated
+				$this->remise_percent	= $objp->remise_percent;
+				$this->fk_remise_except = $objp->fk_remise_except;
+				$this->fk_product		= $objp->fk_product;
+				$this->info_bits		= $objp->info_bits;

-			$this->total_ht			= $objp->total_ht;
-			$this->total_tva		= $objp->total_tva;
-			$this->total_ttc		= $objp->total_ttc;
+				$this->total_ht			= $objp->total_ht;
+				$this->total_tva		= $objp->total_tva;
+				$this->total_ttc		= $objp->total_ttc;

-			$this->fk_fournprice	= $objp->fk_fournprice;
+				$this->fk_fournprice	= $objp->fk_fournprice;

-			$marginInfos			= getMarginInfos($objp->subprice, $objp->remise_percent, $objp->tva_tx, $objp->localtax1_tx, $objp->localtax2_tx, $this->fk_fournprice, $objp->pa_ht);
-			$this->pa_ht			= $marginInfos[0];
-			$this->marge_tx			= $marginInfos[1];
-			$this->marque_tx		= $marginInfos[2];
+				$marginInfos			= getMarginInfos($objp->subprice, $objp->remise_percent, $objp->tva_tx, $objp->localtax1_tx, $objp->localtax2_tx, $this->fk_fournprice, $objp->pa_ht);
+				$this->pa_ht			= $marginInfos[0];
+				$this->marge_tx			= $marginInfos[1];
+				$this->marque_tx		= $marginInfos[2];

-			$this->special_code		= $objp->special_code;
-			$this->product_type		= $objp->product_type;
-			$this->rang				= $objp->rang;
+				$this->special_code		= $objp->special_code;
+				$this->product_type		= $objp->product_type;
+				$this->rang				= $objp->rang;

-			$this->ref				= $objp->product_ref;      // deprecated
-			$this->product_ref		= $objp->product_ref;
-			$this->libelle			= $objp->product_label;  // deprecated
-			$this->product_label	= $objp->product_label;
-			$this->product_desc		= $objp->product_desc;
-			$this->fk_unit          = $objp->fk_unit;
+				$this->ref				= $objp->product_ref;      // deprecated
+				$this->product_ref		= $objp->product_ref;
+				$this->libelle			= $objp->product_label;  // deprecated
+				$this->product_label	= $objp->product_label;
+				$this->product_desc		= $objp->product_desc;
+				$this->fk_unit          = $objp->fk_unit;

-			$this->date_start       = $this->db->jdate($objp->date_start);
-            $this->date_end         = $this->db->jdate($objp->date_end);
+				$this->date_start       = $this->db->jdate($objp->date_start);
+	            $this->date_end         = $this->db->jdate($objp->date_end);

-			// Multicurrency
-			$this->fk_multicurrency 		= $objp->fk_multicurrency;
-			$this->multicurrency_code 		= $objp->multicurrency_code;
-			$this->multicurrency_subprice 	= $objp->multicurrency_subprice;
-			$this->multicurrency_total_ht 	= $objp->multicurrency_total_ht;
-			$this->multicurrency_total_tva 	= $objp->multicurrency_total_tva;
-			$this->multicurrency_total_ttc 	= $objp->multicurrency_total_ttc;
+				// Multicurrency
+				$this->fk_multicurrency 		= $objp->fk_multicurrency;
+				$this->multicurrency_code 		= $objp->multicurrency_code;
+				$this->multicurrency_subprice 	= $objp->multicurrency_subprice;
+				$this->multicurrency_total_ht 	= $objp->multicurrency_total_ht;
+				$this->multicurrency_total_tva 	= $objp->multicurrency_total_tva;
+				$this->multicurrency_total_ttc 	= $objp->multicurrency_total_ttc;

-			$this->db->free($result);
+				$this->db->free($result);

-            return 1;
+	            return 1;
+			}
+			else
+			{
+				return 0;
+			}
 		}
 		else
 		{
--- a/htdocs/comm/propal/list.php
+++ b/htdocs/comm/propal/list.php
@@ -1031,7 +1031,7 @@ if ($resql)

 	    $filedir=$diroutputmassaction;
 	    $genallowed=$user->rights->propal->lire;
-	    $delallowed=$user->rights->propal->lire;
+	    $delallowed=$user->rights->propal->creer;

 	    print $formfile->showdocuments('massfilesarea_proposals','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,'','');
 	}
--- a/htdocs/comm/remx.php
+++ b/htdocs/comm/remx.php
@@ -389,7 +389,7 @@ if ($socid > 0)
    				$facturestatic->id=$obj->fk_facture_source;
    				$facturestatic->ref=$obj->ref;
    				$facturestatic->type=$obj->type;
-    				print preg_replace('/\(EXCESS RECEIVED\)/',$langs->trans("Invoice"),$obj->description).' '.$facturestatic->getNomURl(1);
+    				print preg_replace('/\(EXCESS RECEIVED\)/',$langs->trans("ExcessReceived"),$obj->description).' '.$facturestatic->getNomURl(1);
    				print '</td>';
    			}
    			else
--- a/htdocs/commande/card.php
+++ b/htdocs/commande/card.php
@@ -766,10 +766,13 @@ if (empty($reshook))
 					{
 						if (count($prodcustprice->lines) > 0)
 						{
-							$pu_ht = price($prodcustprice->lines [0]->price);
-							$pu_ttc = price($prodcustprice->lines [0]->price_ttc);
-							$price_base_type = $prodcustprice->lines [0]->price_base_type;
-							$tva_tx = $prodcustprice->lines [0]->tva_tx;
+							$pu_ht = price($prodcustprice->lines[0]->price);
+							$pu_ttc = price($prodcustprice->lines[0]->price_ttc);
+							$price_base_type = $prodcustprice->lines[0]->price_base_type;
+							$tva_tx = $prodcustprice->lines[0]->tva_tx;
+							if ($prodcustprice->lines[0]->default_vat_code && ! preg_match('/\(.*\)/', $tva_tx)) $tva_tx.= ' ('.$prodcustprice->lines[0]->default_vat_code.')';
+							$tva_npr = $prodcustprice->lines[0]->recuperableonly;
+							if (empty($tva_tx)) $tva_npr=0;
 						}
 					}
 					else
@@ -2389,7 +2392,7 @@ if ($action == 'create' && $user->rights->commande->creer)
 		 */
 		$result = $object->getLinesArray();

-		print '	<form name="addproduct" id="addproduct" action="' . $_SERVER["PHP_SELF"] . '?id=' . $object->id . (($action != 'editline') ? '#add' : '#line_' . GETPOST('lineid')) . '" method="POST">
+		print '	<form name="addproduct" id="addproduct" action="' . $_SERVER["PHP_SELF"] . '?id=' . $object->id . (($action != 'editline') ? '#addline' : '#line_' . GETPOST('lineid')) . '" method="POST">
 		<input type="hidden" name="token" value="' . $_SESSION ['newtoken'] . '">
 		<input type="hidden" name="action" value="' . (($action != 'editline') ? 'addline' : 'updateline') . '">
 		<input type="hidden" name="mode" value="">
@@ -2497,7 +2500,7 @@ if ($action == 'create' && $user->rights->commande->creer)
 				if (! empty($conf->expedition->enabled)) {
 					$numshipping = $object->nb_expedition();

-					if ($object->statut > Commande::STATUS_DRAFT && $object->statut < Commande::STATUS_CLOSED && $object->getNbOfProductsLines() > 0) {
+					if ($object->statut > Commande::STATUS_DRAFT && $object->statut < Commande::STATUS_CLOSED && ($object->getNbOfProductsLines() > 0 || !empty($conf->global->STOCK_SUPPORTS_SERVICES))) {
 						if (($conf->expedition_bon->enabled && $user->rights->expedition->creer) || ($conf->livraison_bon->enabled && $user->rights->expedition->livraison->creer)) {
 							if ($user->rights->expedition->creer) {
 								print '<div class="inline-block divButAction"><a class="butAction" href="' . DOL_URL_ROOT . '/expedition/shipment.php?id=' . $object->id . '">' . $langs->trans('CreateShipment') . '</a></div>';
@@ -2576,8 +2579,8 @@ if ($action == 'create' && $user->rights->commande->creer)
 			$relativepath = $comref . '/' . $comref . '.pdf';
 			$filedir = $conf->commande->dir_output . '/' . $comref;
 			$urlsource = $_SERVER["PHP_SELF"] . "?id=" . $object->id;
-			$genallowed = $user->rights->commande->creer;
-			$delallowed = $user->rights->commande->supprimer;
+			$genallowed = $user->rights->commande->lire;
+			$delallowed = $user->rights->commande->creer;
 			print $formfile->showdocuments('commande', $comref, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', '', '', $soc->default_lang);


--- a/htdocs/commande/class/api_orders.class.php
+++ b/htdocs/commande/class/api_orders.class.php
@@ -52,9 +52,9 @@ class Orders extends DolibarrApi
    }

    /**
-     * Get properties of a commande object
+     * Get properties of an order object
     *
-     * Return an array with commande informations
+     * Return an array with order informations
     *
     * @param       int         $id         ID of order
     * @return 	array|mixed data without useless information
@@ -176,7 +176,7 @@ class Orders extends DolibarrApi
     * Create order object
     *
     * @param   array   $request_data   Request data
-     * @return  int     ID of commande
+     * @return  int     ID of order
     */
    function post($request_data = NULL)
    {
@@ -196,6 +196,7 @@ class Orders extends DolibarrApi
          }
          $this->commande->lines = $lines;
        }*/
+
        if ($this->commande->create(DolibarrApiAccess::$user) < 0) {
            throw new RestException(500, "Error creating order", array_merge(array($this->commande->error), $this->commande->errors));
        }
@@ -236,8 +237,8 @@ class Orders extends DolibarrApi
    /**
     * Add a line to given order
     *
-     * @param int   $id             Id of commande to update
-     * @param array $request_data   Orderline data
+     * @param int   $id             Id of order to update
+     * @param array $request_data   OrderLine data
     *
     * @url	POST {id}/lines
     *
@@ -281,12 +282,13 @@ class Orders extends DolibarrApi
                        $request_data->label,
                        $request_data->array_options,
                        $request_data->fk_unit,
-                        $this->element,
-                        $request_data->id
+                        $request_data->origin,
+                        $request_data->origin_id,
+                        $request_data->multicurrency_subprice
      );

      if ($updateRes > 0) {
-        return $this->get($id)->line->rowid;
+        return $updateRes;

      }
      return false;
@@ -295,9 +297,9 @@ class Orders extends DolibarrApi
    /**
     * Update a line to given order
     *
-     * @param int   $id             Id of commande to update
+     * @param int   $id             Id of order to update
     * @param int   $lineid         Id of line to update
-     * @param array $request_data   Orderline data
+     * @param array $request_data   OrderLine data
     *
     * @url	PUT {id}/lines/{lineid}
     *
@@ -310,7 +312,7 @@ class Orders extends DolibarrApi

      $result = $this->commande->fetch($id);
      if( ! $result ) {
-         throw new RestException(404, 'Commande not found');
+         throw new RestException(404, 'Order not found');
      }

 		  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
@@ -338,7 +340,8 @@ class Orders extends DolibarrApi
                        $request_data->label,
                        $request_data->special_code,
                        $request_data->array_options,
-                        $request_data->fk_unit
+                        $request_data->fk_unit,
+      					$request_data->multicurrency_subprice
      );

      if ($updateRes > 0) {
@@ -353,7 +356,7 @@ class Orders extends DolibarrApi
     * Delete a line to given order
     *
     *
-     * @param int   $id             Id of commande to update
+     * @param int   $id             Id of order to update
     * @param int   $lineid         Id of line to delete
     *
     * @url	DELETE {id}/lines/{lineid}
@@ -384,7 +387,7 @@ class Orders extends DolibarrApi
    /**
     * Update order general fields (won't touch lines of order)
     *
-     * @param int   $id             Id of commande to update
+     * @param int   $id             Id of order to update
     * @param array $request_data   Datas
     *
     * @return int
@@ -396,7 +399,7 @@ class Orders extends DolibarrApi

        $result = $this->commande->fetch($id);
        if( ! $result ) {
-            throw new RestException(404, 'Commande not found');
+            throw new RestException(404, 'Order not found');
        }

 		if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
--- a/htdocs/commande/class/commande.class.php
+++ b/htdocs/commande/class/commande.class.php
@@ -709,7 +709,7 @@ class Commande extends CommonOrder
 		// $date_commande is deprecated
        $date = ($this->date_commande ? $this->date_commande : $this->date);

-		// Multicurrency (test on $this->multicurrency_tx because we sould take the default rate only if not using origin rate)
+		// Multicurrency (test on $this->multicurrency_tx because we should take the default rate only if not using origin rate)
 		if (!empty($this->multicurrency_code) && empty($this->multicurrency_tx)) list($this->fk_multicurrency,$this->multicurrency_tx) = MultiCurrency::getIdAndTxFromCode($this->db, $this->multicurrency_code, $date);
 		else $this->fk_multicurrency = MultiCurrency::getIdFromCode($this->db, $this->multicurrency_code);
 		if (empty($this->fk_multicurrency))
@@ -821,11 +821,15 @@ class Commande extends CommonOrder
                        $fk_parent_line = 0;
                    }

+					// Complete vat rate with code
+					$vatrate = $line->tva_tx;
+					if ($line->vat_src_code && ! preg_match('/\(.*\)/', $vatrate)) $vatrate.=' ('.$line->vat_src_code.')';
+
                    $result = $this->addline(
                        $line->desc,
                        $line->subprice,
                        $line->qty,
-                        $line->tva_tx,
+                        $vatrate,
                        $line->localtax1_tx,
                        $line->localtax2_tx,
                        $line->fk_product,
@@ -875,6 +879,11 @@ class Commande extends CommonOrder
                    {
                    	$this->ref = $initialref;

+                    	if (! empty($this->linkedObjectsIds) && empty($this->linked_objects))	// To use new linkedObjectsIds instead of old linked_objects
+                    	{
+                    		$this->linked_objects = $this->linkedObjectsIds;	// TODO Replace linked_objects with linkedObjectsIds
+                    	}
+
                        // Add object linked
                        if (! $error && $this->id && is_array($this->linked_objects) && ! empty($this->linked_objects))
                        {
@@ -887,7 +896,7 @@ class Commande extends CommonOrder
                        	            $ret = $this->add_object_linked($origin, $origin_id);
                        	            if (! $ret)
                        	            {
-                        	                dol_print_error($this->db);
+                        	                $this->error=$this->db->lasterror();
                        	                $error++;
                        	            }
                        	        }
@@ -898,7 +907,7 @@ class Commande extends CommonOrder
                        	        $ret = $this->add_object_linked($origin, $origin_id);
                        	        if (! $ret)
                        	        {
-                        	            dol_print_error($this->db);
+                        	            $this->error=$this->db->lasterror();
                        	            $error++;
                        	        }
                          	    }
@@ -1206,9 +1215,9 @@ class Commande extends CommonOrder
     *	@param      string			$desc            	Description of line
     *	@param      float			$pu_ht    	        Unit price (without tax)
     *	@param      float			$qty             	Quantite
-     *	@param      float			$txtva           	Taux de tva force, sinon -1
-     *	@param      float			$txlocaltax1		Local tax 1 rate
-     *	@param      float			$txlocaltax2		Local tax 2 rate
+     * 	@param    	float			$txtva           	Force Vat rate, -1 for auto (Can contain the vat_src_code too with syntax '9.9 (CODE)')
+     * 	@param		float			$txlocaltax1		Local tax 1 rate (deprecated, use instead txtva with code inside)
+     * 	@param		float			$txlocaltax2		Local tax 2 rate (deprecated, use instead txtva with code inside)
     *	@param      int				$fk_product      	Id of product
     *	@param      float			$remise_percent  	Pourcentage de remise de la ligne
     *	@param      int				$info_bits			Bits de type de lignes
@@ -1431,10 +1440,10 @@ class Commande extends CommonOrder
                return -2;
            }
        }
-        else
-        {
+		else
+		{
            dol_syslog(get_class($this)."::addline status of order must be Draft to allow use of ->addline()", LOG_ERR);
-            return -3;
+			return -3;
        }
    }

--- a/htdocs/commande/list.php
+++ b/htdocs/commande/list.php
@@ -208,7 +208,7 @@ if (empty($reshook))
 	// TODO Move this into mass action include
    if ($massaction == 'confirm_createbills') {

-    	$orders = GETPOST('toselect');
+    	$orders = GETPOST('toselect','array');
    	$createbills_onebythird = GETPOST('createbills_onebythird', 'int');
    	$validate_invoices = GETPOST('valdate_invoices', 'int');

@@ -219,13 +219,13 @@ if (empty($reshook))

    	$db->begin();

-    	foreach($orders as $id_order) {
-
+    	foreach($orders as $id_order)
+    	{
    		$cmd = new Commande($db);
-    		if($cmd->fetch($id_order) <= 0) continue;
+    		if ($cmd->fetch($id_order) <= 0) continue;

    		$object = new Facture($db);
-    		if(!empty($createbills_onebythird) && !empty($TFactThird[$cmd->socid])) $object = $TFactThird[$cmd->socid]; // If option "one bill per third" is set, we use already created order.
+    		if (!empty($createbills_onebythird) && !empty($TFactThird[$cmd->socid])) $object = $TFactThird[$cmd->socid]; // If option "one bill per third" is set, we use already created order.
    		else {

    			$object->socid = $cmd->socid;
@@ -247,12 +247,10 @@ if (empty($reshook))
    			$res = $object->create($user);

    			if($res > 0) $nb_bills_created++;
-
    		}

-    		if($object->id > 0) {
-
-    			$db->begin();
+    		if ($object->id > 0)
+    		{
    			$sql = "INSERT INTO ".MAIN_DB_PREFIX."element_element (";
    			$sql.= "fk_source";
    			$sql.= ", sourcetype";
@@ -265,115 +263,113 @@ if (empty($reshook))
    			$sql.= ", '".$object->element."'";
    			$sql.= ")";

-    			if ($db->query($sql))
+    			if (! $db->query($sql))
    			{
-    				$db->commit();
-    			}
-    			else
-    			{
-    				$db->rollback();
+    				$error++;
    			}

-    			$lines = $cmd->lines;
-    			if (empty($lines) && method_exists($cmd, 'fetch_lines'))
+    			if (! $error)
    			{
-    				$cmd->fetch_lines();
-    				$lines = $cmd->lines;
+	    			$lines = $cmd->lines;
+	    			if (empty($lines) && method_exists($cmd, 'fetch_lines'))
+	    			{
+	    				$cmd->fetch_lines();
+	    				$lines = $cmd->lines;
+	    			}
+
+	    			$fk_parent_line=0;
+	    			$num=count($lines);
+
+	    			for ($i=0;$i<$num;$i++)
+	    			{
+	    				$desc=($lines[$i]->desc?$lines[$i]->desc:$lines[$i]->libelle);
+	    				if ($lines[$i]->subprice < 0)
+	    				{
+	    					// Negative line, we create a discount line
+	    					$discount = new DiscountAbsolute($db);
+	    					$discount->fk_soc=$object->socid;
+	    					$discount->amount_ht=abs($lines[$i]->total_ht);
+	    					$discount->amount_tva=abs($lines[$i]->total_tva);
+	    					$discount->amount_ttc=abs($lines[$i]->total_ttc);
+	    					$discount->tva_tx=$lines[$i]->tva_tx;
+	    					$discount->fk_user=$user->id;
+	    					$discount->description=$desc;
+	    					$discountid=$discount->create($user);
+	    					if ($discountid > 0)
+	    					{
+	    						$result=$object->insert_discount($discountid);
+	    						//$result=$discount->link_to_invoice($lineid,$id);
+	    					}
+	    					else
+	    					{
+	    						setEventMessages($discount->error, $discount->errors, 'errors');
+	    						$error++;
+	    						break;
+	    					}
+	    				}
+	    				else
+	    				{
+	    					// Positive line
+	    					$product_type=($lines[$i]->product_type?$lines[$i]->product_type:0);
+	    					// Date start
+	    					$date_start=false;
+	    					if ($lines[$i]->date_debut_prevue) $date_start=$lines[$i]->date_debut_prevue;
+	    					if ($lines[$i]->date_debut_reel) $date_start=$lines[$i]->date_debut_reel;
+	    					if ($lines[$i]->date_start) $date_start=$lines[$i]->date_start;
+	    					//Date end
+	    					$date_end=false;
+	    					if ($lines[$i]->date_fin_prevue) $date_end=$lines[$i]->date_fin_prevue;
+	    					if ($lines[$i]->date_fin_reel) $date_end=$lines[$i]->date_fin_reel;
+	    					if ($lines[$i]->date_end) $date_end=$lines[$i]->date_end;
+	    					// Reset fk_parent_line for no child products and special product
+	    					if (($lines[$i]->product_type != 9 && empty($lines[$i]->fk_parent_line)) || $lines[$i]->product_type == 9)
+	    					{
+	    						$fk_parent_line = 0;
+	    					}
+	    					$result = $object->addline(
+	    							$desc,
+	    							$lines[$i]->subprice,
+	    							$lines[$i]->qty,
+	    							$lines[$i]->tva_tx,
+	    							$lines[$i]->localtax1_tx,
+	    							$lines[$i]->localtax2_tx,
+	    							$lines[$i]->fk_product,
+	    							$lines[$i]->remise_percent,
+	    							$date_start,
+	    							$date_end,
+	    							0,
+	    							$lines[$i]->info_bits,
+	    							$lines[$i]->fk_remise_except,
+	    							'HT',
+	    							0,
+	    							$product_type,
+	    							$ii,
+	    							$lines[$i]->special_code,
+	    							$object->origin,
+	    							$lines[$i]->rowid,
+	    							$fk_parent_line,
+	    							$lines[$i]->fk_fournprice,
+	    							$lines[$i]->pa_ht,
+	    							$lines[$i]->label
+	    					);
+	    					if ($result > 0)
+	    					{
+	    						$lineid=$result;
+	    					}
+	    					else
+	    					{
+	    						$lineid=0;
+	    						$error++;
+	    						break;
+	    					}
+	    					// Defined the new fk_parent_line
+	    					if ($result > 0 && $lines[$i]->product_type == 9)
+	    					{
+	    						$fk_parent_line = $result;
+	    					}
+	    				}
+	    			}
    			}
-
-    			$fk_parent_line=0;
-    			$num=count($lines);
-
-    			for ($i=0;$i<$num;$i++)
-    			{
-    				$desc=($lines[$i]->desc?$lines[$i]->desc:$lines[$i]->libelle);
-    				if ($lines[$i]->subprice < 0)
-    				{
-    					// Negative line, we create a discount line
-    					$discount = new DiscountAbsolute($db);
-    					$discount->fk_soc=$object->socid;
-    					$discount->amount_ht=abs($lines[$i]->total_ht);
-    					$discount->amount_tva=abs($lines[$i]->total_tva);
-    					$discount->amount_ttc=abs($lines[$i]->total_ttc);
-    					$discount->tva_tx=$lines[$i]->tva_tx;
-    					$discount->fk_user=$user->id;
-    					$discount->description=$desc;
-    					$discountid=$discount->create($user);
-    					if ($discountid > 0)
-    					{
-    						$result=$object->insert_discount($discountid);
-    						//$result=$discount->link_to_invoice($lineid,$id);
-    					}
-    					else
-    					{
-    						setEventMessages($discount->error, $discount->errors, 'errors');
-    						$error++;
-    						break;
-    					}
-    				}
-    				else
-    				{
-    					// Positive line
-    					$product_type=($lines[$i]->product_type?$lines[$i]->product_type:0);
-    					// Date start
-    					$date_start=false;
-    					if ($lines[$i]->date_debut_prevue) $date_start=$lines[$i]->date_debut_prevue;
-    					if ($lines[$i]->date_debut_reel) $date_start=$lines[$i]->date_debut_reel;
-    					if ($lines[$i]->date_start) $date_start=$lines[$i]->date_start;
-    					//Date end
-    					$date_end=false;
-    					if ($lines[$i]->date_fin_prevue) $date_end=$lines[$i]->date_fin_prevue;
-    					if ($lines[$i]->date_fin_reel) $date_end=$lines[$i]->date_fin_reel;
-    					if ($lines[$i]->date_end) $date_end=$lines[$i]->date_end;
-    					// Reset fk_parent_line for no child products and special product
-    					if (($lines[$i]->product_type != 9 && empty($lines[$i]->fk_parent_line)) || $lines[$i]->product_type == 9)
-    					{
-    						$fk_parent_line = 0;
-    					}
-    					$result = $object->addline(
-    							$desc,
-    							$lines[$i]->subprice,
-    							$lines[$i]->qty,
-    							$lines[$i]->tva_tx,
-    							$lines[$i]->localtax1_tx,
-    							$lines[$i]->localtax2_tx,
-    							$lines[$i]->fk_product,
-    							$lines[$i]->remise_percent,
-    							$date_start,
-    							$date_end,
-    							0,
-    							$lines[$i]->info_bits,
-    							$lines[$i]->fk_remise_except,
-    							'HT',
-    							0,
-    							$product_type,
-    							$ii,
-    							$lines[$i]->special_code,
-    							$object->origin,
-    							$lines[$i]->rowid,
-    							$fk_parent_line,
-    							$lines[$i]->fk_fournprice,
-    							$lines[$i]->pa_ht,
-    							$lines[$i]->label
-    					);
-    					if ($result > 0)
-    					{
-    						$lineid=$result;
-    					}
-    					else
-    					{
-    						$lineid=0;
-    						$error++;
-    						break;
-    					}
-    					// Defined the new fk_parent_line
-    					if ($result > 0 && $lines[$i]->product_type == 9)
-    					{
-    						$fk_parent_line = $result;
-    					}
-    				}
-    			}
-
    		}

    		//$cmd->classifyBilled($user);        // Disabled. This behavior must be set or not using the workflow module.
@@ -386,27 +382,29 @@ if (empty($reshook))
    	$TAllFact = empty($createbills_onebythird) ? $TFact : $TFactThird;
    	$toselect = array();

-    	if(!empty($validate_invoices)) {
-
+    	if (! $error && $validate_invoices)
+    	{
    		$massaction = $action = 'builddoc';
+    		foreach($TAllFact as &$object)
+    		{
+    			$result = $object->validate($user);
+    			if ($result <= 0)
+    			{
+    				$error++;
+    				setEventMessages($object->error, $object->errors, 'errors');
+    				break;
+    			}

-    		foreach($TAllFact as &$object) {
-    			$object->validate($user);
-    			$toselect[] = $object->id; // For builddoc action
+    			$id = $object->id; // For builddoc action

    			// Fac builddoc
+    			$donotredirect = 1;
    			$upload_dir = $conf->facture->dir_output;
    		    $permissioncreate=$user->rights->facture->creer;
    		    include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php';
    		}

-    		$objectclass='Facture';
-    	    $objectlabel='Invoice';
-    	    $permtoread = $user->rights->facture->lire;
-    	    $permtodelete = $user->rights->facture->supprimer;
-    	    $uploaddir = $conf->facture->dir_output;
-    		include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
-
+    		$massaction = $action = 'confirm_createbills';
    	}

    	if (! $error)
@@ -1454,7 +1452,7 @@ if ($resql)

 	    $filedir=$diroutputmassaction;
 	    $genallowed=$user->rights->commande->lire;
-	    $delallowed=$user->rights->commande->supprimer;
+	    $delallowed=$user->rights->commande->creer;

 	    print $formfile->showdocuments('massfilesarea_orders','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,$title,'');
 	}
--- a/htdocs/compta/bank/bankentries.php
+++ b/htdocs/compta/bank/bankentries.php
@@ -376,6 +376,8 @@ if (dol_strlen($search_dv_end) > 0)   $param .= '&search_end_dvmonth=' . GETPOST
 if ($search_req_nb) $param.='&amp;req_nb='.urlencode($search_req_nb);
 if (GETPOST("thirdparty")) $param.='&amp;thirdparty='.urlencode(GETPOST("thirdparty"));
 if ($optioncss != '')       $param.='&optioncss='.$optioncss;
+if(!empty($search_conciliated) || $search_conciliated === 0) $param.='&search_conciliated='.$search_conciliated;
+
 // Add $param from extra fields
 foreach ($search_array_options as $key => $val)
 {
--- a/htdocs/compta/bank/card.php
+++ b/htdocs/compta/bank/card.php
@@ -99,7 +99,7 @@ if ($action == 'add')
    $object->owner_address   = trim($_POST["owner_address"]);

 	$account_number 		 = GETPOST('account_number','alpha');
-	if ($account_number <= 0) { $object->account_number = ''; } else { $object->account_number = $account_number; }
+	if (empty($account_number) || $account_number == '-1') { $object->account_number = ''; } else { $object->account_number = $account_number; }
 	$fk_accountancy_journal  = GETPOST('fk_accountancy_journal','int');
 	if ($fk_accountancy_journal <= 0) { $object->fk_accountancy_journal = ''; } else { $object->fk_accountancy_journal = $fk_accountancy_journal; }

@@ -656,7 +656,7 @@ else
 		print '<td>';
 		if (! empty($conf->accounting->enabled)) {
 			$accountingaccount = new AccountingAccount($db);
-			$accountingaccount->fetch('',$object->account_number);
+			$accountingaccount->fetch('',$object->account_number, 1);

 			print $accountingaccount->getNomUrl(0,1,1,'',1);
 		} else {
--- a/htdocs/compta/bank/index.php
+++ b/htdocs/compta/bank/index.php
@@ -74,7 +74,7 @@ $hookmanager->initHooks(array($contextpage));
 $extrafields = new ExtraFields($db);

 // fetch optionals attributes and labels
-$extralabels = $extrafields->fetch_name_optionals_label('bankaccount');
+$extralabels = $extrafields->fetch_name_optionals_label('bank_account');
 $search_array_options=$extrafields->getOptionalsFromPost($extralabels,'','search_');

 // List of fields to search into when doing a "search in all"
@@ -143,7 +143,7 @@ $title=$langs->trans('BankAccounts');
 // Load array of financial accounts (opened by default)
 $accounts = array();

-$sql  = "SELECT rowid, label, courant, rappro, account_number, fk_accountancy_journal, datec as date_creation, tms as date_update";
+$sql  = "SELECT b.rowid, b.label, b.courant, b.rappro, b.account_number, b.fk_accountancy_journal, b.datec as date_creation, b.tms as date_update";
 // Add fields from extrafields
 foreach ($extrafields->attribute_label as $key => $val) $sql.=($extrafields->attribute_type[$key] != 'separate' ? ",ef.".$key.' as options_'.$key : '');
 // Add fields from hooks
@@ -151,7 +151,7 @@ $parameters=array();
 $reshook=$hookmanager->executeHooks('printFieldListSelect',$parameters);    // Note that $action and $object may have been modified by hook
 $sql.=$hookmanager->resPrint;
 $sql.= " FROM ".MAIN_DB_PREFIX."bank_account as b";
-if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."bankcacount_extrafields as ef on (c.rowid = ef.fk_object)";
+if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."bank_account_extrafields as ef on (b.rowid = ef.fk_object)";
 $sql.= " WHERE entity IN (".getEntity('bank_account').")";
 if ($statut == 'opened')  $sql.= " AND clos = 0";
 if ($statut == 'closed')  $sql.= " AND clos = 1";
--- a/htdocs/compta/bank/releve.php
+++ b/htdocs/compta/bank/releve.php
@@ -47,10 +47,11 @@ $langs->load("companies");
 $langs->load("bills");

 $action=GETPOST('action', 'alpha');
-$id=GETPOST('account');
-$ref=GETPOST('ref');
-$dvid=GETPOST('dvid');
-$numref=GETPOST('num');
+$id=GETPOST('account','int');
+$ref=GETPOST('ref','alpha');
+$dvid=GETPOST('dvid','alpha');
+$numref=GETPOST('num','alpha');
+$ve=GETPOST("ve",'alpha');

 // Security check
 $fieldid = (! empty($ref)?$ref:$id);
@@ -95,6 +96,62 @@ if ($id > 0 || ! empty($ref))
 // Initialize technical object to manage context to save list fields
 $contextpage='banktransactionlist'.(empty($object->ref)?'':'-'.$object->id);

+
+// Define number of receipt to show (current, previous or next one ?)
+$found=false;
+if ($_GET["rel"] == 'prev')
+{
+	// Recherche valeur pour num = numero releve precedent
+	$sql = "SELECT DISTINCT(b.num_releve) as num";
+	$sql.= " FROM ".MAIN_DB_PREFIX."bank as b";
+	$sql.= " WHERE b.num_releve < '".$db->escape($numref)."'";
+	$sql.= " AND b.fk_account = ".$object->id;
+	$sql.= " ORDER BY b.num_releve DESC";
+
+	dol_syslog("htdocs/compta/bank/releve.php", LOG_DEBUG);
+	$resql = $db->query($sql);
+	if ($resql)
+	{
+		$numrows = $db->num_rows($resql);
+		if ($numrows > 0)
+		{
+			$obj = $db->fetch_object($resql);
+			$numref = $obj->num;
+			$found=true;
+		}
+	}
+}
+elseif ($_GET["rel"] == 'next')
+{
+	// Recherche valeur pour num = numero releve precedent
+	$sql = "SELECT DISTINCT(b.num_releve) as num";
+	$sql.= " FROM ".MAIN_DB_PREFIX."bank as b";
+	$sql.= " WHERE b.num_releve > '".$db->escape($numref)."'";
+	$sql.= " AND b.fk_account = ".$object->id;
+	$sql.= " ORDER BY b.num_releve ASC";
+
+	dol_syslog("htdocs/compta/bank/releve.php", LOG_DEBUG);
+	$resql = $db->query($sql);
+	if ($resql)
+	{
+		$numrows = $db->num_rows($resql);
+		if ($numrows > 0)
+		{
+			$obj = $db->fetch_object($resql);
+			$numref = $obj->num;
+			$found=true;
+		}
+	}
+}
+else {
+	// On veut le releve num
+	$found=true;
+}
+
+
+
+
+
 $sql = "SELECT b.rowid, b.dateo as do, b.datev as dv,";
 $sql.= " b.amount, b.label, b.rappro, b.num_releve, b.num_chq, b.fk_type,";
 $sql.= " b.fk_bordereau,";
@@ -104,7 +161,7 @@ $sql.= " FROM ".MAIN_DB_PREFIX."bank_account as ba";
 $sql.= ", ".MAIN_DB_PREFIX."bank as b";
 $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'bordereau_cheque as bc ON bc.rowid=b.fk_bordereau';
 $sql.= " WHERE b.num_releve='".$db->escape($numref)."'";
-if (!isset($numref))	$sql.= " OR b.num_releve is null";
+if (empty($numref))	$sql.= " OR b.num_releve is null";
 $sql.= " AND b.fk_account = ".$object->id;
 $sql.= " AND b.fk_account = ba.rowid";
 $sql.= $db->order("b.datev, b.datec", "ASC");  // We add date of creation to have correct order when everything is done the same day
@@ -420,58 +477,6 @@ else
 	/**
 	 *   Show list of bank statements
 	 */
-	$ve=$_GET["ve"];
-
-	// Define number of receipt to show (current, previous or next one ?)
-	$found=false;
-	if ($_GET["rel"] == 'prev')
-	{
-		// Recherche valeur pour num = numero releve precedent
-		$sql = "SELECT DISTINCT(b.num_releve) as num";
-		$sql.= " FROM ".MAIN_DB_PREFIX."bank as b";
-		$sql.= " WHERE b.num_releve < '".$db->escape($numref)."'";
-		$sql.= " AND b.fk_account = ".$object->id;
-		$sql.= " ORDER BY b.num_releve DESC";
-
-		dol_syslog("htdocs/compta/bank/releve.php", LOG_DEBUG);
-		$resql = $db->query($sql);
-		if ($resql)
-		{
-			$numrows = $db->num_rows($resql);
-			if ($numrows > 0)
-			{
-				$obj = $db->fetch_object($resql);
-				$numref = $obj->num;
-				$found=true;
-			}
-		}
-	}
-	elseif ($_GET["rel"] == 'next')
-	{
-		// Recherche valeur pour num = numero releve precedent
-		$sql = "SELECT DISTINCT(b.num_releve) as num";
-		$sql.= " FROM ".MAIN_DB_PREFIX."bank as b";
-		$sql.= " WHERE b.num_releve > '".$db->escape($numref)."'";
-		$sql.= " AND b.fk_account = ".$object->id;
-		$sql.= " ORDER BY b.num_releve ASC";
-
-		dol_syslog("htdocs/compta/bank/releve.php", LOG_DEBUG);
-		$resql = $db->query($sql);
-		if ($resql)
-		{
-			$numrows = $db->num_rows($resql);
-			if ($numrows > 0)
-			{
-				$obj = $db->fetch_object($resql);
-				$numref = $obj->num;
-				$found=true;
-			}
-		}
-	}
-	else {
-		// On veut le releve num
-		$found=true;
-	}

    $mesprevnext='';
 	$mesprevnext.='<div class="pagination"><ul>';
@@ -713,6 +718,7 @@ else
 					dol_print_error($db);
 				}
 			}
+
 			print "</td>";

 			if ($objp->amount < 0)
--- a/htdocs/compta/bank/transfer.php
+++ b/htdocs/compta/bank/transfer.php
@@ -83,6 +83,11 @@ if ($action == 'add_confirm')
 		$accountto=new Account($db);
 		$accountto->fetch(GETPOST('account_to','int'));

+		if ($accountto->currency_code != $accountfrom->currency_code) {
+			$error++;
+			setEventMessages($langs->trans("ErrorTransferBetweenDifferentCurrencyNotPossible"), null, 'errors');
+		}
+
 		if ($accountto->id != $accountfrom->id)
 		{
 			$db->begin();
--- a/htdocs/compta/charges/index.php
+++ b/htdocs/compta/charges/index.php
@@ -135,7 +135,7 @@ if (! empty($conf->tax->enabled) && $user->rights->tax->charges->lire)
 	$sql.= " cs.rowid, cs.libelle, cs.fk_type as type, cs.periode, cs.date_ech, cs.amount as total,";
 	$sql.= " pc.rowid as pid, pc.datep, pc.amount as totalpaye, pc.num_paiement as num_payment, pc.fk_bank,";
 	$sql.= " pct.code as payment_code,";
-	$sql.= " ba.rowid as bid, ba.ref as bref, ba.number as bnumber, ba.account_number, ba.accountancy_journal, ba.label as blabel";
+	$sql.= " ba.rowid as bid, ba.ref as bref, ba.number as bnumber, ba.account_number, ba.fk_accountancy_journal, ba.label as blabel";
 	$sql.= " FROM ".MAIN_DB_PREFIX."c_chargesociales as c,";
 	$sql.= " ".MAIN_DB_PREFIX."chargesociales as cs";
 	$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiementcharge as pc ON pc.fk_charge = cs.rowid";
@@ -256,7 +256,7 @@ if (! empty($conf->tax->enabled) && $user->rights->tax->charges->lire)

 		$sql = "SELECT pv.rowid, pv.amount, pv.label, pv.datev as dm, pv.fk_bank,";
 		$sql.= " pct.code as payment_code,";
-		$sql.= " ba.rowid as bid, ba.ref as bref, ba.number as bnumber, ba.account_number, ba.accountancy_journal, ba.label as blabel";
+		$sql.= " ba.rowid as bid, ba.ref as bref, ba.number as bnumber, ba.account_number, ba.fk_accountancy_journal, ba.label as blabel";
 		$sql.= " FROM ".MAIN_DB_PREFIX."tva as pv";
 		$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."bank as b ON pv.fk_bank = b.rowid";
 		$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."bank_account as ba ON b.fk_account = ba.rowid";
@@ -470,7 +470,7 @@ if (! empty($conf->salaries->enabled) && $user->rights->salaries->read)

        $sql = "SELECT s.rowid, s.amount, s.label, s.datep as datep, s.datev as datev, s.datesp, s.dateep, s.salary, s.fk_bank, u.salary as current_salary,";
 		$sql.= " pct.code as payment_code,";
-		$sql.= " ba.rowid as bid, ba.ref as bref, ba.number as bnumber, ba.account_number, ba.accountancy_journal, ba.label as blabel";
+		$sql.= " ba.rowid as bid, ba.ref as bref, ba.number as bnumber, ba.account_number, ba.fk_accountancy_journal, ba.label as blabel";
        $sql.= " FROM ".MAIN_DB_PREFIX."payment_salary as s";
 		$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."bank as b ON s.fk_bank = b.rowid";
 		$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."bank_account as ba ON b.fk_account = ba.rowid";
--- a/htdocs/compta/facture/card.php
+++ b/htdocs/compta/facture/card.php
@@ -1075,6 +1075,7 @@ if (empty($reshook))
 								$TTotalByTva = array();
 								foreach ($srcobject->lines as &$line)
 								{
+									if(! empty($line->special_code)) continue;
 									$TTotalByTva[$line->tva_tx] += $line->total_ttc ;
 								}

@@ -1378,7 +1379,7 @@ if (empty($reshook))

 				$object->situation_counter = $object->situation_counter + 1;
 				$id = $object->createFromCurrent($user);
-				if ($id <= 0) 
+				if ($id <= 0)
 				{
 					$mesg = $object->error;
 				}
@@ -1588,6 +1589,9 @@ if (empty($reshook))
 							$pu_ttc = price($prodcustprice->lines[0]->price_ttc);
 							$price_base_type = $prodcustprice->lines[0]->price_base_type;
 							$tva_tx = $prodcustprice->lines[0]->tva_tx;
+							if ($prodcustprice->lines[0]->default_vat_code && ! preg_match('/\(.*\)/', $tva_tx)) $tva_tx.= ' ('.$prodcustprice->lines[0]->default_vat_code.')';
+							$tva_npr = $prodcustprice->lines[0]->recuperableonly;
+							if (empty($tva_tx)) $tva_npr=0;
 						}
 					}
 				}
@@ -2843,12 +2847,12 @@ else if ($id > 0 || ! empty($ref))
 		$resteapayer = 0;
 	$resteapayeraffiche = $resteapayer;

-	if (! empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS)) {
+	if (! empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS)) {	// Never use this
 		$filterabsolutediscount = "fk_facture_source IS NULL"; // If we want deposit to be substracted to payments only and not to total of final invoice
 		$filtercreditnote = "fk_facture_source IS NOT NULL"; // If we want deposit to be substracted to payments only and not to total of final invoice
 	} else {
-		$filterabsolutediscount = "fk_facture_source IS NULL OR (fk_facture_source IS NOT NULL AND (description LIKE '(DEPOSIT)%' OR description LIKE '(EXCESS RECEIVED)%'))";
-		$filtercreditnote = "fk_facture_source IS NOT NULL AND description NOT LIKE '(DEPOSIT)%' AND description NOT LIKE '(EXCESS RECEIVED)%'";
+		$filterabsolutediscount = "fk_facture_source IS NULL OR (fk_facture_source IS NOT NULL AND (description LIKE '(DEPOSIT)%' AND description NOT LIKE '(EXCESS RECEIVED)%'))";
+		$filtercreditnote = "fk_facture_source IS NOT NULL AND (description NOT LIKE '(DEPOSIT)%' OR description LIKE '(EXCESS RECEIVED)%')";
 	}

 	$absolute_discount = $soc->getAvailableDiscounts('', $filterabsolutediscount);
@@ -2871,9 +2875,9 @@ else if ($id > 0 || ! empty($ref))

 	// Confirmation de la conversion de l'avoir en reduc
 	if ($action == 'converttoreduc') {
-		if($object->type == 0) $type_fac = 'ExcessReceived';
-		elseif($object->type == 2) $type_fac = 'CreditNote';
-		elseif($object->type == 3) $type_fac = 'Deposit';
+		if($object->type == Facture::TYPE_STANDARD) $type_fac = 'ExcessReceived';
+		elseif($object->type == Facture::TYPE_CREDIT_NOTE) $type_fac = 'CreditNote';
+		elseif($object->type == Facture::TYPE_DEPOSIT) $type_fac = 'Deposit';
 		$text = $langs->trans('ConfirmConvertToReduc', strtolower($langs->transnoentities($type_fac)));
 		$formconfirm = $form->formconfirm($_SERVER['PHP_SELF'] . '?facid=' . $object->id, $langs->trans('ConvertToReduc'), $text, 'confirm_converttoreduc', '', "yes", 2);
 	}
@@ -4010,7 +4014,7 @@ else if ($id > 0 || ! empty($ref))
 		}
 	}

-	print '	<form name="addproduct" id="addproduct" action="' . $_SERVER["PHP_SELF"] . '?id=' . $object->id . (($action != 'editline') ? '#add' : '#line_' . GETPOST('lineid')) . '" method="POST">
+	print '	<form name="addproduct" id="addproduct" action="' . $_SERVER["PHP_SELF"] . '?id=' . $object->id . (($action != 'editline') ? '#addline' : '#line_' . GETPOST('lineid')) . '" method="POST">
 	<input type="hidden" name="token" value="' . $_SESSION ['newtoken'] . '">
 	<input type="hidden" name="action" value="' . (($action != 'editline') ? 'addline' : 'updateligne') . '">
 	<input type="hidden" name="mode" value="">
@@ -4291,8 +4295,8 @@ else if ($id > 0 || ! empty($ref))
 		$filename = dol_sanitizeFileName($object->ref);
 		$filedir = $conf->facture->dir_output . '/' . dol_sanitizeFileName($object->ref);
 		$urlsource = $_SERVER['PHP_SELF'] . '?facid=' . $object->id;
-		$genallowed = $user->rights->facture->creer;
-		$delallowed = $user->rights->facture->supprimer;
+		$genallowed = $user->rights->facture->lire;
+		$delallowed = $user->rights->facture->creer;

 		print $formfile->showdocuments('facture', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', '', '', $soc->default_lang);
 		$somethingshown = $formfile->numoffiles;
--- a/htdocs/compta/facture/class/api_invoices.class.php
+++ b/htdocs/compta/facture/class/api_invoices.class.php
@@ -15,9 +15,9 @@
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 */

- use Luracast\Restler\RestException;
+use Luracast\Restler\RestException;

- require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
+require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';

 /**
 * API class for invoices
@@ -75,6 +75,7 @@ class Invoices extends DolibarrApi
 			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
 		}

+		$this->invoice->fetchObjectLinked();
 		return $this->_cleanObjectDatas($this->invoice);
    }

@@ -210,6 +211,190 @@ class Invoices extends DolibarrApi
        return $this->invoice->id;
    }

+    /**
+     * Get lines of an invoice
+     *
+     * @param int   $id             Id of invoice
+     *
+     * @url	GET {id}/lines
+     *
+     * @return int
+     */
+    function getLines($id) {
+    	if(! DolibarrApiAccess::$user->rights->facture->lire) {
+    		throw new RestException(401);
+    	}
+
+    	$result = $this->invoice->fetch($id);
+    	if( ! $result ) {
+    		throw new RestException(404, 'Invoice not found');
+    	}
+
+    	if( ! DolibarrApi::_checkAccessToResource('facture',$this->invoice->id)) {
+    		throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+    	}
+    	$this->invoice->getLinesArray();
+    	$result = array();
+    	foreach ($this->invoice->lines as $line) {
+    		array_push($result,$this->_cleanObjectDatas($line));
+    	}
+    	return $result;
+    }
+
+    /**
+     * Add a line to a given invoice
+     *
+     * @param int   $id             Id of invoice to update
+     * @param array $request_data   InvoiceLine data
+     *
+     * @url	POST {id}/lines
+     *
+     * @return int
+     */
+    function postLine($id, $request_data = NULL) {
+    	if(! DolibarrApiAccess::$user->rights->facture->creer) {
+    		throw new RestException(401);
+    	}
+
+    	$result = $this->invoice->fetch($id);
+    	if( ! $result ) {
+    		throw new RestException(404, 'Invoice not found');
+    	}
+
+    	if( ! DolibarrApi::_checkAccessToResource('facture',$this->invoice->id)) {
+    		throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+    	}
+    	$request_data = (object) $request_data;
+    	$updateRes = $this->invoice->addline(
+    		$request_data->desc,
+    		$request_data->subprice,
+    		$request_data->qty,
+    		$request_data->tva_tx,
+    		$request_data->localtax1_tx,
+    		$request_data->localtax2_tx,
+    		$request_data->fk_product,
+    		$request_data->remise_percent,
+    		$request_data->date_start,
+    		$request_data->date_end,
+    		0,
+    		$request_data->info_bits,
+    		$request_data->fk_remise_except,
+    		'HT',
+    		0,
+    		$request_data->product_type,
+    		$request_data->rang,
+    		$request_data->special_code,
+    		$request_data->origin,
+    		$request_data->origin_id,
+    		$fk_parent_line,
+    		$request_data->fk_fournprice,
+    		$request_data->pa_ht,
+    		$request_data->label,
+    		$request_data->array_options,
+    		$request_data->situation_percent,
+    		$request_data->prev_id,
+    		$request_data->fk_unit,
+    		$request_data->multicurrency_subprice
+    		);
+
+    	if ($updateRes > 0) {
+    		return $updateRes;
+
+    	}
+    	return false;
+    }
+
+    /**
+     * Update a line to a given invoice
+     *
+     * @param int   $id             Id of invoice to update
+     * @param int   $lineid         Id of line to update
+     * @param array $request_data   InvoiceLine data
+     *
+     * @url	PUT {id}/lines/{lineid}
+     *
+     * @return object
+     */
+    function putLine($id, $lineid, $request_data = NULL) {
+    	if(! DolibarrApiAccess::$user->rights->facture->creer) {
+    		throw new RestException(401);
+    	}
+
+    	$result = $this->invoice->fetch($id);
+    	if( ! $result ) {
+    		throw new RestException(404, 'Invoice not found');
+    	}
+
+    	if( ! DolibarrApi::_checkAccessToResource('facture',$this->invoice->id)) {
+    		throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+    	}
+    	$request_data = (object) $request_data;
+    	$updateRes = $this->invoice->updateline(
+    		$lineid,
+    		$request_data->desc,
+    		$request_data->subprice,
+    		$request_data->qty,
+    		$request_data->remise_percent,
+    		$request_data->date_start,
+    		$request_data->date_end,
+    		$request_data->tva_tx,
+    		$request_data->localtax1_tx,
+    		$request_data->localtax2_tx,
+    		'HT',
+    		$request_data->info_bits,
+    		$request_data->product_type,
+    		$request_data->fk_parent_line,
+    		0,
+    		$request_data->fk_fournprice,
+    		$request_data->pa_ht,
+    		$request_data->label,
+    		$request_data->special_code,
+    		$request_data->array_options,
+    		$request_data->situation_percent,
+    		$request_data->fk_unit,
+    		$request_data->multicurrency_subprice
+    		);
+
+    	if ($updateRes > 0) {
+    		$result = $this->get($id);
+    		unset($result->line);
+    		return $this->_cleanObjectDatas($result);
+    	}
+    	return false;
+    }
+
+    /**
+     * Delete a line to a given invoice
+     *
+     *
+     * @param int   $id             Id of invoice to update
+     * @param int   $lineid         Id of line to delete
+     *
+     * @url	DELETE {id}/lines/{lineid}
+     *
+     * @return int
+     */
+    function delLine($id, $lineid) {
+    	if(! DolibarrApiAccess::$user->rights->facture->creer) {
+    		throw new RestException(401);
+    	}
+
+    	$result = $this->invoice->fetch($id);
+    	if( ! $result ) {
+    		throw new RestException(404, 'Invoice not found');
+    	}
+
+    	if( ! DolibarrApi::_checkAccessToResource('facture',$this->invoice->id)) {
+    		throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+    	}
+    	$request_data = (object) $request_data;
+    	$updateRes = $this->invoice->deleteline($lineid);
+    	if ($updateRes > 0) {
+    		return $this->get($id);
+    	}
+    	return false;
+    }
+
    /**
     * Update invoice
     *
@@ -277,9 +462,9 @@ class Invoices extends DolibarrApi
    }

    /**
-     * Validate an order
+     * Validate an invoice
     *
-     * @param   int $id             Order ID
+     * @param   int $id             Invoice ID
     * @param   int $idwarehouse    Warehouse ID
     * @param   int $notrigger      1=Does not execute triggers, 0= execute triggers
     *
--- a/htdocs/compta/facture/class/facture-rec.class.php
+++ b/htdocs/compta/facture/class/facture-rec.class.php
@@ -201,19 +201,40 @@ class FactureRec extends CommonInvoice
 					}
 				}

-			    // Add object linked
-			    if (! $error && $this->id && is_array($this->linked_objects) && ! empty($this->linked_objects))
-			    {
-			        foreach($this->linked_objects as $origin => $origin_id)
-			        {
-			            $ret = $this->add_object_linked($origin, $origin_id);
-			            if (! $ret)
-			            {
-			                $this->error=$this->db->lasterror();
-			                $error++;
-			            }
-			        }
-			    }
+				if (! empty($this->linkedObjectsIds) && empty($this->linked_objects))	// To use new linkedObjectsIds instead of old linked_objects
+				{
+					$this->linked_objects = $this->linkedObjectsIds;	// TODO Replace linked_objects with linkedObjectsIds
+				}
+
+				// Add object linked
+				if (! $error && $this->id && is_array($this->linked_objects) && ! empty($this->linked_objects))
+				{
+					foreach($this->linked_objects as $origin => $tmp_origin_id)
+					{
+					    if (is_array($tmp_origin_id))       // New behaviour, if linked_object can have several links per type, so is something like array('contract'=>array(id1, id2, ...))
+					    {
+					        foreach($tmp_origin_id as $origin_id)
+					        {
+					            $ret = $this->add_object_linked($origin, $origin_id);
+					            if (! $ret)
+					            {
+					                $this->error=$this->db->lasterror();
+					                $error++;
+					            }
+					        }
+					    }
+					    else                                // Old behaviour, if linked_object has only one link per type, so is something like array('contract'=>id1))
+					    {
+					        $origin_id = $tmp_origin_id;
+	    					$ret = $this->add_object_linked($origin, $origin_id);
+	    					if (! $ret)
+	    					{
+	    						$this->error=$this->db->lasterror();
+	    						$error++;
+	    					}
+					    }
+					}
+				}

 				if ($error)
 				{
--- a/htdocs/compta/facture/class/facture.class.php
+++ b/htdocs/compta/facture/class/facture.class.php
@@ -244,7 +244,7 @@ class Facture extends CommonInvoice
 		$this->brouillon = 1;
        if (empty($this->entity)) $this->entity = $conf->entity;

-		// Multicurrency (test on $this->multicurrency_tx because we sould take the default rate only if not using origin rate)
+		// Multicurrency (test on $this->multicurrency_tx because we should take the default rate only if not using origin rate)
 		if (!empty($this->multicurrency_code) && empty($this->multicurrency_tx)) list($this->fk_multicurrency,$this->multicurrency_tx) = MultiCurrency::getIdAndTxFromCode($this->db, $this->multicurrency_code);
 		else $this->fk_multicurrency = MultiCurrency::getIdFromCode($this->db, $this->multicurrency_code);
 		if (empty($this->fk_multicurrency))
@@ -442,6 +442,11 @@ class Facture extends CommonInvoice
 			$resql=$this->db->query($sql);
 			if (! $resql) $error++;

+			if (! empty($this->linkedObjectsIds) && empty($this->linked_objects))	// To use new linkedObjectsIds instead of old linked_objects
+			{
+				$this->linked_objects = $this->linkedObjectsIds;	// TODO Replace linked_objects with linkedObjectsIds
+			}
+
 			// Add object linked
 			if (! $error && $this->id && is_array($this->linked_objects) && ! empty($this->linked_objects))
 			{
@@ -454,7 +459,7 @@ class Facture extends CommonInvoice
 				            $ret = $this->add_object_linked($origin, $origin_id);
 				            if (! $ret)
 				            {
-				                dol_print_error($this->db);
+				                $this->error=$this->db->lasterror();
 				                $error++;
 				            }
 				        }
@@ -465,7 +470,7 @@ class Facture extends CommonInvoice
    					$ret = $this->add_object_linked($origin, $origin_id);
    					if (! $ret)
    					{
-    						dol_print_error($this->db);
+    						$this->error=$this->db->lasterror();
    						$error++;
    					}
 				    }
@@ -570,11 +575,15 @@ class Facture extends CommonInvoice
 							$fk_parent_line = 0;
 						}

+						// Complete vat rate with code
+						$vatrate = $line->tva_tx;
+						if ($line->vat_src_code && ! preg_match('/\(.*\)/', $vatrate)) $vatrate.=' ('.$line->vat_src_code.')';
+
 						$result = $this->addline(
 							$line->desc,
 							$line->subprice,
 							$line->qty,
-							$line->tva_tx,
+							$vatrate,
 							$line->localtax1_tx,
 							$line->localtax2_tx,
 							$line->fk_product,
@@ -930,7 +939,8 @@ class Facture extends CommonInvoice
 		{
 			$this->db->commit();
 			return $this->id;
-		}
+
+		   }
 		else
 		{
 			$this->db->rollback();
@@ -980,6 +990,8 @@ class Facture extends CommonInvoice
 			$line->special_code		= $object->lines[$i]->special_code;
 			$line->fk_parent_line	= $object->lines[$i]->fk_parent_line;
 			$line->fk_unit			= $object->lines[$i]->fk_unit;
+			$line->date_start 	= $object->lines[$i]->date_start;
+			$line->date_end 	= $object->lines[$i]->date_end;

 			$line->fk_fournprice	= $object->lines[$i]->fk_fournprice;
 			$marginInfos			= getMarginInfos($object->lines[$i]->subprice, $object->lines[$i]->remise_percent, $object->lines[$i]->tva_tx, $object->lines[$i]->localtax1_tx, $object->lines[$i]->localtax2_tx, $object->lines[$i]->fk_fournprice, $object->lines[$i]->pa_ht);
@@ -2051,6 +2063,10 @@ class Facture extends CommonInvoice
 		$error=0;
 		dol_syslog(get_class($this).'::validate user='.$user->id.', force_number='.$force_number.', idwarehouse='.$idwarehouse);

+		// Force to have object complete for checks
+		$this->fetch_thirdparty();
+		$this->fetch_lines();
+
 		// Check parameters
 		if (! $this->brouillon)
 		{
@@ -2068,9 +2084,6 @@ class Facture extends CommonInvoice

 		$this->db->begin();

-		$this->fetch_thirdparty();
-		$this->fetch_lines();
-
 		// Check parameters
 		if ($this->type == self::TYPE_REPLACEMENT)		// si facture de remplacement
 		{
@@ -2421,8 +2434,8 @@ class Facture extends CommonInvoice
 	 * 		@param    	double		$pu_ht              Unit price without tax (> 0 even for credit note)
 	 * 		@param    	double		$qty             	Quantity
 	 * 		@param    	double		$txtva           	Force Vat rate, -1 for auto (Can contain the vat_src_code too with syntax '9.9 (CODE)')
-	 * 		@param		double		$txlocaltax1		Local tax 1 rate (deprecated)
-	 *  	@param		double		$txlocaltax2		Local tax 2 rate (deprecated)
+	 * 		@param		double		$txlocaltax1		Local tax 1 rate (deprecated, use instead txtva with code inside)
+	 *  	@param		double		$txlocaltax2		Local tax 2 rate (deprecated, use instead txtva with code inside)
 	 *		@param    	int			$fk_product      	Id of predefined product/service
 	 * 		@param    	double		$remise_percent  	Percent of discount on line
 	 * 		@param    	int	$date_start      	Date start of service
@@ -2637,6 +2650,11 @@ class Facture extends CommonInvoice
 				return -2;
 			}
 		}
+		else
+		{
+			dol_syslog(get_class($this)."::addline status of order must be Draft to allow use of ->addline()", LOG_ERR);
+			return -3;
+		}
 	}

 	/**
--- a/htdocs/compta/facture/class/facturestats.class.php
+++ b/htdocs/compta/facture/class/facturestats.class.php
@@ -39,7 +39,7 @@ class FactureStats extends Stats
    var $from;
    var $field;
    var $where;
-	
+

 	/**
     * 	Constructor
@@ -56,8 +56,8 @@ class FactureStats extends Stats
 		$this->db = $db;
        $this->socid = ($socid > 0 ? $socid : 0);
        $this->userid = $userid;
-		$this->cachefilesuffix = $mode; 
-		
+		$this->cachefilesuffix = $mode;
+
 		if ($mode == 'customer')
 		{
 			$object=new Facture($this->db);
@@ -195,7 +195,7 @@ class FactureStats extends Stats

 		return $this->_getAllByYear($sql);
 	}
-	
+
 	/**
 	 *	Return nb, amount of predefined product for year
 	 *
@@ -218,7 +218,7 @@ class FactureStats extends Stats

 		return $this->_getAllByProduct($sql);
 	}
-	
-	
+
+
 }

--- a/htdocs/compta/facture/document.php
+++ b/htdocs/compta/facture/document.php
@@ -4,6 +4,7 @@
 * Copyright (C) 2005      Marc Barilley / Ocebo <marc@ocebo.com>
 * Copyright (C) 2005-2011 Regis Houssin         <regis.houssin@capnetworks.com>
 * Copyright (C) 2013      Cédric Salvador       <csalvador@gpcsolutions.fr>
+ * Copyright (C) 2017      Frédéric France       <frederic.france@netlogic.fr>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -189,6 +190,6 @@ else
 	print $langs->trans("ErrorUnknown");
 }

-$db->close();
-
 llxFooter();
+
+$db->close();
--- a/htdocs/compta/facture/fiche-rec.php
+++ b/htdocs/compta/facture/fiche-rec.php
@@ -530,6 +530,9 @@ if (empty($reshook))
    					$pu_ttc = price($prodcustprice->lines[0]->price_ttc);
    					$price_base_type = $prodcustprice->lines[0]->price_base_type;
    					$tva_tx = $prodcustprice->lines[0]->tva_tx;
+						if ($prodcustprice->lines[0]->default_vat_code && ! preg_match('/\(.*\)/', $tva_tx)) $tva_tx.= ' ('.$prodcustprice->lines[0]->default_vat_code.')';
+						$tva_npr = $prodcustprice->lines[0]->recuperableonly;
+						if (empty($tva_tx)) $tva_npr=0;
    				}
    			}
    		}
--- a/htdocs/compta/facture/list.php
+++ b/htdocs/compta/facture/list.php
@@ -95,8 +95,10 @@ $month_lim	= GETPOST('month_lim','int');
 $year_lim	= GETPOST('year_lim','int');

 $option = GETPOST('option');
-if ($option == 'late') $filter = 'paye:0';
-$filtre	= GETPOST('filtre');
+if ($option == 'late') {
+	$search_status = '1';
+}
+$filtre	= GETPOST('filtre','alpha');

 $limit = GETPOST('limit')?GETPOST('limit','int'):$conf->liste_limit;
 $sortfield = GETPOST("sortfield",'alpha');
@@ -386,7 +388,7 @@ if ($search_user > 0)
 $sql.= ' WHERE f.fk_soc = s.rowid';
 $sql.= ' AND f.entity IN ('.getEntity('facture').')';
 if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
-if ($search_product_category > 0) $sql.=" AND cp.fk_categorie = ".$search_product_category;
+if ($search_product_category > 0) $sql.=" AND cp.fk_categorie = ".$db->escape($search_product_category);
 if ($socid > 0) $sql.= ' AND s.rowid = '.$socid;
 if ($userid)
 {
@@ -399,7 +401,7 @@ if ($filtre)
    foreach ($aFilter as $filter)
    {
        $filt = explode(':', $filter);
-        $sql .= ' AND ' . trim($filt[0]) . ' = ' . trim($filt[1]);
+        $sql .= ' AND ' . $db->escape(trim($filt[0])) . ' = ' . $db->escape(trim($filt[1]));
    }
 }
 if ($search_ref) $sql .= natural_search('f.facnumber', $search_ref);
@@ -433,7 +435,7 @@ if ($search_status != '' && $search_status >= 0)
    if ($search_status == '2') $sql.=" AND f.fk_statut = 2";  // payed     Not that some corrupted data may contains f.fk_statut = 1 AND f.paye = 1 (it means payed too but should not happend. If yes, reopen and reclassify billed)
    if ($search_status == '3') $sql.=" AND f.fk_statut = 3";  // abandonned
 }
-if ($search_paymentmode > 0) $sql .= " AND f.fk_mode_reglement = ".$search_paymentmode;
+if ($search_paymentmode > 0) $sql .= " AND f.fk_mode_reglement = ".$db->escape($search_paymentmode);
 if ($month > 0)
 {
    if ($year > 0 && empty($day))
@@ -461,7 +463,6 @@ else if ($year_lim > 0)
 	$sql.= " AND f.date_lim_reglement BETWEEN '".$db->idate(dol_get_first_day($year_lim,1,false))."' AND '".$db->idate(dol_get_last_day($year_lim,12,false))."'";
 }
 if ($option == 'late') $sql.=" AND f.date_lim_reglement < '".$db->idate(dol_now() - $conf->facture->client->warning_delay)."'";
-if ($filter == 'paye:0') $sql.= " AND f.fk_statut = 1";
 if ($search_sale > 0) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$search_sale;
 if ($search_user > 0)
 {
@@ -1331,7 +1332,7 @@ if ($resql)

        $filedir=$diroutputmassaction;
        $genallowed=$user->rights->facture->lire;
-        $delallowed=$user->rights->facture->lire;
+        $delallowed=$user->rights->facture->creer;

        print $formfile->showdocuments('massfilesarea_invoices','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,$title,'');
    }
--- a/htdocs/compta/facture/stats/index.php
+++ b/htdocs/compta/facture/stats/index.php
@@ -84,7 +84,7 @@ dol_mkdir($dir);
 $stats = new FactureStats($db, $socid, $mode, ($userid>0?$userid:0));
 if ($mode == 'customer')
 {
-    if ($object_status != '' && $object_status >= -1) $stats->where .= ' AND f.fk_statut IN ('.$db->escape($object_status).')';
+    if ($object_status != '' && $object_status >= 0) $stats->where .= ' AND f.fk_statut IN ('.$db->escape($object_status).')';
 }
 if ($mode == 'supplier')
 {
@@ -227,12 +227,13 @@ complete_head_from_modules($conf,$langs,null,$head,$h,$type);

 dol_fiche_head($head, 'byyear', $langs->trans("Statistics"), -1);

-$tmp_companies = $form->select_thirdparty_list($socid,'socid',$filter,1, 0, 0, array(), '', 1);
+// We use select_thirdparty_list instead of select_company so we can use $filter and share same code for customer and supplier.
+$tmp_companies = $form->select_thirdparty_list($socid, 'socid', $filter, 1, 0, 0, array(), '', 1);
 //Array passed as an argument to Form::selectarray to build a proper select input
 $companies = array();

 foreach ($tmp_companies as $value) {
-	$companies[$value['value']] = $value['label'];
+	$companies[$value['key']] = $value['label'];
 }

 print '<div class="fichecenter"><div class="fichethirdleft">';
--- a/htdocs/contrat/card.php
+++ b/htdocs/contrat/card.php
@@ -326,13 +326,21 @@ if (empty($reshook))
 									{
 										$label = $lines[$i]->product_label;
 									}
-
-									$desc .= ($lines[$i]->desc && $lines[$i]->desc!=$lines[$i]->libelle)?dol_htmlentitiesbr($lines[$i]->desc):'';
+									$desc = ($lines[$i]->desc && $lines[$i]->desc!=$lines[$i]->libelle)?dol_htmlentitiesbr($lines[$i]->desc):'';
 								}
 								else {
 								    $desc = dol_htmlentitiesbr($lines[$i]->desc);
 						        }

+								// Extrafields
+								$array_options = array();
+								if (empty($conf->global->MAIN_EXTRAFIELDS_DISABLED) && method_exists($lines[$i], 'fetch_optionals')) 							// For avoid conflicts if
+								// trigger used
+								{
+									$lines[$i]->fetch_optionals($lines[$i]->rowid);
+									$array_options = $lines[$i]->array_options;
+								}
+
 								$txtva = $lines[$i]->vat_src_code ? $lines[$i]->tva_tx . ' (' .  $lines[$i]->vat_src_code . ')' : $lines[$i]->tva_tx;

 								// View third's localtaxes for now
@@ -355,7 +363,7 @@ if (empty($reshook))
 					                $lines[$i]->info_bits,
 				                    $lines[$i]->fk_fournprice,
 				                    $lines[$i]->pa_ht,
-			                        array(),
+			                        $array_options,
 				                    $lines[$i]->fk_unit
 			                    );

@@ -501,6 +509,9 @@ if (empty($reshook))
 							$pu_ttc = price($prodcustprice->lines [0]->price_ttc);
 							$price_base_type = $prodcustprice->lines [0]->price_base_type;
 							$tva_tx = $prodcustprice->lines [0]->tva_tx;
+							if ($prodcustprice->lines[0]->default_vat_code && ! preg_match('/\(.*\)/', $tva_tx)) $tva_tx.= ' ('.$prodcustprice->lines[0]->default_vat_code.')';
+							$tva_npr = $prodcustprice->lines[0]->recuperableonly;
+							if (empty($tva_tx)) $tva_npr=0;
 						}
 					}
 				}
@@ -2112,17 +2123,17 @@ else
    		$filename = dol_sanitizeFileName($object->ref);
    		$filedir = $conf->contrat->dir_output . "/" . dol_sanitizeFileName($object->ref);
    		$urlsource = $_SERVER["PHP_SELF"] . "?id=" . $object->id;
-    		$genallowed = $user->rights->contrat->creer;
-    		$delallowed = $user->rights->contrat->supprimer;
+    		$genallowed = $user->rights->contrat->lire;
+    		$delallowed = $user->rights->contrat->creer;

    		$var = true;

    		print $formfile->showdocuments('contract', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', 0, '', $soc->default_lang);


-    			// Show links to link elements
-    			$linktoelem = $form->showLinkToObjectBlock($object, null, array('contrat'));
-    			$somethingshown = $form->showLinkedObjectBlock($object, $linktoelem);
+    		// Show links to link elements
+    		$linktoelem = $form->showLinkToObjectBlock($object, null, array('contrat'));
+    		$somethingshown = $form->showLinkedObjectBlock($object, $linktoelem);


    		print '</div><div class="fichehalfright"><div class="ficheaddleft">';
--- a/htdocs/contrat/class/contrat.class.php
+++ b/htdocs/contrat/class/contrat.class.php
@@ -728,7 +728,7 @@ class Contrat extends CommonObject
 		}

 		// Selectionne les lignes contrat liees a aucun produit
-		$sql = "SELECT d.rowid, d.fk_contrat, d.statut, d.qty, d.description, d.price_ht, d.tva_tx, d.localtax1_tx, d.localtax2_tx, d.rowid, d.remise_percent, d.subprice,";
+		$sql = "SELECT d.rowid, d.fk_contrat, d.statut, d.qty, d.description, d.price_ht, d.tva_tx, d.localtax1_tx, d.localtax2_tx, d.localtax1_type, d.localtax2_type, d.rowid, d.remise_percent, d.subprice,";
 		$sql.= " d.total_ht,";
 		$sql.= " d.total_tva,";
 		$sql.= " d.total_localtax1,";
@@ -766,6 +766,8 @@ class Contrat extends CommonObject
 				$line->tva_tx         = $objp->tva_tx;
 				$line->localtax1_tx   = $objp->localtax1_tx;
 				$line->localtax2_tx   = $objp->localtax2_tx;
+				$line->localtax1_type = $objp->localtax1_type;
+				$line->localtax2_type = $objp->localtax2_type;
 				$line->subprice       = $objp->subprice;
 				$line->remise_percent = $objp->remise_percent;
 				$line->price_ht       = $objp->price_ht;
@@ -872,7 +874,7 @@ class Contrat extends CommonObject
 		$sql.= " fk_commercial_signature, fk_commercial_suivi, fk_projet,";
 		$sql.= " ref, entity, note_private, note_public, ref_customer, ref_supplier, ref_ext)";
 		$sql.= " VALUES ('".$this->db->idate($now)."',".$this->socid.",".$user->id;
-		$sql.= ", '".$this->db->idate($this->date_contrat)."'";
+		$sql.= ", ".(dol_strlen($this->date_contrat)!=0 ? "'".$this->db->idate($this->date_contrat)."'" : "NULL");
 		$sql.= ",".($this->commercial_signature_id>0?$this->commercial_signature_id:"NULL");
 		$sql.= ",".($this->commercial_suivi_id>0?$this->commercial_suivi_id:"NULL");
 		$sql.= ",".($this->fk_project>0?$this->fk_project:"NULL");
@@ -944,7 +946,12 @@ class Contrat extends CommonObject

 			if (! $error)
 			{
-    			// Add object linked
+				if (! empty($this->linkedObjectsIds) && empty($this->linked_objects))	// To use new linkedObjectsIds instead of old linked_objects
+				{
+					$this->linked_objects = $this->linkedObjectsIds;	// TODO Replace linked_objects with linkedObjectsIds
+				}
+
+				// Add object linked
    			if (! $error && $this->id && is_array($this->linked_objects) && ! empty($this->linked_objects))
    			{
    			    foreach($this->linked_objects as $origin => $tmp_origin_id)
@@ -956,7 +963,7 @@ class Contrat extends CommonObject
    			                $ret = $this->add_object_linked($origin, $origin_id);
    			                if (! $ret)
    			                {
-    			                    dol_print_error($this->db);
+    			                    $this->error=$this->db->lasterror();
    			                    $error++;
    			                }
    			            }
@@ -967,7 +974,7 @@ class Contrat extends CommonObject
    			            $ret = $this->add_object_linked($origin, $origin_id);
    			            if (! $ret)
    			            {
-    			                dol_print_error($this->db);
+    			                $this->error=$this->db->lasterror();
    			                $error++;
    			            }
    			        }
@@ -2248,6 +2255,16 @@ class Contrat extends CommonObject
 		}
 	}

+	/**
+	 * 	Create an array of order lines
+	 *
+	 * 	@return int		>0 if OK, <0 if KO
+	 */
+	function getLinesArray()
+	{
+		return $this->fetch_lines();
+	}
+
 	/**
 	 *  Create a document onto disk according to template module.
 	 *
@@ -2628,6 +2645,8 @@ class ContratLigne extends CommonObjectLine
 		$sql.= " t.vat_src_code,";
 		$sql.= " t.localtax1_tx,";
 		$sql.= " t.localtax2_tx,";
+		$sql.= " t.localtax1_type,";
+		$sql.= " t.localtax2_type,";
 		$sql.= " t.qty,";
 		$sql.= " t.remise_percent,";
 		$sql.= " t.remise,";
@@ -2681,6 +2700,8 @@ class ContratLigne extends CommonObjectLine
 				$this->vat_src_code = $obj->vat_src_code;
 				$this->localtax1_tx = $obj->localtax1_tx;
 				$this->localtax2_tx = $obj->localtax2_tx;
+				$this->localtax1_type = $obj->localtax1_type;
+				$this->localtax2_type = $obj->localtax2_type;
 				$this->qty = $obj->qty;
 				$this->remise_percent = $obj->remise_percent;
 				$this->remise = $obj->remise;
--- a/htdocs/contrat/services.php
+++ b/htdocs/contrat/services.php
@@ -115,6 +115,11 @@ $companystatic=new Societe($db);
 $arrayfields=array(
    'c.ref'=>array('label'=>$langs->trans("Contract"), 'checked'=>1, 'position'=>80),
    'p.description'=>array('label'=>$langs->trans("Service"), 'checked'=>1, 'position'=>80),
+	'cd.qty'=>array('label'=>$langs->trans("Qty"), 'checked'=>0, 'position'=>100),
+	'cd.total_ht'=>array('label'=>$langs->trans("TotalHT"), 'checked'=>0, 'position'=>100),
+	'cd.total_tva'=>array('label'=>$langs->trans("TotalVAT"), 'checked'=>0, 'position'=>100),
+	'cd.tva_tx'=>array('label'=>$langs->trans("VAT"), 'checked'=>0, 'position'=>100),
+	'cd.subprice'=>array('label'=>$langs->trans("PriceUHT"), 'checked'=>0, 'position'=>100),
    's.nom'=>array('label'=>$langs->trans("ThirdParty"), 'checked'=>1, 'position'=>100),
    'cd.date_ouverture_prevue'=>array('label'=>$langs->trans("DateStartPlannedShort"), 'checked'=>(($mode == "" || $mode == -1) || $mode == "0")),
    'cd.date_ouverture'=>array('label'=>$langs->trans("DateStartRealShort"), 'checked'=>(($mode == "" || $mode == -1) || $mode > 0)),
@@ -199,7 +204,11 @@ if (!$user->rights->societe->client->voir && !$socid) $sql .= " sc.fk_soc, sc.fk
 $sql.= " cd.date_ouverture_prevue,";
 $sql.= " cd.date_ouverture,";
 $sql.= " cd.date_fin_validite,";
-$sql.= " cd.date_cloture,";
+$sql.= " cd.qty,";
+$sql.= " cd.total_ht,";
+$sql.= " cd.total_tva,";
+$sql.= " cd.tva_tx,";
+$sql.= " cd.subprice,";
 //$sql.= " cd.date_c as date_creation,";
 $sql.= " cd.tms as date_update";
 // Add fields from extrafields
@@ -362,6 +371,11 @@ print '<table class="tagtable liste'.($moreforfilter?" listwithfilterbefore":"")
 print '<tr class="liste_titre">';
 if (! empty($arrayfields['c.ref']['checked'])) print_liste_field_titre($arrayfields['c.ref']['label'],$_SERVER["PHP_SELF"],"c.ref","",$param,"",$sortfield,$sortorder);
 if (! empty($arrayfields['p.description']['checked'])) print_liste_field_titre($arrayfields['p.description']['label'],$_SERVER["PHP_SELF"],"p.description","",$param,"",$sortfield,$sortorder);
+if (! empty($arrayfields['cd.qty']['checked']))  print_liste_field_titre($arrayfields['cd.qty']['label'],$_SERVER["PHP_SELF"],"cd.qty","",$param,'align="center" class="nowrap"',$sortfield,$sortorder);
+if (! empty($arrayfields['cd.total_ht']['checked']))  print_liste_field_titre($arrayfields['cd.total_ht']['label'],$_SERVER["PHP_SELF"],"cd.total_ht","",$param,'align="center" class="nowrap"',$sortfield,$sortorder);
+if (! empty($arrayfields['cd.total_tva']['checked']))  print_liste_field_titre($arrayfields['cd.total_tva']['label'],$_SERVER["PHP_SELF"],"cd.total_tva","",$param,'align="center" class="nowrap"',$sortfield,$sortorder);
+if (! empty($arrayfields['cd.tva_tx']['checked']))  print_liste_field_titre($arrayfields['cd.tva_tx']['label'],$_SERVER["PHP_SELF"],"cd.tva_tx","",$param,'align="center" class="nowrap"',$sortfield,$sortorder);
+if (! empty($arrayfields['cd.subprice']['checked']))  print_liste_field_titre($arrayfields['cd.subprice']['label'],$_SERVER["PHP_SELF"],"cd.subprice","",$param,'align="center" class="nowrap"',$sortfield,$sortorder);
 if (! empty($arrayfields['s.nom']['checked'])) print_liste_field_titre($arrayfields['s.nom']['label'],$_SERVER["PHP_SELF"],"s.nom","",$param,"",$sortfield,$sortorder);
 if (! empty($arrayfields['cd.date_ouverture_prevue']['checked'])) print_liste_field_titre($arrayfields['cd.date_ouverture_prevue']['label'],$_SERVER["PHP_SELF"],"cd.date_ouverture_prevue","",$param,'align="center"',$sortfield,$sortorder);
 if (! empty($arrayfields['cd.date_ouverture']['checked'])) print_liste_field_titre($arrayfields['cd.date_ouverture']['label'],$_SERVER["PHP_SELF"],"cd.date_ouverture","",$param,'align="center"',$sortfield,$sortorder);
@@ -407,6 +421,32 @@ if (! empty($arrayfields['p.description']['checked']))
 	print '<input type="text" class="flat maxwidth100" name="search_service" value="'.dol_escape_htmltag($search_service).'">';
 	print '</td>';
 }
+// detail lines
+if (! empty($arrayfields['cd.qty']['checked']))
+{
+	print '<td class="liste_titre">';
+	print '</td>';
+}
+if (! empty($arrayfields['cd.total_ht']['checked']))
+{
+	print '<td class="liste_titre">';
+	print '</td>';
+}
+if (! empty($arrayfields['cd.total_tva']['checked']))
+{
+	print '<td class="liste_titre">';
+	print '</td>';
+}
+if (! empty($arrayfields['cd.tva_tx']['checked']))
+{
+	print '<td class="liste_titre">';
+	print '</td>';
+}
+if (! empty($arrayfields['cd.subprice']['checked']))
+{
+	print '<td class="liste_titre">';
+	print '</td>';
+}
 // Third party
 if (! empty($arrayfields['s.nom']['checked']))
 {
@@ -414,6 +454,8 @@ if (! empty($arrayfields['s.nom']['checked']))
 	print '<input type="text" class="flat maxwidth100" name="search_name" value="'.dol_escape_htmltag($search_name).'">';
 	print '</td>';
 }
+
+
 if (! empty($arrayfields['cd.date_ouverture_prevue']['checked']))
 {
 	print '<td class="liste_titre" align="center">';
@@ -557,6 +599,38 @@ while ($i < min($num,$limit))
 		print '</td>';
    }

+    if (! empty($arrayfields['cd.qty']['checked']))
+    {
+    	print '<td>';
+    	print $obj->qty;
+    	print '</td>';
+    }
+    if (! empty($arrayfields['cd.total_ht']['checked']))
+    {
+    	print '<td>';
+    	print price($obj->total_ht);
+    	print '</td>';
+    }
+    if (! empty($arrayfields['cd.total_tva']['checked']))
+    {
+    	print '<td>';
+    	print price($obj->total_tva);
+    	print '</td>';
+    }
+    if (! empty($arrayfields['cd.tva_tx']['checked']))
+    {
+    	print '<td>';
+    	print price2num($obj->tva_tx).'%';
+    	print '</td>';
+    }
+    if (! empty($arrayfields['cd.subprice']['checked']))
+    {
+    	print '<td>';
+    	print price($obj->subprice);
+    	print '</td>';
+    }
+
+
 	// Third party
    if (! empty($arrayfields['s.nom']['checked']))
    {
--- a/htdocs/core/actions_builddoc.inc.php
+++ b/htdocs/core/actions_builddoc.inc.php
@@ -91,10 +91,13 @@ if ($action == 'builddoc' && $permissioncreate)
        }
        else
        {
-            setEventMessages($langs->trans("FileGenerated"), null);
+        	if (empty($donotredirect))	// This is se when include is done by bulk action "Bill Orders"
+        	{
+	            setEventMessages($langs->trans("FileGenerated"), null);

-            header('Location: '.$_SERVER['REQUEST_URI'].'#builddoc');
-            exit;
+	            header('Location: '.$_SERVER['REQUEST_URI'].'#builddoc');
+	            exit;
+        	}
        }
    }
 }
--- a/htdocs/core/actions_linkedfiles.inc.php
+++ b/htdocs/core/actions_linkedfiles.inc.php
@@ -30,9 +30,9 @@ if (GETPOST('sendit') && ! empty($conf->global->MAIN_UPLOAD_DOC))
    if ($object->id)
    {
    	if (! empty($upload_dirold) && ! empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO))
-            $result = dol_add_file_process($upload_dirold, 0, 1, 'userfile', GETPOST('savingdocmask'));
+            $result = dol_add_file_process($upload_dirold, 0, 1, 'userfile', GETPOST('savingdocmask', 'alpha'));
        else
-            $result = dol_add_file_process($upload_dir, 0, 1, 'userfile', GETPOST('savingdocmask'));
+            $result = dol_add_file_process($upload_dir, 0, 1, 'userfile', GETPOST('savingdocmask', 'alpha'));
    }
 }
 elseif (GETPOST('linkit') && ! empty($conf->global->MAIN_UPLOAD_DOC))
@@ -56,8 +56,8 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes')
 {
    if ($object->id)
    {
-        $urlfile = GETPOST('urlfile', 'alpha');	// Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP).
-        if (GETPOST('section')) $file = $upload_dir . "/" . $urlfile;	// For a delete of GED module urlfile contains full path from upload_dir
+        $urlfile = GETPOST('urlfile', 'alpha', 0, null, null, 1);	// Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP).
+        if (GETPOST('section', 'alpha')) $file = $upload_dir . "/" . $urlfile;	// For a delete of GED module urlfile contains full path from upload_dir
        else															// For documents pages, upload_dir contains already path to file from module dir, so we clean path into urlfile.
 		{
       		$urlfile=basename($urlfile);
@@ -116,7 +116,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes')
        exit;
    }
 }
-elseif ($action == 'confirm_updateline' && GETPOST('save') && GETPOST('link', 'alpha'))
+elseif ($action == 'confirm_updateline' && GETPOST('save','alpha') && GETPOST('link', 'alpha'))
 {
    require_once DOL_DOCUMENT_ROOT . '/core/class/link.class.php';
    $langs->load('link');
@@ -150,8 +150,8 @@ elseif ($action == 'renamefile' && GETPOST('renamefilesave'))
        //var_dump($upload_dir);exit;
        if (! empty($upload_dir))
        {
-            $filenamefrom=dol_sanitizeFileName(GETPOST('renamefilefrom'));
-            $filenameto=dol_sanitizeFileName(GETPOST('renamefileto'));
+            $filenamefrom=dol_sanitizeFileName(GETPOST('renamefilefrom','alpha'));
+            $filenameto=dol_sanitizeFileName(GETPOST('renamefileto','alpha'));

            // Security:
            // Disallow file with some extensions. We rename them.
--- a/htdocs/core/actions_massactions.inc.php
+++ b/htdocs/core/actions_massactions.inc.php
@@ -265,14 +265,14 @@ if (! $error && $massaction == 'confirm_presend')
                $replyto = $from;
                $subject = GETPOST('subject');
                $message = GETPOST('message');
-                $sendtocc = GETPOST('sentocc');
-                $sendtobcc = '';
-                if ($objectclass == 'Propale') 				$sendtocc = (empty($conf->global->MAIN_MAIL_AUTOCOPY_PROPOSAL_TO)?'':$conf->global->MAIN_MAIL_AUTOCOPY_PROPOSAL_TO);
-                if ($objectclass == 'Commande') 			$sendtocc = (empty($conf->global->MAIN_MAIL_AUTOCOPY_ORDER_TO)?'':$conf->global->MAIN_MAIL_AUTOCOPY_ORDER_TO);
-                if ($objectclass == 'Facture') 				$sendtocc = (empty($conf->global->MAIN_MAIL_AUTOCOPY_INVOICE_TO)?'':$conf->global->MAIN_MAIL_AUTOCOPY_INVOICE_TO);
-                if ($objectclass == 'Supplier_Proposal') 	$sendtocc = (empty($conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_PROPOSAL_TO)?'':$conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_PROPOSAL_TO);
-                if ($objectclass == 'CommandeFournisseur')	$sendtocc = (empty($conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_ORDER_TO)?'':$conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_ORDER_TO);
-                if ($objectclass == 'FactureFournisseur')	$sendtocc = (empty($conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_INVOICE_TO)?'':$conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_INVOICE_TO);
+
+                $sendtobcc = GETPOST('sendtoccc');
+                if ($objectclass == 'Propale') 				$sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_PROPOSAL_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_PROPOSAL_TO));
+                if ($objectclass == 'Commande') 			$sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_ORDER_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_ORDER_TO));
+                if ($objectclass == 'Facture') 				$sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_INVOICE_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_INVOICE_TO));
+                if ($objectclass == 'Supplier_Proposal') 	$sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_PROPOSAL_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_PROPOSAL_TO));
+                if ($objectclass == 'CommandeFournisseur')	$sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_ORDER_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_ORDER_TO));
+                if ($objectclass == 'FactureFournisseur')	$sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_INVOICE_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_INVOICE_TO));


                $substitutionarray=array(
@@ -463,22 +463,23 @@ if (! $error && $massaction == "builddoc" && $permtoread && ! GETPOST('button_se
        $outputlangs->setDefaultLang($newlang);
    }

-    if(!empty($conf->global->USE_PDFTK_FOR_PDF_CONCAT)) {
+    if(!empty($conf->global->USE_PDFTK_FOR_PDF_CONCAT))
+    {
    	// Create output dir if not exists
-	dol_mkdir($diroutputmassaction);
+		dol_mkdir($diroutputmassaction);

-	// Defined name of merged file
-	$filename=strtolower(dol_sanitizeFileName($langs->transnoentities($objectlabel)));
-	$filename=preg_replace('/\s/','_',$filename);
+		// Defined name of merged file
+		$filename=strtolower(dol_sanitizeFileName($langs->transnoentities($objectlabel)));
+		$filename=preg_replace('/\s/','_',$filename);

-	// Save merged file
-	if ($filter=='paye:0')
-	{
-	if ($option=='late') $filename.='_'.strtolower(dol_sanitizeFileName($langs->transnoentities("Unpaid"))).'_'.strtolower(dol_sanitizeFileName($langs->transnoentities("Late")));
-	else $filename.='_'.strtolower(dol_sanitizeFileName($langs->transnoentities("Unpaid")));
-	}
-	if ($year) $filename.='_'.$year;
-	if ($month) $filename.='_'.$month;
+		// Save merged file
+	    if (in_array($object->element, array('facture', 'facture_fournisseur')) && $search_status == Facture::STATUS_VALIDATED)
+		{
+			if ($option=='late') $filename.='_'.strtolower(dol_sanitizeFileName($langs->transnoentities("Unpaid"))).'_'.strtolower(dol_sanitizeFileName($langs->transnoentities("Late")));
+			else $filename.='_'.strtolower(dol_sanitizeFileName($langs->transnoentities("Unpaid")));
+		}
+		if ($year) $filename.='_'.$year;
+		if ($month) $filename.='_'.$month;

    	if (count($files)>0)
    	{
@@ -546,7 +547,7 @@ if (! $error && $massaction == "builddoc" && $permtoread && ! GETPOST('button_se
 	    $filename=preg_replace('/\s/','_',$filename);

 	    // Save merged file
-	    if ($filter=='paye:0')
+	    if (in_array($object->element, array('facture', 'facture_fournisseur')) && $search_status == Facture::STATUS_VALIDATED)
 	    {
 			if ($option=='late') $filename.='_'.strtolower(dol_sanitizeFileName($langs->transnoentities("Unpaid"))).'_'.strtolower(dol_sanitizeFileName($langs->transnoentities("Late")));
 			else $filename.='_'.strtolower(dol_sanitizeFileName($langs->transnoentities("Unpaid")));
--- a/htdocs/core/actions_sendmails.inc.php
+++ b/htdocs/core/actions_sendmails.inc.php
@@ -266,7 +266,7 @@ if (($action == 'send' || $action == 'relance') && ! $_POST['addfile'] && ! $_PO
 			// <img alt="" src="'.$urlwithroot.'viewimage.php?modulepart=medias&amp;entity=1&amp;file=image/ldestailleur_166x166.jpg" style="height:166px; width:166px" />
 			$message=preg_replace('/(<img.*src=")[^\"]*viewimage\.php([^\"]*)modulepart=medias([^\"]*)file=([^\"]*)("[^\/]*\/>)/', '\1'.$urlwithroot.'/viewimage.php\2modulepart=medias\3file=\4\5', $message);

-			$sendtobcc= GETPOST('sendtoccc');
+			$sendtobcc = GETPOST('sendtoccc');
 			if ($mode == 'emailfromproposal')         $sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_PROPOSAL_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_PROPOSAL_TO));
 			if ($mode == 'emailfromorder')            $sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_ORDER_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_ORDER_TO));
 			if ($mode == 'emailfrominvoice')          $sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_INVOICE_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_INVOICE_TO));
--- a/htdocs/core/boxes/box_services_contracts.php
+++ b/htdocs/core/boxes/box_services_contracts.php
@@ -2,6 +2,7 @@
 /* Copyright (C) 2003      Rodolphe Quiedeville <rodolphe@quiedeville.org>
 * Copyright (C) 2005-2017 Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) 2005-2011 Regis Houssin        <regis.houssin@capnetworks.com>
+ * Copyright (C) 2017 	   Nicolas Zabouri      <info@inovea-conseil.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -91,7 +92,7 @@ class box_services_contracts extends ModeleBoxes
 			$sql.= " INNER JOIN ".MAIN_DB_PREFIX."contrat as c ON s.rowid = c.fk_soc";
 			$sql.= " INNER JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat";
 			$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid";
-			if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= "INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
+			if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
 			$sql.= ")";
 			$sql.= " WHERE c.entity = ".$conf->entity;
 			if($user->societe_id) $sql.= " AND s.rowid = ".$user->societe_id;
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -1562,22 +1562,22 @@ abstract class CommonObject

 						switch ($this->element) {
 							case 'propal':
-								$this->updateline($line->id, $line->subprice, $line->qty, $line->remise_percent, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, $line->desc, 'HT', $line->info_bits, $line->special_code, $line->fk_parent_line, $line->skip_update_total, $line->fk_fournprice, $line->pa_ht, $line->label, $line->product_type, $line->date_start, $line->date_end, $line->array_options, $line->fk_unit, $line->multicurrency_subprice);
+								$this->updateline($line->id, $line->subprice, $line->qty, $line->remise_percent, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx,  ($line->description?$line->description:$line->desc), 'HT', $line->info_bits, $line->special_code, $line->fk_parent_line, $line->skip_update_total, $line->fk_fournprice, $line->pa_ht, $line->label, $line->product_type, $line->date_start, $line->date_end, $line->array_options, $line->fk_unit, $line->multicurrency_subprice);
 								break;
 							case 'commande':
-								$this->updateline($line->id, $line->desc, $line->subprice, $line->qty, $line->remise_percent, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, 'HT', $line->info_bits, $line->date_start, $line->date_end, $line->product_type, $line->fk_parent_line, $line->skip_update_total, $line->fk_fournprice, $line->pa_ht, $line->label, $line->special_code, $line->array_options, $line->fk_unit, $line->multicurrency_subprice);
+								$this->updateline($line->id,  ($line->description?$line->description:$line->desc), $line->subprice, $line->qty, $line->remise_percent, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, 'HT', $line->info_bits, $line->date_start, $line->date_end, $line->product_type, $line->fk_parent_line, $line->skip_update_total, $line->fk_fournprice, $line->pa_ht, $line->label, $line->special_code, $line->array_options, $line->fk_unit, $line->multicurrency_subprice);
 								break;
 							case 'facture':
-								$this->updateline($line->id, $line->desc, $line->subprice, $line->qty, $line->remise_percent, $line->date_start, $line->date_end, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, 'HT', $line->info_bits, $line->product_type, $line->fk_parent_line, $line->skip_update_total, $line->fk_fournprice, $line->pa_ht, $line->label, $line->special_code, $line->array_options, $line->situation_percent, $line->fk_unit, $line->multicurrency_subprice);
+								$this->updateline($line->id,  ($line->description?$line->description:$line->desc), $line->subprice, $line->qty, $line->remise_percent, $line->date_start, $line->date_end, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, 'HT', $line->info_bits, $line->product_type, $line->fk_parent_line, $line->skip_update_total, $line->fk_fournprice, $line->pa_ht, $line->label, $line->special_code, $line->array_options, $line->situation_percent, $line->fk_unit, $line->multicurrency_subprice);
 								break;
 							case 'supplier_proposal':
-								$this->updateline($line->id, $line->subprice, $line->qty, $line->remise_percent, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, $line->desc, 'HT', $line->info_bits, $line->special_code, $line->fk_parent_line, $line->skip_update_total, $line->fk_fournprice, $line->pa_ht, $line->label, $line->product_type, $line->array_options, $line->ref_fourn, $line->multicurrency_subprice);
+								$this->updateline($line->id, $line->subprice, $line->qty, $line->remise_percent, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, ($line->description?$line->description:$line->desc), 'HT', $line->info_bits, $line->special_code, $line->fk_parent_line, $line->skip_update_total, $line->fk_fournprice, $line->pa_ht, $line->label, $line->product_type, $line->array_options, $line->ref_fourn, $line->multicurrency_subprice);
 								break;
 							case 'order_supplier':
-								$this->updateline($line->id, $line->desc, $line->subprice, $line->qty, $line->remise_percent, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, 'HT', $line->info_bits,  $line->product_type, false, $line->date_start, $line->date_end, $line->array_options, $line->fk_unit, $line->multicurrency_subprice);
+								$this->updateline($line->id,  ($line->description?$line->description:$line->desc), $line->subprice, $line->qty, $line->remise_percent, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, 'HT', $line->info_bits,  $line->product_type, false, $line->date_start, $line->date_end, $line->array_options, $line->fk_unit, $line->multicurrency_subprice);
 								break;
 							case 'invoice_supplier':
-								$this->updateline($line->id, $line->desc, $line->subprice, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, $line->qty, 0, 'HT', $line->info_bits, $line->product_type, $line->remise_percent, false, $line->date_start, $line->date_end, $line->array_options, $line->fk_unit, $line->multicurrency_subprice);
+								$this->updateline($line->id, ($line->description?$line->description:$line->desc), $line->subprice, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, $line->qty, 0, 'HT', $line->info_bits, $line->product_type, $line->remise_percent, false, $line->date_start, $line->date_end, $line->array_options, $line->fk_unit, $line->multicurrency_subprice);
 								break;
 							default:
 								dol_syslog(get_class($this).'::setMulticurrencyRate no updateline defined', LOG_DEBUG);
@@ -3748,6 +3748,7 @@ abstract class CommonObject

        // VAT Rate
        $this->tpl['vat_rate'] = vatrate($line->tva_tx, true);
+        $this->tpl['vat_rate'] .= (($line->info_bits & 1) == 1) ? '*' : '';
        if (! empty($line->vat_src_code) && ! preg_match('/\(/', $this->tpl['vat_rate'])) $this->tpl['vat_rate'].=' ('.$line->vat_src_code.')';

        $this->tpl['price'] = price($line->subprice);
@@ -4559,12 +4560,16 @@ abstract class CommonObject
 					{
 						$out .= '<tr '.$class.$csstyle.' class="'.$this->element.'_extras_'.$key.'">';
 					}
-					// Convert date into timestamp format
+					// Convert date into timestamp format (value in memory must be a timestamp)
 					if (in_array($extrafields->attribute_type[$key],array('date','datetime')))
 					{
 						$value = isset($_POST["options_".$key])?dol_mktime($_POST["options_".$key."hour"], $_POST["options_".$key."min"], 0, $_POST["options_".$key."month"], $_POST["options_".$key."day"], $_POST["options_".$key."year"]):$this->db->jdate($this->array_options['options_'.$key]);
 					}
-
+					// Convert float submited string into real php numeric (value in memory must be a php numeric)
+					if (in_array($extrafields->attribute_type[$key],array('price','double')))
+					{
+						$value = isset($_POST["options_".$key])?price2num($_POST["options_".$key]):$this->array_options['options_'.$key];
+					}
 					if($extrafields->attribute_required[$key])
 						$label = '<span'.($mode != 'view' ? ' class="fieldrequired"':'').'>'.$label.'</span>';

--- a/htdocs/core/class/conf.class.php
+++ b/htdocs/core/class/conf.class.php
@@ -83,8 +83,8 @@ class Conf
 		$this->file				= new stdClass();
 		$this->db				= new stdClass();
 		$this->global			= new stdClass();
-		$this->mycompany			= new stdClass();
-		$this->admin				= new stdClass();
+		$this->mycompany		= new stdClass();
+		$this->admin			= new stdClass();
 		$this->user				= new stdClass();
 		$this->syslog			= new stdClass();
 		$this->browser			= new stdClass();
--- a/htdocs/core/class/discount.class.php
+++ b/htdocs/core/class/discount.class.php
@@ -445,14 +445,14 @@ class DiscountAbsolute
            $sql = 'SELECT sum(rc.amount_ttc) as amount, sum(rc.multicurrency_amount_ttc) as multicurrency_amount';
            $sql.= ' FROM '.MAIN_DB_PREFIX.'societe_remise_except as rc, '.MAIN_DB_PREFIX.'facture as f';
            $sql.= ' WHERE rc.fk_facture_source=f.rowid AND rc.fk_facture = '.$invoice->id;
-            $sql.= ' AND f.type = 2';
+            $sql.= ' AND (f.type = 2 OR f.type = 0)';	// Find discount coming from credit note or excess received
        }
        else if ($invoice->element == 'invoice_supplier')
        {
            $sql = 'SELECT sum(rc.amount_ttc) as amount, sum(rc.multicurrency_amount_ttc) as multicurrency_amount';
            $sql.= ' FROM '.MAIN_DB_PREFIX.'societe_remise_except as rc, '.MAIN_DB_PREFIX.'facture_fourn as f';
            $sql.= ' WHERE rc.fk_invoice_supplier_source=f.rowid AND rc.fk_invoice_supplier = '.$invoice->id;
-            $sql.= ' AND f.type = 2';
+            $sql.= ' AND (f.type = 2 OR f.type = 0)';	// Find discount coming from credit note or excess received
        }
        else
        {
--- a/htdocs/core/class/extrafields.class.php
+++ b/htdocs/core/class/extrafields.class.php
@@ -8,6 +8,7 @@
 * Copyright (C) 2013       Florian Henry           <forian.henry@open-concept.pro>
 * Copyright (C) 2015       Charles-Fr BENKE        <charles.fr@benke.fr>
 * Copyright (C) 2016       Raphaël Doursenaud      <rdoursenaud@gpcsolutions.fr>
+ * Copyright (C) 2017       Nicolas ZABOURI         <info@inovea-conseil.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -737,7 +738,7 @@ class ExtraFields
 	 * Return HTML string to put an input field into a page
 	 *
 	 * @param  string  $key            Key of attribute
-	 * @param  string  $value          Preselected value to show (for date type it must be in timestamp format)
+	 * @param  string  $value          Preselected value to show (for date type it must be in timestamp format, for amount or price it must be a php numeric value)
 	 * @param  string  $moreparam      To add more parametes on html input tag
 	 * @param  string  $keyprefix      Prefix string to add into name and id of field (can be used to avoid duplicate names)
 	 * @param  string  $keysuffix      Suffix string to add into name and id of field (can be used to avoid duplicate names)
@@ -832,7 +833,7 @@ class ExtraFields
 		{
 			$tmp=explode(',',$size);
 			$newsize=$tmp[0];
-			$out='<input type="text" class="flat '.$showsize.' maxwidthonsmartphone" name="'.$keysuffix.'options_'.$key.$keyprefix.'" " maxlength="'.$newsize.'" value="'.$value.'"'.($moreparam?$moreparam:'').'>';
+			$out='<input type="text" class="flat '.$showsize.' maxwidthonsmartphone" name="'.$keysuffix.'options_'.$key.$keyprefix.'" maxlength="'.$newsize.'" value="'.$value.'"'.($moreparam?$moreparam:'').'>';
 		}
 		elseif ($type == 'varchar')
 		{
@@ -860,11 +861,14 @@ class ExtraFields
 		}
 		elseif ($type == 'price')
 		{
-			$out='<input type="text" class="flat '.$showsize.' maxwidthonsmartphone" name="'.$keysuffix.'options_'.$key.$keyprefix.'" value="'.price2num($value).'" '.($moreparam?$moreparam:'').'> '.$langs->getCurrencySymbol($conf->currency);
+			if (!empty($value)) {		// $value in memory is a php numeric, we format it into user number format.
+				$value=price($value);
+			}
+			$out.='<input type="text" class="flat '.$showsize.' maxwidthonsmartphone" name="'.$keysuffix.'options_'.$key.$keyprefix.'" value="'.$value.'" '.($moreparam?$moreparam:'').'> '.$langs->getCurrencySymbol($conf->currency);
 		}
 		elseif ($type == 'double')
 		{
-			if (!empty($value)) {
+			if (!empty($value)) {		// $value in memory is a php numeric, we format it into user number format.
 				$value=price($value);
 			}
 			$out='<input type="text" class="flat '.$showsize.' maxwidthonsmartphone" name="'.$keysuffix.'options_'.$key.$keyprefix.'" value="'.$value.'" '.($moreparam?$moreparam:'').'> ';
--- a/htdocs/core/class/html.form.class.php
+++ b/htdocs/core/class/html.form.class.php
@@ -1225,6 +1225,12 @@ class Form
                        $disabled=' disabled';
                    }

+					if (!empty($conf->global->MAIN_SHOW_FACNUMBER_IN_DISCOUNT_LIST) && !empty($obj->fk_facture_source))
+					{
+						$tmpfac = new Facture($this->db);
+						if ($tmpfac->fetch($obj->fk_facture_source) > 0) $desc=$desc.' - '.$tmpfac->ref;
+					}
+
                    print '<option value="'.$obj->rowid.'"'.$selectstring.$disabled.'>'.$desc.' ('.price($obj->amount_ht).' '.$langs->trans("HT").' - '.price($obj->amount_ttc).' '.$langs->trans("TTC").')</option>';
                    $i++;
                }
@@ -4153,15 +4159,26 @@ class Form
            print '<input type="hidden" name="action" value="setabsolutediscount">';
            print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
            print '<div class="inline-block">';
-            if (! empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS))
+            if (! empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS))	// Never use this option.
            {
                if (! $filter || $filter=="fk_facture_source IS NULL") print $langs->trans("CompanyHasAbsoluteDiscount",price($amount,0,$langs,0,0,-1,$conf->currency));    // If we want deposit to be substracted to payments only and not to total of final invoice
                else print $langs->trans("CompanyHasCreditNote",price($amount,0,$langs,0,0,-1,$conf->currency));
            }
            else
            {
-                if (! $filter || $filter=="fk_facture_source IS NULL OR (fk_facture_source IS NOT NULL AND (description LIKE '(DEPOSIT)%' OR description LIKE '(EXCESS RECEIVED)%'))") print $langs->trans("CompanyHasAbsoluteDiscount",price($amount,0,$langs,0,0,-1,$conf->currency));
-                else print $langs->trans("CompanyHasCreditNote",price($amount,0,$langs,0,0,-1,$conf->currency));
+                if (! $filter)
+                {
+                	print $langs->trans("CompanyHasAbsoluteDiscount",price($amount,0,$langs,0,0,-1,$conf->currency));
+                }
+                elseif ($filter=="fk_facture_source IS NULL OR (fk_facture_source IS NOT NULL AND (description LIKE '(DEPOSIT)%' AND description NOT LIKE '(EXCESS RECEIVED)%'))") 
+                {
+                	// Replace trans key with CompanyHasDownPaymentOrCommercialDiscount
+                	print $langs->trans("CompanyHasAbsoluteDiscount",price($amount,0,$langs,0,0,-1,$conf->currency));
+                }
+                else 
+                {
+                	print $langs->trans("CompanyHasCreditNote",price($amount,0,$langs,0,0,-1,$conf->currency));
+                }
            }
            if (empty($hidelist)) print ': ';
            print '</div>';
@@ -5640,8 +5657,8 @@ class Form
    		    'contrat'=>array('enabled'=>$conf->contrat->enabled , 'perms'=>1, 'label'=>'LinkToContract', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_supplier, '' as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$listofidcompanytoscan.') AND t.entity IN ('.getEntity('contract').')'),
    		    'fichinter'=>array('enabled'=>$conf->ficheinter->enabled, 'perms'=>1, 'label'=>'LinkToIntervention', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."fichinter as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$listofidcompanytoscan.') AND t.entity IN ('.getEntity('intervention').')'),
    		    'supplier_proposal'=>array('enabled'=>$conf->supplier_proposal->enabled , 'perms'=>1, 'label'=>'LinkToSupplierProposal', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, '' as ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."supplier_proposal as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$listofidcompanytoscan.') AND t.entity IN ('.getEntity('supplier_proposal').')'),
-    		    'order_supplier'=>array('enabled'=>$conf->fournisseur->commande->enabled , 'perms'=>1, 'label'=>'LinkToSupplierOrder', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande_fournisseur as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$listofidcompanytoscan.') AND t.entity IN ('.getEntity('commande_fournisseur').')'),
-    		    'invoice_supplier'=>array('enabled'=>$conf->fournisseur->facture->enabled , 'perms'=>1, 'label'=>'LinkToSupplierInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_fourn as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$listofidcompanytoscan.') AND t.entity IN ('.getEntity('facture_fourn').')')
+    		    'order_supplier'=>array('enabled'=>$conf->supplier_order->enabled , 'perms'=>1, 'label'=>'LinkToSupplierOrder', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande_fournisseur as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$listofidcompanytoscan.') AND t.entity IN ('.getEntity('commande_fournisseur').')'),
+    		    'invoice_supplier'=>array('enabled'=>$conf->supplier_invoice->enabled , 'perms'=>1, 'label'=>'LinkToSupplierInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_fourn as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$listofidcompanytoscan.') AND t.entity IN ('.getEntity('facture_fourn').')')
    		);
 		}

--- a/htdocs/core/lib/files.lib.php
+++ b/htdocs/core/lib/files.lib.php
@@ -968,7 +968,11 @@ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disable
 		$file_name_osencoded=dol_osencode($file_name);

 		// Check if destination dir is writable
-		// TODO
+		if (! is_writable(dirname($file_name_osencoded)))
+		{
+			dol_syslog("Files.lib::dol_move_uploaded_file Dir ".dirname($file_name_osencoded)." is not writable. Return 'ErrorDirNotWritable'", LOG_WARNING);
+			return 'ErrorDirNotWritable';
+		}

 		// Check if destination file already exists
 		if (! $allowoverwrite)
@@ -1386,19 +1390,17 @@ function dol_add_file_process($upload_dir, $allowoverwrite=0, $donotupdatesessio
 				$destfull=$upload_dir . "/" . $TFile['name'][$i];
 				$destfile=$TFile['name'][$i];

-				$savingdocmask = dol_sanitizeFileName($savingdocmask);
-
 				if ($savingdocmask)
 				{
 					$destfull=$upload_dir . "/" . preg_replace('/__file__/',$TFile['name'][$i],$savingdocmask);
 					$destfile=preg_replace('/__file__/',$TFile['name'][$i],$savingdocmask);
 				}

-				// lowercase extension
+				// dol_sanitizeFileName the file name and lowercase extension
 				$info = pathinfo($destfull);
-				$destfull = $info['dirname'].'/'.$info['filename'].'.'.strtolower($info['extension']);
+				$destfull = $info['dirname'].'/'.dol_sanitizeFileName($info['filename'].'.'.strtolower($info['extension']));
 				$info = pathinfo($destfile);
-				$destfile = $info['filename'].'.'.strtolower($info['extension']);
+				$destfile = dol_sanitizeFileName($info['filename'].'.'.strtolower($info['extension']));

 				$resupload = dol_move_uploaded_file($TFile['tmp_name'][$i], $destfull, $allowoverwrite, 0, $TFile['error'][$i], 0, $varfiles);

--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -238,6 +238,17 @@ function dol_shutdown()
 }


+/**
+ * Return true if we are in a context of submitting a parameter
+ *
+ * @param 	string	$paramname		Name or parameter to test
+ * @return 	boolean					True if we have just submit a POST or GET request with the parameter provided (even if param is empty)
+ */
+function GETPOSTISSET($paramname)
+{
+	return (isset($_POST[$paramname]) || isset($_GET[$paramname]));
+}
+
 /**
 *  Return value of a param into GET or POST supervariable.
 *  Use the property $user->default_values[path]['creatform'] and/or $user->default_values[path]['filters'] and/or $user->default_values[path]['sortorder']
@@ -257,12 +268,13 @@ function dol_shutdown()
 *                                  'custom'= custom filter specify $filter and $options)
 *  @param	int		$method	     Type of method (0 = get then post, 1 = only get, 2 = only post, 3 = post then get, 4 = post then get then cookie)
 *  @param  int     $filter      Filter to apply when $check is set to 'custom'. (See http://php.net/manual/en/filter.filters.php for détails)
- *  @param  mixed   $options     Options to pass to filter_var when $check is set to 'custom'.
+ *  @param  mixed   $options     Options to pass to filter_var when $check is set to 'custom'
+ *  @param	string	$noreplace	 Force disable of replacement of __xxx__ strings.
 *  @return string|string[]      Value found (string or array), or '' if check fails
 *
 *  @TODO Set default value for check to alpha. Check all WYSIWYG edition (email and description...) is still ok with rich text.
 */
-function GETPOST($paramname, $check='', $method=0, $filter=NULL, $options=NULL)
+function GETPOST($paramname, $check='', $method=0, $filter=NULL, $options=NULL, $noreplace=0)
 {
    global $mysoc,$user,$conf;

@@ -366,7 +378,7 @@ function GETPOST($paramname, $check='', $method=0, $filter=NULL, $options=NULL)
 	    // Substitution variables for GETPOST (used to get final url with variable parameters or final default value with variable paramaters)
 	    // Example of variables: __DAY__, __MONTH__, __YEAR__, __MYCOUNTRYID__, __USERID__, __ENTITYID__, ...
 	    // We do this only if var is a GET. If it is a POST, may be we want to post the text with vars as the setup text.
-	    if (! is_array($out) && empty($_POST[$paramname]))
+	    if (! is_array($out) && empty($_POST[$paramname]) && empty($noreplace))
 	    {
 	        $maxloop=20; $loopnb=0;    // Protection against infinite loop
 	        while (preg_match('/__([A-Z0-9]+_?[A-Z0-9]+)__/i', $out, $reg) && ($loopnb < $maxloop))    // Detect '__ABCDEF__' as key 'ABCDEF' and '__ABC_DEF__' as key 'ABC_DEF'. Detection is also correct when 2 vars are side by side.
@@ -680,7 +692,7 @@ function dol_size($size,$type='')
 */
 function dol_sanitizeFileName($str,$newstr='_',$unaccent=1)
 {
-	$filesystem_forbidden_chars = array('<','>',':','/','\\','?','*','|','"','°');
+	$filesystem_forbidden_chars = array('<','>','/','\\','?','*','|','"','°');
 	return dol_string_nospecial($unaccent?dol_string_unaccent($str):$str, $newstr, $filesystem_forbidden_chars);
 }

@@ -3684,7 +3696,7 @@ function print_fleche_navigation($page, $file, $options='', $nextpage=0, $betwee
 *	@param	string	$rate			Rate value to format ('19.6', '19,6', '19.6%', '19,6%', '19.6 (CODEX)', ...)
 *  @param	boolean	$addpercent		Add a percent % sign in output
 *	@param	int		$info_bits		Miscellaneous information on vat (0=Default, 1=French NPR vat)
- *	@param	int		$usestarfornpr	1=Use '*' for NPR vat rate intead of MAIN_LABEL_MENTION_NPR
+ *	@param	int		$usestarfornpr	-1=Never show, 0 or 1=Use '*' for NPR vat rates
 *  @return	string					String with formated amounts ('19,6' or '19,6%' or '8.5% (NPR)' or '8.5% *' or '19,6 (CODEX)')
 */
 function vatrate($rate, $addpercent=false, $info_bits=0, $usestarfornpr=0)
@@ -3711,10 +3723,10 @@ function vatrate($rate, $addpercent=false, $info_bits=0, $usestarfornpr=0)
 	if (! preg_match('/\//', $rate)) $ret=price($rate,0,'',0,0).($addpercent?'%':'');
 	else
 	{
-		// TODO Split on / and output with a price2num to have clean numbers with ton of 000.
+		// TODO Split on / and output with a price2num to have clean numbers without ton of 000.
 		$ret=$rate.($addpercent?'%':'');
 	}
-	if ($info_bits & 1) $ret.=' *';
+	if (($info_bits & 1) && $usestarfornpr >= 0) $ret.=' *';
 	$ret.=$morelabel;
 	return $ret;
 }
@@ -4305,6 +4317,7 @@ function get_product_vat_for_country($idprod, $thirdparty_seller, $idprodfournpr
 			{
 				$product->get_buyprice($idprodfournprice,0,0,0);
 				$ret=$product->vatrate_supplier;
+				if ($product->default_vat_code) $ret.=' ('.$product->default_vat_code.')';
 			}
 			else
 			{
--- a/htdocs/core/lib/pdf.lib.php
+++ b/htdocs/core/lib/pdf.lib.php
@@ -1491,14 +1491,14 @@ function pdf_getlinevatrate($object,$i,$outputlangs,$hidedetails=0)
 		{
 			$tmpresult='';

-			$tmpresult.=vatrate($object->lines[$i]->tva_tx, 1, $object->lines[$i]->info_bits, 1);
+			$tmpresult.=vatrate($object->lines[$i]->tva_tx, 0, $object->lines[$i]->info_bits, -1);
 			if (empty($conf->global->MAIN_PDF_MAIN_HIDE_SECOND_TAX))
 			{
 				if ($object->lines[$i]->total_localtax1 != 0)
 				{
 					if (preg_replace('/[\s0%]/','',$tmpresult)) $tmpresult.='/';
 					else $tmpresult='';
-					$tmpresult.=vatrate(abs($object->lines[$i]->localtax1_tx),1);
+					$tmpresult.=vatrate(abs($object->lines[$i]->localtax1_tx), 0);
 				}
 			}
 			if (empty($conf->global->MAIN_PDF_MAIN_HIDE_THIRD_TAX))
@@ -1507,9 +1507,10 @@ function pdf_getlinevatrate($object,$i,$outputlangs,$hidedetails=0)
 				{
 					if (preg_replace('/[\s0%]/','',$tmpresult)) $tmpresult.='/';
 					else $tmpresult='';
-					$tmpresult.=vatrate(abs($object->lines[$i]->localtax2_tx),1);
+					$tmpresult.=vatrate(abs($object->lines[$i]->localtax2_tx), 0);
 				}
 			}
+			$tmpresult.= '%';

 			$result.=$tmpresult;
 		}
@@ -1820,6 +1821,8 @@ function pdf_getlineremisepercent($object,$i,$outputlangs,$hidedetails=0)
 */
 function pdf_getlineprogress($object, $i, $outputlangs, $hidedetails = 0, $hookmanager = null)
 {
+	if (empty($hookmanager)) global $hookmanager;
+
 	$reshook=0;
    $result='';
    //if (is_object($hookmanager) && ( (isset($object->lines[$i]->product_type) && $object->lines[$i]->product_type == 9 && ! empty($object->lines[$i]->special_code)) || ! empty($object->lines[$i]->fk_parent_line) ) )
@@ -1838,10 +1841,14 @@ function pdf_getlineprogress($object, $i, $outputlangs, $hidedetails = 0, $hookm
        	if ($object->lines[$i]->special_code == 3) return '';
 		if (empty($hidedetails) || $hidedetails > 1)
 		{
-			if($conf->global->SITUATION_DISPLAY_DIFF_ON_PDF)
+			if ($conf->global->SITUATION_DISPLAY_DIFF_ON_PDF)
 			{
-			 	$prev_progress = $object->lines[$i]->get_prev_progress($object->id);
-			 	$result = ( $object->lines[$i]->situation_percent - $prev_progress) . '%';
+				$prev_progress = 0;
+				if (method_exists($object, 'get_prev_progress'))
+				{
+			 		$prev_progress = $object->lines[$i]->get_prev_progress($object->id);
+				}
+			 	$result = ($object->lines[$i]->situation_percent - $prev_progress) . '%';
 			}
 			else
 				$result = $object->lines[$i]->situation_percent . '%';
@@ -1888,12 +1895,17 @@ function pdf_getlinetotalexcltax($object,$i,$outputlangs,$hidedetails=0)
        if (empty($hidedetails) || $hidedetails > 1)
        {
        	$total_ht = ($conf->multicurrency->enabled && $object->multicurrency_tx != 1 ? $object->lines[$i]->multicurrency_total_ht : $object->lines[$i]->total_ht);
-        	if ($object->lines[$i]->situation_percent > 0 )
+        	if ($object->lines[$i]->situation_percent > 0)
        	{
-		 	$prev_progress = $object->lines[$i]->get_prev_progress($object->id);
-		 	$progress = ( $object->lines[$i]->situation_percent - $prev_progress) /100;
-		 	$result.=price($sign * ($total_ht/($object->lines[$i]->situation_percent/100)) * $progress, 0, $outputlangs);
-		}
+        		$prev_progress = 0;
+        		$progress = 1;
+        		if (method_exists($object, 'get_prev_progress'))
+        		{
+					$prev_progress = $object->lines[$i]->get_prev_progress($object->id);
+					$progress = ($object->lines[$i]->situation_percent - $prev_progress) / 100;
+        		}
+				$result.=price($sign * ($total_ht/($object->lines[$i]->situation_percent/100)) * $progress, 0, $outputlangs);
+			}
        	else
 			$result.=price($sign * $total_ht, 0, $outputlangs);
 	}
--- a/htdocs/core/lib/project.lib.php
+++ b/htdocs/core/lib/project.lib.php
@@ -589,6 +589,7 @@ function projectLinesPerDay(&$inc, $parent, $fuser, $lines, &$level, &$projectsr
 	}

    //dol_syslog('projectLinesPerDay inc='.$inc.' preselectedday='.$preselectedday.' task parent id='.$parent.' level='.$level." count(lines)=".$numlines." count(lineswithoutlevel0)=".count($lineswithoutlevel0));
+
 	for ($i = 0 ; $i < $numlines ; $i++)
 	{
 		if ($parent == 0) $level = 0;
@@ -640,12 +641,6 @@ function projectLinesPerDay(&$inc, $parent, $fuser, $lines, &$level, &$projectsr
 				print $projectstatic->getNomUrl(1,'',0,$langs->transnoentitiesnoconv("YourRole").': '.$projectsrole[$lines[$i]->fk_project]);
 				print "</td>";

-				// Ref
-				print '<td>';
-				$taskstatic->ref=($lines[$i]->ref?$lines[$i]->ref:$lines[$i]->id);
-				print $taskstatic->getNomUrl(1,'withproject');
-				print '</td>';
-
 				if (! empty($conf->global->PROJECT_LINES_PERDAY_SHOW_THIRDPARTY))
 				{
 				    // Thirdparty
@@ -656,6 +651,12 @@ function projectLinesPerDay(&$inc, $parent, $fuser, $lines, &$level, &$projectsr
 				    print '</td>';
 				}

+				// Ref
+				print '<td>';
+				$taskstatic->ref=($lines[$i]->ref?$lines[$i]->ref:$lines[$i]->id);
+				print $taskstatic->getNomUrl(1, 'withproject', 'time');
+				print '</td>';
+
 				// Label task
 				print "<td>";
 				for ($k = 0 ; $k < $level ; $k++) print "&nbsp;&nbsp;&nbsp;";
@@ -663,7 +664,7 @@ function projectLinesPerDay(&$inc, $parent, $fuser, $lines, &$level, &$projectsr
 				$taskstatic->ref=$lines[$i]->label;
 				$taskstatic->date_start=$lines[$i]->date_start;
 				$taskstatic->date_end=$lines[$i]->date_end;
-				print $taskstatic->getNomUrl(0,'withproject');
+				print $taskstatic->getNomUrl(0, 'withproject', 'time');
 				//print "<br>";
 				//for ($k = 0 ; $k < $level ; $k++) print "&nbsp;&nbsp;&nbsp;";
 				//print get_date_range($lines[$i]->date_start,$lines[$i]->date_end,'',$langs,0);
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -382,8 +382,12 @@ function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandsh
 		$nocheck = array('barcode','stock','fournisseur');	// No test
 		$checkdefault = 'all other not already defined'; // Test on entity and link to third party. Not allowed if link is empty (Ex: invoice, orders...).

-		// If dbtable not defined, we use same name for table than module name
-		if (empty($dbtablename)) $dbtablename = $feature;
+		// If dbtablename not defined, we use same name for table than module name
+		if (empty($dbtablename))
+		{
+			$dbtablename = $feature;
+			$sharedelement = (! empty($params[1]) ? $params[1] : $dbtablename);		// We change dbtablename, so we set sharedelement too.
+		}

 		// Check permission for object with entity
 		if (in_array($feature,$check))
--- a/htdocs/core/modules/commande/doc/pdf_einstein.modules.php
+++ b/htdocs/core/modules/commande/doc/pdf_einstein.modules.php
@@ -140,7 +140,7 @@ class pdf_einstein extends ModelePDFCommandes
 		}
 		else
 		{
-			$this->posxtva=112;
+			$this->posxtva=110;
 			$this->posxup=126;
 			$this->posxqty=145;
 		}
@@ -431,8 +431,8 @@ class pdf_einstein extends ModelePDFCommandes
 					if (empty($conf->global->MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT) && empty($conf->global->MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT_COLUMN))
 					{
 						$vat_rate = pdf_getlinevatrate($object, $i, $outputlangs, $hidedetails);
-						$pdf->SetXY($this->posxtva, $curY);
-						$pdf->MultiCell($this->posxup-$this->posxtva-0.8, 3, $vat_rate, 0, 'R');
+						$pdf->SetXY($this->posxtva-5, $curY);
+						$pdf->MultiCell($this->posxup-$this->posxtva+4, 3, $vat_rate, 0, 'R');
 					}

 					// Unit price before discount
@@ -667,13 +667,13 @@ class pdf_einstein extends ModelePDFCommandes
 			$pdf->SetFont('','B', $default_font_size - 2);
 			$pdf->SetXY($this->marge_gauche, $posy);
 			$titre = $outputlangs->transnoentities("PaymentConditions").':';
-			$pdf->MultiCell(80, 4, $titre, 0, 'L');
+			$pdf->MultiCell(43, 4, $titre, 0, 'L');

 			$pdf->SetFont('','', $default_font_size - 2);
 			$pdf->SetXY($posxval, $posy);
 			$lib_condition_paiement=$outputlangs->transnoentities("PaymentCondition".$object->cond_reglement_code)!=('PaymentCondition'.$object->cond_reglement_code)?$outputlangs->transnoentities("PaymentCondition".$object->cond_reglement_code):$outputlangs->convToOutputCharset($object->cond_reglement_doc);
 			$lib_condition_paiement=str_replace('\n',"\n",$lib_condition_paiement);
-			$pdf->MultiCell(80, 4, $lib_condition_paiement,0,'L');
+			$pdf->MultiCell(67, 4, $lib_condition_paiement,0,'L');

 			$posy=$pdf->GetY()+3;
 		}
--- a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php
+++ b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php
@@ -125,7 +125,7 @@ class pdf_crabe extends ModelePDFFactures
 		}
 		else
 		{
-			$this->posxtva=112;
+			$this->posxtva=110;
 			$this->posxup=126;
 			$this->posxqty=145;
 		}
@@ -496,8 +496,8 @@ class pdf_crabe extends ModelePDFFactures
 					if (empty($conf->global->MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT) && empty($conf->global->MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT_COLUMN))
 					{
 						$vat_rate = pdf_getlinevatrate($object, $i, $outputlangs, $hidedetails);
-						$pdf->SetXY($this->posxtva, $curY);
-						$pdf->MultiCell($this->posxup-$this->posxtva-0.8, 3, $vat_rate, 0, 'R');
+						$pdf->SetXY($this->posxtva-5, $curY);
+						$pdf->MultiCell($this->posxup-$this->posxtva+4, 3, $vat_rate, 0, 'R');
 					}

 					// Unit price before discount
@@ -892,13 +892,13 @@ class pdf_crabe extends ModelePDFFactures
 			$pdf->SetFont('','B', $default_font_size - 2);
 			$pdf->SetXY($this->marge_gauche, $posy);
 			$titre = $outputlangs->transnoentities("PaymentConditions").':';
-			$pdf->MultiCell(80, 4, $titre, 0, 'L');
+			$pdf->MultiCell(43, 4, $titre, 0, 'L');

 			$pdf->SetFont('','', $default_font_size - 2);
 			$pdf->SetXY($posxval, $posy);
 			$lib_condition_paiement=$outputlangs->transnoentities("PaymentCondition".$object->cond_reglement_code)!=('PaymentCondition'.$object->cond_reglement_code)?$outputlangs->transnoentities("PaymentCondition".$object->cond_reglement_code):$outputlangs->convToOutputCharset($object->cond_reglement_doc);
 			$lib_condition_paiement=str_replace('\n',"\n",$lib_condition_paiement);
-			$pdf->MultiCell(80, 4, $lib_condition_paiement,0,'L');
+			$pdf->MultiCell(67, 4, $lib_condition_paiement,0,'L');

 			$posy=$pdf->GetY()+3;
 		}
--- a/htdocs/core/modules/import/import_xlsx.modules.php
+++ b/htdocs/core/modules/import/import_xlsx.modules.php
@@ -20,9 +20,9 @@
 */

 /**
- *		\file       htdocs/core/modules/import/import_csv.modules.php
+ *		\file       htdocs/core/modules/import/import_xlsx.modules.php
 *		\ingroup    import
- *		\brief      File to load import files with CSV format
+ *		\brief      File to load import files with Excel format
 */

 require_once DOL_DOCUMENT_ROOT .'/core/modules/import/modules_import.php';
@@ -54,10 +54,10 @@ class ImportXlsx extends ModeleImports

 	var $cacheconvert=array();      // Array to cache list of value found after a convertion
 	var $cachefieldtable=array();   // Array to cache list of value found into fields@tables
-  
+
 	var $workbook; // temporary import file
 	var $record; // current record
-	var $headers; 
+	var $headers;


 	/**
@@ -95,7 +95,7 @@ class ImportXlsx extends ModeleImports
 		if (preg_match('/^societe_/',$datatoimport)) $this->thirpartyobject=new Societe($this->db);
 	}

-	
+
 	/**
 	 * 	Output header of an example file for this format
 	 *
@@ -144,7 +144,7 @@ class ImportXlsx extends ModeleImports
    foreach($headerlinefields as $field) {
      $this->workbook->getActiveSheet()->SetCellValueByColumnAndRow($col, 1, $outputlangs->transnoentities($field));
      // set autowidth
-      //$this->workbook->getActiveSheet()->getColumnDimension($this->column2Letter($col + 1))->setAutoSize(true); 
+      //$this->workbook->getActiveSheet()->getColumnDimension($this->column2Letter($col + 1))->setAutoSize(true);
      $col++;
    }
 		return ''; // final output will be generated in footer
@@ -211,10 +211,10 @@ class ImportXlsx extends ModeleImports
 		return $ret;
 	}

-	
+
 	/**
 	 * 	Return nb of records. File must be closed.
-	 * 
+	 *
 	 *	@param	string	$file		Path of filename
 	 * 	@return		int		<0 if KO, >=0 if OK
 	 */
@@ -222,15 +222,15 @@ class ImportXlsx extends ModeleImports
 	{
 		$reader = new PHPExcel_Reader_Excel2007();
 		$this->workbook = $reader->load($file);
-	    
+
 	    $rowcount = $this->workbook->getActiveSheet()->getHighestDataRow();
-	    
+
 	    $this->workbook->disconnectWorksheets();
 	    unset($this->workbook);
-	    
+
 		return $rowcount;
    }
-    
+

 	/**
 	 * 	Input header line from file
@@ -399,7 +399,7 @@ class ImportXlsx extends ModeleImports
                                    if (! is_numeric($newval) && $newval != '' && ! preg_match('/^id:/i',$newval)) $isidorref='ref';
                                    $newval=preg_replace('/^(id|ref):/i','',$newval);    // Remove id: or ref: that was used to force if field is id or ref
                                    //print 'Val is now '.$newval.' and is type '.$isidorref."<br>\n";
-                                    
+
                                    if ($isidorref == 'ref')    // If value into input import file is a ref, we apply the function defined into descriptor
                                    {
                                        $file=(empty($objimport->array_import_convertvalue[0][$val]['classfile'])?$objimport->array_import_convertvalue[0][$val]['file']:$objimport->array_import_convertvalue[0][$val]['classfile']);
@@ -502,9 +502,9 @@ class ImportXlsx extends ModeleImports
                                    }
                                    if (is_numeric($defaultref) && $defaultref <= 0) $defaultref='';
                                    $newval=$defaultref;
-                                }                                
-                                
-                                
+                                }
+
+
                                elseif ($objimport->array_import_convertvalue[0][$val]['rule']=='numeric')
                                {
                                    $newval = price2num($newval);
@@ -616,7 +616,7 @@ class ImportXlsx extends ModeleImports
 							// We do SELECT to get the rowid, if we already have the rowid, it's to be used below for related tables (extrafields)
 							if (empty($lastinsertid)) {
 								$sqlSelect = 'SELECT rowid FROM '.$tablename;
-								
+
 								$data = array_combine($listfields, $listvalues);
 								$where = array();
 								$filters = array();
@@ -627,7 +627,7 @@ class ImportXlsx extends ModeleImports
 									$filters[] = $col.' = '.$data[$key];
 								}
 								$sqlSelect.= ' WHERE '.implode(' AND ', $where);
-								
+
 								$resql=$this->db->query($sqlSelect);
 								if($resql) {
 									$res = $this->db->fetch_object($resql);
@@ -650,23 +650,23 @@ class ImportXlsx extends ModeleImports
 									$error++;
 								}
 							}
-							
+
 							if (!empty($lastinsertid)) {
 								// Build SQL UPDATE request
 								$sqlstart = 'UPDATE '.$tablename;
-								
+
 								$data = array_combine($listfields, $listvalues);
 								$set = array();
 								foreach ($data as $key => $val) {
 									$set[] = $key.' = '.$val;
 								}
 								$sqlstart.= ' SET '.implode(', ', $set);
-								
+
 								if(empty($keyfield)) $keyfield = 'rowid';
 								$sqlend = ' WHERE '.$keyfield.' = '.$lastinsertid;
-								
+
 								$sql = $sqlstart.$sqlend;
-								
+
 								// Run update request
 								$resql=$this->db->query($sql);
 								if($resql) {
@@ -691,14 +691,14 @@ class ImportXlsx extends ModeleImports
 							if (! empty($tablewithentity_cache[$tablename])) {
 								$sqlstart.= ', entity';
 								$sqlend.= ', '.$conf->entity;
-							} 
+							}
 							if (! empty($objimport->array_import_tables_creator[0][$alias])) {
 								$sqlstart.= ', '.$objimport->array_import_tables_creator[0][$alias];
 								$sqlend.=', '.$user->id;
 							}
 							$sql = $sqlstart.$sqlend.')';
 							dol_syslog("import_xlsx.modules", LOG_DEBUG);
-							
+
 							// Run insert request
 							if ($sql)
 							{
--- a/htdocs/core/modules/mailings/advthirdparties.modules.php
+++ b/htdocs/core/modules/mailings/advthirdparties.modules.php
@@ -116,7 +116,7 @@ class mailing_advthirdparties extends MailingTargets
 			}
 		}

-		if  (($type_of_target==1) || ($type_of_target==2)) {
+		if  (($type_of_target==1) || ($type_of_target==2) || ($type_of_target==4)) {
 			// Select the third parties from category
 			if (count($socid)>0 || count($contactid)>0)
 			{
--- a/htdocs/core/modules/mailings/fraise.modules.php
+++ b/htdocs/core/modules/mailings/fraise.modules.php
@@ -65,7 +65,7 @@ class mailing_fraise extends MailingTargets
     */
    function getSqlArrayForStats()
    {
-        global $langs;
+        global $conf, $langs;

        $langs->load("members");

@@ -73,7 +73,7 @@ class mailing_fraise extends MailingTargets
        $statssql=array();

        $statssql[0] ="SELECT '".$this->db->escape($langs->trans("FundationMembers"))."' as label, count(*) as nb";
-        $statssql[0].=" FROM ".MAIN_DB_PREFIX."adherent where statut = 1";
+        $statssql[0].=" FROM ".MAIN_DB_PREFIX."adherent where statut = 1 and entity IN (".getEntity('member').")";

        return $statssql;
    }
@@ -89,9 +89,11 @@ class mailing_fraise extends MailingTargets
     */
    function getNbOfRecipients($sql='')
    {
+        global $conf;
+    
        $sql  = "SELECT count(distinct(a.email)) as nb";
        $sql .= " FROM ".MAIN_DB_PREFIX."adherent as a";
-        $sql .= " WHERE (a.email IS NOT NULL AND a.email != '')";
+        $sql .= " WHERE (a.email IS NOT NULL AND a.email != '') AND a.entity IN (".getEntity('member').")";

        // La requete doit retourner un champ "nb" pour etre comprise
        // par parent::getNbOfRecipients
@@ -201,7 +203,7 @@ class mailing_fraise extends MailingTargets
        $sql.= " a.lastname, a.firstname,";
        $sql.= " a.datefin, a.civility as civility_id, a.login, a.societe";    // Other fields
        $sql.= " FROM ".MAIN_DB_PREFIX."adherent as a, ".MAIN_DB_PREFIX."adherent_type as ta";
-        $sql.= " WHERE a.email <> ''";     // Note that null != '' is false
+        $sql.= " WHERE a.entity IN (".getEntity('member').") AND a.email <> ''";     // Note that null != '' is false
        $sql.= " AND a.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".$mailing_id.")";
        if (isset($_POST["filter"]) && $_POST["filter"] == '-1') $sql.= " AND a.statut=-1";
        if (isset($_POST["filter"]) && $_POST["filter"] == '1a') $sql.= " AND a.statut=1 AND a.datefin >= '".$this->db->idate($now)."'";
--- a/htdocs/core/modules/modApi.class.php
+++ b/htdocs/core/modules/modApi.class.php
@@ -20,7 +20,7 @@
 /**
 * 	\defgroup   api     Module Api
 *  \brief      Descriptor file for Api modulee
- *  \file       htdocs/api/core/modules/modApi.class.php
+ *  \file       htdocs/core/modules/modApi.class.php
 *  \ingroup    api
 *  \brief      Description and activation file for module Api
 */
@@ -67,7 +67,7 @@ class modApi extends DolibarrModules
 		// If file is in module/img directory under name object_pictovalue.png, use this->picto='pictovalue@module'
 		$this->picto='technic';

-		
+
 		$this->module_parts = array();

 		// Data directories to create when module is enabled.
--- a/htdocs/core/modules/propale/doc/pdf_azur.modules.php
+++ b/htdocs/core/modules/propale/doc/pdf_azur.modules.php
@@ -114,7 +114,7 @@ class pdf_azur extends ModelePDFPropales
 		}
 		else
 		{
-			$this->posxtva=112;
+			$this->posxtva=110;
 			$this->posxup=126;
 			$this->posxqty=145;
 		}
@@ -505,8 +505,8 @@ class pdf_azur extends ModelePDFPropales
 					if (empty($conf->global->MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT) && empty($conf->global->MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT_COLUMN))
 					{
 						$vat_rate = pdf_getlinevatrate($object, $i, $outputlangs, $hidedetails);
-						$pdf->SetXY($this->posxtva, $curY);
-						$pdf->MultiCell($this->posxup-$this->posxtva-0.8, 3, $vat_rate, 0, 'R');
+						$pdf->SetXY($this->posxtva-5, $curY);
+						$pdf->MultiCell($this->posxup-$this->posxtva+4, 3, $vat_rate, 0, 'R');
 					}

 					// Unit price before discount
@@ -854,13 +854,13 @@ class pdf_azur extends ModelePDFPropales
 			$pdf->SetFont('','B', $default_font_size - 2);
 			$pdf->SetXY($this->marge_gauche, $posy);
 			$titre = $outputlangs->transnoentities("PaymentConditions").':';
-			$pdf->MultiCell(80, 4, $titre, 0, 'L');
+			$pdf->MultiCell(43, 4, $titre, 0, 'L');

 			$pdf->SetFont('','', $default_font_size - 2);
 			$pdf->SetXY($posxval, $posy);
 			$lib_condition_paiement=$outputlangs->transnoentities("PaymentCondition".$object->cond_reglement_code)!=('PaymentCondition'.$object->cond_reglement_code)?$outputlangs->transnoentities("PaymentCondition".$object->cond_reglement_code):$outputlangs->convToOutputCharset($object->cond_reglement_doc);
 			$lib_condition_paiement=str_replace('\n',"\n",$lib_condition_paiement);
-			$pdf->MultiCell(80, 4, $lib_condition_paiement,0,'L');
+			$pdf->MultiCell(67, 4, $lib_condition_paiement,0,'L');

 			$posy=$pdf->GetY()+3;
 		}
@@ -1310,6 +1310,7 @@ class pdf_azur extends ModelePDFPropales
 			$pdf->line($this->posxtva-1, $tab_top, $this->posxtva-1, $tab_top + $tab_height);
 			if (empty($hidetop))
 			{
+				// Not do -3 and +3 instead of -1 -1 to have more space for text 'Sales tax'
 				$pdf->SetXY($this->posxtva-3, $tab_top+1);
 				$pdf->MultiCell($this->posxup-$this->posxtva+3,2, $outputlangs->transnoentities("VAT"),'','C');
 			}
--- a/htdocs/core/modules/societe/doc/doc_generic_odt.modules.php
+++ b/htdocs/core/modules/societe/doc/doc_generic_odt.modules.php
@@ -150,7 +150,7 @@ class doc_generic_odt extends ModeleThirdPartyDoc
   			}
   			$texte.='<div id="div_'.get_class($this).'">';
 		}
-		
+
 		$texte.= '</td>';

 		$texte.= '<td valign="top" rowspan="2" class="hideonsmartphone">';
@@ -272,53 +272,6 @@ class doc_generic_odt extends ModeleThirdPartyDoc
 				}
 				//print $odfHandler->__toString()."\n";

-				// Make substitutions into odt of user info
-			    $tmparray=$this->get_substitutionarray_user($user,$outputlangs);
-                //var_dump($tmparray); exit;
-                foreach($tmparray as $key=>$value)
-                {
-                    try {
-                        if (preg_match('/logo$/',$key)) // Image
-                        {
-                            //var_dump($value);exit;
-                            if (file_exists($value)) $odfHandler->setImage($key, $value);
-                            else $odfHandler->setVars($key, 'ErrorFileNotFound', true, 'UTF-8');
-                        }
-                        else    // Text
-                        {
-                            //print $key.' '.$value;exit;
-                            $odfHandler->setVars($key, $value, true, 'UTF-8');
-                        }
-                    }
-                    catch(OdfException $e)
-                    {
-                        // setVars failed, probably because key not found
-                    }
-                }
-                // Make substitutions into odt of mysoc info
-                $tmparray=$this->get_substitutionarray_mysoc($mysoc,$outputlangs);
-				//var_dump($tmparray); exit;
-				foreach($tmparray as $key=>$value)
-				{
-					try {
-						if (preg_match('/logo$/',$key))	// Image
-						{
-							//var_dump($value);exit;
-							if (file_exists($value)) $odfHandler->setImage($key, $value);
-							else $odfHandler->setVars($key, 'ErrorFileNotFound', true, 'UTF-8');
-						}
-						else	// Text
-						{
-							$odfHandler->setVars($key, $value, true, 'UTF-8');
-						}
-					}
-					catch(OdfException $e)
-					{
-                        // setVars failed, probably because key not found
-					}
-				}
-
-
                // Replace tags of lines for contacts
                $contact_arrray=array();

@@ -333,7 +286,7 @@ class doc_generic_odt extends ModeleThirdPartyDoc
                if ($num)
                {
                    require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php';
-                    
+
                	$i=0;
                	$contactstatic = new Contact($this->db);

@@ -380,13 +333,18 @@ class doc_generic_odt extends ModeleThirdPartyDoc
                	}
                }

-                // Make substitutions into odt of thirdparty + external modules
-		$tmparray=$this->get_substitutionarray_thirdparty($object,$outputlangs);
+                // Make substitutions into odt
+                $array_user=$this->get_substitutionarray_user($user,$outputlangs);
+                $array_soc=$this->get_substitutionarray_mysoc($mysoc,$outputlangs);
+                $array_thirdparty=$this->get_substitutionarray_thirdparty($object,$outputlangs);
+                $array_other=$this->get_substitutionarray_other($outputlangs);
+
+                $tmparray = array_merge($array_user,$array_soc,$array_thirdparty,$array_other);
                complete_substitutions_array($tmparray, $outputlangs, $object);

                // Call the ODTSubstitution hook
                $parameters=array('odfHandler'=>&$odfHandler,'file'=>$file,'object'=>$object,'outputlangs'=>$outputlangs,'substitutionarray'=>&$tmparray);
-		$reshook=$hookmanager->executeHooks('ODTSubstitution',$parameters,$this,$action);    // Note that $action and $object may have been modified by some hooks
+				$reshook=$hookmanager->executeHooks('ODTSubstitution',$parameters,$this,$action);    // Note that $action and $object may have been modified by some hooks

                // Replace variables into document
 				foreach($tmparray as $key=>$value)
@@ -438,13 +396,13 @@ class doc_generic_odt extends ModeleThirdPartyDoc
 					   $odfHandler->creator = $user->getFullName($outputlangs);
 					   $odfHandler->title = $object->builddoc_filename;
 					   $odfHandler->subject = $object->builddoc_filename;
-					   
+
 					   if (! empty($conf->global->ODT_ADD_DOLIBARR_ID))
 					   {
    					  $odfHandler->userdefined['dol_id'] = $object->id;
 	   		  		      $odfHandler->userdefined['dol_element'] = $object->element;
 					   }
-					   
+
 					   $odfHandler->saveToDisk($file);
 					}catch (Exception $e){
 						$this->error=$e->getMessage();
@@ -453,7 +411,7 @@ class doc_generic_odt extends ModeleThirdPartyDoc
 				}
 				$parameters=array('odfHandler'=>&$odfHandler,'file'=>$file,'object'=>$object,'outputlangs'=>$outputlangs,'substitutionarray'=>&$tmparray);
 				$reshook=$hookmanager->executeHooks('afterODTCreation',$parameters,$this,$action);    // Note that $action and $object may have been modified by some hooks
-				
+
 				if (! empty($conf->global->MAIN_UMASK))
 				@chmod($file, octdec($conf->global->MAIN_UMASK));

--- a/htdocs/core/photos_resize.php
+++ b/htdocs/core/photos_resize.php
@@ -170,7 +170,7 @@ if ($action == 'confirm_resize' && (isset($_POST["file"]) != "") && (isset($_POS
 {
 	$fullpath=$dir."/".$original_file;
 	$result=dol_imageResizeOrCrop($fullpath,0,$_POST['sizex'],$_POST['sizey']);
-	
+
 	if ($result == $fullpath)
 	{
 		$object->addThumbs($fullpath);
@@ -178,7 +178,7 @@ if ($action == 'confirm_resize' && (isset($_POST["file"]) != "") && (isset($_POS
 		// Update/create database for file $fullpath
 		$rel_filename = preg_replace('/^'.preg_quote(DOL_DATA_ROOT,'/').'/', '', $fullpath);
 		$rel_filename = preg_replace('/^[\\/]/','',$rel_filename);
-		
+
 		include_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmfiles.class.php';
 		$ecmfile=new EcmFiles($db);
 		$result = $ecmfile->fetch(0, '', $rel_filename);
@@ -188,7 +188,7 @@ if ($action == 'confirm_resize' && (isset($_POST["file"]) != "") && (isset($_POS
 		    $rel_dir = dirname($rel_filename);
 		    $rel_dir = preg_replace('/[\\/]$/', '', $rel_dir);
 		    $rel_dir = preg_replace('/^[\\/]/', '', $rel_dir);
-		
+
 		    $ecmfile->label = md5_file(dol_osencode($fullpath));
 		    $result = $ecmfile->update($user);
 		}
@@ -198,7 +198,7 @@ if ($action == 'confirm_resize' && (isset($_POST["file"]) != "") && (isset($_POS
 		    $rel_dir = dirname($rel_filename);
 		    $rel_dir = preg_replace('/[\\/]$/', '', $rel_dir);
 		    $rel_dir = preg_replace('/^[\\/]/', '', $rel_dir);
-		     
+
 		    $ecmfile->filepath = $rel_dir;
 		    $ecmfile->filename = $filename;
 		    $ecmfile->label = md5_file(dol_osencode($fullpath));        // $fullpath is a full path to file
@@ -213,7 +213,7 @@ if ($action == 'confirm_resize' && (isset($_POST["file"]) != "") && (isset($_POS
 		    }
 		    $result = $ecmfile->create($user);
 		}
-		
+
 		if ($backtourl)
 		{
 			header("Location: ".$backtourl);
@@ -246,7 +246,7 @@ if ($action == 'confirm_crop')
 		// Update/create database for file $fullpath
 		$rel_filename = preg_replace('/^'.preg_quote(DOL_DATA_ROOT,'/').'/', '', $fullpath);
 		$rel_filename = preg_replace('/^[\\/]/','',$rel_filename);
-		
+
 		include_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmfiles.class.php';
 		$ecmfile=new EcmFiles($db);
 		$result = $ecmfile->fetch(0, '', $rel_filename);
@@ -256,7 +256,7 @@ if ($action == 'confirm_crop')
 		    $rel_dir = dirname($rel_filename);
 		    $rel_dir = preg_replace('/[\\/]$/', '', $rel_dir);
 		    $rel_dir = preg_replace('/^[\\/]/', '', $rel_dir);
-		
+
 		    $ecmfile->label = md5_file(dol_osencode($fullpath));
 		    $result = $ecmfile->update($user);
 		}
@@ -266,7 +266,7 @@ if ($action == 'confirm_crop')
 		    $rel_dir = dirname($rel_filename);
 		    $rel_dir = preg_replace('/[\\/]$/', '', $rel_dir);
 		    $rel_dir = preg_replace('/^[\\/]/', '', $rel_dir);
-		     
+
 		    $ecmfile->filepath = $rel_dir;
 		    $ecmfile->filename = $filename;
 		    $ecmfile->label = md5_file(dol_osencode($fullpath));        // $fullpath is a full path to file
@@ -281,7 +281,7 @@ if ($action == 'confirm_crop')
 		    }
 		    $result = $ecmfile->create($user);
 		}
-		
+
 		if ($backtourl)
 		{
 			header("Location: ".$backtourl);
@@ -311,7 +311,7 @@ llxHeader($head, $langs->trans("Image"), '', '', 0, 0, array('/includes/jquery/p

 print load_fiche_titre($langs->trans("ImageEditor"));

-$infoarray=dol_getImageSize($dir."/".GETPOST("file"));
+$infoarray=dol_getImageSize($dir."/".GETPOST("file",'alpha'));
 $height=$infoarray['height'];
 $width=$infoarray['width'];
 print $langs->trans("CurrentInformationOnImage").': ';
@@ -373,7 +373,7 @@ if (! empty($conf->use_javascript_ajax))
 	print $langs->trans("DefineNewAreaToPick").'...<br>';
 	print '<br><div class="center">';
 	print '<div style="border: 1px solid #888888; width: '.$widthforcrop.'px;">';
-	print '<img src="'.DOL_URL_ROOT.'/viewimage.php?modulepart='.$modulepart.'&entity='.$object->entity.'&file='.$original_file.'" alt="" id="cropbox" width="'.$widthforcrop.'px"/>';
+	print '<img src="'.DOL_URL_ROOT.'/viewimage.php?modulepart='.$modulepart.'&entity='.$object->entity.'&file='.urlencode($original_file).'" alt="" id="cropbox" width="'.$widthforcrop.'px"/>';
 	print '</div>';
 	print '</div><br>';
 	print '<form action="'.$_SERVER["PHP_SELF"].'?id='.$id.'" method="POST">
--- a/htdocs/core/tpl/objectline_view.tpl.php
+++ b/htdocs/core/tpl/objectline_view.tpl.php
@@ -145,7 +145,7 @@ if (empty($outputalsopricetotalwithtax)) $outputalsopricetotalwithtax=0;
 	<td align="right" class="linecolvat nowrap"><?php $coldisplay++; ?><?php
 	//var_dump($line);
 	$positiverates='';
-	if (price2num($line->tva_tx))       $positiverates.=($positiverates?'/':'').price2num($line->tva_tx);
+	if (price2num($line->tva_tx))          $positiverates.=($positiverates?'/':'').price2num($line->tva_tx);
 	if (price2num($line->total_localtax1)) $positiverates.=($positiverates?'/':'').price2num($line->localtax1_tx);
 	if (price2num($line->total_localtax2)) $positiverates.=($positiverates?'/':'').price2num($line->localtax2_tx);
 	if (empty($positiverates)) $positiverates='0';
--- a/htdocs/core/triggers/interface_50_modBlockedlog_ActionsBlockedLog.class.php
+++ b/htdocs/core/triggers/interface_50_modBlockedlog_ActionsBlockedLog.class.php
@@ -49,10 +49,11 @@ class InterfaceActionsBlockedLog extends DolibarrTriggers
        if (empty($conf->blockedlog->enabled)) return 0;     // Module not active, we do nothing

 		if($action==='BILL_VALIDATE' || $action === 'BILL_PAYED' || $action==='BILL_UNPAYED'
-				|| $action === 'BILL_SENTBYMAIL' || $action === 'DOC_DOWNLOAD' || $action === 'DOC_PREVIEW') {
+				|| $action === 'BILL_SENTBYMAIL' || $action === 'DOC_DOWNLOAD' || $action === 'DOC_PREVIEW'
+				|| $action === 'BILL_SUPPLIER_PAYED') {
 			$amounts=  (double) $object->total_ttc;
 		}
-		else if($action === 'PAYMENT_CUSTOMER_CREATE' || $action === 'PAYMENT_ADD_TO_BANK') {
+		else if($action === 'PAYMENT_CUSTOMER_CREATE' || $action === 'PAYMENT_ADD_TO_BANK' || $action === 'PAYMENT_SUPPLIER_CREATE') {
 			$amounts = 0;
 			if(!empty($object->amounts)) {
 				foreach($object->amounts as $amount) {
--- a/htdocs/don/card.php
+++ b/htdocs/don/card.php
@@ -760,8 +760,8 @@ if (! empty($id) && $action != 'edit')
 	$filename	=	dol_sanitizeFileName($object->id);
 	$filedir	=	$conf->don->dir_output . "/" . dol_sanitizeFileName($object->id);
 	$urlsource	=	$_SERVER['PHP_SELF'].'?rowid='.$object->id;
-	$genallowed	=	($object->statut == 2 && ($object->paid == 0 || $user->admin) && $user->rights->don->creer);
-	$delallowed	=	$user->rights->don->supprimer;
+	$genallowed	=	($object->statut == 2 && ($object->paid == 0 || $user->admin) && $user->rights->don->lire);
+	$delallowed	=	$user->rights->don->creer;

 	print $formfile->showdocuments('donation',$filename,$filedir,$urlsource,$genallowed,$delallowed,$object->modelpdf);

--- a/htdocs/don/index.php
+++ b/htdocs/don/index.php
@@ -54,7 +54,7 @@ $nb=array();
 $somme=array();

 $sql = "SELECT count(d.rowid) as nb, sum(d.amount) as somme , d.fk_statut";
-$sql.= " FROM ".MAIN_DB_PREFIX."don as d";
+$sql.= " FROM ".MAIN_DB_PREFIX."don as d WHERE d.entity IN (".getEntity('donation').")";
 $sql.= " GROUP BY d.fk_statut";
 $sql.= " ORDER BY d.fk_statut";

--- a/htdocs/don/list.php
+++ b/htdocs/don/list.php
@@ -89,7 +89,7 @@ $sql = "SELECT d.rowid, d.datedon, d.firstname, d.lastname, d.societe,";
 $sql.= " d.amount, d.fk_statut as statut, ";
 $sql.= " p.rowid as pid, p.ref, p.title, p.public";
 $sql.= " FROM ".MAIN_DB_PREFIX."don as d LEFT JOIN ".MAIN_DB_PREFIX."projet AS p";
-$sql.= " ON p.rowid = d.fk_projet WHERE 1 = 1";
+$sql.= " ON p.rowid = d.fk_projet WHERE d.entity IN (".getEntity('donation').")";
 if ($statut != '' && $statut != '-1')
 {
 	$sql .= " AND d.fk_statut IN (".$db->escape($statut).")";
--- a/htdocs/expedition/card.php
+++ b/htdocs/expedition/card.php
@@ -212,15 +212,15 @@ if (empty($reshook))
 	    $objectsrc->fetch($object->origin_id);

 	    $object->socid					= $objectsrc->socid;
-	    $object->ref_customer			= '';                   // We don't use $objectsrc->ref_client, this is ref or order not shipment
-	    $object->model_pdf				= GETPOST('model','alpha');
+	    $object->ref_customer			= GETPOST('ref_customer','alpha');
+	    $object->model_pdf				= GETPOST('model');
 	    $object->date_delivery			= $date_delivery;	    // Date delivery planed
 	    $object->fk_delivery_address	= $objectsrc->fk_delivery_address;
 	    $object->shipping_method_id		= GETPOST('shipping_method_id','int');
 	    $object->tracking_number		= GETPOST('tracking_number','alpha');
 	    $object->ref_int				= GETPOST('ref_int','alpha');
-	    $object->note_private			= GETPOST('note_private');
-	    $object->note_public			= GETPOST('note_public');
+	    $object->note_private			= GETPOST('note_private','none');
+	    $object->note_public			= GETPOST('note_public','none');
 		$object->fk_incoterms 			= GETPOST('incoterm_id', 'int');
 		$object->location_incoterms 	= GETPOST('location_incoterms', 'alpha');

@@ -691,7 +691,7 @@ if ($action == 'create')
            else if ($origin == 'propal') print $langs->trans('RefCustomerOrder');
            else print $langs->trans('RefCustomer');
            print '</td><td colspan="3">';
-            print $object->ref_client;
+            print '<input type="text" name="ref_customer" value="'.$object->ref_client.'" />';
            print '</td>';
            print '</tr>';

@@ -777,7 +777,7 @@ if ($action == 'create')

            // Other attributes
            $parameters = array('objectsrc' => $objectsrc, 'colspan' => ' colspan="3"', 'socid'=>$socid);
-            $reshook=$hookmanager->executeHooks('formObjectOptions',$parameters,$object,$action);    // Note that $action and $object may have been modified by hook
+            $reshook=$hookmanager->executeHooks('formObjectOptions',$parameters,$expe,$action);    // Note that $action and $object may have been modified by hook
            print $hookmanager->resPrint;

 			if (empty($reshook) && ! empty($extrafields->attribute_label)) {
@@ -1240,6 +1240,7 @@ if ($action == 'create')

 									print '<!-- Show details of lot -->';
 									print '<input name="batchl'.$indiceAsked.'_'.$subj.'" type="hidden" value="'.$dbatch->id.'">';
+
 									//print $langs->trans("DetailBatchFormat", $dbatch->batch, dol_print_date($dbatch->eatby,"day"), dol_print_date($dbatch->sellby,"day"), $dbatch->qty);
 									//print $line->fk_product.' - '.$dbatch->batch;
 									print $langs->trans("Batch").': ';
@@ -2122,7 +2123,7 @@ else if ($id || $ref)
 		$urlsource = $_SERVER["PHP_SELF"]."?id=".$object->id;

 		$genallowed=$user->rights->expedition->lire;
-		$delallowed=$user->rights->expedition->supprimer;
+		$delallowed=$user->rights->expedition->creer;

 		print $formfile->showdocuments('expedition',$objectref,$filedir,$urlsource,$genallowed,$delallowed,$object->modelpdf,1,0,0,28,0,'','','',$soc->default_lang);

--- a/htdocs/expedition/class/expedition.class.php
+++ b/htdocs/expedition/class/expedition.class.php
@@ -3,7 +3,7 @@
 * Copyright (C) 2005-2012	Regis Houssin			<regis.houssin@capnetworks.com>
 * Copyright (C) 2007		Franky Van Liedekerke	<franky.van.liedekerke@telenet.be>
 * Copyright (C) 2006-2012	Laurent Destailleur		<eldy@users.sourceforge.net>
- * Copyright (C) 2011-2016	Juanjo Menent			<jmenent@2byte.es>
+ * Copyright (C) 2011-2017	Juanjo Menent			<jmenent@2byte.es>
 * Copyright (C) 2013       Florian Henry		  	<florian.henry@open-concept.pro>
 * Copyright (C) 2014		Cedric GROSS			<c.gross@kreiz-it.fr>
 * Copyright (C) 2014-2015  Marcos García           <marcosgdf@gmail.com>
@@ -1321,7 +1321,7 @@ class Expedition extends CommonObject

 		$sql = "SELECT cd.rowid, cd.fk_product, cd.label as custom_label, cd.description, cd.qty as qty_asked, cd.product_type";
 		$sql.= ", cd.total_ht, cd.total_localtax1, cd.total_localtax2, cd.total_ttc, cd.total_tva";
-		$sql.= ", cd.vat_src_code, cd.tva_tx, cd.localtax1_tx, cd.localtax2_tx, cd.localtax1_type, cd.localtax2_type, cd.price, cd.subprice, cd.remise_percent,cd.buy_price_ht as pa_ht";
+		$sql.= ", cd.vat_src_code, cd.tva_tx, cd.localtax1_tx, cd.localtax2_tx, cd.localtax1_type, cd.localtax2_type, cd.info_bits, cd.price, cd.subprice, cd.remise_percent,cd.buy_price_ht as pa_ht";
 		$sql.= ", cd.fk_multicurrency, cd.multicurrency_code, cd.multicurrency_subprice, cd.multicurrency_total_ht, cd.multicurrency_total_tva, cd.multicurrency_total_ttc";
 		$sql.= ", ed.rowid as line_id, ed.qty as qty_shipped, ed.fk_origin_line, ed.fk_entrepot";
 		$sql.= ", p.ref as product_ref, p.label as product_label, p.fk_product_type";
@@ -1400,10 +1400,13 @@ class Expedition extends CommonObject

 				$line->pa_ht 			= $obj->pa_ht;

+				// Local taxes
 				$localtax_array=array(0=>$obj->localtax1_type, 1=>$obj->localtax1_tx, 2=>$obj->localtax2_type, 3=>$obj->localtax2_tx);
+				$localtax1_tx = get_localtax($obj->tva_tx, 1, $this->thirdparty);
+				$localtax2_tx = get_localtax($obj->tva_tx, 2, $this->thirdparty);

 				// For invoicing
-				$tabprice = calcul_price_total($obj->qty_shipped, $obj->subprice, $obj->remise_percent, $obj->tva_tx, $obj->localtax1_tx, $obj->localtax2_tx, 0, 'HT', $obj->info_bits, $obj->fk_product_type, $mysoc, $localtax_array);	// We force type to 0
+				$tabprice = calcul_price_total($obj->qty_shipped, $obj->subprice, $obj->remise_percent, $obj->tva_tx, $localtax1_tx, $localtax2_tx, 0, 'HT', $obj->info_bits, $obj->fk_product_type, $mysoc, $localtax_array);	// We force type to 0
 				$line->desc	         	= $obj->description;		// We need ->desc because some code into CommonObject use desc (property defined for other elements)
 				$line->qty 				= $line->qty_shipped;
 				$line->total_ht			= $tabprice[0];
@@ -1415,6 +1418,7 @@ class Expedition extends CommonObject
 				$line->tva_tx 		 	= $obj->tva_tx;
 				$line->localtax1_tx 	= $obj->localtax1_tx;
 				$line->localtax2_tx 	= $obj->localtax2_tx;
+				$line->info_bits        = $obj->info_bits;
 				$line->price			= $obj->price;
 				$line->subprice			= $obj->subprice;
 				$line->remise_percent	= $obj->remise_percent;
--- a/htdocs/expedition/list.php
+++ b/htdocs/expedition/list.php
@@ -30,9 +30,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';
 require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
 require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';

-$langs->load("sendings");
-$langs->load("deliveries");
-$langs->load('companies');
+$langs->loadLangs(array("sendings","deliveries",'companies','bills'));

 $socid=GETPOST('socid','int');
 // Security check
--- a/htdocs/expensereport/card.php
+++ b/htdocs/expensereport/card.php
@@ -228,8 +228,12 @@ if (empty($reshook))
    		$db->begin();

    		$id = $object->create($user);
+    		if ($id <= 0)
+    		{
+    			$error++;
+    		}

-    		if ($id > 0)
+    		if (! $error)
    		{
    			$db->commit();
    			Header("Location: ".$_SERVER["PHP_SELF"]."?id=".$id);
@@ -2395,8 +2399,8 @@ if($user->rights->expensereport->export && $action != 'create' && $action != 'ed
 	$filename	=	dol_sanitizeFileName($object->ref);
 	$filedir	=	$conf->expensereport->dir_output . "/" . dol_sanitizeFileName($object->ref);
 	$urlsource	=	$_SERVER["PHP_SELF"]."?id=".$object->id;
-	$genallowed	=	1;
-	$delallowed	=	1;
+	$genallowed	=	$user->rights->expensereport->export;
+	$delallowed	=	$user->rights->expensereport->export;
 	$var 		= 	true;
 	print $formfile->showdocuments('expensereport',$filename,$filedir,$urlsource,$genallowed,$delallowed);
 	$somethingshown = $formfile->numoffiles;
--- a/htdocs/expensereport/class/expensereport.class.php
+++ b/htdocs/expensereport/class/expensereport.class.php
@@ -187,7 +187,8 @@ class ExpenseReport extends CommonObject
            $resql=$this->db->query($sql);
            if (!$resql) $error++;

-            if (is_array($this->lines) && count($this->lines)>0) {
+            if (is_array($this->lines) && count($this->lines)>0)
+            {
 	            foreach ($this->lines as $i => $val)
 	            {
 	                $newndfline=new ExpenseReportLine($this->db);
@@ -205,6 +206,12 @@ class ExpenseReport extends CommonObject
 	            }
            }

+            if (! $error)
+            {
+            	$result=$this->insertExtraFields();
+           		if ($result < 0) $error++;
+            }
+
            if (! $error)
            {
                $result=$this->update_price();
--- a/htdocs/expensereport/list.php
+++ b/htdocs/expensereport/list.php
@@ -732,7 +732,7 @@ if ($resql)

 	    $filedir=$diroutputmassaction;
 	    $genallowed=$user->rights->expensereport->lire;
-	    $delallowed=$user->rights->expensereport->lire;
+	    $delallowed=$user->rights->expensereport->creer;

 	    print $formfile->showdocuments('massfilesarea_expensereport','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,$title,'');
 	}
--- a/htdocs/fichinter/card.php
+++ b/htdocs/fichinter/card.php
@@ -2,7 +2,7 @@
 /* Copyright (C) 2002-2007	Rodolphe Quiedeville	<rodolphe@quiedeville.org>
 * Copyright (C) 2004-2016	Laurent Destailleur		<eldy@users.sourceforge.net>
 * Copyright (C) 2005-2015	Regis Houssin			<regis.houssin@capnetworks.com>
- * Copyright (C) 2011-2013  Juanjo Menent			<jmenent@2byte.es>
+ * Copyright (C) 2011-2017  Juanjo Menent			<jmenent@2byte.es>
 * Copyright (C) 2013       Florian Henry           <florian.henry@open-concept.pro>
 * Copyright (C) 2014-2015  Ferran Marcet           <fmarcet@2byte.es>
 * Copyright (C) 2014-2015 	Charlie Benke           <charlies@patas-monkey.com>
@@ -740,7 +740,8 @@ if (empty($reshook))
 			$parameters=array('id'=>$object->id);
 			$reshook=$hookmanager->executeHooks('insertExtraFields',$parameters,$object,$action);    // Note that $action and $object may have been modified by some hooks
 			if (empty($reshook))
-			{   $result=$object->updateExtraField($_POST["attribute"]);
+			{
+				$result=$object->insertExtraFields();
 				if ($result < 0)
 				{
 					$error++;
@@ -1685,18 +1686,11 @@ else if ($id > 0 || ! empty($ref))
 		 * Built documents
 		 */
 		$filename=dol_sanitizeFileName($object->ref);
-		$filedir=$conf->ficheinter->dir_output . "/".$object->ref;
+		$filedir=$conf->ficheinter->dir_output . "/".$filename;
 		$urlsource=$_SERVER["PHP_SELF"]."?id=".$object->id;
-		$genallowed=$user->rights->ficheinter->creer;
-		$delallowed=$user->rights->ficheinter->supprimer;
-		$genallowed=1;
-		$delallowed=1;
-
-		$var=true;
-
-		//print "<br>\n";
-		print $somethingshown=$formfile->showdocuments('ficheinter',$filename,$filedir,$urlsource,$genallowed,$delallowed,$object->modelpdf,1,0,0,28,0,'','','',$soc->default_lang);
-
+		$genallowed=$user->rights->ficheinter->lire;
+		$delallowed=$user->rights->ficheinter->creer;
+		print $formfile->showdocuments('ficheinter',$filename,$filedir,$urlsource,$genallowed,$delallowed,$object->modelpdf,1,0,0,28,0,'','','',$soc->default_lang);

 		// Show links to link elements
 		$linktoelem = $form->showLinkToObjectBlock($object, null, array('fichinter'));
--- a/htdocs/fichinter/list.php
+++ b/htdocs/fichinter/list.php
@@ -633,7 +633,7 @@ if ($resql)

 	    $filedir=$diroutputmassaction;
 	    $genallowed=$user->rights->ficheinter->lire;
-	    $delallowed=$user->rights->ficheinter->supprimer;
+	    $delallowed=$user->rights->ficheinter->creer;

 	    print $formfile->showdocuments('massfilesarea_interventions','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,$title,'');
 	}
--- a/htdocs/filefunc.inc.php
+++ b/htdocs/filefunc.inc.php
@@ -31,7 +31,7 @@
 */

 if (! defined('DOL_APPLICATION_TITLE')) define('DOL_APPLICATION_TITLE','Dolibarr');
-if (! defined('DOL_VERSION')) define('DOL_VERSION','6.0.1');		// a.b.c-alpha, a.b.c-beta, a.b.c-rcX or a.b.c
+if (! defined('DOL_VERSION')) define('DOL_VERSION','6.0.4');		// a.b.c-alpha, a.b.c-beta, a.b.c-rcX or a.b.c

 if (! defined('EURO')) define('EURO',chr(128));

--- a/htdocs/fourn/class/api_supplier_invoices.class.php
+++ b/htdocs/fourn/class/api_supplier_invoices.class.php
@@ -76,6 +76,7 @@ class SupplierInvoices extends DolibarrApi
 			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
 		}

+		$this->invoice->fetchObjectLinked();
 		return $this->_cleanObjectDatas($this->invoice);
    }

--- a/htdocs/fourn/class/api_supplier_orders.class.php
+++ b/htdocs/fourn/class/api_supplier_orders.class.php
@@ -76,6 +76,7 @@ class SupplierOrders extends DolibarrApi
 			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
 		}

+		$this->order->fetchObjectLinked();
 		return $this->_cleanObjectDatas($this->order);
    }

--- a/htdocs/fourn/class/fournisseur.commande.class.php
+++ b/htdocs/fourn/class/fournisseur.commande.class.php
@@ -279,11 +279,12 @@ class CommandeFournisseur extends CommonOrder

 			$this->fetchObjectLinked();

+			//$result=$this->fetch_lines();
            $this->lines=array();

            $sql = "SELECT l.rowid, l.ref as ref_supplier, l.fk_product, l.product_type, l.label, l.description, l.qty,";
            $sql.= " l.vat_src_code, l.tva_tx, l.remise_percent, l.subprice,";
-            $sql.= " l.localtax1_tx, l. localtax2_tx, l.total_localtax1, l.total_localtax2,";
+            $sql.= " l.localtax1_tx, l. localtax2_tx, l.localtax1_type, l. localtax2_type, l.total_localtax1, l.total_localtax2,";
            $sql.= " l.total_ht, l.total_tva, l.total_ttc, l.special_code, l.fk_parent_line, l.rang,";
            $sql.= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.description as product_desc,";
 	        $sql.= " l.fk_unit,";
@@ -315,6 +316,8 @@ class CommandeFournisseur extends CommonOrder
                    $line->tva_tx              = $objp->tva_tx;
                    $line->localtax1_tx		   = $objp->localtax1_tx;
                    $line->localtax2_tx		   = $objp->localtax2_tx;
+                    $line->localtax1_type	   = $objp->localtax1_type;
+                    $line->localtax2_type	   = $objp->localtax2_type;
                    $line->subprice            = $objp->subprice;
                    $line->pu_ht	           = $objp->subprice;
                    $line->remise_percent      = $objp->remise_percent;
@@ -1087,7 +1090,7 @@ class CommandeFournisseur extends CommonOrder
        // Clean parameters
        if (empty($this->source)) $this->source = 0;

-		// Multicurrency (test on $this->multicurrency_tx because we sould take the default rate only if not using origin rate)
+		// Multicurrency (test on $this->multicurrency_tx because we should take the default rate only if not using origin rate)
 		if (!empty($this->multicurrency_code) && empty($this->multicurrency_tx)) list($this->fk_multicurrency,$this->multicurrency_tx) = MultiCurrency::getIdAndTxFromCode($this->db, $this->multicurrency_code);
 		else $this->fk_multicurrency = MultiCurrency::getIdFromCode($this->db, $this->multicurrency_code);
 		if (empty($this->fk_multicurrency))
@@ -1194,23 +1197,44 @@ class CommandeFournisseur extends CommonOrder
 	            {
 					// Add link with price request and supplier order
 					if ($this->id)
-                    {
-                        $this->ref="(PROV".$this->id.")";
+					{
+						$this->ref="(PROV".$this->id.")";

-                        // Add object linked
-                        if (is_array($this->linked_objects) && ! empty($this->linked_objects))
-                        {
-                        	foreach($this->linked_objects as $origin => $origin_id)
-                        	{
-                        		$ret = $this->add_object_linked($origin, $origin_id);
-                        		if (! $ret)
-                        		{
-                        			dol_print_error($this->db);
-                        			$error++;
-                        		}
-                        	}
-                        }
-                    }
+						if (! empty($this->linkedObjectsIds) && empty($this->linked_objects))	// To use new linkedObjectsIds instead of old linked_objects
+						{
+							$this->linked_objects = $this->linkedObjectsIds;	// TODO Replace linked_objects with linkedObjectsIds
+						}
+
+						// Add object linked
+						if (! $error && $this->id && is_array($this->linked_objects) && ! empty($this->linked_objects))
+						{
+							foreach($this->linked_objects as $origin => $tmp_origin_id)
+							{
+							    if (is_array($tmp_origin_id))       // New behaviour, if linked_object can have several links per type, so is something like array('contract'=>array(id1, id2, ...))
+							    {
+							        foreach($tmp_origin_id as $origin_id)
+							        {
+							            $ret = $this->add_object_linked($origin, $origin_id);
+							            if (! $ret)
+							            {
+							                dol_print_error($this->db);
+							                $error++;
+							            }
+							        }
+							    }
+							    else                                // Old behaviour, if linked_object has only one link per type, so is something like array('contract'=>id1))
+							    {
+							        $origin_id = $tmp_origin_id;
+									$ret = $this->add_object_linked($origin, $origin_id);
+									if (! $ret)
+									{
+										dol_print_error($this->db);
+										$error++;
+									}
+							    }
+							}
+						}
+					}

 	                if (! $error)
                    {
@@ -1405,10 +1429,10 @@ class CommandeFournisseur extends CommonOrder

                        // We use 'none' instead of $fourn_ref, because fourn_ref may not exists anymore. So we will take the first supplier price ok.
                        // If we want a dedicated supplier price, we must provide $fk_prod_fourn_price.
-                        $result=$prod->get_buyprice($fk_prod_fourn_price, $qty, $fk_product, 'none', $this->fk_soc);   // Search on couple $fk_prod_fourn_price/$qty first, then on triplet $qty/$fk_product/$fourn_ref/$this->fk_soc
+                        $result=$prod->get_buyprice($fk_prod_fourn_price, $qty, $fk_product, 'none', ($this->fk_soc?$this->fk_soc:$this->socid));   // Search on couple $fk_prod_fourn_price/$qty first, then on triplet $qty/$fk_product/$fourn_ref/$this->fk_soc
                        if ($result > 0)
                        {
-                            $pu           = $prod->fourn_pu;       // Unit price supplier price set by get_buyprice
+			    $pu           = $prod->fourn_pu;       // Unit price supplier price set by get_buyprice
                            $ref_supplier = $prod->ref_supplier;   // Ref supplier price set by get_buyprice
 			    // is remise percent not keyed but present for the product we add it
                            if ($remise_percent == 0 && $prod->remise_percent !=0)
@@ -2977,7 +3001,7 @@ class CommandeFournisseurLigne extends CommonOrderLine
    public function fetch($rowid)
    {
        $sql = 'SELECT cd.rowid, cd.fk_commande, cd.fk_product, cd.product_type, cd.description, cd.qty, cd.tva_tx,';
-        $sql.= ' cd.localtax1_tx, cd.localtax2_tx, cd.ref,';
+        $sql.= ' cd.localtax1_tx, cd.localtax2_tx, cd.localtax1_type, cd.localtax2_type, cd.ref,';
        $sql.= ' cd.remise, cd.remise_percent, cd.subprice,';
        $sql.= ' cd.info_bits, cd.total_ht, cd.total_tva, cd.total_ttc,';
        $sql.= ' cd.total_localtax1, cd.total_localtax2,';
@@ -3003,6 +3027,8 @@ class CommandeFournisseurLigne extends CommonOrderLine
            $this->tva_tx           = $objp->tva_tx;
            $this->localtax1_tx		= $objp->localtax1_tx;
            $this->localtax2_tx		= $objp->localtax2_tx;
+            $this->localtax1_type	= $objp->localtax1_type;
+            $this->localtax2_type	= $objp->localtax2_type;
            $this->remise           = $objp->remise;
            $this->remise_percent   = $objp->remise_percent;
            $this->fk_product       = $objp->fk_product;
--- a/Show More
+++ b/Show More