N°6618 - Router: Add protection against invalid routes cache

N°6618 - Router: Fix available routes cache being re-generated at each call
N°6408 - CRUD : Fix log consuming too much memory
2026-02-13 15:34:12 +01:00 · 2023-08-02 11:44:20 +02:00 · 2023-08-02 11:44:20 +02:00 · 2023-07-12 11:21:32 +02:00 · 2023-07-10 13:16:53 +02:00 · 2023-07-06 15:28:32 +02:00
882 changed files with 32012 additions and 24887 deletions
--- a/.make/license/updateLicenses.php
+++ b/.make/license/updateLicenses.php
@@ -19,17 +19,24 @@
 * The target license file path is in `$xmlFilePath`
 */

-$iTopFolder = __DIR__ . "/../../" ;
-$xmlFilePath = $iTopFolder . "setup/licenses/community-licenses.xml";
+$iTopFolder = __DIR__."/../../";
+$xmlFilePath = $iTopFolder."setup/licenses/community-licenses.xml";

-function get_scope($product_node)
-{
+$jqExec = shell_exec("jq -V"); // a param is mandatory otherwise the script will freeze
+if ((null === $jqExec) || (false === $jqExec)) {
+	echo "/!\ JQ is required but cannot be launched :( \n";
+	echo "Check this script PHPDoc block for instructions\n";
+	die(-1);
+}
+
+
+function get_scope($product_node) {
 	$scope = $product_node->getAttribute("scope");

-	if ($scope === "")
-	{   //put iTop first
+	if ($scope === "") {   //put iTop first
 		return "aaaaaaaaa";
 	}
+
 	return $scope;
 }

--- a/addons/userrights/userrightsprofile.class.inc.php
+++ b/addons/userrights/userrightsprofile.class.inc.php
@@ -228,6 +228,7 @@ class URP_UserProfile extends UserRightsBaseClassGUI
 			"db_table"            => "priv_urp_userprofile",
 			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
+			"is_link" 			  => true, /** @since 3.1.0 N°6482 */
 			'uniqueness_rules'    => array(
 				'no_duplicate' => array(
 					'attributes'  => array(
--- a/addons/userrights/userrightsprofile.db.class.inc.php
+++ b/addons/userrights/userrightsprofile.db.class.inc.php
@@ -334,6 +334,7 @@ class URP_UserProfile extends UserRightsBaseClassGUI
 			"db_table"            => "priv_urp_userprofile",
 			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
+			"is_link" 			  => true, /** @since 3.1.0 N°6482 */
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
--- a/addons/userrights/userrightsprojection.class.inc.php
+++ b/addons/userrights/userrightsprojection.class.inc.php
@@ -277,6 +277,7 @@ class URP_UserProfile extends UserRightsBaseClass
 			"db_table"            => "priv_urp_userprofile",
 			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
+			"is_link" 			  => true, /** @since 3.1.0 N°6482 */
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
--- a/application/applicationcontext.class.inc.php
+++ b/application/applicationcontext.class.inc.php
@@ -238,7 +238,7 @@ class ApplicationContext
 	{
 		$aContextInputBlocks = [];
 		foreach ($this->aValues as $sName => $sValue) {
-			$aContextInputBlocks[] = InputUIBlockFactory::MakeForHidden("c[$sName]", utils::EscapeHtml($sValue));
+			$aContextInputBlocks[] = InputUIBlockFactory::MakeForHidden("c[$sName]", $sValue);
 		}
 		return $aContextInputBlocks;
 	}
--- a/application/audit.category.class.inc.php
+++ b/application/audit.category.class.inc.php
@@ -74,15 +74,23 @@ class AuditCategory extends cmdbAbstractObject
 	public function GetReportColor($iTotal, $iErrors)
 	{
 		$sResult = 'red';
-		if ( ($iTotal == 0) || ($iErrors / $iTotal) <= ($this->Get('ok_error_tolerance') / 100) )
-		{
+		if ( ($iTotal == 0) || ($iErrors / $iTotal) <= ($this->Get('ok_error_tolerance') / 100) ) {
 			$sResult = 'green';
-		}
-		else if ( ($iErrors / $iTotal) <= ($this->Get('warning_error_tolerance') / 100) )
-		{
+		} else if (($iErrors / $iTotal) <= ($this->Get('warning_error_tolerance') / 100)) {
 			$sResult = 'orange';
 		}
+
 		return $sResult;
 	}
+
+	public static function GetShortcutActions($sFinalClass)
+	{
+		$aShortcutActions = parent::GetShortcutActions($sFinalClass);
+		if (!in_array('UI:Menu:RunAudit', $aShortcutActions)) {
+			$aShortcutActions[] = 'UI:Menu:RunAudit';
+		}
+
+		return $aShortcutActions;
+	}
 }
 ?>
--- a/application/audit.domain.class.inc.php
+++ b/application/audit.domain.class.inc.php
@@ -47,19 +47,30 @@ class AuditDomain extends cmdbAbstractObject
 			'style'                      => new ormStyle(null, null, null, null, null, '../images/icons/icons8-audit-album.svg'),
 		);
 		MetaModel::Init_Params($aParams);
-		MetaModel::Init_AddAttribute(new AttributeString("name", array("description"=>"Short name for this category", "allowed_values"=>null, "sql"=>"name", "default_value"=>"", "is_null_allowed"=>false, "depends_on"=>array())));
-		MetaModel::Init_AddAttribute(new AttributeString("description", array("allowed_values"=>null, "sql"=>"description", "default_value"=>"", "is_null_allowed"=>true, "depends_on"=>array())));
-		MetaModel::Init_AddAttribute(new AttributeImage("icon", array("is_null_allowed"=>true, "depends_on"=>array(), "display_max_width"=>96, "display_max_height"=>96, "storage_max_width"=>256, "storage_max_height"=>256, "default_image"=>null, "always_load_in_tables"=>false)));
-		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("categories_list", array("linked_class" => "lnkAuditCategoryToAuditDomain", "ext_key_to_me" => "domain_id", "ext_key_to_remote" => "category_id", "allowed_values" => null, "count_min" => 0, "count_max" => 0, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeString("name", array("description" => "Short name for this category", "allowed_values" => null, "sql" => "name", "default_value" => "", "is_null_allowed" => false, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeString("description", array("allowed_values" => null, "sql" => "description", "default_value" => "", "is_null_allowed" => true, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeImage("icon", array("is_null_allowed" => true, "depends_on" => array(), "display_max_width" => 96, "display_max_height" => 96, "storage_max_width" => 256, "storage_max_height" => 256, "default_image" => null, "always_load_in_tables" => false)));
+		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("categories_list",
+			array("linked_class" => "lnkAuditCategoryToAuditDomain", "ext_key_to_me" => "domain_id", "ext_key_to_remote" => "category_id", "allowed_values" => null, "count_min" => 0, "count_max" => 0, "depends_on" => array())));

 		// Display lists
 		MetaModel::Init_SetZListItems('details', array('name', 'description', 'icon', 'categories_list')); // Attributes to be displayed for the complete details
-		MetaModel::Init_SetZListItems('list', array('description', )); // Attributes to be displayed for a list
+		MetaModel::Init_SetZListItems('list', array('description',)); // Attributes to be displayed for a list
 		// Search criteria
 		MetaModel::Init_SetZListItems('standard_search', array('description')); // Criteria of the std search form
 		MetaModel::Init_SetZListItems('default_search', array('name', 'description')); // Criteria of the default search form
 	}

+	public static function GetShortcutActions($sFinalClass)
+	{
+		$aShortcutActions = parent::GetShortcutActions($sFinalClass);
+		if (!in_array('UI:Menu:RunAudit', $aShortcutActions)) {
+			$aShortcutActions[] = 'UI:Menu:RunAudit';
+		}
+
+		return $aShortcutActions;
+	}
+
 }

 /**
@@ -75,15 +86,26 @@ class lnkAuditCategoryToAuditDomain extends cmdbAbstractObject
 	{
 		$aParams = array
 		(
-			"category" => "application, grant_by_profile",
-			"key_type" => "autoincrement",
-			"name_attcode" => "",
-			"state_attcode" => "",
-			"reconc_keys" => array('category_id', 'domain_id'),
-			"db_table" => "priv_link_audit_category_domain",
-			"db_key_field" => "id",
+			"category"            => "application, grant_by_profile",
+			"key_type"            => "autoincrement",
+			"name_attcode"        => "",
+			"state_attcode"       => "",
+			"reconc_keys"         => array('category_id', 'domain_id'),
+			"db_table"            => "priv_link_audit_category_domain",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
-			"is_link" => true,
+			"is_link"             => true,
+			'uniqueness_rules'    => array(
+				'no_duplicate' => array(
+					'attributes'  => array(
+						0 => 'category_id',
+						1 => 'domain_id',
+					),
+					'filter'      => '',
+					'disabled'    => false,
+					'is_blocking' => true,
+				),
+			),
 		);
 		MetaModel::Init_Params($aParams);
 		MetaModel::Init_AddAttribute(new AttributeExternalKey("category_id", array("targetclass" => "AuditCategory", "jointype" => '', "allowed_values" => null, "sql" => "category_id", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array())));
--- a/application/audit.rule.class.inc.php
+++ b/application/audit.rule.class.inc.php
@@ -35,23 +35,23 @@ class AuditRule extends cmdbAbstractObject
 	{
 		$aParams = array
 		(
-			"category" => "application, grant_by_profile",
-			"key_type" => "autoincrement",
-			"name_attcode" => "name",
-			"state_attcode" => "",
-			"reconc_keys" => array('name'),
-			"db_table" => "priv_auditrule",
-			"db_key_field" => "id",
+			"category"            => "application, grant_by_profile",
+			"key_type"            => "autoincrement",
+			"name_attcode"        => "name",
+			"state_attcode"       => "",
+			"reconc_keys"         => array('name'),
+			"db_table"            => "priv_auditrule",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
-			'style' => new ormStyle(null, null, null, null, null, '../images/icons/icons8-audit.svg'),
+			'style'               => new ormStyle(null, null, null, null, null, '../images/icons/icons8-audit.svg'),
 		);
 		MetaModel::Init_Params($aParams);
-		MetaModel::Init_AddAttribute(new AttributeString("name", array("allowed_values"=>null, "sql"=>"name", "default_value"=>"", "is_null_allowed"=>false, "depends_on"=>array())));
-		MetaModel::Init_AddAttribute(new AttributeString("description", array("allowed_values"=>null, "sql"=>"description", "default_value"=>"", "is_null_allowed"=>true, "depends_on"=>array())));
-		MetaModel::Init_AddAttribute(new AttributeOQL("query", array("allowed_values"=>null, "sql"=>"query", "default_value"=>"", "is_null_allowed"=>false, "depends_on"=>array())));
-		MetaModel::Init_AddAttribute(new AttributeEnum("valid_flag", array("allowed_values"=>new ValueSetEnum('true,false'), "sql"=>"valid_flag", "default_value"=>"true", "is_null_allowed"=>false, "depends_on"=>array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("category_id", array("allowed_values"=>null, "sql"=>"category_id", "targetclass"=>"AuditCategory", "is_null_allowed"=>false, "on_target_delete"=>DEL_MANUAL, "depends_on"=>array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("category_name", array("allowed_values"=>null, "extkey_attcode"=> 'category_id', "target_attcode"=>"name")));
+		MetaModel::Init_AddAttribute(new AttributeString("name", array("allowed_values" => null, "sql" => "name", "default_value" => "", "is_null_allowed" => false, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeString("description", array("allowed_values" => null, "sql" => "description", "default_value" => "", "is_null_allowed" => true, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeOQL("query", array("allowed_values" => null, "sql" => "query", "default_value" => "", "is_null_allowed" => false, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeEnum("valid_flag", array("allowed_values" => new ValueSetEnum('true,false'), "sql" => "valid_flag", "default_value" => "true", "is_null_allowed" => false, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalKey("category_id", array("allowed_values" => null, "sql" => "category_id", "targetclass" => "AuditCategory", "is_null_allowed" => false, "on_target_delete" => DEL_MANUAL, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalField("category_name", array("allowed_values" => null, "extkey_attcode" => 'category_id', "target_attcode" => "name")));

 		// Display lists
 		MetaModel::Init_SetZListItems('details', array('category_id', 'name', 'description', 'query', 'valid_flag')); // Attributes to be displayed for the complete details
@@ -60,5 +60,16 @@ class AuditRule extends cmdbAbstractObject
 		MetaModel::Init_SetZListItems('standard_search', array('category_id', 'name', 'description', 'valid_flag', 'query')); // Criteria of the std search form
 		MetaModel::Init_SetZListItems('default_search', array('name', 'description', 'category_id')); // Criteria of the advanced search form
 	}
+
+
+	public static function GetShortcutActions($sFinalClass)
+	{
+		$aShortcutActions = parent::GetShortcutActions($sFinalClass);
+		if (!in_array('UI:Menu:RunAudit', $aShortcutActions)) {
+			$aShortcutActions[] = 'UI:Menu:RunAudit';
+		}
+
+		return $aShortcutActions;
+	}
 }
 ?>
--- a/application/cmdbabstract.class.inc.php
+++ b/application/cmdbabstract.class.inc.php
@@ -47,6 +47,7 @@ use Combodo\iTop\Renderer\Console\ConsoleBlockRenderer;
 use Combodo\iTop\Renderer\Console\ConsoleFormRenderer;
 use Combodo\iTop\Service\Links\LinkSetDataTransformer;
 use Combodo\iTop\Service\Links\LinkSetModel;
+use Combodo\iTop\Service\TemporaryObjects\TemporaryObjectHelper;


 define('OBJECT_PROPERTIES_TAB', 'ObjectProperties');
@@ -187,9 +188,6 @@ abstract class cmdbAbstractObject extends CMDBObject implements iDisplay
 	/** @var array initial attributes flags cache [attcode]['flags'] */
 	protected $aInitialAttributesFlags;

-	protected $iUpdateLoopCount;
-
-	const MAX_UPDATE_LOOP_COUNT = 10;

 	/**
 	 * @var array First level classname, second level id, value number of calls done
@@ -227,7 +225,6 @@ abstract class cmdbAbstractObject extends CMDBObject implements iDisplay
 		$this->sDisplayMode = static::DEFAULT_DISPLAY_MODE;
 		$this->bAllowWrite = false;
 		$this->bAllowDelete = false;
-		$this->iUpdateLoopCount = 0;
 	}

 	/**
@@ -2822,33 +2819,33 @@ JS
 			}
 		}
 		// Custom operation for the form ?
-		if (isset($aExtraParams['custom_operation'])) {
-			$sOperation = $aExtraParams['custom_operation'];
-		} else {
-			if ($this->GetDisplayMode() === static::ENUM_DISPLAY_MODE_EDIT) {
-				$sOperation = 'apply_modify';
-			} else {
-				$sOperation = 'apply_new';
-			}
-		}
+        if (isset($aExtraParams['custom_operation'])) {
+            $sOperation = $aExtraParams['custom_operation'];
+        } else {
+            if ($this->GetDisplayMode() === static::ENUM_DISPLAY_MODE_EDIT) {
+                $sOperation = 'apply_modify';
+            } else {
+                $sOperation = 'apply_new';
+            }
+        }

-		$oContentBlock = new UIContentBlock();
-		$oPage->AddUiBlock($oContentBlock);
+        $oContentBlock = new UIContentBlock();
+        $oPage->AddUiBlock($oContentBlock);

-		$oForm = new Form("form_{$this->m_iFormId}");
-		$oForm->SetAction($sFormAction);
-		$sOnSubmitForm = "let bOnSubmitForm = OnSubmit('form_{$this->m_iFormId}');";
-		if (isset($aExtraParams['js_handlers']['form_on_submit'])) {
-			$oForm->SetOnSubmitJsCode($sOnSubmitForm.$aExtraParams['js_handlers']['form_on_submit']);
-		} else {
-			$oForm->SetOnSubmitJsCode($sOnSubmitForm."return bOnSubmitForm;");
-		}
-		$oContentBlock->AddSubBlock($oForm);
+        $oForm = new Form("form_{$this->m_iFormId}");
+        $oForm->SetAction($sFormAction);
+        $sOnSubmitForm = "let bOnSubmitForm = OnSubmit('form_{$this->m_iFormId}');";
+        if (isset($aExtraParams['js_handlers']['form_on_submit'])) {
+            $oForm->SetOnSubmitJsCode($sOnSubmitForm . $aExtraParams['js_handlers']['form_on_submit']);
+        } else {
+            $oForm->SetOnSubmitJsCode($sOnSubmitForm . "return bOnSubmitForm;");
+        }
+        $oContentBlock->AddSubBlock($oForm);

-		if ($this->GetDisplayMode() === static::ENUM_DISPLAY_MODE_EDIT) {
-			// The object already exists in the database, it's a modification
-			$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('id', $iKey, "{$sPrefix}_id"));
-		}
+        if ($this->GetDisplayMode() === static::ENUM_DISPLAY_MODE_EDIT) {
+            // The object already exists in the database, it's a modification
+	        $oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('id', $iKey, "{$sPrefix}_id"));
+        }
 		$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('operation', $sOperation));
 		$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('class', $sClass));

@@ -2857,6 +2854,11 @@ JS
 		$oPage->SetTransactionId($iTransactionId);
 		$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('transaction_id', $iTransactionId));

+		// Add temporary object watchdog (only on root form)
+		if (!utils::IsXmlHttpRequest()) {
+			$oPage->add_ready_script(TemporaryObjectHelper::GetWatchDogJS($iTransactionId));
+		}
+
 		// TODO 3.0.0: Is this (the if condition, not the code inside) still necessary?
 		if (isset($aExtraParams['wizard_container']) && $aExtraParams['wizard_container']) {
 			$sClassLabel = MetaModel::GetName($sClass);
@@ -2867,34 +2869,34 @@ JS
 			}
 		}

-		$oToolbarButtons = ToolbarUIBlockFactory::MakeStandard(null);
+        $oToolbarButtons = ToolbarUIBlockFactory::MakeStandard(null);

-		$oCancelButton = ButtonUIBlockFactory::MakeForCancel();
-		$oCancelButton->AddCSSClasses(['action', 'cancel']);
-		$oToolbarButtons->AddSubBlock($oCancelButton);
-		$oApplyButton = ButtonUIBlockFactory::MakeForPrimaryAction($sApplyButton, null, null, true);
-		$oApplyButton->AddCSSClass('action');
-		$oToolbarButtons->AddSubBlock($oApplyButton);
-		$bAreTransitionsHidden = isset($aExtraParams['hide_transitions']) && $aExtraParams['hide_transitions'] === true;
-		$aTransitions = $this->EnumTransitions();
-		if (!isset($aExtraParams['custom_operation']) && !$bAreTransitionsHidden && count($aTransitions)) {
-			// Transitions are displayed only for the standard new/modify actions, not for modify_all or any other case...
-			$oSetToCheckRights = DBObjectSet::FromObject($this);
+        $oCancelButton = ButtonUIBlockFactory::MakeForCancel();
+        $oCancelButton->AddCSSClasses(['action', 'cancel']);
+        $oToolbarButtons->AddSubBlock($oCancelButton);
+        $oApplyButton = ButtonUIBlockFactory::MakeForPrimaryAction($sApplyButton, null, null, true);
+        $oApplyButton->AddCSSClass('action');
+        $oToolbarButtons->AddSubBlock($oApplyButton);
+        $bAreTransitionsHidden = isset($aExtraParams['hide_transitions']) && $aExtraParams['hide_transitions'] === true;
+        $aTransitions = $this->EnumTransitions();
+        if (!isset($aExtraParams['custom_operation']) && !$bAreTransitionsHidden && count($aTransitions)) {
+            // Transitions are displayed only for the standard new/modify actions, not for modify_all or any other case...
+            $oSetToCheckRights = DBObjectSet::FromObject($this);

-			$oTransitionPopoverMenu = new PopoverMenu();
-			$sTPMSectionId = 'transitions';
-			$oTransitionPopoverMenu->AddSection($sTPMSectionId);
-			$aStimuli = Metamodel::EnumStimuli($sClass);
-			foreach ($aTransitions as $sStimulusCode => $aTransitionDef) {
-				$iActionAllowed = (get_class($aStimuli[$sStimulusCode]) == 'StimulusUserAction') ? UserRights::IsStimulusAllowed($sClass,
-					$sStimulusCode, $oSetToCheckRights) : UR_ALLOWED_NO;
-				switch ($iActionAllowed) {
-					case UR_ALLOWED_YES:
-						// Button to be displayed on its own on large screens
-						$oButton = ButtonUIBlockFactory::MakeForPrimaryAction($aStimuli[$sStimulusCode]->GetLabel(), 'next_action', $sStimulusCode, true);
-						$oButton->AddCSSClass('action');
-						$oButton->SetColor(Button::ENUM_COLOR_SCHEME_NEUTRAL);
-						$oToolbarButtons->AddSubBlock($oButton);
+            $oTransitionPopoverMenu = new PopoverMenu();
+            $sTPMSectionId = 'transitions';
+            $oTransitionPopoverMenu->AddSection($sTPMSectionId);
+            $aStimuli = Metamodel::EnumStimuli($sClass);
+            foreach ($aTransitions as $sStimulusCode => $aTransitionDef) {
+                $iActionAllowed = (get_class($aStimuli[$sStimulusCode]) == 'StimulusUserAction') ? UserRights::IsStimulusAllowed($sClass,
+                    $sStimulusCode, $oSetToCheckRights) : UR_ALLOWED_NO;
+                switch ($iActionAllowed) {
+                    case UR_ALLOWED_YES:
+                        // Button to be displayed on its own on large screens
+                        $oButton = ButtonUIBlockFactory::MakeForPrimaryAction($aStimuli[$sStimulusCode]->GetLabel(), 'next_action', $sStimulusCode, true);
+                        $oButton->AddCSSClass('action');
+                        $oButton->SetColor(Button::ENUM_COLOR_SCHEME_NEUTRAL);
+                        $oToolbarButtons->AddSubBlock($oButton);

 						// Button to be displayed in a grouped button on smaller screens
 						$oTPMPopupMenuItem = new JSPopupMenuItem('next_action--'.$oButton->GetId(), $oButton->GetLabel(), "$(`#{$oButton->GetId()}`).trigger(`click`);");
@@ -3049,16 +3051,21 @@ JS

 		$oPage->SetCurrentTab('');

+		// Static fields values for wizard helper serialization
+		$aWizardHelperStaticValues = [];
+
 		// Add as hidden inputs values that we want displayed if they're readonly
 		if(isset($aExtraParams['forceFieldsSubmission'])){
 			$aExtraFlags = $aExtraParams['fieldsFlags'] ?? [];
 			foreach ($aExtraParams['forceFieldsSubmission'] as $sAttCode) {
 					if(FormHelper::GetAttributeFlagsForObject($this, $sAttCode, $aExtraFlags) & OPT_ATT_READONLY) {
 						$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('attr_'.$sPrefix.$sAttCode, $this->Get($sAttCode)));
+						$aWizardHelperStaticValues[$sAttCode] = $this->Get($sAttCode);
 					}
 			}
 		}
-		
+		$sWizardHelperStaticValues = json_encode($aWizardHelperStaticValues);
+
 		$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('class', $sClass));
 		$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('transaction_id', $iTransactionId));
 		foreach ($aExtraParams as $sName => $value) {
@@ -3085,7 +3092,10 @@ JS

 		$iFieldsCount = count($aFieldsMap);
 		$sJsonFieldsMap = json_encode($aFieldsMap);
-		$sState = $this->GetState();
+		$sLifecycleStateForWizardHelper = '';
+		if (MetaModel::HasLifecycle($sClass)) {
+			$sLifecycleStateForWizardHelper = $this->GetState();
+		}
 		$sSessionStorageKey = $sClass.'_'.$iKey;
 		$sTempId = utils::GetUploadTempId($iTransactionId);
 		$oPage->add_ready_script(InlineImage::EnableCKEditorImageUpload($this, $sTempId));
@@ -3095,9 +3105,10 @@ JS
 		sessionStorage.removeItem('$sSessionStorageKey');
 		
 		// Create the object once at the beginning of the page...
-		var oWizardHelper$sPrefix = new WizardHelper('$sClass', '$sPrefix', '$sState');
+		var oWizardHelper$sPrefix = new WizardHelper('$sClass', '$sPrefix', '$sLifecycleStateForWizardHelper');
 		oWizardHelper$sPrefix.SetFieldsMap($sJsonFieldsMap);
 		oWizardHelper$sPrefix.SetFieldsCount($iFieldsCount);
+		oWizardHelper$sPrefix.SetStaticValues($sWizardHelperStaticValues);
 EOF
 		);
 		$oPage->add_ready_script(
@@ -3389,22 +3400,15 @@ EOF
 		];

 		// The list of candidate fields is made of the ordered list of "details" attributes + other attributes
-		$aAttributes = array();
-		foreach ($this->FlattenZList(MetaModel::GetZListItems($sClass, 'details')) as $sAttCode) {
-			$aAttributes[$sAttCode] = true;
-		}
+		// First attributes from the "details" zlist as they were sorted...
+		$aList = $this->FlattenZList(MetaModel::GetZListItems($sClass, 'details'));
+
+		// ... then append forgotten attributes
 		foreach (MetaModel::GetAttributesList($sClass) as $sAttCode) {
-			if (!array_key_exists($sAttCode, $aAttributes)) {
-				$aAttributes[$sAttCode] = true;
+			if (!in_array($sAttCode, $aList)) {
+				$aList[] = $sAttCode;
 			}
 		}
-		// Order the fields based on their dependencies, set the fields for which there is only one possible value
-		// and perform this in the order of dependencies to avoid dead-ends
-		$aDeps = array();
-		foreach ($aAttributes as $sAttCode => $trash) {
-			$aDeps[$sAttCode] = MetaModel::GetPrerequisiteAttributes($sClass, $sAttCode);
-		}
-		$aList = $this->OrderDependentFields($aDeps);

 		$bExistFieldToDisplay = false;
 		foreach ($aList as $sAttCode) {
@@ -4517,16 +4521,12 @@ HTML;
 	 */
 	public function DBInsertNoReload()
 	{
+		$this->LogCRUDEnter(__METHOD__);
 		try {
 			$res = parent::DBInsertNoReload();

 			$this->SetWarningsAsSessionMessages('create');

-			// Invoke extensions after insertion (the object must exist, have an id, etc.)
-			/** @var \iApplicationObjectExtension $oExtensionInstance */
-			foreach (MetaModel::EnumPlugins('iApplicationObjectExtension') as $oExtensionInstance) {
-				$oExtensionInstance->OnDBInsert($this, self::GetCurrentChange());
-			}
 		} finally {
 			if (static::IsCrudStackEmpty()) {
 				// Avoid signaling the current object that links were modified
@@ -4534,9 +4534,23 @@ HTML;
 				static::FireEventDbLinksChangedForAllObjects();
 			}
 		}
+		$this->LogCRUDExit(__METHOD__);
 		return $res;
 	}

+	public function PostInsertActions(): void
+	{
+		parent::PostInsertActions();
+
+		// Invoke extensions after insertion (the object must exist, have an id, etc.)
+		/** @var \iApplicationObjectExtension $oExtensionInstance */
+		foreach (MetaModel::EnumPlugins(iApplicationObjectExtension::class) as $oExtensionInstance) {
+			$sExtensionClass = get_class($oExtensionInstance);
+			$this->LogCRUDDebug(__METHOD__, "Calling $sExtensionClass::OnDBInsert()");
+			$oExtensionInstance->OnDBInsert($this, self::GetCurrentChange());
+		}
+	}
+
 	/**
 	 * @inheritdoc
 	 * Attaches InlineImages to the current object
@@ -4562,57 +4576,39 @@ HTML;

 	public function DBUpdate()
 	{
+		$this->LogCRUDEnter(__METHOD__);
+
 		try {
+			if (count($this->ListChanges()) === 0) {
+				$this->LogCRUDExit(__METHOD__);
+				return $this->GetKey();
+			}
 			$res = parent::DBUpdate();

 			$this->SetWarningsAsSessionMessages('update');
-
-			// Protection against reentrance (e.g. cascading the update of ticket logs)
-			// Note: This is based on the fix made on r 3190 in DBObject::DBUpdate()
-			if (!MetaModel::StartReentranceProtection($this)) {
-				$sClass = get_class($this);
-				$sKey = $this->GetKey();
-				IssueLog::Debug("CRUD: DBUpdate $sClass::$sKey Rejected (reentrance)", LogChannels::DM_CRUD);
-
-				return $res;
-			}
-
-			try {
-				// Invoke extensions after the update (could be before)
-				/** @var \iApplicationObjectExtension $oExtensionInstance */
-				foreach (MetaModel::EnumPlugins('iApplicationObjectExtension') as $oExtensionInstance) {
-					$oExtensionInstance->OnDBUpdate($this, self::GetCurrentChange());
-				}
-			}
-			finally {
-				MetaModel::StopReentranceProtection($this);
-			}
-
-			$aChanges = $this->ListChanges();
-			if (count($aChanges) != 0) {
-				$this->iUpdateLoopCount++;
-				if ($this->iUpdateLoopCount > self::MAX_UPDATE_LOOP_COUNT) {
-					$sClass = get_class($this);
-					$sKey = $this->GetKey();
-					$aPlugins = [];
-					foreach (MetaModel::EnumPlugins('iApplicationObjectExtension') as $oExtensionInstance) {
-						$aPlugins[] = get_class($oExtensionInstance);
-					}
-					$sPlugins = implode(', ', $aPlugins);
-					IssueLog::Error("CRUD: DBUpdate $sClass::$sKey Update loop detected plugins: $sPlugins", LogChannels::DM_CRUD);
-				} else {
-					return $this->DBUpdate();
-				}
-			}
 		} finally {
 			if (static::IsCrudStackEmpty()) {
 				static::FireEventDbLinksChangedForAllObjects();
 			}
 		}
+		$this->LogCRUDExit(__METHOD__);

 		return $res;
 	}

+	public function PostUpdateActions(array $aChanges): void
+	{
+		parent::PostUpdateActions($aChanges);
+
+		// Invoke extensions after the update (could be before)
+		/** @var \iApplicationObjectExtension $oExtensionInstance */
+		foreach (MetaModel::EnumPlugins(iApplicationObjectExtension::class) as $oExtensionInstance) {
+			$sExtensionClass = get_class($oExtensionInstance);
+			$this->LogCRUDDebug(__METHOD__, "Calling $sExtensionClass::OnDBUpdate()");
+			$oExtensionInstance->OnDBUpdate($this, self::GetCurrentChange());
+		}
+	}
+
 	/**
 	 * @param string $sMessageIdPrefix
 	 *
@@ -4632,6 +4628,7 @@ HTML;

 	public function DBDelete(&$oDeletionPlan = null)
 	{
+		$this->LogCRUDEnter(__METHOD__);
 		try {
 			parent::DBDelete($oDeletionPlan);
 		}  finally {
@@ -4641,6 +4638,7 @@ HTML;
 				static::FireEventDbLinksChangedForAllObjects();
 			}
 		}
+		$this->LogCRUDExit(__METHOD__);

 		return $oDeletionPlan;
 	}
@@ -4669,9 +4667,12 @@ HTML;
 		/** @var \iApplicationObjectExtension $oExtensionInstance */
 		foreach(MetaModel::EnumPlugins('iApplicationObjectExtension') as $oExtensionInstance)
 		{
-			if ($oExtensionInstance->OnIsModified($this))
-			{
+			$sExtensionClass = get_class($oExtensionInstance);
+			if ($oExtensionInstance->OnIsModified($this)) {
+				$this->LogCRUDDebug(__METHOD__, "Calling $sExtensionClass::OnIsModified() -> true");
 				return true;
+			} else {
+				$this->LogCRUDDebug(__METHOD__, "Calling $sExtensionClass::OnIsModified() -> false");
 			}
 		}

@@ -6025,14 +6026,16 @@ JS
 		// - we have a EVENT_DB_LINKS_CHANGED listener on Ticket that will update impacted items, so it will create new lnkApplicationSolutionToFunctionalCI
 		// We want to avoid launching the listener twice, first here, and secondly after saving the Ticket in the listener
 		// By disabling the event to be fired, we can remove the current object from the attribute !
-		/** @noinspection PhpRedundantOptionalArgumentInspection */
-		$oObject = MetaModel::GetObject($sClass, $sId, true);
-		self::SetEventDBLinksChangedBlocked(true);
-		MetaModel::StartReentranceProtection($oObject);
-		$oObject->FireEvent(EVENT_DB_LINKS_CHANGED);
-		MetaModel::StopReentranceProtection($oObject);
-		if ($oObject->IsModified()) {
-			$oObject->DBUpdate();
+		$oObject = MetaModel::GetObject($sClass, $sId, false);
+		// N°6408 The object can have been deleted
+		if (!is_null($oObject)) {
+			self::SetEventDBLinksChangedBlocked(true);
+			MetaModel::StartReentranceProtection($oObject);
+			$oObject->FireEvent(EVENT_DB_LINKS_CHANGED);
+			MetaModel::StopReentranceProtection($oObject);
+			if (count($oObject->ListChanges()) !== 0) {
+				$oObject->DBUpdate();
+			}
 		}
 		self::RemoveObjectAwaitingEventDbLinksChanged($sClass, $sId);
 		cmdbAbstractObject::SetEventDBLinksChangedBlocked(false);
--- a/application/dashlet.class.inc.php
+++ b/application/dashlet.class.inc.php
@@ -667,7 +667,7 @@ class DashletUnknown extends Dashlet
 	 */
 	public function GetPropertiesFields(DesignerForm $oForm)
 	{
-		$oField = new DesignerLongTextField('xml', Dict::S('UI:DashletUnknown:Prop-XMLConfiguration'), $this->sOriginalDashletXML);
+		$oField = new DesignerXMLField('xml', Dict::S('UI:DashletUnknown:Prop-XMLConfiguration'), $this->sOriginalDashletXML);
 		$oForm->AddField($oField);
 	}

@@ -869,7 +869,7 @@ class DashletPlainText extends Dashlet
 	public function Render($oPage, $bEditMode = false, $aExtraParams = array())
 	{
 		$sText = $this->aProperties['text'];
-		$sText = utils::EscapeHtml($sText);
+		$sText = utils::EscapeHtml(Dict::S($sText));
 		$sText = str_replace(array("\r\n", "\n", "\r"), "<br/>", $sText);

 		$sId = 'plaintext_'.($bEditMode ? 'edit_' : '').$this->sId;
--- a/application/displayblock.class.inc.php
+++ b/application/displayblock.class.inc.php
@@ -1083,6 +1083,7 @@ JS
 			$this->m_oSet = new CMDBObjectSet($this->m_oFilter, array(), $aQueryParams);
 			$this->m_oSet->SetShowObsoleteData($this->m_bShowObsoleteData);
 		}
+
 		// Summary details
 		$aCounts = array();
 		$aStateLabels = array();
@@ -1129,6 +1130,18 @@ JS
 		}

 		$oBlock = new UIContentBlockWithJSRefreshCallback(null, ["ibo-dashlet-header-dynamic--container"]);
+
+		// N°6394 Make sure to sort elements as defined in the datamodel
+		if (utils::IsNotNullOrEmptyString($sStateAttrCode)) {
+			$oAttDef = MetaModel::GetAttributeDef($sClass, $sStateAttrCode);
+			$aAllowedValues = $oAttDef->GetAllowedValues() ?? [];
+			$AllowedValuesKeys = array_keys($aAllowedValues);
+
+			uksort($aStateLabels, function ($sKey1, $sKey2) use ($AllowedValuesKeys) {
+				return array_search($sKey1, $AllowedValuesKeys) > array_search($sKey2, $AllowedValuesKeys) ? 1 : -1;
+			});
+		}
+
 		foreach ($aStateLabels as $sStateValue => $sStateLabel) {
 			$aCount = $aCounts[$sStateValue];
 			$sHyperlink = $aCount['link'];
@@ -1858,7 +1871,13 @@ class MenuBlock extends DisplayBlock
 		/** @var array $aToolkitActions Any "legacy" toolkit menu item, which are now displayed in the same menu as the $aRegularActions, after them */
 		$aToolkitActions = [];

-		if (!isset($aExtraParams['selection_mode']) || ($aExtraParams['selection_mode'] == "")) {
+		// Display menu actions only if...
+		if (
+			// ... NOT in a selection mode
+			(!isset($aExtraParams['selection_mode']) || ($aExtraParams['selection_mode'] == ""))
+			// ... "menu" parameter is NOT EXPLICITLY disabled
+			&& (!isset($aExtraParams['menu']) || $aExtraParams['menu'] === "1" || $aExtraParams['menu'] === true)
+		) {
 			$oAppContext = new ApplicationContext();
 			$sContext = $oAppContext->GetForLink();
 			if (utils::IsNotNullOrEmptyString($sContext)) {
--- a/application/forms.class.inc.php
+++ b/application/forms.class.inc.php
@@ -1110,13 +1110,41 @@ $('#$sId').on('change keyup validate', function() { ValidateWithPattern('$sId',
 }
 EOF
 			);
-			$sValue = "<textarea $sCSSClasses id=\"$sId\" name=\"$sName\">".utils::EscapeHtml($this->defaultValue)."</textarea>";
+			$sValue = "<textarea $sCSSClasses id=\"$sId\" name=\"$sName\">".$this->PrepareValueForRendering()."</textarea>";
 		}
 		else {
-			$sValue = "<div $sCSSClasses id=\"$sId\">".utils::EscapeHtml($this->defaultValue)."</div>";
+			$sValue = "<div $sCSSClasses id=\"$sId\">".$this->PrepareValueForRendering()."</div>";
 		}
 		return array('label' => $this->sLabel, 'value' => $sValue);
 	}
+
+	/**
+	 * @return string|null The value itself as expected for rendering. May it be encoded, escaped or else.
+	 * @since 3.1.0 N°6405
+	 */
+	protected function PrepareValueForRendering(): ?string
+	{
+		return utils::EscapeHtml($this->defaultValue);
+	}
+}
+
+/**
+ * Class DesignerXMLField
+ *
+ * Field to display XML content
+ *
+ * @author Guillaume Lajarige <guillaume.lajarige@combodo.com>
+ * @since 3.1.0 N°6405
+ */
+class DesignerXMLField extends DesignerLongTextField
+{
+	/**
+	 * @inheritDoc
+	 */
+	protected function PrepareValueForRendering(): ?string
+	{
+		return utils::EscapeHtml($this->defaultValue, true);
+	}
 }

 class DesignerIntegerField extends DesignerFormField
--- a/application/loginbasic.class.inc.php
+++ b/application/loginbasic.class.inc.php
@@ -80,6 +80,11 @@ class LoginBasic extends AbstractLoginFSMExtension
 	{
 		if (Session::Get('login_mode') == 'basic')
 		{
+            $iOnExit = LoginWebPage::getIOnExit();
+            if ($iOnExit === LoginWebPage::EXIT_RETURN)
+            {
+                return LoginWebPage::LOGIN_FSM_RETURN; // Error, exit FSM
+            }
 			LoginWebPage::HTTP401Error();
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
--- a/application/logindefault.class.inc.php
+++ b/application/logindefault.class.inc.php
@@ -79,7 +79,7 @@ class LoginDefaultAfter extends AbstractLoginFSMExtension implements iLogoutExte
 	{
 		self::ResetLoginSession();
 		$iOnExit = LoginWebPage::getIOnExit();
-		if ($iOnExit == LoginWebPage::EXIT_RETURN)
+		if ($iOnExit === LoginWebPage::EXIT_RETURN)
 		{
 			return LoginWebPage::LOGIN_FSM_RETURN; // Error, exit FSM
 		}
@@ -95,6 +95,12 @@ class LoginDefaultAfter extends AbstractLoginFSMExtension implements iLogoutExte
 	{
 		if (!Session::IsSet('login_mode'))
 		{
+            // N°6358 - if EXIT_RETURN was asked, send an error
+            if (LoginWebPage::getIOnExit() === LoginWebPage::EXIT_RETURN) {
+                $iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
+                return LoginWebPage::LOGIN_FSM_ERROR;
+            }
+
 			// If no plugin validated the user, exit
 			self::ResetLoginSession();
 			exit();
--- a/application/loginexternal.class.inc.php
+++ b/application/loginexternal.class.inc.php
@@ -73,6 +73,11 @@ class LoginExternal extends AbstractLoginFSMExtension
 	{
 		if (Session::Get('login_mode') == 'external')
 		{
+            $iOnExit = LoginWebPage::getIOnExit();
+            if ($iOnExit === LoginWebPage::EXIT_RETURN)
+            {
+                return LoginWebPage::LOGIN_FSM_RETURN; // Error, exit FSM
+            }
 			LoginWebPage::HTTP401Error();
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
--- a/application/loginform.class.inc.php
+++ b/application/loginform.class.inc.php
@@ -44,6 +44,10 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension
 					exit;
 				}

+                if (LoginWebPage::getIOnExit() === LoginWebPage::EXIT_RETURN) {
+                    return LoginWebPage::LOGIN_FSM_CONTINUE;
+                }
+
 				// No credentials yet, display the form
 				$oPage = LoginWebPage::NewLoginWebPage();
 				$oPage->DisplayLoginForm($this->bForceFormOnError);
--- a/application/query.class.inc.php
+++ b/application/query.class.inc.php
@@ -74,6 +74,7 @@ abstract class Query extends cmdbAbstractObject
 			"default_value" => 0,
 			"is_null_allowed" => false,
 			"depends_on" => array(),
+			"tracking_level" => ATTRIBUTE_TRACKING_NONE,
 		)));

 		MetaModel::Init_AddAttribute(new AttributeDateTime("export_last_date", array(
@@ -82,6 +83,7 @@ abstract class Query extends cmdbAbstractObject
 			"default_value" => null,
 			"is_null_allowed" => true,
 			"depends_on" => array(),
+			"tracking_level" => ATTRIBUTE_TRACKING_NONE,
 		)));

 		MetaModel::Init_AddAttribute(new AttributeExternalKey("export_last_user_id",
@@ -93,14 +95,16 @@ abstract class Query extends cmdbAbstractObject
 				"depends_on"=>array(),
 				"display_style"=>'select',
 				"always_load_in_tables"=>false,
-				"on_target_delete"=>DEL_SILENT
+				"on_target_delete"=>DEL_SILENT,
+				"tracking_level" => ATTRIBUTE_TRACKING_NONE,
 			)));

 		MetaModel::Init_AddAttribute(new AttributeExternalField("export_last_user_contact",
 			array(
 				"allowed_values"=>null,
 				"extkey_attcode"=> "export_last_user_id",
-				"target_attcode"=>"contactid"
+				"target_attcode"=>"contactid",
+				"tracking_level" => ATTRIBUTE_TRACKING_NONE,
 			)));

 		// Display lists
--- a/application/ui.extkeywidget.class.inc.php
+++ b/application/ui.extkeywidget.class.inc.php
@@ -168,8 +168,6 @@ class UIExtKeyWidget
 		$sMessage = Dict::S('UI:Message:EmptyList:UseSearchForm');
 		$sAttrFieldPrefix = ($this->bSearchMode) ? '' : 'attr_';

-		
-		
 		$sFilter = addslashes($oAllowedValues->GetFilter()->ToOQL());
 		if ($this->bSearchMode) {
 			$sWizHelper = 'null';
@@ -1070,18 +1068,27 @@ JS
 		{
 			$oObj = MetaModel::NewObject($this->sTargetClass);
 			$aErrors = $oObj->UpdateObjectFromPostedForm($this->iId);
-			if (count($aErrors) == 0)
-			{
-				$oObj->DBInsert();
+			if (count($aErrors) == 0) {
+
+				// Retrieve JSON data
+				$sJSON = utils::ReadParam('json', '{}', false, utils::ENUM_SANITIZATION_FILTER_RAW_DATA);
+				$oJSON = json_decode($sJSON);
+
+				$oObj->SetContextSection('temporary_objects', [
+					'create' => [
+						'transaction_id' => utils::ReadParam('root_transaction_id', '', false, utils::ENUM_SANITIZATION_FILTER_TRANSACTION_ID),
+						'host_class'     => $oJSON->m_sClass,
+						'host_att_code'  => $this->sAttCode,
+					],
+				]);
+				$oObj->DBInsertNoReload();
+
 				return array('name' => $oObj->GetName(), 'id' => $oObj->GetKey());
-			}
-			else
-			{
+			} else {
 				return array('error' => implode(' ', $aErrors), 'id' => 0);
 			}
 		}
-		catch(Exception $e)
-		{
+		catch (Exception $e) {
 			return array('error' => $e->getMessage(), 'id' => 0);
 		}
 	}
--- a/application/utils.inc.php
+++ b/application/utils.inc.php
@@ -1970,6 +1970,7 @@ SQL;

 	/**
 	 * @param string $sValue
+	 * @param bool $bDoubleEncode Whether to double encode the value or not
 	 *
 	 * @return string passed value with only characters having a special meaning in HTML escaped as entities
 	 *    Since 3.0.0 we were using for this {@link HtmlEntities} but it was overkill and leads to double escaping !
@@ -1977,14 +1978,15 @@ SQL;
 	 * @uses \htmlspecialchars()
 	 * @link https://www.php.net/manual/fr/function.htmlspecialchars.php
 	 * @since 3.0.0 N°3623
+	 * @since 3.1.0 N°6405 Add $bDoubleEncode parameter
 	 */
-	public static function EscapeHtml($sValue)
+	public static function EscapeHtml($sValue, bool $bDoubleEncode = false)
 	{
 		return htmlspecialchars(
 			$sValue ?? '',
 			ENT_QUOTES | ENT_DISALLOWED | ENT_HTML5,
 			WebPage::PAGES_CHARSET,
-			false
+			$bDoubleEncode
 		);
 	}

@@ -2045,6 +2047,9 @@ SQL;
 	 */
 	public static function TextToHtml($sText)
 	{
+		if (static::IsNullOrEmptyString($sText)){
+			return '';
+		}
 		$sText = str_replace("\r\n", "\n", $sText);
 		$sText = str_replace("\r", "\n", $sText);

@@ -2904,7 +2909,8 @@ HTML;
 				if ($sClassNameFilter !== '' && strpos($sPHPClass, $sClassNameFilter) === false) {
 					$bSkipped = true;
 				}
-				else {
+				// For some PHP classes we don't have their file path as they are already in memory, so we never filter on their paths
+				elseif (utils::IsNotNullOrEmptyString($sPHPFile)) {
 					$sPHPFile = self::LocalPath($sPHPFile);
 					if ($sPHPFile !== false) {
 						$sPHPFile = '/'.$sPHPFile; // for regex
@@ -3368,5 +3374,22 @@ HTML;
 	{
 		return in_array($sTrait, self::TraitsUsedByClass($sClass, true));
 	}
-	
+
+	/**
+	 * Get stack trace as string array.
+	 *
+	 * @return array
+	 * @since 3.1.0
+	 */
+	public static function GetStackTraceAsArray(): array
+	{
+		$e = new Exception();
+		$aTrace = explode("\n", $e->getTraceAsString());
+		// Remove call to this method
+		array_shift($aTrace);
+		// Remove Main
+		array_pop($aTrace);
+
+		return $aTrace;
+	}
 }
--- a/composer.json
+++ b/composer.json
@@ -12,10 +12,10 @@
    "ext-json": "*",
    "ext-mysqli": "*",
    "ext-soap": "*",
-    "apereo/phpcas" : "~1.6.0",
+    "apereo/phpcas": "~1.6.0",
    "combodo/tcpdf": "~6.4.4",
    "firebase/php-jwt": "~6.4.0",
-    "guzzlehttp/guzzle": "^7.4.5",
+    "guzzlehttp/guzzle": "^7.5.1",
    "laminas/laminas-mail": "^2.11",
    "laminas/laminas-servicemanager": "^3.5",
    "league/oauth2-google": "^3.0",
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
        "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
        "This file is @generated automatically"
    ],
-    "content-hash": "69db9dbdea61a588fa2058724d91a579",
+    "content-hash": "cb3883f141f50e1bfbc957880ab93be1",
    "packages": [
        {
            "name": "apereo/phpcas",
@@ -217,22 +217,22 @@
        },
        {
            "name": "guzzlehttp/guzzle",
-            "version": "7.4.5",
+            "version": "7.7.0",
            "source": {
                "type": "git",
                "url": "https://github.com/guzzle/guzzle.git",
-                "reference": "1dd98b0564cb3f6bd16ce683cb755f94c10fbd82"
+                "reference": "fb7566caccf22d74d1ab270de3551f72a58399f5"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/guzzle/guzzle/zipball/1dd98b0564cb3f6bd16ce683cb755f94c10fbd82",
-                "reference": "1dd98b0564cb3f6bd16ce683cb755f94c10fbd82",
+                "url": "https://api.github.com/repos/guzzle/guzzle/zipball/fb7566caccf22d74d1ab270de3551f72a58399f5",
+                "reference": "fb7566caccf22d74d1ab270de3551f72a58399f5",
                "shasum": ""
            },
            "require": {
                "ext-json": "*",
-                "guzzlehttp/promises": "^1.5",
-                "guzzlehttp/psr7": "^1.9 || ^2.4",
+                "guzzlehttp/promises": "^1.5.3 || ^2.0",
+                "guzzlehttp/psr7": "^1.9.1 || ^2.4.5",
                "php": "^7.2.5 || ^8.0",
                "psr/http-client": "^1.0",
                "symfony/deprecation-contracts": "^2.2 || ^3.0"
@@ -241,10 +241,11 @@
                "psr/http-client-implementation": "1.0"
            },
            "require-dev": {
-                "bamarni/composer-bin-plugin": "^1.4.1",
+                "bamarni/composer-bin-plugin": "^1.8.1",
                "ext-curl": "*",
-                "php-http/client-integration-tests": "^3.0",
-                "phpunit/phpunit": "^8.5.5 || ^9.3.5",
+                "php-http/client-integration-tests": "dev-master#2c025848417c1135031fdf9c728ee53d0a7ceaee as 3.0.999",
+                "php-http/message-factory": "^1.1",
+                "phpunit/phpunit": "^8.5.29 || ^9.5.23",
                "psr/log": "^1.1 || ^2.0 || ^3.0"
            },
            "suggest": {
@@ -254,8 +255,9 @@
            },
            "type": "library",
            "extra": {
-                "branch-alias": {
-                    "dev-master": "7.4-dev"
+                "bamarni-bin": {
+                    "bin-links": true,
+                    "forward-command": false
                }
            },
            "autoload": {
@@ -321,7 +323,7 @@
            ],
            "support": {
                "issues": "https://github.com/guzzle/guzzle/issues",
-                "source": "https://github.com/guzzle/guzzle/tree/7.4.5"
+                "source": "https://github.com/guzzle/guzzle/tree/7.7.0"
            },
            "funding": [
                {
@@ -337,38 +339,37 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2022-06-20T22:16:13+00:00"
+            "time": "2023-05-21T14:04:53+00:00"
        },
        {
            "name": "guzzlehttp/promises",
-            "version": "1.5.1",
+            "version": "2.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/guzzle/promises.git",
-                "reference": "fe752aedc9fd8fcca3fe7ad05d419d32998a06da"
+                "reference": "3a494dc7dc1d7d12e511890177ae2d0e6c107da6"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/guzzle/promises/zipball/fe752aedc9fd8fcca3fe7ad05d419d32998a06da",
-                "reference": "fe752aedc9fd8fcca3fe7ad05d419d32998a06da",
+                "url": "https://api.github.com/repos/guzzle/promises/zipball/3a494dc7dc1d7d12e511890177ae2d0e6c107da6",
+                "reference": "3a494dc7dc1d7d12e511890177ae2d0e6c107da6",
                "shasum": ""
            },
            "require": {
-                "php": ">=5.5"
+                "php": "^7.2.5 || ^8.0"
            },
            "require-dev": {
-                "symfony/phpunit-bridge": "^4.4 || ^5.1"
+                "bamarni/composer-bin-plugin": "^1.8.1",
+                "phpunit/phpunit": "^8.5.29 || ^9.5.23"
            },
            "type": "library",
            "extra": {
-                "branch-alias": {
-                    "dev-master": "1.5-dev"
+                "bamarni-bin": {
+                    "bin-links": true,
+                    "forward-command": false
                }
            },
            "autoload": {
-                "files": [
-                    "src/functions_include.php"
-                ],
                "psr-4": {
                    "GuzzleHttp\\Promise\\": "src/"
                }
@@ -405,7 +406,7 @@
            ],
            "support": {
                "issues": "https://github.com/guzzle/promises/issues",
-                "source": "https://github.com/guzzle/promises/tree/1.5.1"
+                "source": "https://github.com/guzzle/promises/tree/2.0.0"
            },
            "funding": [
                {
@@ -421,26 +422,26 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-10-22T20:56:57+00:00"
+            "time": "2023-05-21T13:50:22+00:00"
        },
        {
            "name": "guzzlehttp/psr7",
-            "version": "2.4.0",
+            "version": "2.5.0",
            "source": {
                "type": "git",
                "url": "https://github.com/guzzle/psr7.git",
-                "reference": "13388f00956b1503577598873fffb5ae994b5737"
+                "reference": "b635f279edd83fc275f822a1188157ffea568ff6"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/guzzle/psr7/zipball/13388f00956b1503577598873fffb5ae994b5737",
-                "reference": "13388f00956b1503577598873fffb5ae994b5737",
+                "url": "https://api.github.com/repos/guzzle/psr7/zipball/b635f279edd83fc275f822a1188157ffea568ff6",
+                "reference": "b635f279edd83fc275f822a1188157ffea568ff6",
                "shasum": ""
            },
            "require": {
                "php": "^7.2.5 || ^8.0",
                "psr/http-factory": "^1.0",
-                "psr/http-message": "^1.0",
+                "psr/http-message": "^1.1 || ^2.0",
                "ralouphie/getallheaders": "^3.0"
            },
            "provide": {
@@ -448,17 +449,18 @@
                "psr/http-message-implementation": "1.0"
            },
            "require-dev": {
-                "bamarni/composer-bin-plugin": "^1.4.1",
+                "bamarni/composer-bin-plugin": "^1.8.1",
                "http-interop/http-factory-tests": "^0.9",
-                "phpunit/phpunit": "^8.5.8 || ^9.3.10"
+                "phpunit/phpunit": "^8.5.29 || ^9.5.23"
            },
            "suggest": {
                "laminas/laminas-httphandlerrunner": "Emit PSR-7 responses"
            },
            "type": "library",
            "extra": {
-                "branch-alias": {
-                    "dev-master": "2.4-dev"
+                "bamarni-bin": {
+                    "bin-links": true,
+                    "forward-command": false
                }
            },
            "autoload": {
@@ -520,7 +522,7 @@
            ],
            "support": {
                "issues": "https://github.com/guzzle/psr7/issues",
-                "source": "https://github.com/guzzle/psr7/tree/2.4.0"
+                "source": "https://github.com/guzzle/psr7/tree/2.5.0"
            },
            "funding": [
                {
@@ -536,7 +538,7 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2022-06-20T21:43:11+00:00"
+            "time": "2023-04-17T16:11:26+00:00"
        },
        {
            "name": "laminas/laminas-loader",
@@ -1668,21 +1670,21 @@
        },
        {
            "name": "psr/http-client",
-            "version": "1.0.1",
+            "version": "1.0.2",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/http-client.git",
-                "reference": "2dfb5f6c5eff0e91e20e913f8c5452ed95b86621"
+                "reference": "0955afe48220520692d2d09f7ab7e0f93ffd6a31"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/http-client/zipball/2dfb5f6c5eff0e91e20e913f8c5452ed95b86621",
-                "reference": "2dfb5f6c5eff0e91e20e913f8c5452ed95b86621",
+                "url": "https://api.github.com/repos/php-fig/http-client/zipball/0955afe48220520692d2d09f7ab7e0f93ffd6a31",
+                "reference": "0955afe48220520692d2d09f7ab7e0f93ffd6a31",
                "shasum": ""
            },
            "require": {
                "php": "^7.0 || ^8.0",
-                "psr/http-message": "^1.0"
+                "psr/http-message": "^1.0 || ^2.0"
            },
            "type": "library",
            "extra": {
@@ -1702,7 +1704,7 @@
            "authors": [
                {
                    "name": "PHP-FIG",
-                    "homepage": "http://www.php-fig.org/"
+                    "homepage": "https://www.php-fig.org/"
                }
            ],
            "description": "Common interface for HTTP clients",
@@ -1714,27 +1716,27 @@
                "psr-18"
            ],
            "support": {
-                "source": "https://github.com/php-fig/http-client/tree/master"
+                "source": "https://github.com/php-fig/http-client/tree/1.0.2"
            },
-            "time": "2020-06-29T06:28:15+00:00"
+            "time": "2023-04-10T20:12:12+00:00"
        },
        {
            "name": "psr/http-factory",
-            "version": "1.0.1",
+            "version": "1.0.2",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/http-factory.git",
-                "reference": "12ac7fcd07e5b077433f5f2bee95b3a771bf61be"
+                "reference": "e616d01114759c4c489f93b099585439f795fe35"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/http-factory/zipball/12ac7fcd07e5b077433f5f2bee95b3a771bf61be",
-                "reference": "12ac7fcd07e5b077433f5f2bee95b3a771bf61be",
+                "url": "https://api.github.com/repos/php-fig/http-factory/zipball/e616d01114759c4c489f93b099585439f795fe35",
+                "reference": "e616d01114759c4c489f93b099585439f795fe35",
                "shasum": ""
            },
            "require": {
                "php": ">=7.0.0",
-                "psr/http-message": "^1.0"
+                "psr/http-message": "^1.0 || ^2.0"
            },
            "type": "library",
            "extra": {
@@ -1754,7 +1756,7 @@
            "authors": [
                {
                    "name": "PHP-FIG",
-                    "homepage": "http://www.php-fig.org/"
+                    "homepage": "https://www.php-fig.org/"
                }
            ],
            "description": "Common interfaces for PSR-7 HTTP message factories",
@@ -1769,31 +1771,31 @@
                "response"
            ],
            "support": {
-                "source": "https://github.com/php-fig/http-factory/tree/master"
+                "source": "https://github.com/php-fig/http-factory/tree/1.0.2"
            },
-            "time": "2019-04-30T12:38:16+00:00"
+            "time": "2023-04-10T20:10:41+00:00"
        },
        {
            "name": "psr/http-message",
-            "version": "1.0.1",
+            "version": "2.0",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/http-message.git",
-                "reference": "f6561bf28d520154e4b0ec72be95418abe6d9363"
+                "reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/http-message/zipball/f6561bf28d520154e4b0ec72be95418abe6d9363",
-                "reference": "f6561bf28d520154e4b0ec72be95418abe6d9363",
+                "url": "https://api.github.com/repos/php-fig/http-message/zipball/402d35bcb92c70c026d1a6a9883f06b2ead23d71",
+                "reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71",
                "shasum": ""
            },
            "require": {
-                "php": ">=5.3.0"
+                "php": "^7.2 || ^8.0"
            },
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "1.0.x-dev"
+                    "dev-master": "2.0.x-dev"
                }
            },
            "autoload": {
@@ -1808,7 +1810,7 @@
            "authors": [
                {
                    "name": "PHP-FIG",
-                    "homepage": "http://www.php-fig.org/"
+                    "homepage": "https://www.php-fig.org/"
                }
            ],
            "description": "Common interface for HTTP messages",
@@ -1822,9 +1824,9 @@
                "response"
            ],
            "support": {
-                "source": "https://github.com/php-fig/http-message/tree/master"
+                "source": "https://github.com/php-fig/http-message/tree/2.0"
            },
-            "time": "2016-08-06T14:39:51+00:00"
+            "time": "2023-04-04T09:54:51+00:00"
        },
        {
            "name": "psr/log",
@@ -5274,5 +5276,5 @@
    "platform-overrides": {
        "php": "7.4.0"
    },
-    "plugin-api-version": "2.1.0"
+    "plugin-api-version": "2.3.0"
 }
--- a/core/TemporaryObjectDescriptor.php
+++ b/core/TemporaryObjectDescriptor.php
@@ -0,0 +1,101 @@
+<?php
+/*
+ * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+/**
+ * Class TemporaryObjectDescriptor
+ *
+ * Descriptor to track a temporary object.
+ *
+ * @experimental do not use, this feature will be part of a future version
+ *
+ * @since 3.1
+ */
+class TemporaryObjectDescriptor extends DBObject
+{
+	public static function Init()
+	{
+		$aParams = array(
+			'category'            => 'core',
+			'key_type'            => 'autoincrement',
+			'name_attcode'        => array('item_class', 'temp_id'),
+			'image_attcode'       => '',
+			'state_attcode'       => '',
+			'reconc_keys'         => array(''),
+			'db_table'            => 'priv_temporary_object_descriptor',
+			'db_key_field'        => 'id',
+			'db_finalclass_field' => '',
+			'style'               => new ormStyle(null, null, null, null, null, null),
+			'indexes'             => array(
+				1 =>
+					array(
+						0 => 'temp_id',
+					),
+				2 =>
+					array(
+						0 => 'item_class',
+						1 => 'item_id',
+					),
+			),
+		);
+		MetaModel::Init_Params($aParams);
+		MetaModel::Init_InheritAttributes();
+		MetaModel::Init_AddAttribute(new AttributeDateTime('expiration_date', array('sql' => 'expiration_date', 'is_null_allowed' => false, 'default_value' => '', 'allowed_values' => null, 'depends_on' => array(), 'always_load_in_tables' => false)));
+		MetaModel::Init_AddAttribute(new AttributeString('temp_id', array('sql' => 'temp_id', 'is_null_allowed' => true, 'default_value' => '', 'allowed_values' => null, 'depends_on' => array(), 'always_load_in_tables' => false)));
+		MetaModel::Init_AddAttribute(new AttributeString('item_class', array('sql' => 'item_class', 'is_null_allowed' => false, 'default_value' => '', 'allowed_values' => null, 'depends_on' => array(), 'always_load_in_tables' => false)));
+		MetaModel::Init_AddAttribute(new AttributeObjectKey('item_id', array('class_attcode' => 'item_class', 'sql' => 'item_id', 'is_null_allowed' => true, 'allowed_values' => null, 'depends_on' => array(), 'always_load_in_tables' => false)));
+		MetaModel::Init_AddAttribute(new AttributeDateTime('creation_date', array('sql' => 'creation_date', 'is_null_allowed' => true, 'default_value' => '', 'allowed_values' => null, 'depends_on' => array(), 'always_load_in_tables' => false)));
+		MetaModel::Init_AddAttribute(new AttributeString('host_class', array('sql' => 'host_class', 'is_null_allowed' => true, 'default_value' => '', 'allowed_values' => null, 'depends_on' => array(), 'always_load_in_tables' => false)));
+		MetaModel::Init_AddAttribute(new AttributeObjectKey('host_id', array('class_attcode' => 'host_class', 'sql' => 'host_id', 'is_null_allowed' => true, 'allowed_values' => null, 'depends_on' => array(), 'always_load_in_tables' => false)));
+		MetaModel::Init_AddAttribute(new AttributeString('host_att_code', array('sql' => 'host_att_code', 'is_null_allowed' => true, 'default_value' => '', 'allowed_values' => null, 'depends_on' => array(), 'always_load_in_tables' => false)));
+		MetaModel::Init_AddAttribute(new AttributeEnum("operation", array("allowed_values" => new ValueSetEnum('create,delete'), "sql" => "operation", "default_value" => "create", "is_null_allowed" => true, "depends_on" => array())));
+
+		MetaModel::Init_SetZListItems('details', array(
+			0 => 'temp_id',
+			1 => 'item_class',
+			2 => 'item_id',
+			3 => 'creation_date',
+			4 => 'expiration_date',
+			5 => 'meta',
+		));
+		MetaModel::Init_SetZListItems('standard_search', array(
+			0 => 'temp_id',
+			1 => 'item_class',
+			2 => 'item_id',
+		));
+		MetaModel::Init_SetZListItems('list', array(
+			0 => 'temp_id',
+			1 => 'item_class',
+			2 => 'item_id',
+			3 => 'creation_date',
+			4 => 'expiration_date',
+		));;
+	}
+
+
+	public function DBInsertNoReload()
+	{
+		$this->SetCurrentDateIfNull('creation_date');
+
+		return parent::DBInsertNoReload();
+	}
+
+
+	/**
+	 * Set/Update all of the '_item' fields
+	 *
+	 * @param object $oItem Container item
+	 *
+	 * @return void
+	 */
+	public function SetItem($oItem, $bUpdateOnChange = false)
+	{
+		$sClass = get_class($oItem);
+		$iItemId = $oItem->GetKey();
+
+		$this->Set('item_class', $sClass);
+		$this->Set('item_id', $iItemId);
+	}
+}
--- a/core/action.class.inc.php
+++ b/core/action.class.inc.php
@@ -16,6 +16,7 @@
 //   You should have received a copy of the GNU Affero General Public License
 //   along with iTop. If not, see <http://www.gnu.org/licenses/>

+use Combodo\iTop\Application\TwigBase\Twig\TwigHelper;

 /**
 * Persistent classes (internal): user defined actions
@@ -225,7 +226,22 @@ class ActionEmail extends ActionNotification
 	 * @since 3.0.1
 	 */
 	const ENUM_HEADER_NAME_REFERENCES = 'References';
-
+	/**
+	 * @var string
+	 * @since 3.1.0
+	 */
+	const TEMPLATE_BODY_CONTENT = '$content$';
+	/**
+	 * Wraps the 'body' of the message for previewing inside an IFRAME -- i.e. without any of the iTop stylesheets being applied
+	 * @var string
+	 * @since 3.1.0
+	 */
+	const CONTENT_HIGHLIGHT = '<div style="border:2px dashed #6800ff;position:relative;padding:2px;margin-top:14px;"><div style="background-color:#6800ff;color:#fff;font-family:Courier New, sans-serif;font-size:14px;line-height:16px;padding:3px;display:block;position:absolute;top:-22px;right:0;">$content$</div>%s</div>';
+	/**
+	 * Wraps a placeholder of the email's body for previewing inside an IFRAME -- i.e. without any of the iTop stylesheets being applied
+	 * @var string
+	 */
+	const FIELD_HIGHLIGHT = '<span style="background-color:#6800ff;color:#fff;font-size:smaller;font-family:Courier New, sans-serif;padding:2px;">\\$$1\\$</span>';
 	/**
 	 * @inheritDoc
 	 */
@@ -257,6 +273,10 @@ class ActionEmail extends ActionNotification
 		MetaModel::Init_AddAttribute(new AttributeTemplateString("subject", array("allowed_values" => null, "sql" => "subject", "default_value" => null, "is_null_allowed" => false, "depends_on" => array())));
 		MetaModel::Init_AddAttribute(new AttributeTemplateHTML("body", array("allowed_values" => null, "sql" => "body", "default_value" => null, "is_null_allowed" => false, "depends_on" => array())));
 		MetaModel::Init_AddAttribute(new AttributeEnum("importance", array("allowed_values" => new ValueSetEnum('low,normal,high'), "sql" => "importance", "default_value" => 'normal', "is_null_allowed" => false, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeApplicationLanguage("language", array("sql"=>"language", "default_value"=>null, "is_null_allowed"=>true, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeBlob("html_template", array("is_null_allowed"=>true, "depends_on"=>array(), "always_load_in_tables"=>false)));
+		MetaModel::Init_AddAttribute(new AttributeEnum("ignore_notify", array("allowed_values" => new ValueSetEnum('yes,no'), "sql" => "ignore_notify", "default_value" => 'yes', "is_null_allowed" => false, "depends_on" => array())));
+		

 		// Display lists
 		// - Attributes to be displayed for the complete details
@@ -266,8 +286,10 @@ class ActionEmail extends ActionNotification
 					0 => 'name',
 					1 => 'description',
 					2 => 'status',
-					3 => 'subject',
-					4 => 'body',
+					3 => 'language',
+					4 => 'html_template',
+					5 => 'subject',
+					6 => 'body',
 					// 5 => 'importance', not handled when sending the mail, better hide it then
 				),
 				'fieldset:ActionEmail:trigger' => array(
@@ -281,20 +303,21 @@ class ActionEmail extends ActionNotification
 					2 => 'reply_to',
 					3 => 'reply_to_label',
 					4 => 'test_recipient',
-					5 => 'to',
-					6 => 'cc',
-					7 => 'bcc',
+					5 => 'ignore_notify',
+					6 => 'to',
+					7 => 'cc',
+					8 => 'bcc',
 				),
 			),
 		));

 		// - Attributes to be displayed for a list
-		MetaModel::Init_SetZListItems('list', array('status', 'to', 'subject'));
+		MetaModel::Init_SetZListItems('list', array('status', 'to', 'subject', 'language'));
 		// Search criteria
 		// - Standard criteria of the search
-		MetaModel::Init_SetZListItems('standard_search', array('name', 'description', 'status', 'subject'));
+		MetaModel::Init_SetZListItems('standard_search', array('name', 'description', 'status', 'subject', 'language'));
 		// - Default criteria for the search
-		MetaModel::Init_SetZListItems('default_search', array('name', 'description', 'status', 'subject'));
+		MetaModel::Init_SetZListItems('default_search', array('name', 'description', 'status', 'subject', 'language'));
 	}

 	// count the recipients found
@@ -324,6 +347,15 @@ class ActionEmail extends ActionNotification
 		try
 		{
 			$oSearch = DBObjectSearch::FromOQL($sOQL);
+			if ($this->Get('ignore_notify') === 'no') {
+				// In theory it is possible to notify *any* kind of object, 
+				// as long as there is an email attribute in the class
+				// So let's not assume that the selected class is a Person
+				$sFirstSelectedClass = $oSearch->GetClass();
+				if (MetaModel::IsValidAttCode($sFirstSelectedClass, 'notify')) {
+					$oSearch->AddCondition('notify', 'yes');
+				}
+			}
 			$oSearch->AllowAllData();
 		}
 		catch (OQLException $e)
@@ -448,114 +480,27 @@ class ActionEmail extends ActionNotification
 	 */
 	protected function _DoExecute($oTrigger, $aContextArgs, &$oLog)
 	{
-		$sPreviousUrlMaker = ApplicationContext::SetUrlMakerClass();
-		try
-		{
-			$this->m_iRecipients = 0;
-			$this->m_aMailErrors = array();
-
-			// Determine recipients
-			//
-			$sTo = $this->FindRecipients('to', $aContextArgs);
-			$sCC = $this->FindRecipients('cc', $aContextArgs);
-			$sBCC = $this->FindRecipients('bcc', $aContextArgs);
-
-			$sFrom = MetaModel::ApplyParams($this->Get('from'), $aContextArgs);
-			$sFromLabel = MetaModel::ApplyParams($this->Get('from_label'), $aContextArgs);
-			$sReplyTo = MetaModel::ApplyParams($this->Get('reply_to'), $aContextArgs);
-			$sReplyToLabel = MetaModel::ApplyParams($this->Get('reply_to_label'), $aContextArgs);
-
-			$sSubject = MetaModel::ApplyParams($this->Get('subject'), $aContextArgs);
-			$sBody = MetaModel::ApplyParams($this->Get('body'), $aContextArgs);
-
-			$oObj = $aContextArgs['this->object()'];
-			$sMessageId = $this->GenerateIdentifierForHeaders($oObj, static::ENUM_HEADER_NAME_MESSAGE_ID);
-			$sReference = $this->GenerateIdentifierForHeaders($oObj, static::ENUM_HEADER_NAME_REFERENCES);
-		}
-		catch (Exception $e) {
-			/** @noinspection PhpUnhandledExceptionInspection */
-			throw $e;
-		}
-		finally {
-			ApplicationContext::SetUrlMakerClass($sPreviousUrlMaker);
-		}
-
-		if (!is_null($oLog)) {
-			// Note: we have to secure this because those values are calculated
-			// inside the try statement, and we would like to keep track of as
-			// many data as we could while some variables may still be undefined
-			if (isset($sTo)) {
-				$oLog->Set('to', $sTo);
-			}
-			if (isset($sCC)) {
-				$oLog->Set('cc', $sCC);
-			}
-			if (isset($sBCC)) {
-				$oLog->Set('bcc', $sBCC);
-			}
-			if (isset($sFrom)) {
-				$oLog->Set('from', $sFrom);
-			}
-			if (isset($sSubject)) {
-				$oLog->Set('subject', $sSubject);
-			}
-			if (isset($sBody)) {
-				$oLog->Set('body', $sBody);
-			}
-		}
 		$sStyles = file_get_contents(APPROOT.'css/email.css');
 		$sStyles .= MetaModel::GetConfig()->Get('email_css');
-
+		
 		$oEmail = new EMail();
-
-		if ($this->IsBeingTested()) {
-			$oEmail->SetSubject('TEST['.$sSubject.']');
-			$sTestBody = $sBody;
-			$sTestBody .= "<div style=\"border: dashed;\">\n";
-			$sTestBody .= "<h1>Testing email notification ".$this->GetHyperlink()."</h1>\n";
-			$sTestBody .= "<p>The email should be sent with the following properties\n";
-			$sTestBody .= "<ul>\n";
-			$sTestBody .= "<li>TO: $sTo</li>\n";
-			$sTestBody .= "<li>CC: $sCC</li>\n";
-			$sTestBody .= "<li>BCC: $sBCC</li>\n";
-			$sTestBody .= empty($sFromLabel) ? "<li>From: $sFrom</li>\n" : "<li>From: $sFromLabel &lt;$sFrom&gt;</li>\n";
-			$sTestBody .= empty($sReplyToLabel) ? "<li>Reply-To: $sReplyTo</li>\n" : "<li>Reply-To: $sReplyToLabel &lt;$sReplyTo&gt;</li>\n";
-			$sTestBody .= "<li>References: $sReference</li>\n";
-			$sTestBody .= "</ul>\n";
-			$sTestBody .= "</p>\n";
-			$sTestBody .= "</div>\n";
-			$oEmail->SetBody($sTestBody, 'text/html', $sStyles);
-			$oEmail->SetRecipientTO($this->Get('test_recipient'));
-			$oEmail->SetRecipientFrom($sFrom, $sFromLabel);
-			$oEmail->SetReferences($sReference);
-			$oEmail->SetMessageId($sMessageId);
-			// Note: N°4849 We pass the "References" identifier instead of the "Message-ID" on purpose as we want notifications emails to group around the triggering iTop object, not just the users' replies to the notification
-			$oEmail->SetInReplyTo($sReference);
-		} else {
-			$oEmail->SetSubject($sSubject);
-			$oEmail->SetBody($sBody, 'text/html', $sStyles);
-			$oEmail->SetRecipientTO($sTo);
-			$oEmail->SetRecipientCC($sCC);
-			$oEmail->SetRecipientBCC($sBCC);
-			$oEmail->SetRecipientFrom($sFrom, $sFromLabel);
-			$oEmail->SetRecipientReplyTo($sReplyTo, $sReplyToLabel);
-			$oEmail->SetReferences($sReference);
-			$oEmail->SetMessageId($sMessageId);
-			// Note: N°4849 We pass the "References" identifier instead of the "Message-ID" on purpose as we want notifications emails to group around the triggering iTop object, not just the users' replies to the notification
-			$oEmail->SetInReplyTo($sReference);
+		
+		$aEmailContent = $this->PrepareMessageContent($aContextArgs, $oLog);
+		$oEmail->SetSubject($aEmailContent['subject']);
+		$oEmail->SetBody($aEmailContent['body'], 'text/html', $sStyles);
+		$oEmail->SetRecipientTO($aEmailContent['to']);
+		$oEmail->SetRecipientCC($aEmailContent['cc']);
+		$oEmail->SetRecipientBCC($aEmailContent['bcc']);
+		$oEmail->SetRecipientFrom($aEmailContent['from'], $aEmailContent['from_label']);
+		$oEmail->SetRecipientReplyTo($aEmailContent['reply_to'], $aEmailContent['reply_to_label']);
+		$oEmail->SetReferences($aEmailContent['references']);
+		$oEmail->SetMessageId($aEmailContent['message_id']);
+		$oEmail->SetInReplyTo($aEmailContent['in_reply_to']);
+		
+		foreach($aEmailContent['attachments'] as $aAttachment) {
+			$oEmail->AddAttachment($aAttachment['data'], $aAttachment['filename'], $aAttachment['mime_type']);
 		}
-
-		if (isset($aContextArgs['attachments']))
-		{
-			$aAttachmentReport = array();
-			foreach($aContextArgs['attachments'] as $oDocument)
-			{
-				$oEmail->AddAttachment($oDocument->GetData(), $oDocument->GetFileName(), $oDocument->GetMimeType());
-				$aAttachmentReport[] = array($oDocument->GetFileName(), $oDocument->GetMimeType(), strlen($oDocument->GetData()));
-			}
-			$oLog->Set('attachments', $aAttachmentReport);
-		}
-
+		
 		if (empty($this->m_aMailErrors))
 		{
 			if ($this->m_iRecipients == 0)
@@ -564,6 +509,7 @@ class ActionEmail extends ActionNotification
 			}
 			else
 			{
+				$aErrors = [];
 				$iRes = $oEmail->Send($aErrors, false, $oLog); // allow asynchronous mode
 				switch ($iRes)
 				{
@@ -588,13 +534,147 @@ class ActionEmail extends ActionNotification
 		}
 	}

+	/**
+	 * @param array $aContextArgs
+	 * @param \EventNotification $oLog
+	 *
+	 * @return array
+	 * @throws \CoreException
+	 * @throws \Exception
+	 * @since 3.1.0 N°918
+	 */
+	protected function PrepareMessageContent($aContextArgs, &$oLog): array
+	{
+		$aMessageContent = [
+			'to' => '',
+			'cc' => '',
+			'bcc' => '',
+			'from' => '',
+			'from_label' => '',
+			'reply_to' => '',
+			'reply_to_label' => '',
+			'subject' => '',
+			'body' => '',
+			'references' => '',
+			'message_id' => '',
+			'in_reply_to' => '',
+			'attachments' => [],
+		];
+		$sPreviousUrlMaker = ApplicationContext::SetUrlMakerClass();
+		$sPreviousLanguage = Dict::GetUserLanguage();
+		$aPreviousPluginProperties = ApplicationContext::GetPluginProperties('QueryLocalizerPlugin');
+		if ($this->Get('language') !== '') {
+			// If a language is specified for this action, force this language
+			// when rendering all placeholders inside this message
+			Dict::SetUserLanguage($this->Get('language'));
+			AttributeDateTime::LoadFormatFromConfig();
+			ApplicationContext::SetPluginProperty('QueryLocalizerPlugin', 'language_code', $this->Get('language'));
+		}
+
+		try
+		{
+			$this->m_iRecipients = 0;
+			$this->m_aMailErrors = array();
+			
+			// Determine recipients
+			//
+			$aMessageContent['to'] = $this->FindRecipients('to', $aContextArgs);
+			$aMessageContent['cc'] = $this->FindRecipients('cc', $aContextArgs);
+			$aMessageContent['bcc'] = $this->FindRecipients('bcc', $aContextArgs);
+			
+			$aMessageContent['from'] = MetaModel::ApplyParams($this->Get('from'), $aContextArgs);
+			$aMessageContent['from_label'] = MetaModel::ApplyParams($this->Get('from_label'), $aContextArgs);
+			$aMessageContent['reply_to'] = MetaModel::ApplyParams($this->Get('reply_to'), $aContextArgs);
+			$aMessageContent['reply_to_label'] = MetaModel::ApplyParams($this->Get('reply_to_label'), $aContextArgs);
+			
+			$aMessageContent['subject'] = MetaModel::ApplyParams($this->Get('subject'), $aContextArgs);
+			$sBody = $this->BuildMessageBody(false);
+			$aMessageContent['body'] = MetaModel::ApplyParams($sBody, $aContextArgs);
+			
+			$oObj = $aContextArgs['this->object()'];
+			$aMessageContent['message_id'] = $this->GenerateIdentifierForHeaders($oObj, static::ENUM_HEADER_NAME_MESSAGE_ID);
+			$aMessageContent['references'] = $this->GenerateIdentifierForHeaders($oObj, static::ENUM_HEADER_NAME_REFERENCES);
+		}
+		catch (Exception $e) {
+			/** @noinspection PhpUnhandledExceptionInspection */
+			throw $e;
+		}
+		finally {
+			ApplicationContext::SetUrlMakerClass($sPreviousUrlMaker);
+			Dict::SetUserLanguage($sPreviousLanguage);
+			AttributeDateTime::LoadFormatFromConfig();
+			ApplicationContext::SetPluginProperty('QueryLocalizerPlugin', 'language_code', $aPreviousPluginProperties['language_code'] ?? null);
+		}
+		
+		if (!is_null($oLog)) {
+			// Note: we have to secure this because those values are calculated
+			// inside the try statement, and we would like to keep track of as
+			// many data as we could while some variables may still be undefined
+			if (isset($aMessageContent['to'])) {
+				$oLog->Set('to', $aMessageContent['to']);
+			}
+			if (isset($aMessageContent['cc'])) {
+				$oLog->Set('cc', $aMessageContent['cc']);
+			}
+			if (isset($aMessageContent['bcc'])) {
+				$oLog->Set('bcc', $aMessageContent['bcc']);
+			}
+			if (isset($aMessageContent['from'])) {
+				$oLog->Set('from', $aMessageContent['from']);
+			}
+			if (isset($aMessageContent['subject'])) {
+				$oLog->Set('subject', $aMessageContent['subject']);
+			}
+			if (isset($aMessageContent['body'])) {
+				$oLog->Set('body', HTMLSanitizer::Sanitize($aMessageContent['body']));
+			}
+		}
+		$sStyles = file_get_contents(APPROOT.'css/email.css');
+		$sStyles .= MetaModel::GetConfig()->Get('email_css');
+		
+		if ($this->IsBeingTested()) {
+			$sTestBody = $aMessageContent['body'];
+			$sTestBody .= "<div style=\"border: dashed;\">\n";
+			$sTestBody .= "<h1>Testing email notification ".$this->GetHyperlink()."</h1>\n";
+			$sTestBody .= "<p>The email should be sent with the following properties\n";
+			$sTestBody .= "<ul>\n";
+			$sTestBody .= "<li>TO: {$aMessageContent['to']}</li>\n";
+			$sTestBody .= "<li>CC: {$aMessageContent['cc']}</li>\n";
+			$sTestBody .= "<li>BCC: {$aMessageContent['bcc']}</li>\n";
+			$sTestBody .= empty($aMessageContent['from_label']) ? "<li>From: {$aMessageContent['from']}</li>\n" : "<li>From: {$aMessageContent['from_label']} &lt;{$aMessageContent['from']}&gt;</li>\n";
+			$sTestBody .= empty($aMessageContent['reply_to_label']) ? "<li>Reply-To: {$aMessageContent['reply_to']}</li>\n" : "<li>Reply-To: {$aMessageContent['reply_to_label']} &lt;{$aMessageContent['reply_to']}&gt;</li>\n";
+			$sTestBody .= "<li>References: {$aMessageContent['references']}</li>\n";
+			$sTestBody .= "</ul>\n";
+			$sTestBody .= "</p>\n";
+			$sTestBody .= "</div>\n";
+			$aMessageContent['subject'] = 'TEST['.$aMessageContent['subject'].']';
+			$aMessageContent['body'] = $sTestBody;
+			$aMessageContent['to'] = $this->Get('test_recipient');
+		}
+		// Note: N°4849 We pass the "References" identifier instead of the "Message-ID" on purpose as we want notifications emails to group around the triggering iTop object, not just the users' replies to the notification
+		$aMessageContent['in_reply_to'] = $aMessageContent['references'];
+		
+		if (isset($aContextArgs['attachments']))
+		{
+			$aAttachmentReport = array();
+			foreach($aContextArgs['attachments'] as $oDocument)
+			{
+				$aMessageContent['attachments'][] = ['data' => $oDocument->GetData(), 'filename' => $oDocument->GetFileName(), 'mime_type' => $oDocument->GetMimeType()];
+				$aAttachmentReport[] = array($oDocument->GetFileName(), $oDocument->GetMimeType(), strlen($oDocument->GetData()));
+			}
+			$oLog->Set('attachments', $aAttachmentReport);
+		}
+		
+		return $aMessageContent;
+	}
+
 	/**
 	 * @param \DBObject $oObject
 	 * @param string $sHeaderName {@see \ActionEmail::ENUM_HEADER_NAME_REFERENCES}, {@see \ActionEmail::ENUM_HEADER_NAME_MESSAGE_ID}
 	 *
 	 * @return string The formatted identifier for $sHeaderName based on $oObject
 	 * @throws \Exception
-	 * @since 3.0.1 N°4849
+	 * @since 3.1.0 N°4849
 	 */
 	protected function GenerateIdentifierForHeaders(DBObject $oObject, string $sHeaderName): string
 	{
@@ -629,4 +709,65 @@ class ActionEmail extends ActionNotification
 		]);
 		throw new Exception($sErrorMessage);
 	}
+	
+	/**
+	 * Compose the body of the message from the 'body' attribute and the HTML template (if any)
+	 * @since 3.1.0 N°4849
+	 * @param bool $bHighlightPlaceholders If true add some extra HTML around placeholders to highlight them 
+	 * @return string
+	 */
+	protected function BuildMessageBody(bool $bHighlightPlaceholders = false): string
+	{
+		$sBody = $this->Get('body');
+		/**  @var ormDocument $oHtmlTemplate */
+		$oHtmlTemplate = $this->Get('html_template');
+		if ($oHtmlTemplate && !$oHtmlTemplate->IsEmpty()) {
+			$sHtmlTemplate = $oHtmlTemplate->GetData();
+			if (false !== mb_strpos($sHtmlTemplate, static::TEMPLATE_BODY_CONTENT)) {
+				if ($bHighlightPlaceholders) {
+					// Highlight the $content$ block
+					$sBody = sprintf(static::CONTENT_HIGHLIGHT, $sBody);
+				}
+				$sBody = str_replace(static::TEMPLATE_BODY_CONTENT, $sBody, $oHtmlTemplate->GetData()); // str_replace is ok as long as both strings are well-formed UTF-8
+			} else {
+				$sBody = $oHtmlTemplate->GetData();
+			}
+		}
+		if($bHighlightPlaceholders) {
+			// Highlight all placeholders
+			$sBody = preg_replace('/\\$([^$]+)\\$/', static::FIELD_HIGHLIGHT, $sBody);
+		}
+		return $sBody;
+	}
+	
+	/**
+	 * @since 3.1.0 N°4849
+	 * @inheritDoc
+	 * @see cmdbAbstractObject::DisplayBareRelations()
+	 */
+	public function DisplayBareRelations(WebPage $oPage, $bEditMode = false)
+	{
+		parent::DisplayBareRelations($oPage, false);
+		if (!$bEditMode) {
+			$oPage->SetCurrentTab('action_email__preview', Dict::S('ActionEmail:preview_tab'), Dict::S('ActionEmail:preview_tab+'));
+			$sBody = $this->BuildMessageBody(true);
+			TwigHelper::RenderIntoPage($oPage, APPROOT.'/', 'templates/datamodel/ActionEmail/email-notification-preview', ['iframe_content' => $sBody]);
+		}
+	}
+
+	/**
+	 * @since 3.1.0
+	 * @inheritDoc
+	 * @see cmdbAbstractObject::DoCheckToWrite()
+	 */
+	public function DoCheckToWrite()
+	{
+		parent::DoCheckToWrite();
+		$oHtmlTemplate = $this->Get('html_template');
+		if ($oHtmlTemplate && !$oHtmlTemplate->IsEmpty()) {
+			if (false === mb_strpos($oHtmlTemplate->GetData(), static::TEMPLATE_BODY_CONTENT)) {
+				$this->m_aCheckWarnings[] = Dict::Format('ActionEmail:content_placeholder_missing', static::TEMPLATE_BODY_CONTENT, Dict::S('Class:ActionEmail/Attribute:body'));
+			}
+		}
+	}
 }
--- a/core/attributedef.class.inc.php
+++ b/core/attributedef.class.inc.php
@@ -9,8 +9,7 @@ use Combodo\iTop\Application\UI\Links\Set\BlockLinkSetDisplayAsProperty;
 use Combodo\iTop\Form\Field\LabelField;
 use Combodo\iTop\Form\Field\TextAreaField;
 use Combodo\iTop\Form\Form;
-use Combodo\iTop\Form\Validator\NotEmptyExtKeyValidator;
-use Combodo\iTop\Form\Validator\Validator;
+use Combodo\iTop\Form\Validator\CustomRegexpValidator;
 use Combodo\iTop\Renderer\BlockRenderer;
 use Combodo\iTop\Renderer\Console\ConsoleBlockRenderer;
 use Combodo\iTop\Service\Links\LinkSetModel;
@@ -92,9 +91,6 @@ define('LINKSET_EDITMODE_ACTIONS', 2); // Show the usual 'Actions' popup menu
 define('LINKSET_EDITMODE_INPLACE', 3); // The "linked" objects can be created/modified/deleted in place
 define('LINKSET_EDITMODE_ADDREMOVE', 4); // The "linked" objects can be added/removed in place

-define('LINKSET_RELATIONTYPE_PROPERTY', 'property');
-define('LINKSET_RELATIONTYPE_LINK', 'link');
-
 define('LINKSET_DISPLAY_STYLE_PROPERTY', 'property');
 define('LINKSET_DISPLAY_STYLE_TAB', 'tab');

@@ -1125,7 +1121,7 @@ abstract class AttributeDefinition

 		// Validation pattern
 		if ($this->GetValidationPattern() !== '') {
-			$oFormField->AddValidator(new Validator($this->GetValidationPattern()));
+			$oFormField->AddValidator(new CustomRegexpValidator($this->GetValidationPattern()));
 		}

 		// Description
@@ -1154,6 +1150,13 @@ abstract class AttributeDefinition
 			$oFormField->AddMetadata('value-raw', (string)$oObject->Get($this->GetCode()));
 		}

+		// We don't want to invalidate field because of old untouched values that are no longer valid
+		$aModifiedAttCodes = $oObject->ListChanges();
+		$bAttributeHasBeenModified = array_key_exists($this->GetCode(), $aModifiedAttCodes);
+		if (false === $bAttributeHasBeenModified) {
+			$oFormField->SetValidationDisabled(true);
+		}
+
 		return $oFormField;
 	}

@@ -1696,22 +1699,12 @@ class AttributeLinkedSet extends AttributeDefinition

 	/**
 	 * @return string see LINKSET_EDITMODE_* constants
-	 * @since 3.1.0 N°5563 relations are edited using new attributes in details mode, but as nothing changed in edit mode we are still using edit_mode attribute
 	 */
 	public function GetEditMode()
 	{
 		return $this->GetOptional('edit_mode', LINKSET_EDITMODE_ACTIONS);
 	}

-	/**
-	 * @return string see LINKSET_RELATIONTYPE_* constants
-	 * @since 3.1.0 N°5563
-	 */
-	public function GetRelationType()
-	{
-		return $this->GetOptional('relation_type', LINKSET_RELATIONTYPE_LINK);
-	}
-
 	/**
 	 * @return string see LINKSET_DISPLAY_STYLE_* constants
 	 * @since 3.1.0 N°3190
@@ -1727,12 +1720,13 @@ class AttributeLinkedSet extends AttributeDefinition
 	}

 	/**
-	 * @return boolean
-	 * @since 3.1.0 N°5563
+	 * Indicates if the current Attribute has constraints (php constraints or datamodel constraints)
+	 * @return bool true if Attribute has constraints
+	 * @since 3.1.0 N°6228
 	 */
-	public function GetReadOnly()
+	public function GetHasConstraint()
 	{
-		return $this->GetOptional('read_only', false);
+		return $this->GetOptional('with_php_constraint', false);
 	}

 	public function GetLinkedClass()
@@ -1761,12 +1755,58 @@ class AttributeLinkedSet extends AttributeDefinition
 	}

 	/** @inheritDoc * */
-	public function GetAsHTML($sValue, $oHostObject = null, $bLocalize = true): string
+	public function GetAsHTML($sValue, $oHostObject = null, $bLocalize = true)
+	{
+		if($this->GetDisplayStyle() === LINKSET_DISPLAY_STYLE_TAB){
+			return $this->GetAsHTMLForTab($sValue, $oHostObject, $bLocalize);
+		}
+		else{
+			return $this->GetAsHTMLForProperty($sValue, $oHostObject, $bLocalize);
+		}
+	}
+
+	public function GetAsHTMLForTab($sValue, $oHostObject = null, $bLocalize = true)
+	{
+		if (is_object($sValue) && ($sValue instanceof ormLinkSet))
+		{
+			$sValue->Rewind();
+			$aItems = array();
+			while ($oObj = $sValue->Fetch())
+			{
+				// Show only relevant information (hide the external key to the current object)
+				$aAttributes = array();
+				foreach(MetaModel::ListAttributeDefs($this->GetLinkedClass()) as $sAttCode => $oAttDef)
+				{
+					if ($sAttCode == $this->GetExtKeyToMe())
+					{
+						continue;
+					}
+					if ($oAttDef->IsExternalField())
+					{
+						continue;
+					}
+					$sAttValue = $oObj->GetAsHTML($sAttCode);
+					if (strlen($sAttValue) > 0)
+					{
+						$aAttributes[] = $sAttValue;
+					}
+				}
+				$sAttributes = implode(', ', $aAttributes);
+				$aItems[] = $sAttributes;
+			}
+
+			return implode('<br/>', $aItems);
+		}
+
+		return null;
+	}
+
+	public function GetAsHTMLForProperty($sValue, $oHostObject = null, $bLocalize = true): string
 	{
 		try {

 			/** @var ormLinkSet $sValue */
-			if ($sValue->Count() === 0) {
+			if (is_null($sValue) || $sValue->Count() === 0) {
 				return '';
 			}

@@ -2385,43 +2425,61 @@ class AttributeLinkedSet extends AttributeDefinition
 	{
 		if ($oFormField === null)
 		{
-            $sFormFieldClass = static::GetFormFieldClass();
-            $oFormField = new $sFormFieldClass($this->GetCode());
-        }
+			$sFormFieldClass = static::GetFormFieldClass();
+			$oFormField = new $sFormFieldClass($this->GetCode());
+		}

-        // Setting target class
+		// Setting target class
 		if (!$this->IsIndirect()) {
-            $sTargetClass = $this->GetLinkedClass();
-        } else {
-            /** @var \AttributeExternalKey $oRemoteAttDef */
-            /** @var \AttributeLinkedSetIndirect $this */
-            $oRemoteAttDef = MetaModel::GetAttributeDef($this->GetLinkedClass(), $this->GetExtKeyToRemote());
-            $sTargetClass = $oRemoteAttDef->GetTargetClass();
+			$sTargetClass = $this->GetLinkedClass();
+		} else {
+			/** @var \AttributeExternalKey $oRemoteAttDef */
+			/** @var \AttributeLinkedSetIndirect $this */
+			$oRemoteAttDef = MetaModel::GetAttributeDef($this->GetLinkedClass(), $this->GetExtKeyToRemote());
+			$sTargetClass = $oRemoteAttDef->GetTargetClass();

-            /** @var \AttributeLinkedSetIndirect $this */
-            $oFormField->SetExtKeyToRemote($this->GetExtKeyToRemote());
-        }
-        $oFormField->SetTargetClass($sTargetClass);
-        $oFormField->SetIndirect($this->IsIndirect());
-        // Setting attcodes to display
-        $aAttCodesToDisplay = MetaModel::FlattenZList(MetaModel::GetZListItems($sTargetClass, 'list'));
-        // - Adding friendlyname attribute to the list is not already in it
-        $sTitleAttCode = MetaModel::GetFriendlyNameAttributeCode($sTargetClass);
-        if (($sTitleAttCode !== null) && !in_array($sTitleAttCode, $aAttCodesToDisplay)) {
-            $aAttCodesToDisplay = array_merge(array($sTitleAttCode), $aAttCodesToDisplay);
-        }
-        // - Adding attribute labels
-        $aAttributesToDisplay = array();
-        foreach ($aAttCodesToDisplay as $sAttCodeToDisplay) {
-            $oAttDefToDisplay = MetaModel::GetAttributeDef($sTargetClass, $sAttCodeToDisplay);
-            $aAttributesToDisplay[$sAttCodeToDisplay] = $oAttDefToDisplay->GetLabel();
-        }
-        $oFormField->SetAttributesToDisplay($aAttributesToDisplay);
+			/** @var \AttributeLinkedSetIndirect $this */
+			$oFormField->SetExtKeyToRemote($this->GetExtKeyToRemote());
+		}
+		$oFormField->SetTargetClass($sTargetClass);
+		$oFormField->SetLinkedClass($this->GetLinkedClass());
+		$oFormField->SetIndirect($this->IsIndirect());
+		// Setting attcodes to display
+		$aAttCodesToDisplay = MetaModel::FlattenZList(MetaModel::GetZListItems($sTargetClass, 'list'));
+		// - Adding friendlyname attribute to the list is not already in it
+		$sTitleAttCode = MetaModel::GetFriendlyNameAttributeCode($sTargetClass);
+		if (($sTitleAttCode !== null) && !in_array($sTitleAttCode, $aAttCodesToDisplay)) {
+			$aAttCodesToDisplay = array_merge(array($sTitleAttCode), $aAttCodesToDisplay);
+		}
+		// - Adding attribute properties
+		$aAttributesToDisplay = array();
+		foreach ($aAttCodesToDisplay as $sAttCodeToDisplay) {
+			$oAttDefToDisplay = MetaModel::GetAttributeDef($sTargetClass, $sAttCodeToDisplay);
+			$aAttributesToDisplay[$sAttCodeToDisplay] = [
+				'att_code' => $sAttCodeToDisplay,
+				'label'    => $oAttDefToDisplay->GetLabel(),
+			];
+		}
+		$oFormField->SetAttributesToDisplay($aAttributesToDisplay);

-        parent::MakeFormField($oObject, $oFormField);
+		// Append lnk attributes (filtered from zlist)
+		if ($this->IsIndirect()) {
+			$aLnkAttDefToDisplay = MetaModel::GetZListAttDefsFilteredForIndirectLinkClass($this->m_sHostClass, $this->m_sCode);
+			$aLnkAttributesToDisplay = array();
+			foreach ($aLnkAttDefToDisplay as $oLnkAttDefToDisplay) {
+				$aLnkAttributesToDisplay[$oLnkAttDefToDisplay->GetCode()] = [
+					'att_code'  => $oLnkAttDefToDisplay->GetCode(),
+					'label'     => $oLnkAttDefToDisplay->GetLabel(),
+					'mandatory' => !$oLnkAttDefToDisplay->IsNullAllowed(),
+				];
+			}
+			$oFormField->SetLnkAttributesToDisplay($aLnkAttributesToDisplay);
+		}

-        return $oFormField;
-    }
+		parent::MakeFormField($oObject, $oFormField);
+
+		return $oFormField;
+	}

    public function IsPartOfFingerprint()
    {
@@ -2527,15 +2585,6 @@ class AttributeLinkedSetIndirect extends AttributeLinkedSet
 		return $this->GetOptional("duplicates", false);
 	} // The same object may be linked several times... or not...

-	/**
-	 * @return boolean
-	 * @since 3.1.0 N°5563
-	 */
-	public function GetReadOnly()
-	{
-		return $this->GetOptional('read_only', false);
-	}
-
 	public function GetTrackingLevel()
 	{
 		return $this->GetOptional('tracking_level',
@@ -3120,7 +3169,7 @@ class AttributeDecimal extends AttributeDBField
 		$iPrecision = $this->Get('decimals');
 		$iNbIntegerDigits = $iNbDigits - $iPrecision - 1; // -1 because the first digit is treated separately in the pattern below

-		return "^[-+]?[0-9]\d{0,$iNbIntegerDigits}(\.\d{0,$iPrecision})?$";
+		return "^[\-\+]?[0-9]\d{0,$iNbIntegerDigits}(\.\d{0,$iPrecision})?$";
 	}

 	public function GetBasicFilterOperators()
@@ -3842,6 +3891,12 @@ class AttributeApplicationLanguage extends AttributeString
 		{
 			$aLanguageCodes[$sLangCode] = $aInfo['description'].' ('.$aInfo['localized_description'].')';
 		}
+
+		// N°6462 This should be sorted directly in \Dict during the compilation but we can't for 2 reasons:
+		// - Additional languages can be added on the fly even though it is not recommended
+		// - Formatting is done at run time (just above)
+		natcasesort($aLanguageCodes);
+
 		$aParams["allowed_values"] = new ValueSetEnum($aLanguageCodes);
 		parent::__construct($sCode, $aParams);
 	}
@@ -4132,7 +4187,7 @@ class AttributePassword extends AttributeString implements iAttributeNoGroupBy

 	public function GetAsHTML($sValue, $oHostObject = null, $bLocalize = true)
 	{
-		if (strlen($sValue) == 0)
+		if (utils::IsNullOrEmptyString($sValue))
 		{
 			return '';
 		}
@@ -5900,6 +5955,14 @@ class AttributeEnum extends AttributeString
 			$aLocalizedValues[$sKey] = $this->GetValueLabel($sKey);
 		}

+		// Sort by label only if necessary
+		// See N°1646 and {@see \MFCompiler::CompileAttributeEnumValues()} for complete information as for why sort on labels is done at runtime while other sorting are done at compile time
+		/** @var \ValueSetEnum $oValueSetDef */
+		$oValueSetDef = $this->GetValuesDef();
+		if ($oValueSetDef->IsSortedByValues()) {
+			asort($aLocalizedValues);
+		}
+
 		return $aLocalizedValues;
 	}

@@ -6175,7 +6238,7 @@ class AttributeDateTime extends AttributeDBField
 	/**
 	 * Load the 3 settings: date format, time format and data_time format from the configuration
 	 */
-	protected static function LoadFormatFromConfig()
+	public static function LoadFormatFromConfig()
 	{
 		$aFormats = MetaModel::GetConfig()->Get('date_and_time_format');
 		$sLang = Dict::GetUserLanguage();
@@ -7157,14 +7220,27 @@ class AttributeExternalKey extends AttributeDBFieldVoid
 		{
 			return 0;
 		}
-		if (MetaModel::IsValidObject($proposedValue))
-		{
+		if (MetaModel::IsValidObject($proposedValue)) {
 			return $proposedValue->GetKey();
 		}

 		return (int)$proposedValue;
 	}

+	/** @inheritdoc  @since 3.1 */
+	public function WriteExternalValues(DBObject $oHostObject): void
+	{
+		$sTargetKey = $oHostObject->Get($this->GetCode());
+		$oFilter = DBSearch::FromOQL('SELECT `'.TemporaryObjectDescriptor::class.'` WHERE item_class=:class AND item_id=:id');
+		$oSet = new DBObjectSet($oFilter, [], ['class' => $this->GetTargetClass(), 'id' => $sTargetKey]);
+		while ($oTemporaryObjectDescriptor = $oSet->Fetch()) {
+			$oTemporaryObjectDescriptor->Set('host_class', get_class($oHostObject));
+			$oTemporaryObjectDescriptor->Set('host_id', $oHostObject->GetKey());
+			$oTemporaryObjectDescriptor->Set('host_att_code', $this->GetCode());
+			$oTemporaryObjectDescriptor->DBUpdate();
+		}
+	}
+
 	public function GetMaximumComboLength()
 	{
 		return $this->GetOptional('max_combo_length', MetaModel::GetConfig()->Get('max_combo_length'));
@@ -7228,6 +7304,7 @@ class AttributeExternalKey extends AttributeDBFieldVoid

 	public function MakeFormField(DBObject $oObject, $oFormField = null)
 	{
+		/** @var \Combodo\iTop\Form\Field\Field $oFormField */
 		if ($oFormField === null) {
 			// Later : We should check $this->Get('display_style') and create a Radio / Select / ... regarding its value
 			$sFormFieldClass = static::GetFormFieldClass();
@@ -7258,19 +7335,12 @@ class AttributeExternalKey extends AttributeDBFieldVoid
 				}
 			});
 		}
-		else
-		{
+		else {
 			$oSearch = DBSearch::FromOQL($this->GetValuesDef()->GetFilterExpression());
 			$oSearch->SetInternalParams(array('this' => $oObject));
 			$oFormField->SetSearch($oSearch);
 		}

-		// If ExtKey is mandatory, we add a validator to ensure that the value 0 is not selected
-		if ($oObject->GetAttributeFlags($this->GetCode()) & OPT_ATT_MANDATORY)
-		{
-			$oFormField->AddValidator(new NotEmptyExtKeyValidator());
-		}
-
 		parent::MakeFormField($oObject, $oFormField);

 		return $oFormField;
@@ -7896,6 +7966,17 @@ class AttributeExternalField extends AttributeDefinition
 		return $oExtAttDef->MakeRealValue($proposedValue, $oHostObj);
 	}

+	/**
+	 * @inheritDoc
+	 * @since 3.1.0 N°6271 Delegate to remote attribute to ensure cascading computed values
+	 */
+	public function GetSQLValues($value)
+	{
+		$oExtAttDef = $this->GetExtAttDef();
+
+		return $oExtAttDef->GetSQLValues($value);
+	}
+
 	public function ScalarToSQL($value)
 	{
 		// This one could be used in case of filtering only
@@ -8304,7 +8385,7 @@ class AttributeBlob extends AttributeDefinition
 			$aValues[$this->GetCode().'_data'] = '';
 			$aValues[$this->GetCode().'_mimetype'] = '';
 			$aValues[$this->GetCode().'_filename'] = '';
-			$aValues[$this->GetCode().'_downloads_count'] = ''; // Note: Should this be set to \ormDocument::DEFAULT_DOWNLOADS_COUNT ?
+			$aValues[$this->GetCode().'_downloads_count'] = ormDocument::DEFAULT_DOWNLOADS_COUNT;
 		}

 		return $aValues;
@@ -8494,6 +8575,22 @@ class AttributeBlob extends AttributeDefinition
 		return utils::IsNotNullOrEmptyString($proposedValue->GetData()) && utils::IsNotNullOrEmptyString($proposedValue->GetFileName());
 	}

+	/**
+	 * @inheritDoc
+	 * @param \ormDocument $original
+	 * @param \ormDocument $value
+	 * @since N°6502
+	 */
+	public function RecordAttChange(DBObject $oObject, $original, $value): void
+	{
+		// N°6502 Don't record history if only the download count has changed
+		if ($original->EqualsExceptDownloadsCount($value)) {
+			return;
+		}
+
+		parent::RecordAttChange($oObject, $original, $value);
+	}
+
 	protected function GetChangeRecordAdditionalData(CMDBChangeOp $oMyChangeOp, DBObject $oObject, $original, $value): void
 	{
 		if (is_null($original)) {
@@ -8653,7 +8750,7 @@ class AttributeImage extends AttributeBlob
 			return 'data:'.$value->GetMimeType().';base64,'.base64_encode($value->GetData());
 		}

-		return $value->GetDownloadURL(get_class($oHostObject), $oHostObject->GetKey(), $this->GetCode());
+		return $value->GetDisplayURL(get_class($oHostObject), $oHostObject->GetKey(), $this->GetCode());
 	}

 	public static function GetFormFieldClass()
@@ -8680,8 +8777,11 @@ class AttributeImage extends AttributeBlob
 		}
 		else
 		{
-			$oFormField->SetDownloadUrl($this->Get('default_image'));
-			$oFormField->SetDisplayUrl($this->Get('default_image'));
+			$oDefaultImage = $this->Get('default_image');
+			if (is_object($oDefaultImage) && !$oDefaultImage->IsEmpty()) {
+				$oFormField->SetDownloadUrl($oDefaultImage);
+				$oFormField->SetDisplayUrl($oDefaultImage);
+			}
 		}

 		return $oFormField;
@@ -11260,6 +11360,9 @@ class AttributeClassAttCodeSet extends AttributeSet
 			}
 			$aAllowedAttributes[$sAttCode] = $sLabel;
 		}
+		// N°6460 Always sort on the labels, not on the datamodel definition order
+		natcasesort($aAllowedAttributes);
+
 		return $aAllowedAttributes;
 	}

--- a/core/autoload.php
+++ b/core/autoload.php
@@ -35,6 +35,7 @@ MetaModel::IncludeModule('synchro/synchrodatasource.class.inc.php');
 MetaModel::IncludeModule('core/backgroundtask.class.inc.php');
 MetaModel::IncludeModule('core/inlineimage.class.inc.php');
 MetaModel::IncludeModule('core/counter.class.inc.php');
+MetaModel::IncludeModule('core/TemporaryObjectDescriptor.php');

 MetaModel::IncludeModule('webservices/webservices.basic.php');

--- a/core/bulkchange.class.inc.php
+++ b/core/bulkchange.class.inc.php
@@ -37,6 +37,14 @@ abstract class CellChangeSpec
 		return $this->m_proposedValue;
 	}

+	/**
+	 * @since 3.1.0 N°5305
+	 */
+	public function SetDisplayableValue(string $sDisplayableValue)
+	{
+		$this->m_proposedValue = $sDisplayableValue;
+	}
+
 	public function GetOql()
 	{
 		return $this->m_sOql;
@@ -136,6 +144,12 @@ class CellStatus_SearchIssue extends CellStatus_Issue
 	/** @var string|null $m_sTargetClass */
 	private $m_sTargetClass;

+	/**
+	 * @since 3.1.0 N°5305
+	 * @var string $sAllowedValuesSearch
+	 */
+	private $sAllowedValuesSearch;
+
 	/**
 	 * CellStatus_SearchIssue constructor.
 	 * @since 3.1.0 N°5305
@@ -144,13 +158,15 @@ class CellStatus_SearchIssue extends CellStatus_Issue
 	 * @param string $sReason : main message
 	 * @param null $sClass : used for additional message that provides allowed values for current class $sClass
 	 * @param null $sAllowedValues : used for additional message that provides allowed values $sAllowedValues for current class
+	 * @param string|null $sAllowedValuesSearch : used to search all allowed values
 	 */
-	public function __construct($sSerializedSearch, $sReason, $sClass=null, $sAllowedValues=null)
+	public function __construct($sSerializedSearch, $sReason, $sClass=null, $sAllowedValues=null, string $sAllowedValuesSearch=null)
 	{
 		parent::__construct(null, null, $sReason);
 		$this->sSerializedSearch = $sSerializedSearch;
 		$this->m_sAllowedValues = $sAllowedValues;
 		$this->m_sTargetClass = $sClass;
+		$this->sAllowedValuesSearch = $sAllowedValuesSearch;
 	}

 	public function GetDisplayableValue()
@@ -182,6 +198,17 @@ class CellStatus_SearchIssue extends CellStatus_Issue
 			rawurlencode($this->sSerializedSearch)
 		);
 	}
+
+	/**
+	 * @since 3.1.0 N°5305
+	 * @return null|string
+	 */
+	public function GetAllowedValuesLinkUrl(): ?string
+	{
+		return sprintf("UI.php?operation=search&filter=%s",
+			rawurlencode($this->sAllowedValuesSearch)
+		);
+	}
 }

 class CellStatus_NullIssue extends CellStatus_Issue
@@ -745,6 +772,7 @@ class BulkChange
 		$oDbSearchWithoutAnyCondition->AllowAllData(false);
 		$oExtObjectSetWithCurrentUserPermissions = new CMDBObjectSet($oDbSearchWithoutAnyCondition);
 		$iCurrentUserRightsObjectCount = $oExtObjectSetWithCurrentUserPermissions->Count();
+		$sAllowedValuesOql = $oDbSearchWithoutAnyCondition->serialize();

 		if ($iCurrentUserRightsObjectCount === 0){
 			// No objects visible by current user
@@ -785,7 +813,7 @@ class BulkChange
 		if ($iAllowAllDataObjectCount != $iCurrentUserRightsObjectCount) {
 			// No match and some objects NOT visible by current user. including current search maybe...
 			$sReason = Dict::Format('UI:CSVReport-Value-NoMatch-SomeObjectNotVisibleForCurrentUser', $oDbSearchWithConditions->GetClass());
-			return new CellStatus_SearchIssue($sSerializedSearch, $sReason, $oDbSearchWithConditions->GetClass(), $allowedValues);
+			return new CellStatus_SearchIssue($sSerializedSearch, $sReason, $oDbSearchWithConditions->GetClass(), $allowedValues, $sAllowedValuesOql);
 		}

 		// No match. This is not linked to any right issue
@@ -796,7 +824,7 @@ class BulkChange
 		}
 		$value =implode(" ", $aCurrentValueFields);
 		$sReason = Dict::Format('UI:CSVReport-Value-NoMatch', $value);
-		return new CellStatus_SearchIssue($sSerializedSearch, $sReason, $oDbSearchWithConditions->GetClass(), $allowedValues);
+		return new CellStatus_SearchIssue($sSerializedSearch, $sReason, $oDbSearchWithConditions->GetClass(), $allowedValues, $sAllowedValuesOql);
 	}

 	protected function PrepareMissingObject(&$oTargetObj, &$aErrors)
--- a/core/cmdbchange.class.inc.php
+++ b/core/cmdbchange.class.inc.php
@@ -19,17 +19,17 @@ class CMDBChange extends DBObject
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "autoincrement",
-			"name_attcode" => "date",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_change",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "autoincrement",
+			"name_attcode"        => "date",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_change",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
-			'indexes' => array(
+			'indexes'             => array(
 				array('origin'),
-			)
+			),
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
--- a/core/cmdbchangeop.class.inc.php
+++ b/core/cmdbchangeop.class.inc.php
@@ -52,17 +52,17 @@ class CMDBChangeOp extends DBObject implements iCMDBChangeOp
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "autoincrement",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "autoincrement",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "optype",
-			'indexes' => array(
+			'indexes'             => array(
 				array('objclass', 'objkey'),
-			)
+			),
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
@@ -121,13 +121,13 @@ class CMDBChangeOpCreate extends CMDBChangeOp
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_create",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_create",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -157,13 +157,13 @@ class CMDBChangeOpDelete extends CMDBChangeOp
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_delete",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_delete",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -198,13 +198,13 @@ class CMDBChangeOpSetAttribute extends CMDBChangeOp
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -231,13 +231,13 @@ class CMDBChangeOpSetAttributeScalar extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_scalar",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_scalar",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -290,14 +290,14 @@ class CMDBChangeOpSetAttributeTagSet extends CMDBChangeOpSetAttribute
    {
        $aParams = array
        (
-            "category" => "core/cmdb",
-            "key_type" => "",
-            "name_attcode" => "change",
-            "state_attcode" => "",
-            "reconc_keys" => array(),
-            "db_table" => "priv_changeop_setatt_tagset",
-            "db_key_field" => "id",
-            "db_finalclass_field" => "",
+	        "category"            => "core/cmdb, grant_by_profile",
+	        "key_type"            => "",
+	        "name_attcode"        => "change",
+	        "state_attcode"       => "",
+	        "reconc_keys"         => array(),
+	        "db_table"            => "priv_changeop_setatt_tagset",
+	        "db_key_field"        => "id",
+	        "db_finalclass_field" => "",
        );
        MetaModel::Init_Params($aParams);
        MetaModel::Init_InheritAttributes();
@@ -350,7 +350,7 @@ class CMDBChangeOpSetAttributeURL extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category"            => "core/cmdb",
+			"category"            => "core/cmdb, grant_by_profile",
 			"key_type"            => "",
 			"name_attcode"        => "change",
 			"state_attcode"       => "",
@@ -419,13 +419,13 @@ class CMDBChangeOpSetAttributeBlob extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_data",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_data",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -498,13 +498,13 @@ class CMDBChangeOpSetAttributeOneWayPassword extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_pwd",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_pwd",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -561,13 +561,13 @@ class CMDBChangeOpSetAttributeEncrypted extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_encrypted",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_encrypted",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -627,13 +627,13 @@ class CMDBChangeOpSetAttributeText extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_text",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_text",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -695,13 +695,13 @@ class CMDBChangeOpSetAttributeLongText extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_longtext",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_longtext",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -760,13 +760,13 @@ class CMDBChangeOpSetAttributeHTML extends CMDBChangeOpSetAttributeLongText
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_html",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_html",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -824,13 +824,13 @@ class CMDBChangeOpSetAttributeCaseLog extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_log",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_log",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -903,13 +903,13 @@ class CMDBChangeOpPlugin extends CMDBChangeOp
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_plugin",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_plugin",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -944,13 +944,13 @@ abstract class CMDBChangeOpSetAttributeLinks extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_links",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_links",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -977,13 +977,13 @@ class CMDBChangeOpSetAttributeLinksAddRemove extends CMDBChangeOpSetAttributeLin
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_links_addremove",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_links_addremove",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -1044,13 +1044,13 @@ class CMDBChangeOpSetAttributeLinksTune extends CMDBChangeOpSetAttributeLinks
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_links_tune",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_links_tune",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -1134,13 +1134,13 @@ class CMDBChangeOpSetAttributeCustomFields extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_custfields",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_custfields",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
--- a/core/cmdbobject.class.inc.php
+++ b/core/cmdbobject.class.inc.php
@@ -469,7 +469,10 @@ abstract class CMDBObject extends DBObject
 	 */
 	public function DBDelete(&$oDeletionPlan = null)
 	{
-		return $this->DBDeleteTracked_Internal($oDeletionPlan);
+		$this->LogCRUDEnter(__METHOD__);
+		$oDeletionPlan = $this->DBDeleteTracked_Internal($oDeletionPlan);
+		$this->LogCRUDExit(__METHOD__);
+		return $oDeletionPlan;
 	}

 	/**
@@ -519,15 +522,6 @@ abstract class CMDBObject extends DBObject
 			utils::PopArchiveMode();
 		}
 	}
-
-	public function DBUpdate()
-	{
-		if (count($this->ListChanges()) === 0) {
-			$this->InitPreviousValuesForUpdatedAttributes();
-			return $this->GetKey();
-		}
-		return parent::DBUpdate(); // TODO: Change the autogenerated stub
-	}
 }


--- a/core/config.class.inc.php
+++ b/core/config.class.inc.php
@@ -137,7 +137,7 @@ class Config
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
-		'log_purge.max_keep_days' => [
+		'log_purge.max_keep_days'                       => [
 			'type'                => 'integer',
 			'description'         => 'Optional purge number of days to keep logs.',
 			'default'             => 365,
@@ -145,7 +145,7 @@ class Config
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
-		'event_service.debug.filter_events'  => [
+		'event_service.debug.filter_events'             => [
 			'type'                => 'array',
 			'description'         => 'List of events name to filter Event Service debug messages',
 			'default'             => [],
@@ -153,7 +153,7 @@ class Config
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
-		'event_service.debug.filter_sources' => [
+		'event_service.debug.filter_sources'            => [
 			'type'                => 'array',
 			'description'         => 'List of event sources to filter Event Service debug messages',
 			'default'             => '',
@@ -161,6 +161,38 @@ class Config
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
+		'temporary_object.force_creation'    => [
+			'type'                => 'bool',
+			'description'         => 'If true, all the objects created by the external key are temporary',
+			'default'             => false,
+			'value'               => false,
+			'source_of_value'     => '',
+			'show_in_conf_sample' => false,
+		],
+		'temporary_object.lifetime'          => [
+			'type'                => 'integer',
+			'description'         => 'Seconds for temporary objects created',
+			'default'             => 300,
+			'value'               => 300,
+			'source_of_value'     => '',
+			'show_in_conf_sample' => false,
+		],
+		'temporary_object.watchdog_interval' => [
+			'type'                => 'integer',
+			'description'         => 'Seconds between watchdog signals',
+			'default'             => 60,
+			'value'               => false,
+			'source_of_value'     => '',
+			'show_in_conf_sample' => false,
+		],
+		'temporary_object.garbage_interval'  => [
+			'type'                => 'integer',
+			'description'         => 'Seconds between garbage collections',
+			'default'             => 60,
+			'value'               => false,
+			'source_of_value'     => '',
+			'show_in_conf_sample' => false,
+		],
 		'app_env_label'                      => [
 			'type'                => 'string',
 			'description'         => 'Label displayed to describe the current application environment, defaults to the environment name (e.g. "production")',
@@ -185,7 +217,7 @@ class Config
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
-		'db_host'                            => [
+		'db_host'                                       => [
 			'type'                => 'string',
 			'default'             => null,
 			'value'               => '',
@@ -946,6 +978,14 @@ class Config
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
+		'lifecycle.transitions_sort_type' => [
+			'type'                => 'string',
+			'description'         => 'How transitions will be sorted in the GUI. Possible values are "xml", "alphabetical", "fixed" or "relative"',
+			'default'             => DBObject::DEFAULT_TRANSITIONS_SORT_TYPE,
+			'value'               => DBObject::DEFAULT_TRANSITIONS_SORT_TYPE,
+			'source_of_value'     => '',
+			'show_in_conf_sample' => true,
+		],
 		'url_validation_pattern' => [
 			'type'                => 'string',
 			'description'         => 'Regular expression to validate/detect the format of an URL (URL attributes and Wiki formatting for Text attributes)',
@@ -1630,8 +1670,8 @@ class Config
 		'audit.enable_selection_landing_page' => [
 			'type'                => 'bool',
 			'description'         => 'If true audit categories must be selected before results are computed (use this setting in case of a lot of audit categories)',
-			'default'             => false,
-			'value'               => false,
+			'default'             => true,
+			'value'               => true,
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
--- a/core/contexttag.class.inc.php
+++ b/core/contexttag.class.inc.php
@@ -3,7 +3,7 @@
 //
 //   This file is part of iTop.
 //
-//   iTop is free software; you can redistribute it and/or modify	
+//   iTop is free software; you can redistribute it and/or modify
 //   it under the terms of the GNU Affero General Public License as published by
 //   the Free Software Foundation, either version 3 of the License, or
 //   (at your option) any later version.
@@ -58,6 +58,16 @@ class ContextTag
 	public const TAG_SETUP   = 'Setup';
 	public const TAG_SYNCHRO = 'Synchro';
 	public const TAG_REST    = 'REST/JSON';
+
+	/**
+	 * @since 3.1.0 N°6047
+	 */
+	public const TAG_IMPORT    = 'Import';
+		/**
+	 * @since 3.1.0 N°6047
+	 */
+	public const TAG_EXPORT    = 'Export';
+
 	/**
 	 * @var string
 	 * @since 3.1.0 N°3200
@@ -75,7 +85,7 @@ class ContextTag
 	{
 		static::$aStack[] = $sTag;
 	}
-	
+
 	public static function AddContext($sTag)
 	{
 		static::$aStack[] = $sTag;
--- a/core/csvbulkexport.class.inc.php
+++ b/core/csvbulkexport.class.inc.php
@@ -137,7 +137,7 @@ class CSVBulkExport extends TabularBulkExport
 				$aSep['other'] = Dict::S('UI:CSVImport:SeparatorOther').' <input type="text" size="3" name="other-separator" value="'.utils::EscapeHtml($sOtherSeparator).'"/>';

 				foreach ($aSep as $sVal => $sLabel) {
-					$oRadio = InputUIBlockFactory::MakeForInputWithLabel($sLabel, "separator", utils::EscapeHtml($sVal), $sLabel, "radio");
+					$oRadio = InputUIBlockFactory::MakeForInputWithLabel($sLabel, "separator", $sVal, $sLabel, "radio");
 					$oRadio->GetInput()->SetIsChecked(($sVal == $sRawSeparator));
 					$oRadio->SetBeforeInput(false);
 					$oRadio->GetInput()->AddCSSClass('ibo-input--label-right');
@@ -163,8 +163,8 @@ class CSVBulkExport extends TabularBulkExport
 				$aQualifiers['other'] = Dict::S('UI:CSVImport:QualifierOther').' <input type="text" size="3" name="other-text-qualifier" value="'.utils::EscapeHtml($sOtherQualifier).'"/>';

 				foreach ($aQualifiers as $sVal => $sLabel) {
-					$oRadio = InputUIBlockFactory::MakeForInputWithLabel($sLabel, "text-qualifier", utils::EscapeHtml($sVal), $sLabel, "radio");
-					$oRadio->GetInput()->SetIsChecked(($sVal == $sRawSeparator));
+					$oRadio = InputUIBlockFactory::MakeForInputWithLabel($sLabel, "text-qualifier", $sVal, $sLabel, "radio");
+					$oRadio->GetInput()->SetIsChecked(($sVal == $sRawQualifier));
 					$oRadio->SetBeforeInput(false);
 					$oRadio->GetInput()->AddCSSClass('ibo-input--label-right');
 					$oRadio->GetInput()->AddCSSClass('ibo-input-checkbox');
--- a/core/datamodel.core.xml
+++ b/core/datamodel.core.xml
@@ -58,6 +58,7 @@
        <parent>cmdbAbstractObject</parent>
        <properties>
          <category>addon/userrights,grant_by_profile</category>
+          <is_link>1</is_link>
        </properties>
        <fields>
          <field id="userid" xsi:type="AttributeExternalKey">
@@ -482,6 +483,18 @@
          <type>boolean</type>
          <default>true</default>
        </property>
+        <property id="with_php_constraint">
+          <php_param>with_php_constraint</php_param>
+          <mandatory>false</mandatory>
+          <type>boolean</type>
+          <default>false</default>
+        </property>
+        <property id="create_temporary_object">
+          <php_param>create_temporary_object</php_param>
+          <mandatory>false</mandatory>
+          <type>boolean</type>
+          <default>false</default>
+        </property>
        <property id="on_target_delete">
          <php_param>on_target_delete</php_param>
          <mandatory>false</mandatory>
--- a/core/dbobject.class.php
+++ b/core/dbobject.class.php
--- a/core/dict.class.inc.php
+++ b/core/dict.class.inc.php
@@ -106,10 +106,10 @@ class Dict
 	}

 	/**
-	 * Returns a localised string from the dictonary
+	 * Returns a localised string from the dictionary
 	 *
 	 * @param string $sStringCode The code identifying the dictionary entry
-	 * @param string $sDefault Default value if there is no match in the dictionary
+	 * @param string $sDefault Default value if there is no match in the dictionary, if no default provided, returns $sStringCode unchanged
 	 * @param bool $bUserLanguageOnly False to allow the use of the default language as a fallback, true otherwise
 	 *
 	 * @return string
--- a/core/log.class.inc.php
+++ b/core/log.class.inc.php
@@ -583,6 +583,12 @@ class LogChannels
 	 */
 	public const DM_CRUD = 'DMCRUD';

+	/**
+	 * @var string Everything related to the datamodel CRUD
+	 * @since 3.1.0
+	 */
+	public const WEB_REQUEST = 'WebRequest';
+
 	/**
 	 * @var string Everything related to the event service
 	 * @since 3.1.0
@@ -606,6 +612,8 @@ class LogChannels

 	public const PORTAL       = 'portal';

+	public const TEMPORARY_OBJECTS = 'TemporaryObjects';
+
 	/**
 	 * @var string
 	 * @since 3.1.0
@@ -1230,7 +1238,9 @@ class DeprecatedCallsLog extends LogAPI
 	}

 	/**
-	 * @throws \ConfigException
+	 * @since 3.0.1 3.1.0 N°4725 silently handles ConfigException
+	 * @since 3.0.4 3.1.0 N°4725 remove forgotten throw PHPDoc annotation
+	 *
 	 * @link https://www.php.net/debug_backtrace
 	 * @uses \debug_backtrace()
 	 */
@@ -1404,7 +1414,7 @@ class LogFileRotationProcess implements iScheduledProcess
 		$iMaxDays = MetaModel::GetConfig()->Get(LogAPI::ENUM_CONFIG_PARAM_PURGE_MAX_KEEP_DAYS);

 		// Files iterator (*.*)
-		$oIterator = new \GlobIterator(APPROOT.'log'.DIRECTORY_SEPARATOR.'/*.*');
+		$oIterator = new \GlobIterator(APPROOT.'log'.DIRECTORY_SEPARATOR.'*.*');
 		$aLogFiles = iterator_to_array($oIterator);

 		// Reference date
@@ -1416,6 +1426,11 @@ class LogFileRotationProcess implements iScheduledProcess
 			// File real path
 			$sFileRealPath = $oLogFile->getRealPath();

+			// Check file extension
+			if(!in_array($oLogFile->getExtension(), ['log','sql','xml'])){
+				continue;
+		    }
+
 			// Compute number of days since last modification
 			$oDateFileLastModification = new DateTime();
 			$oDateFileLastModification->setTimestamp($oLogFile->getMTime());
--- a/core/metamodel.class.php
+++ b/core/metamodel.class.php
@@ -2927,52 +2927,7 @@ abstract class MetaModel
 		}

 		self::$m_sTablePrefix = $sTablePrefix;
-
-		// Build the list of available extensions
-		//
-		$aInterfaces = [
-			'iApplicationUIExtension',
-			'iPreferencesExtension',
-			'iApplicationObjectExtension',
-			'iLoginFSMExtension',
-			'iLoginUIExtension',
-			'iLogoutExtension',
-			'iQueryModifier',
-			'iOnClassInitialization',
-			'iPopupMenuExtension',
-			'iPageUIExtension',
-			'iPageUIBlockExtension',
-			'iBackofficeLinkedScriptsExtension',
-			'iBackofficeEarlyScriptExtension',
-			'iBackofficeScriptExtension',
-			'iBackofficeInitScriptExtension',
-			'iBackofficeReadyScriptExtension',
-			'iBackofficeLinkedStylesheetsExtension',
-			'iBackofficeStyleExtension',
-			'iBackofficeDictEntriesExtension',
-			'iBackofficeDictEntriesPrefixesExtension',
-			'iPortalUIExtension',
-			'ModuleHandlerApiInterface',
-			'iNewsroomProvider',
-			'iModuleExtension',
-		];
-		foreach($aInterfaces as $sInterface)
-		{
-			self::$m_aExtensionClassNames[$sInterface] = array();
-		}
-
-		foreach(get_declared_classes() as $sPHPClass)
-		{
-			$oRefClass = new ReflectionClass($sPHPClass);
-			$oExtensionInstance = null;
-			foreach($aInterfaces as $sInterface)
-			{
-				if ($oRefClass->implementsInterface($sInterface) && $oRefClass->isInstantiable())
-				{
-					self::$m_aExtensionClassNames[$sInterface][$sPHPClass] = $sPHPClass;
-				}
-			}
-		}
+		self::InitExtensions();

 		// Initialize the classes (declared attributes, etc.)
 		//
@@ -3621,8 +3576,7 @@ abstract class MetaModel
 	{
 		MyHelpers::CheckKeyInArray('list code', $sListCode, self::$m_aListInfos);

-		if (!$sTargetClass)
-		{
+		if (!$sTargetClass) {
 			$sTargetClass = self::GetCallersPHPClass("Init");
 		}

@@ -7643,6 +7597,56 @@ abstract class MetaModel
 			unset(self::$m_aReentranceProtection[get_class($oObject)][$oObject->GetKey()]);
 		}
 	}
+
+	/**
+	 * For test purpose
+	 * @throws \ReflectionException
+	 * @since 3.1.0
+	 */
+	public static function InitExtensions()
+	{
+		// Build the list of available extensions
+		//
+		$aInterfaces = [
+			'iApplicationUIExtension',
+			'iPreferencesExtension',
+			'iApplicationObjectExtension',
+			'iLoginFSMExtension',
+			'iLoginUIExtension',
+			'iLogoutExtension',
+			'iQueryModifier',
+			'iOnClassInitialization',
+			'iPopupMenuExtension',
+			'iPageUIExtension',
+			'iPageUIBlockExtension',
+			'iBackofficeLinkedScriptsExtension',
+			'iBackofficeEarlyScriptExtension',
+			'iBackofficeScriptExtension',
+			'iBackofficeInitScriptExtension',
+			'iBackofficeReadyScriptExtension',
+			'iBackofficeLinkedStylesheetsExtension',
+			'iBackofficeStyleExtension',
+			'iBackofficeDictEntriesExtension',
+			'iBackofficeDictEntriesPrefixesExtension',
+			'iPortalUIExtension',
+			'ModuleHandlerApiInterface',
+			'iNewsroomProvider',
+			'iModuleExtension',
+		];
+		foreach ($aInterfaces as $sInterface) {
+			self::$m_aExtensionClassNames[$sInterface] = array();
+		}
+
+		foreach (get_declared_classes() as $sPHPClass) {
+			$oRefClass = new ReflectionClass($sPHPClass);
+			$oExtensionInstance = null;
+			foreach ($aInterfaces as $sInterface) {
+				if ($oRefClass->implementsInterface($sInterface) && $oRefClass->isInstantiable()) {
+					self::$m_aExtensionClassNames[$sInterface][$sPHPClass] = $sPHPClass;
+				}
+			}
+		}
+	}
 }


--- a/core/oql/expression.class.inc.php
+++ b/core/oql/expression.class.inc.php
@@ -3526,6 +3526,7 @@ class CharConcatWSExpression extends CharConcatExpression
 		$aRes = array();
 		foreach ($this->m_aExpressions as $oExpr)
 		{
+			// TODO: Seems weird, this should rather be $aRes[] = $oExpr->Evaluate($aArgs);
 			$aRes .= $oExpr->Evaluate($aArgs);
 		}
 		return implode($this->m_separator, $aRes);
--- a/core/ormdocument.class.inc.php
+++ b/core/ormdocument.class.inc.php
@@ -86,6 +86,33 @@ class ormDocument
 	{
 		return ($this->m_data == null);
 	}
+
+	/**
+	 * @param \ormDocument $oCompared
+	 *
+	 * @return bool True if the current ormDocument is equals to $oCompared EXCEPT for its download count. False if any other property is different OR if count is the same.
+	 * @since 3.1.0 N°6502
+	 */
+	public function EqualsExceptDownloadsCount(ormDocument $oCompared): bool
+	{
+		// First checking equality on others properties
+		if ($oCompared->GetData() !== $this->GetData()) {
+			return false;
+		}
+		if ($oCompared->GetMimeType() !== $this->GetMimeType()) {
+			return false;
+		}
+		if ($oCompared->GetFileName() !== $this->GetFileName()) {
+			return false;
+		}
+
+		// Finally check equality of the download count
+		if ($oCompared->GetDownloadsCount() === $this->GetDownloadsCount()) {
+			return false;
+		} else {
+			return true;
+		}
+	}
 	
 	public function GetMimeType()
 	{
--- a/core/pluginmanager.class.inc.php
+++ b/core/pluginmanager.class.inc.php
@@ -98,4 +98,14 @@ class PluginManager

 		return $oInstance;
 	}
+
+	/**
+	 * For test purpose
+	 * @return void
+	 * @since 3.1.0
+	 */
+	protected static function ResetPlugins()
+	{
+		self::$m_aExtensionClasses = null;
+	}
 }
--- a/core/simplecrypt.class.inc.php
+++ b/core/simplecrypt.class.inc.php
@@ -43,6 +43,12 @@

 class SimpleCrypt
 {
+	/**
+	 * @var \SimpleCrypt
+	 * @since 3.1.0 N°5388
+	 */
+	protected $oEngine;
+
 	public static function GetNewDefaultParams()
 	{
 		if(function_exists('sodium_crypto_secretbox_open') && function_exists('random_bytes')){
@@ -62,6 +68,7 @@ class SimpleCrypt
 		$sEngineName = 'SimpleCrypt' . $sEngineName . 'Engine';
 		return $sEngineName::GetNewDefaultParams();
 	}
+
    /**
     * Constructor
     * @param string $sEngineName Engine for encryption. Values: Simple, Mcrypt, Sodium or OpenSSL
--- a/core/sqlobjectquerybuilder.class.inc.php
+++ b/core/sqlobjectquerybuilder.class.inc.php
@@ -218,8 +218,8 @@ class SQLObjectQueryBuilder
 					continue;
 				}
 				$oAttDef = MetaModel::GetAttributeDef($sClass, $sAttCode);
-				// Skip this attribute if not made of SQL columns
-				if (count($oAttDef->GetSQLExpressions()) == 0)
+				// Skip this attribute if not made of SQL columns nor in current table
+				if (count($oAttDef->GetSQLExpressions()) == 0 || $oAttDef->IsExternalField())
 				{
 					continue;
 				}
--- a/core/trigger.class.inc.php
+++ b/core/trigger.class.inc.php
@@ -50,7 +50,7 @@ abstract class Trigger extends cmdbAbstractObject
 		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("action_list",
 			array("linked_class" => "lnkTriggerAction", "ext_key_to_me" => "trigger_id", "ext_key_to_remote" => "action_id", "allowed_values" => null, "count_min" => 1, "count_max" => 0, "depends_on" => array())));
 		$aTags = ContextTag::GetTags();
-		MetaModel::Init_AddAttribute(new AttributeEnumSet("context", array("allowed_values" => null, "possible_values" => new ValueSetEnumPadded($aTags), "sql" => "context", "depends_on" => array(), "is_null_allowed" => true, "max_items" => 12)));
+		MetaModel::Init_AddAttribute(new AttributeEnumSet("context", array("allowed_values" => null, "possible_values" => new ValueSetEnumPadded($aTags, true), "sql" => "context", "depends_on" => array(), "is_null_allowed" => true, "max_items" => 12)));
 		// "complement" is a computed field, fed by Trigger sub-classes, in general in ComputeValues method, for eg. the TriggerOnObject fed it with target_class info
 		MetaModel::Init_AddAttribute(new AttributeString("complement", array("allowed_values" => null, "sql" => "complement", "default_value" => null, "is_null_allowed" => true, "depends_on" => array())));

--- a/core/userrights.class.inc.php
+++ b/core/userrights.class.inc.php
@@ -248,9 +248,8 @@ abstract class User extends cmdbAbstractObject
 			"depends_on"      => array(),
 		)));

-		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("profile_list",
-			array("linked_class" => "URP_UserProfile", "ext_key_to_me" => "userid", "ext_key_to_remote" => "profileid", "allowed_values" => null, "count_min" => 1, "count_max" => 0, "depends_on" => array(), "display_style" => 'property')));
-		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("allowed_org_list", array("linked_class" => "URP_UserOrg", "ext_key_to_me" => "userid", "ext_key_to_remote" => "allowed_org_id", "allowed_values" => null, "count_min" => 1, "count_max" => 0, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("profile_list",array("linked_class" => "URP_UserProfile", "ext_key_to_me" => "userid", "ext_key_to_remote" => "profileid", "allowed_values" => null, "count_min" => 1, "count_max" => 0, "depends_on" => array(), "display_style" => 'property', "with_php_constraint" => true)));
+		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("allowed_org_list", array("linked_class" => "URP_UserOrg", "ext_key_to_me" => "userid", "ext_key_to_remote" => "allowed_org_id", "allowed_values" => null, "count_min" => 1, "count_max" => 0, "depends_on" => array(), 'with_php_constraint' => true)));
 		MetaModel::Init_AddAttribute(new AttributeCaseLog("log", array("sql" => 'log', "is_null_allowed" => true, "default_value" => '', "allowed_values" => null, "depends_on" => array(), "always_load_in_tables" => false)));

 		// Display lists
--- a/core/valuesetdef.class.inc.php
+++ b/core/valuesetdef.class.inc.php
@@ -53,7 +53,13 @@ abstract class ValueSetDefinition
 		return $sAllowedValues;
 	}

-
+	/**
+	 * @param array  $aArgs
+	 * @param string $sContains
+	 * @param string $sOperation for the values {@see static::LoadValues()}
+	 *
+	 * @return array hash array of keys => values
+	 */
 	public function GetValues($aArgs, $sContains = '', $sOperation = 'contains')
 	{
 		if (!$this->m_bIsLoaded)
@@ -78,11 +84,22 @@ abstract class ValueSetDefinition
 				}
 			}
 		}
-		// Sort on the display value
-		asort($aRet);
+		$this->SortValues($aRet);
 		return $aRet;
 	}

+	/**
+	 * @param array $aValues Values to sort in the form keys => values
+	 *
+	 * @return void
+	 * @since 3.1.0 N°1646 Create method
+	 */
+	public function SortValues(array &$aValues): void
+	{
+		// Sort alphabetically on values
+		natcasesort($aValues);
+	}
+
 	abstract protected function LoadValues($aArgs);
 }

@@ -189,11 +206,7 @@ class ValueSetObjects extends ValueSetDefinition
 	}

    /**
-     * @param        $aArgs
-     * @param string $sContains
-     * @param string $sOperation for the values @see self::LoadValues()
-     *
-     * @return array
+     * @inheritDoc
     * @throws CoreException
     * @throws OQLException
     */
@@ -451,10 +464,33 @@ class ValueSetObjects extends ValueSetDefinition
 class ValueSetEnum extends ValueSetDefinition
 {
 	protected $m_values;
+	/**
+	 * @var bool $bSortByValues If true, values will be sorted at runtime (on their values, not their keys), otherwise it is sorted at compile time in a predefined order.
+	 *                         {@see \MFCompiler::CompileAttributeEnumValues()} for complete reasons.
+	 * @since 3.1.0 N°1646
+	 */
+	protected bool $bSortByValues;

-	public function __construct($Values)
+	/**
+	 * @param array|string $Values
+	 * @param bool $bLocalizedSort
+	 *
+	 * @since 3.1.0 N°1646 Add $bLocalizedSort parameter
+	 */
+	public function __construct($Values, bool $bSortByValues = false)
 	{
 		$this->m_values = $Values;
+		$this->bSortByValues = $bSortByValues;
+	}
+
+	/**
+	 * @see \ValueSetEnum::$bSortByValues
+	 * @return bool
+	 * @since 3.1.0 N°1646
+	 */
+	public function IsSortedByValues(): bool
+	{
+		return $this->bSortByValues;
 	}

 	// Helper to export the data model
@@ -464,6 +500,27 @@ class ValueSetEnum extends ValueSetDefinition
 		return $this->m_aValues;
 	}

+	/**
+	 * @inheritDoc
+	 * @since 3.1.0 N°1646 Overload method
+	 */
+	public function SortValues(array &$aValues): void
+	{
+		// Force sort by values only if necessary
+		if ($this->bSortByValues) {
+			natcasesort($aValues);
+			return;
+		}
+
+		// Don't sort values as we rely on the order defined during compilation
+		return;
+	}
+
+	/**
+	 * @param array|string $aArgs
+	 *
+	 * @return true
+	 */
 	protected function LoadValues($aArgs)
 	{
 		if (is_array($this->m_values))
@@ -491,9 +548,13 @@ class ValueSetEnum extends ValueSetDefinition

 class ValueSetEnumPadded extends ValueSetEnum
 {
-	public function __construct($Values)
+	/**
+	 * @inheritDoc
+	 * @since 3.1.0 N°6448 Add $bSortByValues parameter
+	 */
+	public function __construct($Values, bool $bSortByValues = false)
 	{
-		parent::__construct($Values);
+		parent::__construct($Values, $bSortByValues);
 		if (is_string($Values))
 		{
 			$this->LoadValues(null);
@@ -505,6 +566,7 @@ class ValueSetEnumPadded extends ValueSetEnum
 		$aPaddedValues = array();
 		foreach ($this->m_aValues as $sKey => $sVal)
 		{
+			// Pad keys to the min. length required by the \AttributeSet
 			$sKey = str_pad($sKey, 3, '_', STR_PAD_LEFT);
 			$aPaddedValues[$sKey] = $sVal;
 		}
@@ -553,7 +615,7 @@ class ValueSetEnumClasses extends ValueSetEnum
 	public function __construct($sCategories = '', $sAdditionalValues = '')
 	{
 		$this->m_sCategories = $sCategories;
-		parent::__construct($sAdditionalValues);
+		parent::__construct($sAdditionalValues, true /* Classes are always sorted alphabetically */);
 	}

 	protected function LoadValues($aArgs)
--- a/datamodels/2.x/authent-cas/dictionaries/es_cr.dict.authent-cas.php
+++ b/datamodels/2.x/authent-cas/dictionaries/es_cr.dict.authent-cas.php
@@ -1,5 +1,5 @@
 <?php
- /**
+/**
 * Spanish Localized data
 *
 * @copyright   Copyright (C) 2010-2023 Combodo SARL
@@ -7,7 +7,6 @@
 * @traductor   Miguel Turrubiates <miguel_tf@yahoo.com> 
 * @notas       Utilizar codificación UTF-8 para mostrar acentos y otros caracteres especiales 
 */
-
 Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'CAS:Error:UserNotAllowed' => 'Usuario no permitido',
 	'CAS:Login:SignIn' => 'Iniciar sesión con CAS',
--- a/datamodels/2.x/authent-cas/dictionaries/pl.dict.authent-cas.php
+++ b/datamodels/2.x/authent-cas/dictionaries/pl.dict.authent-cas.php
@@ -5,7 +5,6 @@
 * @copyright   Copyright (C) 2013 XXXXX
 * @license     http://opensource.org/licenses/AGPL-3.0
 */
-
 Dict::Add('PL PL', 'Polish', 'Polski', array(
 	'CAS:Error:UserNotAllowed' => 'Użytkownik niedozwolony',
 	'CAS:Login:SignIn' => 'Zaloguj się za pomocą CAS',
--- a/datamodels/2.x/authent-cas/src/CASLoginExtension.php
+++ b/datamodels/2.x/authent-cas/src/CASLoginExtension.php
@@ -49,6 +49,11 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte

 	protected function OnReadCredentials(&$iErrorCode)
 	{
+		if (LoginWebPage::getIOnExit() === LoginWebPage::EXIT_RETURN) {
+			// Not allowed if not already connected
+			return LoginWebPage::LOGIN_FSM_CONTINUE;
+		}
+
 		if (empty(Session::Get('login_mode')) || Session::Get('login_mode') == static::LOGIN_MODE)
 		{
 			static::InitCASClient();
@@ -114,6 +119,10 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte
 		if (Session::Get('login_mode') == static::LOGIN_MODE)
 		{
 			Session::Unset('phpCAS');
+			if (LoginWebPage::getIOnExit() === LoginWebPage::EXIT_RETURN) {
+				// don't display the login page
+				return LoginWebPage::LOGIN_FSM_CONTINUE;
+			}
 			if ($iErrorCode != LoginWebPage::EXIT_CODE_MISSINGLOGIN)
 			{
 				$oLoginWebPage = new LoginWebPage();
--- a/datamodels/2.x/authent-external/dictionaries/es_cr.dict.authent-external.php
+++ b/datamodels/2.x/authent-external/dictionaries/es_cr.dict.authent-external.php
@@ -15,7 +15,7 @@
 //
 //   You should have received a copy of the GNU Affero General Public License
 //   along with iTop. If not, see <http://www.gnu.org/licenses/>
- /**
+/**
 * Spanish Localized data
 *
 * @copyright   Copyright (C) 2010-2023 Combodo SARL
--- a/datamodels/2.x/authent-external/dictionaries/pl.dict.authent-external.php
+++ b/datamodels/2.x/authent-external/dictionaries/pl.dict.authent-external.php
@@ -20,7 +20,6 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with iTop. If not, see <http://www.gnu.org/licenses/>
 */
-
 // Dictionnay conventions
 // Class:<class_name>
 // Class:<class_name>+
@@ -30,11 +29,9 @@
 // Class:<class_name>/Attribute:<attribute_code>/Value:<value>+
 // Class:<class_name>/Stimulus:<stimulus_code>
 // Class:<class_name>/Stimulus:<stimulus_code>+
-
 //
 // Class: UserExternal
 //
-
 Dict::Add('PL PL', 'Polish', 'Polski', array(
 	'Class:UserExternal' => 'Użytkownik zewnętrzny',
 	'Class:UserExternal+' => 'Użytkownik uwierzytelniony poza '.ITOP_APPLICATION_SHORT,
--- a/datamodels/2.x/authent-ldap/dictionaries/cs.dict.authent-ldap.php
+++ b/datamodels/2.x/authent-ldap/dictionaries/cs.dict.authent-ldap.php
@@ -38,4 +38,5 @@
 Dict::Add('CS CZ', 'Czech', 'Čeština', array(
 	'Class:UserLDAP' => 'LDAP uživatel',
 	'Class:UserLDAP+' => 'Uživatel ověřen přes LDAP',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));
--- a/datamodels/2.x/authent-ldap/dictionaries/da.dict.authent-ldap.php
+++ b/datamodels/2.x/authent-ldap/dictionaries/da.dict.authent-ldap.php
@@ -23,4 +23,5 @@
 Dict::Add('DA DA', 'Danish', 'Dansk', array(
 	'Class:UserLDAP' => 'LDAP-Bruger',
 	'Class:UserLDAP+' => 'Bruger der godkendes via LDAP',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));
--- a/datamodels/2.x/authent-ldap/dictionaries/de.dict.authent-ldap.php
+++ b/datamodels/2.x/authent-ldap/dictionaries/de.dict.authent-ldap.php
@@ -25,4 +25,7 @@
 Dict::Add('DE DE', 'German', 'Deutsch', array(
 	'Class:UserLDAP' => 'LDAP-Benutzer',
 	'Class:UserLDAP+' => 'Benutzer, der via LDAP authentifiziert wird',
+	'Class:UserLDAP/Attribute:ldap_server' => 'LDAP-Server',
+	'Class:UserLDAP/Attribute:ldap_server+' => 'Optional: LDAP-Server, der zur Authentifizierung verwendet werden soll, falls mehrere LDAP-Server konfiguriert sind.',
+	'UserLDAP:server' => 'LDAP-Einstellungen',
 ));
--- a/datamodels/2.x/authent-ldap/dictionaries/es_cr.dict.authent-ldap.php
+++ b/datamodels/2.x/authent-ldap/dictionaries/es_cr.dict.authent-ldap.php
@@ -15,7 +15,7 @@
 //
 //   You should have received a copy of the GNU Affero General Public License
 //   along with iTop. If not, see <http://www.gnu.org/licenses/>
- /**
+/**
 * Spanish Localized data
 *
 * @copyright   Copyright (C) 2010-2023 Combodo SARL
@@ -37,4 +37,5 @@
 Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Class:UserLDAP' => 'Usuario LDAP',
 	'Class:UserLDAP+' => 'Usuario autenticado vía LDAP',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));
--- a/datamodels/2.x/authent-ldap/dictionaries/hu.dict.authent-ldap.php
+++ b/datamodels/2.x/authent-ldap/dictionaries/hu.dict.authent-ldap.php
@@ -22,4 +22,5 @@
 Dict::Add('HU HU', 'Hungarian', 'Magyar', array(
 	'Class:UserLDAP' => 'LDAP felhasználó',
 	'Class:UserLDAP+' => '',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));
--- a/datamodels/2.x/authent-ldap/dictionaries/it.dict.authent-ldap.php
+++ b/datamodels/2.x/authent-ldap/dictionaries/it.dict.authent-ldap.php
@@ -36,4 +36,5 @@
 Dict::Add('IT IT', 'Italian', 'Italiano', array(
 	'Class:UserLDAP' => 'Utente LDAP',
 	'Class:UserLDAP+' => 'Utente autenticato da LDAP',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));
--- a/datamodels/2.x/authent-ldap/dictionaries/ja.dict.authent-ldap.php
+++ b/datamodels/2.x/authent-ldap/dictionaries/ja.dict.authent-ldap.php
@@ -23,4 +23,5 @@
 Dict::Add('JA JP', 'Japanese', '日本語', array(
 	'Class:UserLDAP' => 'LDAP ユーザー',
 	'Class:UserLDAP+' => 'LDAP認証ユーザー',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));
--- a/datamodels/2.x/authent-ldap/dictionaries/nl.dict.authent-ldap.php
+++ b/datamodels/2.x/authent-ldap/dictionaries/nl.dict.authent-ldap.php
@@ -37,4 +37,5 @@
 Dict::Add('NL NL', 'Dutch', 'Nederlands', array(
 	'Class:UserLDAP' => 'LDAP-gebruiker',
 	'Class:UserLDAP+' => 'Gebruiker die aanmeldt via LDAP',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));
--- a/datamodels/2.x/authent-ldap/dictionaries/pl.dict.authent-ldap.php
+++ b/datamodels/2.x/authent-ldap/dictionaries/pl.dict.authent-ldap.php
@@ -20,7 +20,6 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with iTop. If not, see <http://www.gnu.org/licenses/>
 */
-
 // Dictionnay conventions
 // Class:<class_name>
 // Class:<class_name>+
@@ -30,12 +29,11 @@
 // Class:<class_name>/Attribute:<attribute_code>/Value:<value>+
 // Class:<class_name>/Stimulus:<stimulus_code>
 // Class:<class_name>/Stimulus:<stimulus_code>+
-
 //
 // Class: UserLDAP
 //
-
 Dict::Add('PL PL', 'Polish', 'Polski', array(
 	'Class:UserLDAP' => 'Użytkownik LDAP',
 	'Class:UserLDAP+' => 'Użytkownik uwierzytelniony przez LDAP',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));
--- a/datamodels/2.x/authent-ldap/dictionaries/pt_br.dict.authent-ldap.php
+++ b/datamodels/2.x/authent-ldap/dictionaries/pt_br.dict.authent-ldap.php
@@ -22,4 +22,5 @@
 Dict::Add('PT BR', 'Brazilian', 'Brazilian', array(
 	'Class:UserLDAP' => 'Usuário externo via LDAP',
 	'Class:UserLDAP+' => '',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));
--- a/datamodels/2.x/authent-ldap/dictionaries/ru.dict.authent-ldap.php
+++ b/datamodels/2.x/authent-ldap/dictionaries/ru.dict.authent-ldap.php
@@ -14,4 +14,5 @@
 Dict::Add('RU RU', 'Russian', 'Русский', array(
 	'Class:UserLDAP' => 'Пользователь LDAP',
 	'Class:UserLDAP+' => 'Пользователь, аутентифицируемый через LDAP',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));
--- a/datamodels/2.x/authent-ldap/dictionaries/sk.dict.authent-ldap.php
+++ b/datamodels/2.x/authent-ldap/dictionaries/sk.dict.authent-ldap.php
@@ -35,4 +35,5 @@
 Dict::Add('SK SK', 'Slovak', 'Slovenčina', array(
 	'Class:UserLDAP' => 'LDAP užívateľ',
 	'Class:UserLDAP+' => '',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));
--- a/datamodels/2.x/authent-ldap/dictionaries/tr.dict.authent-ldap.php
+++ b/datamodels/2.x/authent-ldap/dictionaries/tr.dict.authent-ldap.php
@@ -37,4 +37,5 @@
 Dict::Add('TR TR', 'Turkish', 'Türkçe', array(
 	'Class:UserLDAP' => 'LDAP kullanıcısı',
 	'Class:UserLDAP+' => 'Yetki kontrolü LDAP tarafından yapılan',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));
--- a/datamodels/2.x/authent-ldap/dictionaries/zh_cn.dict.authent-ldap.php
+++ b/datamodels/2.x/authent-ldap/dictionaries/zh_cn.dict.authent-ldap.php
@@ -36,4 +36,5 @@
 Dict::Add('ZH CN', 'Chinese', '简体中文', array(
 	'Class:UserLDAP' => 'LDAP 用户',
 	'Class:UserLDAP+' => '用户身份由LDAP 认证',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));
--- a/datamodels/2.x/authent-local/dictionaries/cs.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/cs.dict.authent-local.php
@@ -40,7 +40,6 @@ Dict::Add('CS CZ', 'Czech', 'Čeština', array(
 	'Class:UserLocal+' => 'Uživatel ověřen interně v '.ITOP_APPLICATION_SHORT,
 	'Class:UserLocal/Attribute:password' => 'Heslo',
 	'Class:UserLocal/Attribute:password+' => '',
-
 	'Class:UserLocal/Attribute:expiration' => 'Password expiration~~',
 	'Class:UserLocal/Attribute:expiration+' => 'Password expiration status (requires an extension to have an effect)~~',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Can expire~~',
@@ -53,9 +52,7 @@ Dict::Add('CS CZ', 'Czech', 'Čeština', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewal~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
-
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ));
--- a/datamodels/2.x/authent-local/dictionaries/da.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/da.dict.authent-local.php
@@ -25,7 +25,6 @@ Dict::Add('DA DA', 'Danish', 'Dansk', array(
 	'Class:UserLocal+' => 'Bruger der godkendes af '.ITOP_APPLICATION_SHORT,
 	'Class:UserLocal/Attribute:password' => 'Password',
 	'Class:UserLocal/Attribute:password+' => 'Brugerens password',
-
 	'Class:UserLocal/Attribute:expiration' => 'Password expiration~~',
 	'Class:UserLocal/Attribute:expiration+' => 'Password expiration status (requires an extension to have an effect)~~',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Can expire~~',
@@ -38,9 +37,7 @@ Dict::Add('DA DA', 'Danish', 'Dansk', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewal~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
-
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ));
--- a/datamodels/2.x/authent-local/dictionaries/de.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/de.dict.authent-local.php
@@ -27,7 +27,6 @@ Dict::Add('DE DE', 'German', 'Deutsch', array(
 	'Class:UserLocal+' => 'Benutzer, der von '.ITOP_APPLICATION_SHORT.' authentifiziert wird',
 	'Class:UserLocal/Attribute:password' => 'Passwort',
 	'Class:UserLocal/Attribute:password+' => 'Benutzerpasswort',
-
 	'Class:UserLocal/Attribute:expiration' => 'Passwortablauf',
 	'Class:UserLocal/Attribute:expiration+' => 'Passwortablaufstatus (statusabhängige Effekte müssen per Extension implementiert werden)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'kann ablaufen',
@@ -40,9 +39,7 @@ Dict::Add('DE DE', 'German', 'Deutsch', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => '',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Letzte Passworterneuerung',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Letztes Änderungsdatum',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Das Passwort entspricht nicht dem in den Konfigurationsregeln hinterlegten RegEx-Ausdruck',
-
 	'UserLocal:password:expiration' => 'Die folgenden Felder benötigen eine '.ITOP_APPLICATION_SHORT.' Erweiterung',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Das setzen des Passwortablaufs auf "Einmalpasswort" ist für den eigenen Benutzer nicht erlaubt.',
 ));
--- a/datamodels/2.x/authent-local/dictionaries/es_cr.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/es_cr.dict.authent-local.php
@@ -39,7 +39,6 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Class:UserLocal+' => 'Usuario Autenticado vía '.ITOP_APPLICATION_SHORT,
 	'Class:UserLocal/Attribute:password' => 'Contraseña',
 	'Class:UserLocal/Attribute:password+' => 'Contraseña',
-
 	'Class:UserLocal/Attribute:expiration' => 'Expiración de contraseña',
 	'Class:UserLocal/Attribute:expiration+' => 'Estatus de expiración de contraseña (requiere de una extensión para que tenga efecto)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Puede expirar',
@@ -52,9 +51,7 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'El usuario no puede cambiar la contraseña.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Renovación de contraseña',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Cuando fue el último cambio de contraseña',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'La contraseña debe ser de al menos 8 caracteres e incluír mayúsculas, minúsculas, números y caracteres especiales.',
-
 	'UserLocal:password:expiration' => 'El siguiente campo requiere una extensión',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Configurar expiración de contraseña para "ontraseña de un solo uso" no está permitido para su propio Usuario',
 ));
--- a/datamodels/2.x/authent-local/dictionaries/fr.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/fr.dict.authent-local.php
@@ -24,7 +24,6 @@ Dict::Add('FR FR', 'French', 'Français', array(
 	'Class:UserLocal+' => 'Utilisateur authentifié par '.ITOP_APPLICATION_SHORT,
 	'Class:UserLocal/Attribute:password' => 'Mot de passe',
 	'Class:UserLocal/Attribute:password+' => '',
-
 	'Class:UserLocal/Attribute:expiration' => 'Validité du mot de passe',
 	'Class:UserLocal/Attribute:expiration+' => 'Statut du mot de passe (nécessite une extension pour avoir un effet)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Durée limitée',
@@ -37,7 +36,6 @@ Dict::Add('FR FR', 'French', 'Français', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => '',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Mot de passe changé le',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Dernière date à laquelle le mot de passe a été changé',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Le mot de passe doit contenir au moins 8 caractères, avec minuscule, majuscule, nombre et caractère spécial.',
 	'UserLocal:password:expiration' => 'Les champs ci-dessous nécessitent une extension',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Impossible de mettre "Usage unique" comme validité du mot de passe pour son propre utilisateur.',
--- a/datamodels/2.x/authent-local/dictionaries/hu.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/hu.dict.authent-local.php
@@ -24,7 +24,6 @@ Dict::Add('HU HU', 'Hungarian', 'Magyar', array(
 	'Class:UserLocal+' => '',
 	'Class:UserLocal/Attribute:password' => 'Jelszó',
 	'Class:UserLocal/Attribute:password+' => '',
-
 	'Class:UserLocal/Attribute:expiration' => 'Jelszó lejárati ideje',
 	'Class:UserLocal/Attribute:expiration+' => 'Jelszó lejárati státusz (bővítmény szükséges hozzá)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Lejár',
@@ -35,11 +34,9 @@ Dict::Add('HU HU', 'Hungarian', 'Magyar', array(
 	'Class:UserLocal/Attribute:expiration/Value:force_expire+' => '~~',
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire' => 'Egyszeri jelszó',
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'A felhasználó nem változtathat jelszót.',
-    'Class:UserLocal/Attribute:password_renewed_date' => 'Jelszó megújítás ideje',
+	'Class:UserLocal/Attribute:password_renewed_date' => 'Jelszó megújítás ideje',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'A jelszó legutóbbi módosításának időpontja',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'A jelszónak legalább 8 karakterből kell állnia, és tartalmaznia kell nagybetűket, kisbetűket, numerikus és speciális karaktereket.',
-
 	'UserLocal:password:expiration' => 'Az alábbi mezőkhöz egy bővítmény szükséges',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'A jelszó lejárati idejének beállítása "Egyszeri jelszóra" nem engedélyezett a saját Felhasználó számára.',
 ));
--- a/datamodels/2.x/authent-local/dictionaries/it.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/it.dict.authent-local.php
@@ -38,7 +38,6 @@ Dict::Add('IT IT', 'Italian', 'Italiano', array(
 	'Class:UserLocal+' => 'Utente autenticato da '.ITOP_APPLICATION_SHORT,
 	'Class:UserLocal/Attribute:password' => 'Password',
 	'Class:UserLocal/Attribute:password+' => 'user authentication string',
-
 	'Class:UserLocal/Attribute:expiration' => 'Password expiration~~',
 	'Class:UserLocal/Attribute:expiration+' => 'Password expiration status (requires an extension to have an effect)~~',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Can expire~~',
@@ -51,9 +50,7 @@ Dict::Add('IT IT', 'Italian', 'Italiano', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewal~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
-
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ));
--- a/datamodels/2.x/authent-local/dictionaries/ja.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/ja.dict.authent-local.php
@@ -25,7 +25,6 @@ Dict::Add('JA JP', 'Japanese', '日本語', array(
 	'Class:UserLocal+' => ITOP_APPLICATION_SHORT.'ローカル認証ユーザー',
 	'Class:UserLocal/Attribute:password' => 'パスワード',
 	'Class:UserLocal/Attribute:password+' => '認証文字列',
-
 	'Class:UserLocal/Attribute:expiration' => 'Password expiration~~',
 	'Class:UserLocal/Attribute:expiration+' => 'Password expiration status (requires an extension to have an effect)~~',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Can expire~~',
@@ -38,9 +37,7 @@ Dict::Add('JA JP', 'Japanese', '日本語', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewal~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
-
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ));
--- a/datamodels/2.x/authent-local/dictionaries/nl.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/nl.dict.authent-local.php
@@ -29,7 +29,6 @@ Dict::Add('NL NL', 'Dutch', 'Nederlands', array(
 	'Class:UserLocal+' => 'Gebruiker die aanmeldt met gegevens aangemaakt in het gebruikersbeheer van '.ITOP_APPLICATION_SHORT,
 	'Class:UserLocal/Attribute:password' => 'Wachtwoord',
 	'Class:UserLocal/Attribute:password+' => 'Het wachtwoord waarmee de gebruiker zich aanmeldt bij '.ITOP_APPLICATION_SHORT,
-
 	'Class:UserLocal/Attribute:expiration' => 'Wachtwoord verloopt',
 	'Class:UserLocal/Attribute:expiration+' => 'Of het wachtwoord al dan niet verlopen is (vereist een extensie vooraleer dit werkt)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Kan verlopen',
@@ -42,9 +41,7 @@ Dict::Add('NL NL', 'Dutch', 'Nederlands', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'De gebruiker kan dit wachtwoord niet veranderen.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Wachtwoord laatst aangepast',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Tijdstip waarop het wachtwoord het laatst aangepast werd.',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Het wachtwoord bestaat uit minstens 8 tekens en bestaat uit een mix van minstens 1 hoofdletter, kleine letter, cijfer en speciaal teken.',
-
 	'UserLocal:password:expiration' => 'De velden hieronder vereisen een extensie.',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Je kan geen eenmalig wachtwoord instellen voor je eigen gebruiker.',
 ));
--- a/datamodels/2.x/authent-local/dictionaries/pl.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/pl.dict.authent-local.php
@@ -37,7 +37,6 @@ Dict::Add('PL PL', 'Polish', 'Polski', array(
 	'Class:UserLocal+' => 'Użytkownik uwierzytelniony przez '.ITOP_APPLICATION_SHORT,
 	'Class:UserLocal/Attribute:password' => 'Hasło',
 	'Class:UserLocal/Attribute:password+' => 'Ciąg uwierzytelniania użytkownika',
-
 	'Class:UserLocal/Attribute:expiration' => 'Wygaśnięcie hasła',
 	'Class:UserLocal/Attribute:expiration+' => 'Stan wygaśnięcia hasła (wymaga rozszerzenia, aby zadziałało)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Może wygasnąć',
@@ -50,9 +49,7 @@ Dict::Add('PL PL', 'Polish', 'Polski', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Hasło nie może być zmienione przez użytkownika.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Odnowienie hasła',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Kiedy ostatnio zmieniano hasło',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Hasło musi mieć co najmniej 8 znaków i zawierać duże, małe litery, cyfry i znaki specjalne.',
-
 	'UserLocal:password:expiration' => 'Poniższe pola wymagają rozszerzenia',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Ustawienie wygaśnięcia hasła "Hasło jednorazowe" nie jest dozwolone dla własnego użytkownika',
 ));
--- a/datamodels/2.x/authent-local/dictionaries/pt_br.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/pt_br.dict.authent-local.php
@@ -24,7 +24,6 @@ Dict::Add('PT BR', 'Brazilian', 'Brazilian', array(
 	'Class:UserLocal+' => '',
 	'Class:UserLocal/Attribute:password' => 'Senha',
 	'Class:UserLocal/Attribute:password+' => '',
-
 	'Class:UserLocal/Attribute:expiration' => 'Expiração da senha',
 	'Class:UserLocal/Attribute:expiration+' => 'Status de expiração de senha (Requer uma extensão para fazer efeito)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Senha expira',
@@ -37,9 +36,7 @@ Dict::Add('PT BR', 'Brazilian', 'Brazilian', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Senha não pode ser alterada pelo usuário',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Data da última alteração de senha',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Quando a senha foi alterada anteriormente',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'A senha deve ter no mínimo 8 caracteres e incluir letras maiúsculas, minúsculas, números e símbolos',
-
 	'UserLocal:password:expiration' => 'O campo abaixo requer uma extensão',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Definir a expiração da senha para One-Time Password (OTP) não é permitido para o seu próprio usuário',
 ));
--- a/datamodels/2.x/authent-local/dictionaries/ru.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/ru.dict.authent-local.php
@@ -16,7 +16,6 @@ Dict::Add('RU RU', 'Russian', 'Русский', array(
 	'Class:UserLocal+' => 'Пользователь, аутентифицируемый через '.ITOP_APPLICATION_SHORT,
 	'Class:UserLocal/Attribute:password' => 'Пароль',
 	'Class:UserLocal/Attribute:password+' => 'Строка аутентификации пользователя',
-
 	'Class:UserLocal/Attribute:expiration' => 'Срок действия пароля',
 	'Class:UserLocal/Attribute:expiration+' => 'Статус срока действия пароля (требуется расширение для эффекта)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Органиченный',
@@ -29,9 +28,7 @@ Dict::Add('RU RU', 'Russian', 'Русский', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Дата изменения пароля',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Когда пароль был изменен в последний раз',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Пароль должен содержать не менее 8 символов и включать прописные, строчные, числовые и специальные символы.',
-
 	'UserLocal:password:expiration' => 'Поля требуют наличия доп. расширения',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ));
--- a/datamodels/2.x/authent-local/dictionaries/sk.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/sk.dict.authent-local.php
@@ -37,7 +37,6 @@ Dict::Add('SK SK', 'Slovak', 'Slovenčina', array(
 	'Class:UserLocal+' => '',
 	'Class:UserLocal/Attribute:password' => 'Heslo',
 	'Class:UserLocal/Attribute:password+' => '',
-
 	'Class:UserLocal/Attribute:expiration' => 'Password expiration~~',
 	'Class:UserLocal/Attribute:expiration+' => 'Password expiration status (requires an extension to have an effect)~~',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Can expire~~',
@@ -50,9 +49,7 @@ Dict::Add('SK SK', 'Slovak', 'Slovenčina', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewal~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
-
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ));
--- a/datamodels/2.x/authent-local/dictionaries/tr.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/tr.dict.authent-local.php
@@ -39,7 +39,6 @@ Dict::Add('TR TR', 'Turkish', 'Türkçe', array(
 	'Class:UserLocal+' => 'Yetki kontorlünü '.ITOP_APPLICATION_SHORT.' tarafından yapılan kullanıcı',
 	'Class:UserLocal/Attribute:password' => 'Şifre',
 	'Class:UserLocal/Attribute:password+' => 'şifre',
-
 	'Class:UserLocal/Attribute:expiration' => 'Password expiration~~',
 	'Class:UserLocal/Attribute:expiration+' => 'Password expiration status (requires an extension to have an effect)~~',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Can expire~~',
@@ -52,9 +51,7 @@ Dict::Add('TR TR', 'Turkish', 'Türkçe', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewal~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
-
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ));
--- a/datamodels/2.x/authent-local/dictionaries/zh_cn.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/zh_cn.dict.authent-local.php
@@ -38,7 +38,6 @@ Dict::Add('ZH CN', 'Chinese', '简体中文', array(
 	'Class:UserLocal+' => '用户由 '.ITOP_APPLICATION_SHORT.' 验证身份',
 	'Class:UserLocal/Attribute:password' => '密码',
 	'Class:UserLocal/Attribute:password+' => '用于验证用户身份的字符串',
-
 	'Class:UserLocal/Attribute:expiration' => '密码过期',
 	'Class:UserLocal/Attribute:expiration+' => '密码过期状态(需要一个扩展才能生效)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => '允许过期',
@@ -51,9 +50,7 @@ Dict::Add('ZH CN', 'Chinese', '简体中文', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => '用户不允许修改密码.',
 	'Class:UserLocal/Attribute:password_renewed_date' => '密码更新',
 	'Class:UserLocal/Attribute:password_renewed_date+' => '上次修改密码的时间',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => '密码必须至少8个字符,包含大小写,数字和特殊字符.',
-
 	'UserLocal:password:expiration' => '下面的区域需要插件扩展',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => '不允许用户为自己设置"一次性密码"的失效期限',
 ));
--- a/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/cs.dict.combodo-backoffice-darkmoon-theme.php
+++ b/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/cs.dict.combodo-backoffice-darkmoon-theme.php
@@ -20,7 +20,6 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with iTop. If not, see <http://www.gnu.org/licenses/>
 */
-
 Dict::Add('CS CZ', 'Czech', 'Čeština', array(
 	'theme:darkmoon' => 'Dark moon~~',
 ));
--- a/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/da.dict.combodo-backoffice-darkmoon-theme.php
+++ b/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/da.dict.combodo-backoffice-darkmoon-theme.php
@@ -20,7 +20,6 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with iTop. If not, see <http://www.gnu.org/licenses/>
 */
-
 Dict::Add('DA DA', 'Danish', 'Dansk', array(
 	'theme:darkmoon' => 'Dark moon~~',
 ));
--- a/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/de.dict.combodo-backoffice-darkmoon-theme.php
+++ b/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/de.dict.combodo-backoffice-darkmoon-theme.php
@@ -20,7 +20,6 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with iTop. If not, see <http://www.gnu.org/licenses/>
 */
-
 Dict::Add('DE DE', 'German', 'Deutsch', array(
 	'theme:darkmoon' => 'Dark moon',
-));
+));
--- a/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/es_cr.dict.combodo-backoffice-darkmoon-theme.php
+++ b/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/es_cr.dict.combodo-backoffice-darkmoon-theme.php
@@ -20,7 +20,6 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with iTop. If not, see <http://www.gnu.org/licenses/>
 */
-
 Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'theme:darkmoon' => 'Luna Obscura',
 ));
--- a/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/fr.dict.combodo-backoffice-darkmoon-theme.php
+++ b/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/fr.dict.combodo-backoffice-darkmoon-theme.php
@@ -20,7 +20,6 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with iTop. If not, see <http://www.gnu.org/licenses/>
 */
-
 Dict::Add('FR FR', 'French', 'Français', array(
 	'theme:darkmoon' => 'Dark moon~~',
 ));
--- a/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/hu.dict.combodo-backoffice-darkmoon-theme.php
+++ b/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/hu.dict.combodo-backoffice-darkmoon-theme.php
@@ -20,7 +20,6 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with iTop. If not, see <http://www.gnu.org/licenses/>
 */
-
 Dict::Add('HU HU', 'Hungarian', 'Magyar', array(
 	'theme:darkmoon' => 'Dark moon',
 ));
--- a/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/it.dict.combodo-backoffice-darkmoon-theme.php
+++ b/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/it.dict.combodo-backoffice-darkmoon-theme.php
@@ -20,7 +20,6 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with iTop. If not, see <http://www.gnu.org/licenses/>
 */
-
 Dict::Add('IT IT', 'Italian', 'Italiano', array(
 	'theme:darkmoon' => 'Dark moon~~',
 ));
--- a/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/ja.dict.combodo-backoffice-darkmoon-theme.php
+++ b/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/ja.dict.combodo-backoffice-darkmoon-theme.php
@@ -20,7 +20,6 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with iTop. If not, see <http://www.gnu.org/licenses/>
 */
-
 Dict::Add('JA JP', 'Japanese', '日本語', array(
 	'theme:darkmoon' => 'Dark moon~~',
 ));
--- a/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/nl.dict.combodo-backoffice-darkmoon-theme.php
+++ b/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/nl.dict.combodo-backoffice-darkmoon-theme.php
@@ -20,7 +20,6 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with iTop. If not, see <http://www.gnu.org/licenses/>
 */
-
 Dict::Add('NL NL', 'Dutch', 'Nederlands', array(
 	'theme:darkmoon' => 'Dark moon',
 ));
--- a/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/pt_br.dict.combodo-backoffice-darkmoon-theme.php
+++ b/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/pt_br.dict.combodo-backoffice-darkmoon-theme.php
@@ -20,7 +20,6 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with iTop. If not, see <http://www.gnu.org/licenses/>
 */
-
 Dict::Add('PT BR', 'Brazilian', 'Brazilian', array(
 	'theme:darkmoon' => 'Dark moon',
 ));
--- a/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/ru.dict.combodo-backoffice-darkmoon-theme.php
+++ b/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/ru.dict.combodo-backoffice-darkmoon-theme.php
@@ -20,7 +20,6 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with iTop. If not, see <http://www.gnu.org/licenses/>
 */
-
 Dict::Add('RU RU', 'Russian', 'Русский', array(
 	'theme:darkmoon' => 'Dark moon~~',
 ));
--- a/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/sk.dict.combodo-backoffice-darkmoon-theme.php
+++ b/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/sk.dict.combodo-backoffice-darkmoon-theme.php
@@ -20,7 +20,6 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with iTop. If not, see <http://www.gnu.org/licenses/>
 */
-
 Dict::Add('SK SK', 'Slovak', 'Slovenčina', array(
 	'theme:darkmoon' => 'Dark moon~~',
 ));
--- a/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/tr.dict.combodo-backoffice-darkmoon-theme.php
+++ b/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/tr.dict.combodo-backoffice-darkmoon-theme.php
@@ -20,7 +20,6 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with iTop. If not, see <http://www.gnu.org/licenses/>
 */
-
 Dict::Add('TR TR', 'Turkish', 'Türkçe', array(
 	'theme:darkmoon' => 'Dark moon~~',
 ));
--- a/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/zh_cn.dict.combodo-backoffice-darkmoon-theme.php
+++ b/datamodels/2.x/combodo-backoffice-darkmoon-theme/dictionaries/zh_cn.dict.combodo-backoffice-darkmoon-theme.php
@@ -20,7 +20,6 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with iTop. If not, see <http://www.gnu.org/licenses/>
 */
-
 Dict::Add('ZH CN', 'Chinese', '简体中文', array(
 	'theme:darkmoon' => 'Dark moon~~',
 ));
--- a/datamodels/2.x/combodo-db-tools/db_analyzer.class.inc.php
+++ b/datamodels/2.x/combodo-db-tools/db_analyzer.class.inc.php
@@ -462,6 +462,12 @@ class DatabaseAnalyzer
 			$aCols = $oAttDef->GetSQLExpressions(); // Workaround a PHP bug: sometimes issuing a Notice if invoking current(somefunc())
 			$sMyAttributeField = current($aCols); // get the first column for the moment
 			$sFilter = "FROM `$sTable` WHERE `$sTable`.`$sMyAttributeField` NOT IN ($sExpectedValues)";
+			if ($oAttDef->IsNullAllowed()) {
+				// NotEmptyToSql should have been in AttributeDefinition, as a workaround the search type is used
+				$sSearchType = $oAttDef->GetSearchType();
+				$sCondition = $this->NotEmptyToSql("`$sTable`.`$sMyAttributeField`", $sSearchType);
+				$sFilter .= " AND $sCondition";
+			}
 			$sDelete = "DELETE `$sTable`";
 			$sSelect = "SELECT DISTINCT `$sTable`.`$sKeyField` AS id, `$sTable`.`$sMyAttributeField` AS value";
 			$sSelWrongRecs = "$sSelect $sFilter";
@@ -492,6 +498,26 @@ class DatabaseAnalyzer
 		}
 	}

+	/**
+	 * @param $sRef
+	 * @param string $sSearchType
+	 *
+	 * @return string
+	 * @since 3.1.0 N°6442
+	 */
+	private function NotEmptyToSql($sRef, string $sSearchType)
+	{
+		switch ($sSearchType) {
+			case AttributeDefinition::SEARCH_WIDGET_TYPE_NUMERIC:
+			case AttributeDefinition::SEARCH_WIDGET_TYPE_EXTERNAL_FIELD:
+			case AttributeDefinition::SEARCH_WIDGET_TYPE_DATE:
+			case AttributeDefinition::SEARCH_WIDGET_TYPE_DATE_TIME:
+				return "ISNULL({$sRef}) = 0";
+		}
+
+		return "({$sRef} != '')";
+	}
+
 	/**
 	 * Check user accounts without profile
 	 *
--- a/datamodels/2.x/combodo-db-tools/dictionaries/cs.dict.combodo-db-tools.php
+++ b/datamodels/2.x/combodo-db-tools/dictionaries/cs.dict.combodo-db-tools.php
@@ -41,14 +41,12 @@ Dict::Add('CS CZ', 'Czech', 'Čeština', array(
 	'DBTools:IntegrityCheck' => 'Integrity check~~',
 	'DBTools:FetchCheck' => 'Fetch Check (long)~~',
 	'DBTools:SelectAnalysisType' => 'Select analysis type~~',
-
 	'DBTools:Analyze' => 'Analyze~~',
 	'DBTools:Details' => 'Show Details~~',
 	'DBTools:ShowAll' => 'Show All Errors~~',
-
 	'DBTools:Inconsistencies' => 'Database inconsistencies~~',
 	'DBTools:DetailedErrorTitle' => '%2$s error(s) in class %1$s: %3$s~~',
-
+	'DBTools:DetailedErrorLimit' => 'List limited to %1$s errors~~',
 	'DBAnalyzer-Integrity-OrphanRecord' => 'Orphan record in `%1$s`, it should have its counterpart in table `%2$s`~~',
 	'DBAnalyzer-Integrity-InvalidExtKey' => 'Invalid external key %1$s (column: `%2$s.%3$s`)~~',
 	'DBAnalyzer-Integrity-MissingExtKey' => 'Missing external key %1$s (column: `%2$s.%3$s`)~~',
@@ -71,24 +69,19 @@ Dict::Add('CS CZ', 'Czech', 'Čeština', array(
 Dict::Add('CS CZ', 'Czech', 'Čeština', array(
 	'DBTools:LostAttachments' => 'Lost attachments~~',
 	'DBTools:LostAttachments:Disclaimer' => 'Here you can search your database for lost or misplaced attachments. This is NOT a data recovery tool, is does not retrieve deleted data.~~',
-
 	'DBTools:LostAttachments:Button:Analyze' => 'Analyze~~',
 	'DBTools:LostAttachments:Button:Restore' => 'Restore~~',
 	'DBTools:LostAttachments:Button:Restore:Confirm' => 'This action cannot be undone, please confirm that you want to restore the selected files.~~',
 	'DBTools:LostAttachments:Button:Busy' => 'Please wait...~~',
-
 	'DBTools:LostAttachments:Step:Analyze' => 'First, search for lost/misplaced attachments by analyzing the database.~~',
-
 	'DBTools:LostAttachments:Step:AnalyzeResults' => 'Analyze results:~~',
 	'DBTools:LostAttachments:Step:AnalyzeResults:None' => 'Great! Every thing seems to be at the right place.~~',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Some' => 'Some attachments (%1$d) seem to be misplaced. Take a look at the following list and check the ones you would like to move.~~',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:Filename' => 'Filename~~',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:CurrentLocation' => 'Current location~~',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:TargetLocation' => 'Move to...~~',
-
 	'DBTools:LostAttachments:Step:RestoreResults' => 'Restore results:~~',
 	'DBTools:LostAttachments:Step:RestoreResults:Results' => '%1$d/%2$d attachments were restored.~~',
-
 	'DBTools:LostAttachments:StoredAsInlineImage' => 'Stored as inline image~~',
 	'DBTools:LostAttachments:History' => 'Attachment "%1$s" restored with DB tools~~'
 ));
--- a/datamodels/2.x/combodo-db-tools/dictionaries/da.dict.combodo-db-tools.php
+++ b/datamodels/2.x/combodo-db-tools/dictionaries/da.dict.combodo-db-tools.php
@@ -41,14 +41,12 @@ Dict::Add('DA DA', 'Danish', 'Dansk', array(
 	'DBTools:IntegrityCheck' => 'Integrity check~~',
 	'DBTools:FetchCheck' => 'Fetch Check (long)~~',
 	'DBTools:SelectAnalysisType' => 'Select analysis type~~',
-
 	'DBTools:Analyze' => 'Analyze~~',
 	'DBTools:Details' => 'Show Details~~',
 	'DBTools:ShowAll' => 'Show All Errors~~',
-
 	'DBTools:Inconsistencies' => 'Database inconsistencies~~',
 	'DBTools:DetailedErrorTitle' => '%2$s error(s) in class %1$s: %3$s~~',
-
+	'DBTools:DetailedErrorLimit' => 'List limited to %1$s errors~~',
 	'DBAnalyzer-Integrity-OrphanRecord' => 'Orphan record in `%1$s`, it should have its counterpart in table `%2$s`~~',
 	'DBAnalyzer-Integrity-InvalidExtKey' => 'Invalid external key %1$s (column: `%2$s.%3$s`)~~',
 	'DBAnalyzer-Integrity-MissingExtKey' => 'Missing external key %1$s (column: `%2$s.%3$s`)~~',
@@ -71,24 +69,19 @@ Dict::Add('DA DA', 'Danish', 'Dansk', array(
 Dict::Add('DA DA', 'Danish', 'Dansk', array(
 	'DBTools:LostAttachments' => 'Lost attachments~~',
 	'DBTools:LostAttachments:Disclaimer' => 'Here you can search your database for lost or misplaced attachments. This is NOT a data recovery tool, is does not retrieve deleted data.~~',
-
 	'DBTools:LostAttachments:Button:Analyze' => 'Analyze~~',
 	'DBTools:LostAttachments:Button:Restore' => 'Restore~~',
 	'DBTools:LostAttachments:Button:Restore:Confirm' => 'This action cannot be undone, please confirm that you want to restore the selected files.~~',
 	'DBTools:LostAttachments:Button:Busy' => 'Please wait...~~',
-
 	'DBTools:LostAttachments:Step:Analyze' => 'First, search for lost/misplaced attachments by analyzing the database.~~',
-
 	'DBTools:LostAttachments:Step:AnalyzeResults' => 'Analyze results:~~',
 	'DBTools:LostAttachments:Step:AnalyzeResults:None' => 'Great! Every thing seems to be at the right place.~~',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Some' => 'Some attachments (%1$d) seem to be misplaced. Take a look at the following list and check the ones you would like to move.~~',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:Filename' => 'Filename~~',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:CurrentLocation' => 'Current location~~',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:TargetLocation' => 'Move to...~~',
-
 	'DBTools:LostAttachments:Step:RestoreResults' => 'Restore results:~~',
 	'DBTools:LostAttachments:Step:RestoreResults:Results' => '%1$d/%2$d attachments were restored.~~',
-
 	'DBTools:LostAttachments:StoredAsInlineImage' => 'Stored as inline image~~',
 	'DBTools:LostAttachments:History' => 'Attachment "%1$s" restored with DB tools~~'
 ));
--- a/datamodels/2.x/combodo-db-tools/dictionaries/de.dict.combodo-db-tools.php
+++ b/datamodels/2.x/combodo-db-tools/dictionaries/de.dict.combodo-db-tools.php
@@ -38,14 +38,12 @@ Dict::Add('DE DE', 'German', 'Deutsch', array(
 	'DBTools:IntegrityCheck' => 'Integritätscheck',
 	'DBTools:FetchCheck' => 'Fetch Check (dauert länger)',
 	'DBTools:SelectAnalysisType' => 'Analysetyp auswählen',
-
 	'DBTools:Analyze' => 'Analysiere',
 	'DBTools:Details' => 'Details anzeigen',
 	'DBTools:ShowAll' => 'Alle Fehler anzeigen',
-
 	'DBTools:Inconsistencies' => 'Datenbank-Inkonsistenzen',
 	'DBTools:DetailedErrorTitle' => '%2$s Fehler(s) in der Klasse %1$s: %3$s',
-
+	'DBTools:DetailedErrorLimit' => 'Liste auf %1$s Fehler begrenzt',
 	'DBAnalyzer-Integrity-OrphanRecord' => 'Verwaister Eintrag in `%1$s`, er sollte eine Entsprechung in Tabelle `%2$s` haben',
 	'DBAnalyzer-Integrity-InvalidExtKey' => 'Ungültiger Externer Key %1$s (Spalte: `%2$s.%3$s`)',
 	'DBAnalyzer-Integrity-MissingExtKey' => 'Fehlender Externer Key %1$s (Spalte: `%2$s.%3$s`)',
@@ -68,24 +66,19 @@ Dict::Add('DE DE', 'German', 'Deutsch', array(
 Dict::Add('DE DE', 'German', 'Deutsch', array(
 	'DBTools:LostAttachments' => 'Verlorene Attachments',
 	'DBTools:LostAttachments:Disclaimer' => 'Hier können Sie Ihre Datenbank nach verlorenen oder falsch platzierten Attachments durchsuchen. Dies ist kein Recovery-Tool - es stellt keine gelöschten Daten wieder her.',
-
 	'DBTools:LostAttachments:Button:Analyze' => 'Analysieren',
 	'DBTools:LostAttachments:Button:Restore' => 'Wiederherstellen',
 	'DBTools:LostAttachments:Button:Restore:Confirm' => 'Diese Aktion kann nicht rückgängig gemacht werden, bitte bestätigen Sie, dass Sie die ausgewählten Dateien wiederherstellen möchten.',
 	'DBTools:LostAttachments:Button:Busy' => 'Bitte warten...',
-
 	'DBTools:LostAttachments:Step:Analyze' => 'Suche zunächst nach verlorenen / falsch platzierten Attachments mittels einer Analyse der Datenbank',
-
 	'DBTools:LostAttachments:Step:AnalyzeResults' => 'Analyseergebnisse:',
 	'DBTools:LostAttachments:Step:AnalyzeResults:None' => 'Toll! Alles scheint am richtigen Ort zu sein.',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Some' => 'Manche Attachments scheinen am falschen Ort zu sein. Werfen Sie einen Blick auf die folgende Liste und wählen Sie diejenigen aus, die Sie gerne verschieben möchten.',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:Filename' => 'Dateiname',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:CurrentLocation' => 'Derzeitiger Ort',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:TargetLocation' => 'Verschieben nach...',
-
 	'DBTools:LostAttachments:Step:RestoreResults' => 'Restore-Ergebnisse:',
 	'DBTools:LostAttachments:Step:RestoreResults:Results' => '%1$d/%2$d Attachments wurden wiederhergestellt.',
-
 	'DBTools:LostAttachments:StoredAsInlineImage' => 'Als Inline-Bild gespeichert',
 	'DBTools:LostAttachments:History' => 'Attachment "%1$s" mit DB-Tools wiederhergestellt'
 ));
--- a/datamodels/2.x/combodo-db-tools/dictionaries/es_cr.dict.combodo-db-tools.php
+++ b/datamodels/2.x/combodo-db-tools/dictionaries/es_cr.dict.combodo-db-tools.php
@@ -42,14 +42,12 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'DBTools:IntegrityCheck' => 'Verificación de integridad',
 	'DBTools:FetchCheck' => 'Verificación de búsqueda (larga)',
 	'DBTools:SelectAnalysisType' => 'Seleccionar tipo de análisis',
-
 	'DBTools:Analyze' => 'Analizar',
 	'DBTools:Details' => 'Mostrar detalles',
 	'DBTools:ShowAll' => 'Mostrar todos los errores',
-
 	'DBTools:Inconsistencies' => 'Inconsistencias de Base de Datos',
 	'DBTools:DetailedErrorTitle' => '%2$s error(es) en clase %1$s: %3$s',
-
+	'DBTools:DetailedErrorLimit' => 'List limited to %1$s errors~~',
 	'DBAnalyzer-Integrity-OrphanRecord' => 'Registro huérfano en `%1$s`, debería tener su contraparte en la tabla `%2$s`',
 	'DBAnalyzer-Integrity-InvalidExtKey' => 'Llave externa inválida %1$s (columna: `%2$s.%3$s`)',
 	'DBAnalyzer-Integrity-MissingExtKey' => 'Llave externa perdida %1$s (columna: `%2$s.%3$s`)',
@@ -72,24 +70,19 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'DBTools:LostAttachments' => 'Adjuntos perdidos',
 	'DBTools:LostAttachments:Disclaimer' => 'Aquí usted puede buscar anexos perdidos o fuera de lugar. Esta NO es una herramienta de recuperación de datos, no obtiene datos borrados.',
-
 	'DBTools:LostAttachments:Button:Analyze' => 'Analizar',
 	'DBTools:LostAttachments:Button:Restore' => 'Restaurar',
 	'DBTools:LostAttachments:Button:Restore:Confirm' => 'Esta acción no se puede deshacer, por favor confirme que quiere restaurar los archivos seleccionados.',
 	'DBTools:LostAttachments:Button:Busy' => 'Por favor espere...',
-
 	'DBTools:LostAttachments:Step:Analyze' => 'Primero, buscar anexos perdidos o fuera de lugar analizando la base de datos.',
-
 	'DBTools:LostAttachments:Step:AnalyzeResults' => 'Analizar resultados:',
 	'DBTools:LostAttachments:Step:AnalyzeResults:None' => '¡Genial! Todo parece estar en el lugar correcto.',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Some' => 'Algunos adjuntos (%1$d) parecen estar desplazados. Mire la siguiente lista y verifique los que quiera mover.',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:Filename' => 'Nombre de archivo',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:CurrentLocation' => 'Ubicación actual',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:TargetLocation' => 'Mover a...',
-
 	'DBTools:LostAttachments:Step:RestoreResults' => 'Resultados de restauración:',
 	'DBTools:LostAttachments:Step:RestoreResults:Results' => '%1$d/%2$d adjuntos fueron restaurados.',
-
 	'DBTools:LostAttachments:StoredAsInlineImage' => 'Almacenado como imagen en línea',
 	'DBTools:LostAttachments:History' => 'Adjunto "%1$s" restaurado con herramientas de base de datos'
 ));
--- a/datamodels/2.x/combodo-db-tools/dictionaries/fr.dict.combodo-db-tools.php
+++ b/datamodels/2.x/combodo-db-tools/dictionaries/fr.dict.combodo-db-tools.php
@@ -37,15 +37,12 @@ Dict::Add('FR FR', 'French', 'Français', array(
 	'DBTools:IntegrityCheck' => 'Contrôle d\'intégrité',
 	'DBTools:FetchCheck' => 'Contrôle de récupération (long)',
 	'DBTools:SelectAnalysisType' => 'Type d\'analyse',
-
 	'DBTools:Analyze' => 'Analyser',
 	'DBTools:Details' => 'Afficher détails',
 	'DBTools:ShowAll' => 'Afficher toutes les erreurs',
-
 	'DBTools:Inconsistencies' => 'Incohérences de base de données',
 	'DBTools:DetailedErrorTitle' => '%2$s erreur(s) dans la classe %1$s : %3$s',
 	'DBTools:DetailedErrorLimit' => 'Liste limitée à %1$s erreurs',
-
 	'DBAnalyzer-Integrity-OrphanRecord' => 'Enregistrement orphelin dans `%1$s`, il devrait avoir son équivalent dans la table `%2$s`',
 	'DBAnalyzer-Integrity-InvalidExtKey' => 'Clé externe invalide %1$s (colonne: `%2$s.%3$s`)',
 	'DBAnalyzer-Integrity-MissingExtKey' => 'Clé externe manquante %1$s (colonne: `%2$s.%3$s`)',
@@ -68,24 +65,19 @@ Dict::Add('FR FR', 'French', 'Français', array(
 Dict::Add('FR FR', 'French', 'Français', array(
 	'DBTools:LostAttachments' => 'Pièces jointes perdues',
 	'DBTools:LostAttachments:Disclaimer' => 'Ici vous pouvez retrouver des pièces jointes perdues ou égarées dans votre base de données. Ceci n\'est PAS un outil de récupération des données, il ne récupère pas les données effacées.',
-
 	'DBTools:LostAttachments:Button:Analyze' => 'Analyser',
 	'DBTools:LostAttachments:Button:Restore' => 'Restaurer',
 	'DBTools:LostAttachments:Button:Restore:Confirm' => 'Cet action ne peut être annuler, veuillez confirmer que vous voulez restaurer les fichiers sélectionnés.',
 	'DBTools:LostAttachments:Button:Busy' => 'Patientez ...',
-
 	'DBTools:LostAttachments:Step:Analyze' => 'Tout d\'abord, scannez la base de données à la recherche de pièces jointes perdues/égarées.',
-
 	'DBTools:LostAttachments:Step:AnalyzeResults' => 'Résultat de l\'analyse :',
 	'DBTools:LostAttachments:Step:AnalyzeResults:None' => 'Parfait ! Il semble que tout soit en ordre.',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Some' => 'Certaines pièces jointes (%1$d) semblent être au mauvais endroit. Examinez la liste suivante et cochez celles que vous souhaitez déplacer.',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:Filename' => 'Nom de fichier',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:CurrentLocation' => 'Emplacement actuel',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:TargetLocation' => 'Déplacer vers ...',
-
 	'DBTools:LostAttachments:Step:RestoreResults' => 'Résultats de la restauration :',
 	'DBTools:LostAttachments:Step:RestoreResults:Results' => '%1$d/%2$d pièces jointes ont été restaurées.',
-
 	'DBTools:LostAttachments:StoredAsInlineImage' => 'Stockée comme "InlineImage"',
 	'DBTools:LostAttachments:History' => 'Pièce jointe "%1$s" restaurée avec l\'outil de BDD'
 ));
--- a/datamodels/2.x/combodo-db-tools/dictionaries/hu.dict.combodo-db-tools.php
+++ b/datamodels/2.x/combodo-db-tools/dictionaries/hu.dict.combodo-db-tools.php
@@ -41,15 +41,13 @@ Dict::Add('HU HU', 'Hungarian', 'Magyar', array(
 	'DBTools:IntegrityCheck' => 'Integritás ellenőrzés',
 	'DBTools:FetchCheck' => 'Lehívás ellenőrzés (hosszú)',
 	'DBTools:SelectAnalysisType' => 'Válasszon elemzés típust',
-
 	'DBTools:Analyze' => 'Elemzés',
 	'DBTools:Details' => 'Részletek mutatása',
 	'DBTools:ShowAll' => 'Minden hiba mutatása',
-
 	'DBTools:Inconsistencies' => 'Adatbázis inkonzisztenciák',
 	'DBTools:DetailedErrorTitle' => '%2$s hiba a %1$s osztályban: %3$s',
-
-    'DBAnalyzer-Integrity-OrphanRecord' => 'Árva rekord a `%1$s` -ban, kell hogy legyen megfelelője a `%2$s` táblázatban',
+	'DBTools:DetailedErrorLimit' => 'List limited to %1$s errors~~',
+	'DBAnalyzer-Integrity-OrphanRecord' => 'Árva rekord a `%1$s` -ban, kell hogy legyen megfelelője a `%2$s` táblázatban',
 	'DBAnalyzer-Integrity-InvalidExtKey' => 'Érvénytelen a %1$s  külső kulcs (oszlop: `%2$s.%3$s`)',
 	'DBAnalyzer-Integrity-MissingExtKey' => 'Hiányzik a %1$s külső külcs (oszlop: `%2$s.%3$s`)',
 	'DBAnalyzer-Integrity-InvalidValue' => '%1$s értéke érvénytelen (oszlop: `%2$s.%3$s`)~~',
@@ -71,24 +69,19 @@ Dict::Add('HU HU', 'Hungarian', 'Magyar', array(
 Dict::Add('HU HU', 'Hungarian', 'Magyar', array(
 	'DBTools:LostAttachments' => 'Elveszett mellékletek',
 	'DBTools:LostAttachments:Disclaimer' => 'Itt kereshet az adatbázisban elveszett vagy elkeveredett mellékletek után. Ez NEM egy adat-visszaállítási eszköz, nem állítja vissza a törölt adatokat.',
-
 	'DBTools:LostAttachments:Button:Analyze' => 'Elemzés',
 	'DBTools:LostAttachments:Button:Restore' => 'Visszaállítás',
 	'DBTools:LostAttachments:Button:Restore:Confirm' => 'Ez a művelet nem vonható vissza, kérjük, erősítse meg, hogy vissza kívánja-e állítani a kiválasztott fájlokat.',
 	'DBTools:LostAttachments:Button:Busy' => 'Kérem várjon...',
-
 	'DBTools:LostAttachments:Step:Analyze' => 'Először az adatbázis elemzésével keresse meg az elveszett/áthelyezett mellékleteket.',
-
 	'DBTools:LostAttachments:Step:AnalyzeResults' => 'Elemzés eredménye:',
 	'DBTools:LostAttachments:Step:AnalyzeResults:None' => 'Nagyszerű! Úgy tűnik, minden a helyén van.',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Some' => 'Úgy tűnik, hogy néhány melléklet (%1$d) rossz helyen van. Nézze meg az alábbi listát, és ellenőrizze azokat, amelyeket szeretne áthelyezni.',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:Filename' => 'Fájlnév',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:CurrentLocation' => 'Jelenlegi helye',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:TargetLocation' => 'Áthelyezés...',
-
 	'DBTools:LostAttachments:Step:RestoreResults' => 'Visszaállítás eredménye:',
 	'DBTools:LostAttachments:Step:RestoreResults:Results' => '%1$d/%2$d melléklet lett visszaállítva.',
-
 	'DBTools:LostAttachments:StoredAsInlineImage' => 'Soron belüli képként tárolva',
 	'DBTools:LostAttachments:History' => 'A "%1$s" melléklet visszaállítva a DB eszközzel'
 ));
--- a/Show More
+++ b/Show More