Dolibarr / dolibarr

htdocs/societe/class/companybankaccount.class.php

Spacing +6 added lines, -6 removed lines

@@ -86,7 +86,7 @@ 
 	/**
 	 * @var array  Array with all fields and their property. Do not use it as a static var. It may be modified by constructor.
 	 */
-	public $fields=array(
+	public $fields = array(
 		'rowid' => array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>'1', 'position'=>10, 'notnull'=>1, 'visible'=>-1,),
 		'type' => array('type'=>'varchar(32)', 'label'=>'Type', 'enabled'=>'1', 'position'=>15, 'notnull'=>1, 'visible'=>-1,),
 		'fk_soc' => array('type'=>'integer:Societe:societe/class/societe.class.php', 'label'=>'ThirdParty', 'picto'=>'company', 'enabled'=>'1', 'position'=>20, 'notnull'=>1, 'visible'=>-1, 'css'=>'maxwidth500 widthcentpercentminusxx', 'csslist'=>'tdoverflowmax150',),
@@ -242,7 +242,7 @@ 
 	/**
 	 * @var string external payment site
 	 */
-	public $ext_payment_site;	// Name of the external payment system ('StripeLive', 'StripeTest', 'StancerLive', 'StancerTest', ...)
+	public $ext_payment_site; // Name of the external payment system ('StripeLive', 'StripeTest', 'StancerLive', 'StancerTest', ...)
 
 	/**
 	 * @var string comment
@@ -327,7 +327,7 @@ 
 		}
 
 		if (empty($this->datec)) {
-			$this->datec=$now;
+			$this->datec = $now;
 		}
 
 		// Correct ->default_rib to not set the new account as default, if there is already 1. We want to be sure to have always 1 default for type = 'ban'.
@@ -527,9 +527,9 @@ 
 				$this->rum             = $obj->rum;
 				$this->frstrecur       = $obj->frstrecur;
 				$this->date_rum        = $this->db->jdate($obj->date_rum);
-				$this->stripe_card_ref = $obj->stripe_card_ref;		// External system payment mode ID
-				$this->stripe_account  = $obj->stripe_account;		// External system customer ID
-				$this->ext_payment_site= $obj->ext_payment_site;	// External system name ('StripeLive', 'StripeTest', 'StancerLive', 'StancerTest', ...)
+				$this->stripe_card_ref = $obj->stripe_card_ref; // External system payment mode ID
+				$this->stripe_account  = $obj->stripe_account; // External system customer ID
+				$this->ext_payment_site = $obj->ext_payment_site; // External system name ('StripeLive', 'StripeTest', 'StancerLive', 'StancerTest', ...)
 				$this->last_main_doc   = $obj->last_main_doc;
 				$this->model_pdf   	   = $obj->model_pdf;
 			}

htdocs/compta/bank/class/account.class.php

Spacing +6 added lines, -6 removed lines

@@ -466,13 +466,13 @@ 
 		$sql = "INSERT INTO ".MAIN_DB_PREFIX."bank_url (";
 		$sql .= "fk_bank";
 		$sql .= ", url_id";
-		$sql .= ", url";		// deprecated
+		$sql .= ", url"; // deprecated
 		$sql .= ", label";
 		$sql .= ", type";
 		$sql .= ") VALUES (";
 		$sql .= " ".((int) $line_id);
 		$sql .= ", ".((int) $url_id);
-		$sql .= ", '".$this->db->escape($url)."'";		// deprecated
+		$sql .= ", '".$this->db->escape($url)."'"; // deprecated
 		$sql .= ", '".$this->db->escape($label)."'";
 		$sql .= ", '".$this->db->escape($type)."'";
 		$sql .= ")";
@@ -1462,9 +1462,9 @@ 
 		}
 		// show categories for this record only in ajax to not overload lists
 		if (isModEnabled('categorie') && !$nofetch) {
-			require_once DOL_DOCUMENT_ROOT . '/categories/class/categorie.class.php';
+			require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
 			$form = new Form($this->db);
-			$datas['categories'] = '<br>' . $form->showCategories($this->id, Categorie::TYPE_ACCOUNT, 1);
+			$datas['categories'] = '<br>'.$form->showCategories($this->id, Categorie::TYPE_ACCOUNT, 1);
 		}
 
 		return $datas;
@@ -1588,7 +1588,7 @@ 
 			$this->error = 'SwiftNotValid';
 		}
 
-		if (! $error) {
+		if (!$error) {
 			return 1;
 		} else {
 			return 0;
@@ -2384,7 +2384,7 @@ 
 
 		// Check statement field
 		if (getDolGlobalString('BANK_STATEMENT_REGEX_RULE')) {
-			if (!preg_match('/' . getDolGlobalString('BANK_STATEMENT_REGEX_RULE').'/', $this->num_releve)) {
+			if (!preg_match('/'.getDolGlobalString('BANK_STATEMENT_REGEX_RULE').'/', $this->num_releve)) {
 				$this->errors[] = $langs->trans("ErrorBankStatementNameMustFollowRegex", getDolGlobalString('BANK_STATEMENT_REGEX_RULE'));
 				return -1;
 			}

htdocs/resource/card.php

Spacing +23 added lines, -23 removed lines

@@ -42,15 +42,15 @@ 
 $ref					= GETPOST('ref', 'alpha');
 $address				= GETPOST('address', 'alpha');
 $zip					= GETPOST('zipcode', 'alpha');
-$town					= GETPOST('town', 'alpha');
+$town = GETPOST('town', 'alpha');
 $country_id				= GETPOSTINT('country_id');
-$state_id				= GETPOSTINT('state_id');
+$state_id = GETPOSTINT('state_id');
 $description			= GETPOST('description', 'restricthtml');
 $phone					= GETPOST('phone', 'alpha');
 $email					= GETPOST('email', 'alpha');
-$max_users				= GETPOSTINT('max_users');
-$confirm				= GETPOST('confirm', 'aZ09');
-$fk_code_type_resource	= GETPOST('fk_code_type_resource', 'aZ09');
+$max_users = GETPOSTINT('max_users');
+$confirm = GETPOST('confirm', 'aZ09');
+$fk_code_type_resource = GETPOST('fk_code_type_resource', 'aZ09');
 
 // Protection if external user
 if ($user->socid > 0) {
@@ -105,17 +105,17 @@ 
 				setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Ref")), null, 'errors');
 				$action = 'create';
 			} else {
-				$object->ref                    = $ref;
-				$object->address				= $address;
-				$object->zip					= $zip;
-				$object->town					= $town;
+				$object->ref = $ref;
+				$object->address = $address;
+				$object->zip = $zip;
+				$object->town = $town;
 				$object->country_id				= $country_id;
-				$object->state_id				= $state_id;
+				$object->state_id = $state_id;
 				$object->description			= $description;
 				$object->phone					= $phone;
 				$object->email					= $email;
-				$object->max_users				= $max_users;
-				$object->fk_code_type_resource	= $fk_code_type_resource;
+				$object->max_users = $max_users;
+				$object->fk_code_type_resource = $fk_code_type_resource;
 
 				// Fill array 'array_options' with data from add form
 				$ret = $extrafields->setOptionalsFromPost(null, $object);
@@ -152,17 +152,17 @@ 
 		if (!$error) {
 			$res = $object->fetch($id);
 			if ($res > 0) {
-				$object->ref          			= $ref;
-				$object->address				= $address;
-				$object->zip					= $zip;
-				$object->town					= $town;
-				$object->country_id             = $country_id;
-				$object->state_id				= $state_id;
-				$object->description  			= $description;
+				$object->ref = $ref;
+				$object->address = $address;
+				$object->zip = $zip;
+				$object->town = $town;
+				$object->country_id = $country_id;
+				$object->state_id = $state_id;
+				$object->description = $description;
 				$object->phone					= $phone;
 				$object->email					= $email;
-				$object->max_users				= $max_users;
-				$object->fk_code_type_resource  = $fk_code_type_resource;
+				$object->max_users = $max_users;
+				$object->fk_code_type_resource = $fk_code_type_resource;
 
 				// Fill array 'array_options' with data from add form
 				$ret = $extrafields->setOptionalsFromPost(null, $object, '@GETPOSTISSET');
@@ -253,13 +253,13 @@ 
 		print '</td></tr>';
 
 		// Zip / Town
-		print '<tr><td>'.$form->editfieldkey('Zip', 'zipcode', '', $object, 0).'</td><td'.($conf->browser->layout == 'phone' ? ' colspan="3"': '').'>';
+		print '<tr><td>'.$form->editfieldkey('Zip', 'zipcode', '', $object, 0).'</td><td'.($conf->browser->layout == 'phone' ? ' colspan="3"' : '').'>';
 		print $formresource->select_ziptown($object->zip, 'zipcode', array('town', 'selectcountry_id', 'state_id'), 0, 0, '', 'maxwidth100');
 		print '</td>';
 		if ($conf->browser->layout == 'phone') {
 			print '</tr><tr>';
 		}
-		print '<td>'.$form->editfieldkey('Town', 'town', '', $object, 0).'</td><td'.($conf->browser->layout == 'phone' ? ' colspan="3"': '').'>';
+		print '<td>'.$form->editfieldkey('Town', 'town', '', $object, 0).'</td><td'.($conf->browser->layout == 'phone' ? ' colspan="3"' : '').'>';
 		print $formresource->select_ziptown($object->town, 'town', array('zipcode', 'selectcountry_id', 'state_id'));
 		print $form->widgetForTranslation("town", $object, $permissiontoadd, 'string', 'alphanohtml', 'maxwidth100 quatrevingtpercent');
 		print '</td></tr>';

htdocs/resource/class/dolresource.class.php

Spacing +9 added lines, -9 removed lines

@@ -223,9 +223,9 @@ 
 		$sql .= "note_public,";
 		$sql .= "note_private";
 		$sql .= ") VALUES (";
-		$sql .= getEntity('resource') . ", ";
+		$sql .= getEntity('resource').", ";
 		foreach ($new_resource_values as $value) {
-			$sql .= " " . ((isset($value) && $value > 0) ? "'" . $this->db->escape($value) . "'" : 'NULL') . ",";
+			$sql .= " ".((isset($value) && $value > 0) ? "'".$this->db->escape($value)."'" : 'NULL').",";
 		}
 		$sql = rtrim($sql, ",");
 		$sql .= ")";
@@ -233,9 +233,9 @@ 
 		// Database session
 		$this->db->begin();
 		try {
-			dol_syslog(get_class($this) . "::create", LOG_DEBUG);
+			dol_syslog(get_class($this)."::create", LOG_DEBUG);
 		} catch (Exception $exception) {
-			error_log('dol_syslog error: ' . $exception->getMessage());
+			error_log('dol_syslog error: '.$exception->getMessage());
 		}
 		$resql = $this->db->query($sql);
 		if (!$resql) {
@@ -247,14 +247,14 @@ 
 			$this->id = $this->db->last_insert_id(MAIN_DB_PREFIX.$this->table_element);
 			$result = $this->insertExtraFields();
 			if ($result < 0) {
-				$error=-1;
+				$error = -1;
 			}
 		}
 
 		if (!$error && !$no_trigger) {
 			$result = $this->call_trigger('RESOURCE_CREATE', $user);
 			if ($result < 0) {
-				$error=-1;
+				$error = -1;
 			}
 		}
 
@@ -262,9 +262,9 @@ 
 		if ($error) {
 			foreach ($this->errors as $errmsg) {
 				try {
-					dol_syslog(get_class($this) . "::create " . $errmsg, LOG_ERR);
+					dol_syslog(get_class($this)."::create ".$errmsg, LOG_ERR);
 				} catch (Exception $exception) {
-					error_log('dol_syslog error: ' . $exception->getMessage());
+					error_log('dol_syslog error: '.$exception->getMessage());
 				}
 				$this->error .= ($this->error ? ', '.$errmsg : $errmsg);
 			}
@@ -971,7 +971,7 @@ 
 		}
 		$result .= $linkend;
 
-		$hookmanager->initHooks(array($this->element . 'dao'));
+		$hookmanager->initHooks(array($this->element.'dao'));
 		$parameters = array('id'=>$this->id, 'getnomurl' => &$result);
 		$reshook = $hookmanager->executeHooks('getNomUrl', $parameters, $this, $action); // Note that $action and $object may have been modified by some hooks
 		if ($reshook > 0) {

test/phpunit/SecurityTest.php

Spacing +293 added lines, -293 removed lines

@@ -24,32 +24,32 @@ 
  *		\remarks	To run this script as CLI:  phpunit filename.php
  */
 
-global $conf,$user,$langs,$db;
+global $conf, $user, $langs, $db;
 //define('TEST_DB_FORCE_TYPE','mysql');	// This is to force using mysql driver
 //require_once 'PHPUnit/Autoload.php';
 
-if (! defined('NOREQUIRESOC')) {
+if (!defined('NOREQUIRESOC')) {
 	define('NOREQUIRESOC', '1');
 }
-if (! defined('NOCSRFCHECK')) {
+if (!defined('NOCSRFCHECK')) {
 	define('NOCSRFCHECK', '1');
 }
-if (! defined('NOTOKENRENEWAL')) {
+if (!defined('NOTOKENRENEWAL')) {
 	define('NOTOKENRENEWAL', '1');
 }
-if (! defined('NOREQUIREMENU')) {
+if (!defined('NOREQUIREMENU')) {
 	define('NOREQUIREMENU', '1'); // If there is no menu to show
 }
-if (! defined('NOREQUIREHTML')) {
+if (!defined('NOREQUIREHTML')) {
 	define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php
 }
-if (! defined('NOREQUIREAJAX')) {
+if (!defined('NOREQUIREAJAX')) {
 	define('NOREQUIREAJAX', '1');
 }
-if (! defined("NOLOGIN")) {
-	define("NOLOGIN", '1');       // If this page is public (can be called outside logged session)
+if (!defined("NOLOGIN")) {
+	define("NOLOGIN", '1'); // If this page is public (can be called outside logged session)
 }
-if (! defined("NOSESSION")) {
+if (!defined("NOSESSION")) {
 	define("NOSESSION", '1');
 }
 
@@ -63,7 +63,7 @@ 
 	$user->fetch(1);
 	$user->getrights();
 }
-$conf->global->MAIN_DISABLE_ALL_MAILS=1;
+$conf->global->MAIN_DISABLE_ALL_MAILS = 1;
 
 
 /**
@@ -92,11 +92,11 @@ 
 		parent::__construct($name);
 
 		//$this->sharedFixture
-		global $conf,$user,$langs,$db;
-		$this->savconf=$conf;
-		$this->savuser=$user;
-		$this->savlangs=$langs;
-		$this->savdb=$db;
+		global $conf, $user, $langs, $db;
+		$this->savconf = $conf;
+		$this->savuser = $user;
+		$this->savlangs = $langs;
+		$this->savdb = $db;
 
 		print __METHOD__." db->type=".$db->type." user->id=".$user->id;
 		//print " - db ".$db->db;
@@ -110,8 +110,8 @@ 
 	 */
 	public static function setUpBeforeClass(): void
 	{
-		global $conf,$user,$langs,$db;
-		$db->begin();	// This is to have all actions inside a transaction even if test launched without suite.
+		global $conf, $user, $langs, $db;
+		$db->begin(); // This is to have all actions inside a transaction even if test launched without suite.
 
 		print __METHOD__."\n";
 	}
@@ -123,7 +123,7 @@ 
 	 */
 	public static function tearDownAfterClass(): void
 	{
-		global $conf,$user,$langs,$db;
+		global $conf, $user, $langs, $db;
 		$db->rollback();
 
 		// Restore value to a neutral value (it was set to a test value by some tests)
@@ -139,11 +139,11 @@ 
 	 */
 	protected function setUp(): void
 	{
-		global $conf,$user,$langs,$db;
-		$conf=$this->savconf;
-		$user=$this->savuser;
-		$langs=$this->savlangs;
-		$db=$this->savdb;
+		global $conf, $user, $langs, $db;
+		$conf = $this->savconf;
+		$user = $this->savuser;
+		$langs = $this->savlangs;
+		$db = $this->savdb;
 
 		print __METHOD__."\n";
 	}
@@ -166,7 +166,7 @@ 
 	public function testSetLang()
 	{
 		global $conf;
-		$conf=$this->savconf;
+		$conf = $this->savconf;
 
 		$tmplangs = new Translate('', $conf);
 
@@ -188,7 +188,7 @@ 
 		// More on https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
 
 		// Should be OK
-		$expectedresult=0;
+		$expectedresult = 0;
 
 		/*
 		$test = '';
@@ -196,107 +196,107 @@ 
 		$this->assertGreaterThanOrEqual(0, $result, 'Error on testSqlAndScriptInject kkk');
 		*/
 
-		$_SERVER["PHP_SELF"]='/DIR WITH SPACE/htdocs/admin/index.php';
-		$result=testSqlAndScriptInject($_SERVER["PHP_SELF"], 2);
+		$_SERVER["PHP_SELF"] = '/DIR WITH SPACE/htdocs/admin/index.php';
+		$result = testSqlAndScriptInject($_SERVER["PHP_SELF"], 2);
 		$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for PHP_SELF that should be ok');
 
 		$test = 'This is a < inside string with < and > also and tag like <a> before the >';
-		$result=testSqlAndScriptInject($test, 0);
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject expected 0b');
 
 		$test = 'This is the union of all for the selection of the best';
-		$result=testSqlAndScriptInject($test, 0);
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject expected 0c');
 
-		$test='/user/perms.php?id=1&action=addrights&entity=1&rights=123&confirm=yes&token=123456789&updatedmodulename=lmscoursetracking';
-		$result=testSqlAndScriptInject($test, 1);
+		$test = '/user/perms.php?id=1&action=addrights&entity=1&rights=123&confirm=yes&token=123456789&updatedmodulename=lmscoursetracking';
+		$result = testSqlAndScriptInject($test, 1);
 		print "test=".$test." result=".$result."\n";
 		$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject with a valid url');
 
 		// Should detect attack
-		$expectedresult=1;
+		$expectedresult = 1;
 
-		$_SERVER["PHP_SELF"]='/DIR WITH SPACE/htdocs/admin/index.php/<svg>';
-		$result=testSqlAndScriptInject($_SERVER["PHP_SELF"], 2);
+		$_SERVER["PHP_SELF"] = '/DIR WITH SPACE/htdocs/admin/index.php/<svg>';
+		$result = testSqlAndScriptInject($_SERVER["PHP_SELF"], 2);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject for PHP_SELF that should detect XSS');
 
 		$test = 'select @@version';
-		$result=testSqlAndScriptInject($test, 0);
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for SQL1a. Should find an attack on POST param and did not.');
 
 		$test = 'select @@version';
-		$result=testSqlAndScriptInject($test, 1);
+		$result = testSqlAndScriptInject($test, 1);
 		$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for SQL1b. Should find an attack on GET param and did not.');
 
 		$test = '... update ... set ... =';
-		$result=testSqlAndScriptInject($test, 1);
+		$result = testSqlAndScriptInject($test, 1);
 		$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for SQL2a. Should find an attack on GET param and did not.');
 
 		$test = "delete\nfrom";
-		$result=testSqlAndScriptInject($test, 1);
+		$result = testSqlAndScriptInject($test, 1);
 		$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for SQL2b. Should find an attack on GET param and did not.');
 
 		$test = 'action=update& ... set ... =';
-		$result=testSqlAndScriptInject($test, 1);
+		$result = testSqlAndScriptInject($test, 1);
 		$this->assertEquals(0, $result, 'Error on testSqlAndScriptInject for SQL2b. Should not find an attack on GET param and did.');
 
 		$test = '... union ... selection ';
-		$result=testSqlAndScriptInject($test, 1);
+		$result = testSqlAndScriptInject($test, 1);
 		$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for SQL2c. Should find an attack on GET param and did not.');
 
 		$test = 'j&#x61;vascript:';
-		$result=testSqlAndScriptInject($test, 0);
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for javascript1. Should find an attack and did not.');
 
 		$test = 'j&#x61vascript:';
-		$result=testSqlAndScriptInject($test, 0);
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for javascript2. Should find an attack and did not.');
 
 		$test = 'javascript&colon&#x3B;alert(1)';
-		$result=testSqlAndScriptInject($test, 0);
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for javascript2');
 
-		$test="<img src='1.jpg' onerror =javascript:alert('XSS')>";
-		$result=testSqlAndScriptInject($test, 0);
+		$test = "<img src='1.jpg' onerror =javascript:alert('XSS')>";
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject aaa1');
 
-		$test="<img src='1.jpg' onerror =javascript:alert('XSS')>";
-		$result=testSqlAndScriptInject($test, 2);
+		$test = "<img src='1.jpg' onerror =javascript:alert('XSS')>";
+		$result = testSqlAndScriptInject($test, 2);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject aaa2');
 
-		$test='<IMG SRC=# onmouseover="alert(1)">';
-		$result=testSqlAndScriptInject($test, 0);
+		$test = '<IMG SRC=# onmouseover="alert(1)">';
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject aaa3');
-		$test='<IMG SRC onmouseover="alert(1)">';
-		$result=testSqlAndScriptInject($test, 0);
+		$test = '<IMG SRC onmouseover="alert(1)">';
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject aaa4');
-		$test='<IMG onmouseover="alert(1)">';
-		$result=testSqlAndScriptInject($test, 0);
+		$test = '<IMG onmouseover="alert(1)">';
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject aaa5');
-		$test='<IMG SRC=/ onerror="alert(1)">';
-		$result=testSqlAndScriptInject($test, 0);
+		$test = '<IMG SRC=/ onerror="alert(1)">';
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject aaa6');
-		$test='<IMG SRC=" &#14;  javascript:alert(1);">';
-		$result=testSqlAndScriptInject($test, 0);
+		$test = '<IMG SRC=" &#14;  javascript:alert(1);">';
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject aaa7');
 
-		$test='<IMG SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;&#39;&#88;&#83;&#83;&#39;&#41;>';
-		$result=testSqlAndScriptInject($test, 0);
+		$test = '<IMG SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;&#39;&#88;&#83;&#83;&#39;&#41;>';
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject bbb');
 
-		$test='<SCRIPT SRC=http://xss.rocks/xss.js></SCRIPT>';
-		$result=testSqlAndScriptInject($test, 0);
+		$test = '<SCRIPT SRC=http://xss.rocks/xss.js></SCRIPT>';
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject ccc');
 
-		$test='<IMG SRC="javascript:alert(\'XSS\');">';
-		$result=testSqlAndScriptInject($test, 1);
+		$test = '<IMG SRC="javascript:alert(\'XSS\');">';
+		$result = testSqlAndScriptInject($test, 1);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject ddd');
 
-		$test='<IMG """><SCRIPT>alert("XSS")</SCRIPT>">';
-		$result=testSqlAndScriptInject($test, 0);
+		$test = '<IMG """><SCRIPT>alert("XSS")</SCRIPT>">';
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject eee');
 
-		$test='<!-- Google analytics -->
+		$test = '<!-- Google analytics -->
 			<script>
 			  (function(i,s,o,g,r,a,m){i[\'GoogleAnalyticsObject\']=r;i[r]=i[r]||function(){
 			  (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
@@ -307,60 +307,60 @@ 
 			  ga(\'send\', \'pageview\');
 
 			</script>';
-		$result=testSqlAndScriptInject($test, 0);
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject eee');
 
-		$test="<IMG SRC=\"jav\tascript:alert('XSS');\">";		// Is locked by some browser like chrome because the default directive no-referrer-when-downgrade is sent when requesting the SRC and then refused because of browser protection on img src load without referrer.
-		$test="<IMG SRC=\"jav&#x0D;ascript:alert('XSS');\">";	// Same
+		$test = "<IMG SRC=\"jav\tascript:alert('XSS');\">"; // Is locked by some browser like chrome because the default directive no-referrer-when-downgrade is sent when requesting the SRC and then refused because of browser protection on img src load without referrer.
+		$test = "<IMG SRC=\"jav&#x0D;ascript:alert('XSS');\">"; // Same
 
-		$test='<SCRIPT/XSS SRC="http://xss.rocks/xss.js"></SCRIPT>';
-		$result=testSqlAndScriptInject($test, 0);
+		$test = '<SCRIPT/XSS SRC="http://xss.rocks/xss.js"></SCRIPT>';
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject fff1');
-		$test='<SCRIPT/SRC="http://xss.rocks/xss.js"></SCRIPT>';
-		$result=testSqlAndScriptInject($test, 0);
+		$test = '<SCRIPT/SRC="http://xss.rocks/xss.js"></SCRIPT>';
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject fff2');
 
 		// This case seems to be filtered by browsers now.
-		$test='<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(1)>';
+		$test = '<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(1)>';
 		//$result=testSqlAndScriptInject($test, 0);
 		//$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject ggg');
 
-		$test='<iframe src=http://xss.rocks/scriptlet.html <';
-		$result=testSqlAndScriptInject($test, 0);
+		$test = '<iframe src=http://xss.rocks/scriptlet.html <';
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject hhh');
 
-		$test='Set.constructor`alert\x281\x29```';
-		$result=testSqlAndScriptInject($test, 0);
+		$test = 'Set.constructor`alert\x281\x29```';
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject iii');
 
-		$test="on<!-- ab\nc -->error=alert(1)";
-		$result=testSqlAndScriptInject($test, 0);
+		$test = "on<!-- ab\nc -->error=alert(1)";
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject jjj');
 
-		$test="<img src=x one<a>rror=alert(document.location)";
-		$result=testSqlAndScriptInject($test, 0);
+		$test = "<img src=x one<a>rror=alert(document.location)";
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject kkk');
 
-		$test="<a onpointerdown=alert(document.domain)>XSS</a>";
-		$result=testSqlAndScriptInject($test, 0);
+		$test = "<a onpointerdown=alert(document.domain)>XSS</a>";
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject lll');
 
-		$test='<a onscrollend=alert(1) style="display:block;overflow:auto;border:1px+dashed;width:500px;height:100px;"><br><br><br><br><br><span+id=x>test</span></a>';	// Add the char %F6 into the variable
-		$result=testSqlAndScriptInject($test, 0);
+		$test = '<a onscrollend=alert(1) style="display:block;overflow:auto;border:1px+dashed;width:500px;height:100px;"><br><br><br><br><br><span+id=x>test</span></a>'; // Add the char %F6 into the variable
+		$result = testSqlAndScriptInject($test, 0);
 		//print "test=".$test." result=".$result."\n";
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject mmm');
 
 
-		$test="Text with ' encoded with the numeric html entity converted into text entity &#39; (like when submitted by CKEditor)";
-		$result=testSqlAndScriptInject($test, 0);	// result must be 0
+		$test = "Text with ' encoded with the numeric html entity converted into text entity &#39; (like when submitted by CKEditor)";
+		$result = testSqlAndScriptInject($test, 0); // result must be 0
 		$this->assertEquals(0, $result, 'Error on testSqlAndScriptInject mmm, result should be 0 and is not');
 
-		$test ='<a href="j&Tab;a&Tab;v&Tab;asc&NewLine;ri&Tab;pt:&lpar;a&Tab;l&Tab;e&Tab;r&Tab;t&Tab;(document.cookie)&rpar;">XSS</a>';
-		$result=testSqlAndScriptInject($test, 0);
+		$test = '<a href="j&Tab;a&Tab;v&Tab;asc&NewLine;ri&Tab;pt:&lpar;a&Tab;l&Tab;e&Tab;r&Tab;t&Tab;(document.cookie)&rpar;">XSS</a>';
+		$result = testSqlAndScriptInject($test, 0);
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject nnn, result should be >= 1 and is not');
 
-		$test="/dolibarr/htdocs/index.php/".chr('246')."abc";	// Add the char %F6 into the variable
-		$result=testSqlAndScriptInject($test, 2);
+		$test = "/dolibarr/htdocs/index.php/".chr('246')."abc"; // Add the char %F6 into the variable
+		$result = testSqlAndScriptInject($test, 2);
 		//print "test=".$test." result=".$result."\n";
 		$this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject with a non valid UTF8 char');
 	}
@@ -372,11 +372,11 @@ 
 	 */
 	public function testGETPOST()
 	{
-		global $conf,$user,$langs,$db;
-		$conf=$this->savconf;
-		$user=$this->savuser;
-		$langs=$this->savlangs;
-		$db=$this->savdb;
+		global $conf, $user, $langs, $db;
+		$conf = $this->savconf;
+		$user = $this->savuser;
+		$langs = $this->savlangs;
+		$db = $this->savdb;
 
 		// Force default mode
 		$conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML = 0;
@@ -384,206 +384,206 @@ 
 		$conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES = 0;
 		$conf->global->MAIN_DISALLOW_URL_INTO_DESCRIPTIONS = 0;
 
-		$_COOKIE["id"]=111;
-		$_POST["param0"]='A real string with <a href="rrr" title="aa&quot;bb">aaa</a> and " and \' and &amp; inside content';
-		$_GET["param1"]="222";
-		$_POST["param1"]="333";
-		$_GET["param2"]='a/b#e(pr)qq-rr\cc';
-		$_GET["param3"]='"&#110;a/b#e(pr)qq-rr\cc';    // Same than param2 + " and &#110;
-		$_GET["param4a"]='..&#47;../dir';
-		$_GET["param4b"]='..&#92;..\dirwindows';
-		$_GET["param5"]="a_1-b";
-		$_POST["param6"]="&quot;&gt;<svg o&#110;load='console.log(&quot;123&quot;)'&gt;";
-		$_POST["param6b"]='<<<../>../>../svg><<<../>../>../animate =alert(1)>abc';
-		$_GET["param7"]='"c:\this is a path~1\aaa&#110; &#x&#x31;&#x31;&#x30;;" abc<bad>def</bad>';
-		$_POST["param8a"]="Hacker<svg o&#110;load='console.log(&quot;123&quot;)'";	// html tag is not closed so it is not detected as html tag but is still harmfull
-		$_POST['param8b']='<img src=x onerror=alert(document.location) t=';		// this is html obfuscated by non closing tag
-		$_POST['param8c']='< with space after is ok';
-		$_POST['param8d']='<abc123 is html to clean';
-		$_POST['param8e']='<123abc is not html to clean';	// other similar case: '<2021-12-12'
-		$_POST['param8f']='abc<<svg <><<animate onbegin=alert(document.domain) a';
-		$_POST["param9"]='is_object($object) ? ($object->id < 10 ? round($object->id / 2, 2) : (2 * $user->id) * (int) substr($mysoc->zip, 1, 2)) : \'objnotdefined\'';
-		$_POST["param10"]='is_object($object) ? ($object->id < 10 ? round($object->id / 2, 2) : (2 * $user->id) * (int) substr($mysoc->zip, 1, 2)) : \'<abc>objnotdefined\'';
-		$_POST["param11"]=' Name <email@email.com> ';
-		$_POST["param12"]='<!DOCTYPE html><html>aaa</html>';
-		$_POST["param13"]='&#110; &#x6E; &gt; &lt; &quot; <a href=\"j&#x61;vascript:alert(document.domain)\">XSS</a>';
-		$_POST["param13b"]='&#110; &#x6E; &gt; &lt; &quot; <a href=\"j&#x61vascript:alert(document.domain)\">XSS</a>';
-		$_POST["param14"]="Text with ' encoded with the numeric html entity converted into text entity &#39; (like when submitted by CKEditor)";
-		$_POST["param15"]="<img onerror<=alert(document.domain)> src=>0xbeefed";
+		$_COOKIE["id"] = 111;
+		$_POST["param0"] = 'A real string with <a href="rrr" title="aa&quot;bb">aaa</a> and " and \' and &amp; inside content';
+		$_GET["param1"] = "222";
+		$_POST["param1"] = "333";
+		$_GET["param2"] = 'a/b#e(pr)qq-rr\cc';
+		$_GET["param3"] = '"&#110;a/b#e(pr)qq-rr\cc'; // Same than param2 + " and &#110;
+		$_GET["param4a"] = '..&#47;../dir';
+		$_GET["param4b"] = '..&#92;..\dirwindows';
+		$_GET["param5"] = "a_1-b";
+		$_POST["param6"] = "&quot;&gt;<svg o&#110;load='console.log(&quot;123&quot;)'&gt;";
+		$_POST["param6b"] = '<<<../>../>../svg><<<../>../>../animate =alert(1)>abc';
+		$_GET["param7"] = '"c:\this is a path~1\aaa&#110; &#x&#x31;&#x31;&#x30;;" abc<bad>def</bad>';
+		$_POST["param8a"] = "Hacker<svg o&#110;load='console.log(&quot;123&quot;)'"; // html tag is not closed so it is not detected as html tag but is still harmfull
+		$_POST['param8b'] = '<img src=x onerror=alert(document.location) t='; // this is html obfuscated by non closing tag
+		$_POST['param8c'] = '< with space after is ok';
+		$_POST['param8d'] = '<abc123 is html to clean';
+		$_POST['param8e'] = '<123abc is not html to clean'; // other similar case: '<2021-12-12'
+		$_POST['param8f'] = 'abc<<svg <><<animate onbegin=alert(document.domain) a';
+		$_POST["param9"] = 'is_object($object) ? ($object->id < 10 ? round($object->id / 2, 2) : (2 * $user->id) * (int) substr($mysoc->zip, 1, 2)) : \'objnotdefined\'';
+		$_POST["param10"] = 'is_object($object) ? ($object->id < 10 ? round($object->id / 2, 2) : (2 * $user->id) * (int) substr($mysoc->zip, 1, 2)) : \'<abc>objnotdefined\'';
+		$_POST["param11"] = ' Name <email@email.com> ';
+		$_POST["param12"] = '<!DOCTYPE html><html>aaa</html>';
+		$_POST["param13"] = '&#110; &#x6E; &gt; &lt; &quot; <a href=\"j&#x61;vascript:alert(document.domain)\">XSS</a>';
+		$_POST["param13b"] = '&#110; &#x6E; &gt; &lt; &quot; <a href=\"j&#x61vascript:alert(document.domain)\">XSS</a>';
+		$_POST["param14"] = "Text with ' encoded with the numeric html entity converted into text entity &#39; (like when submitted by CKEditor)";
+		$_POST["param15"] = "<img onerror<=alert(document.domain)> src=>0xbeefed";
 		//$_POST["param15b"]="<html><head><title>Example HTML</title></head><body><div><p>This is a paragraph.</div><ul><li>Item 1</li><li>Item 2</li></ol></body><html>";
-		$_POST["param16"]='<a style="z-index: 1000">abc</a>';
-		$_POST["param17"]='<span style="background-image: url(logout.php)">abc</span>';
-		$_POST["param18"]='<span style="background-image: url(...?...action=aaa)">abc</span>';
-		$_POST["param19"]='<a href="j&Tab;a&Tab;v&Tab;asc&NewLine;ri&Tab;pt:&lpar;alert(document.cookie)&rpar;">XSS</a>';
+		$_POST["param16"] = '<a style="z-index: 1000">abc</a>';
+		$_POST["param17"] = '<span style="background-image: url(logout.php)">abc</span>';
+		$_POST["param18"] = '<span style="background-image: url(...?...action=aaa)">abc</span>';
+		$_POST["param19"] = '<a href="j&Tab;a&Tab;v&Tab;asc&NewLine;ri&Tab;pt:&lpar;alert(document.cookie)&rpar;">XSS</a>';
 		//$_POST["param19"]='<a href="javascript:alert(document.cookie)">XSS</a>';
 
 
 
-		$result=GETPOST('id', 'int');              // Must return nothing
+		$result = GETPOST('id', 'int'); // Must return nothing
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('', $result);
 
-		$result=GETPOST("param1", 'int');
+		$result = GETPOST("param1", 'int');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals(222, $result, 'Test on param1 with no 3rd param');
 
-		$result=GETPOST("param1", 'int', 2);
+		$result = GETPOST("param1", 'int', 2);
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals(333, $result, 'Test on param1 with 3rd param = 2');
 
 		// Test with alpha
 
-		$result=GETPOST("param0", 'alpha');		// a simple format, so " completely removed
+		$result = GETPOST("param0", 'alpha'); // a simple format, so " completely removed
 		$resultexpected = 'A real string with aaa and and \' and & inside content';
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals($resultexpected, $result, 'Test on param0');
 
-		$result=GETPOST("param2", 'alpha');
+		$result = GETPOST("param2", 'alpha');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals($result, $_GET["param2"], 'Test on param2');
 
-		$result=GETPOST("param3", 'alpha');  // Must return string sanitized from char "
+		$result = GETPOST("param3", 'alpha'); // Must return string sanitized from char "
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals($result, 'na/b#e(pr)qq-rr\cc', 'Test on param3');
 
-		$result=GETPOST("param4a", 'alpha');  // Must return string sanitized from ../
+		$result = GETPOST("param4a", 'alpha'); // Must return string sanitized from ../
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals($result, 'dir');
 
-		$result=GETPOST("param4b", 'alpha');  // Must return string sanitized from ../
+		$result = GETPOST("param4b", 'alpha'); // Must return string sanitized from ../
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals($result, 'dirwindows');
 
 		// Test with aZ09
 
-		$result=GETPOST("param1", 'aZ09');
+		$result = GETPOST("param1", 'aZ09');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals($result, $_GET["param1"]);
 
-		$result=GETPOST("param2", 'aZ09');  // Must return '' as string contains car not in aZ09 definition
+		$result = GETPOST("param2", 'aZ09'); // Must return '' as string contains car not in aZ09 definition
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals($result, '');
 
-		$result=GETPOST("param3", 'aZ09');  // Must return '' as string contains car not in aZ09 definition
+		$result = GETPOST("param3", 'aZ09'); // Must return '' as string contains car not in aZ09 definition
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals($result, '');
 
-		$result=GETPOST("param4a", 'aZ09');  // Must return '' as string contains car not in aZ09 definition
+		$result = GETPOST("param4a", 'aZ09'); // Must return '' as string contains car not in aZ09 definition
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('', $result);
 
-		$result=GETPOST("param4b", 'aZ09');  // Must return '' as string contains car not in aZ09 definition
+		$result = GETPOST("param4b", 'aZ09'); // Must return '' as string contains car not in aZ09 definition
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('', $result);
 
-		$result=GETPOST("param5", 'aZ09');
+		$result = GETPOST("param5", 'aZ09');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals($_GET["param5"], $result);
 
 		// Test with nohtml
 
-		$result=GETPOST("param6", 'nohtml');
+		$result = GETPOST("param6", 'nohtml');
 		print __METHOD__." result6=".$result."\n";
 		$this->assertEquals('">', $result);
 
 		// Test with alpha = alphanohtml. We must convert the html entities like &#110; and disable all entities
 
-		$result=GETPOST("param6", 'alphanohtml');
+		$result = GETPOST("param6", 'alphanohtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('>', $result);
 
-		$result=GETPOST("param6b", 'alphanohtml');
+		$result = GETPOST("param6b", 'alphanohtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('abc', $result);
 
-		$result=GETPOST("param8a", 'alphanohtml');
+		$result = GETPOST("param8a", 'alphanohtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals("Hackersvg onload='console.log(123)'", $result);
 
-		$result=GETPOST("param8b", 'alphanohtml');
+		$result = GETPOST("param8b", 'alphanohtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('img src=x onerror=alert(document.location) t=', $result, 'Test a string with non closing html tag with alphanohtml');
 
-		$result=GETPOST("param8c", 'alphanohtml');
+		$result = GETPOST("param8c", 'alphanohtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals($_POST['param8c'], $result, 'Test a string with non closing html tag with alphanohtml');
 
-		$result=GETPOST("param8d", 'alphanohtml');
+		$result = GETPOST("param8d", 'alphanohtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('abc123 is html to clean', $result, 'Test a string with non closing html tag with alphanohtml');
 
-		$result=GETPOST("param8e", 'alphanohtml');
+		$result = GETPOST("param8e", 'alphanohtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals($_POST['param8e'], $result, 'Test a string with non closing html tag with alphanohtml');
 
-		$result=GETPOST("param8f", 'alphanohtml');
+		$result = GETPOST("param8f", 'alphanohtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('abcsvg animate onbegin=alert(document.domain) a', $result, 'Test a string with html tag open with several <');
 
-		$result=GETPOST("param9", 'alphanohtml');
+		$result = GETPOST("param9", 'alphanohtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals($_POST["param9"], $result);
 
-		$result=GETPOST("param10", 'alphanohtml');
+		$result = GETPOST("param10", 'alphanohtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals($_POST["param9"], $result, 'We should get param9 after processing param10');
 
-		$result=GETPOST("param11", 'alphanohtml');
+		$result = GETPOST("param11", 'alphanohtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals("Name", $result, 'Test an email string with alphanohtml');
 
-		$result=GETPOST("param13", 'alphanohtml');
+		$result = GETPOST("param13", 'alphanohtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('n n > <  XSS', $result, 'Test that html entities are decoded with alpha');
 
 
 		// Test with alphawithlgt
 
-		$result=GETPOST("param11", 'alphawithlgt');
+		$result = GETPOST("param11", 'alphawithlgt');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals(trim($_POST["param11"]), $result, 'Test an email string with alphawithlgt');
 
 
 		// Test with restricthtml: we must remove html open/close tag and content but not htmlentities (we can decode html entities for ascii chars like &#110;)
 
-		$result=GETPOST("param0", 'restricthtml');
+		$result = GETPOST("param0", 'restricthtml');
 		$resultexpected = 'A real string with <a href="rrr" title="aa&quot;bb">aaa</a> and " and \' and &amp; inside content';
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals($resultexpected, $result, 'Test on param0');
 
-		$result=GETPOST("param6", 'restricthtml');
+		$result = GETPOST("param6", 'restricthtml');
 		print __METHOD__." result for param6=".$result." - before=".$_POST["param6"]."\n";
 		$this->assertEquals('&quot;&gt;', $result);
 
-		$result=GETPOST("param7", 'restricthtml');
+		$result = GETPOST("param7", 'restricthtml');
 		print __METHOD__." result param7 = ".$result."\n";
 		$this->assertEquals('"c:\this is a path~1\aaan &#x;;;;" abcdef', $result);
 
-		$result=GETPOST("param8e", 'restricthtml');
+		$result = GETPOST("param8e", 'restricthtml');
 		print __METHOD__." result param8e = ".$result."\n";
 		$this->assertEquals('', $result);
 
-		$result=GETPOST("param12", 'restricthtml');
+		$result = GETPOST("param12", 'restricthtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals(trim($_POST["param12"]), $result, 'Test a string with DOCTYPE and restricthtml');
 
-		$result=GETPOST("param13", 'restricthtml');
+		$result = GETPOST("param13", 'restricthtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('n n &gt; &lt; &quot; <a href=\"alert(document.domain)\">XSS</a>', $result, 'Test 13 that HTML entities are decoded with restricthtml, but only for common alpha chars');
 
-		$result=GETPOST("param13b", 'restricthtml');
+		$result = GETPOST("param13b", 'restricthtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('n n &gt; &lt; &quot; <a href=\"alert(document.domain)\">XSS</a>', $result, 'Test 13b that HTML entities are decoded with restricthtml, but only for common alpha chars');
 
-		$result=GETPOST("param14", 'restricthtml');
+		$result = GETPOST("param14", 'restricthtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals("Text with ' encoded with the numeric html entity converted into text entity &#39; (like when submitted by CKEditor)", $result, 'Test 14');
 
-		$result=GETPOST("param15", 'restricthtml');		// param15 = <img onerror<=alert(document.domain)> src=>0xbeefed that is a dangerous string
+		$result = GETPOST("param15", 'restricthtml'); // param15 = <img onerror<=alert(document.domain)> src=>0xbeefed that is a dangerous string
 		print __METHOD__." result=".$result."\n";
-		$this->assertEquals("<img onerror=alert(document.domain) src=>0xbeefed", $result, 'Test 15');	// The GETPOST return a harmull string
+		$this->assertEquals("<img onerror=alert(document.domain) src=>0xbeefed", $result, 'Test 15'); // The GETPOST return a harmull string
 
-		$result=GETPOST("param19", 'restricthtml');
+		$result = GETPOST("param19", 'restricthtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('<a href="&lpar;alert(document.cookie)&rpar;">XSS</a>', $result, 'Test 19');
 
@@ -594,22 +594,22 @@ 
 		$conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY = 0;
 
 		//$_POST["param0"] = 'A real string with <a href="rrr" title="aabb">aaa</a> and " inside content';
-		$result=GETPOST("param0", 'restricthtml');
+		$result = GETPOST("param0", 'restricthtml');
 		$resultexpected = 'A real string with <a href="rrr" title=\'aa"bb\'>aaa</a> and " and \' and &amp; inside content';
 		print __METHOD__." result for param0=".$result."\n";
 		$this->assertEquals($resultexpected, $result, 'Test on param0');
 
-		$result=GETPOST("param15", 'restricthtml');		// param15 = <img onerror<=alert(document.domain)> src=>0xbeefed that is a dangerous string
+		$result = GETPOST("param15", 'restricthtml'); // param15 = <img onerror<=alert(document.domain)> src=>0xbeefed that is a dangerous string
 		print __METHOD__." result for param15=".$result."\n";
 		//$this->assertEquals('InvalidHTMLStringCantBeCleaned', $result, 'Test 15b');   // With some PHP and libxml version, we got this result when parsing invalid HTML, but ...
 		//$this->assertEquals('<img onerror> src=&gt;0xbeefed', $result, 'Test 15b');	// ... on other PHP and libxml versions, we got a HTML that has been cleaned
 
-		$result=GETPOST("param6", 'restricthtml');		// param6 = "&quot;&gt;<svg o&#110;load='console.log(&quot;123&quot;)'&gt;"
+		$result = GETPOST("param6", 'restricthtml'); // param6 = "&quot;&gt;<svg o&#110;load='console.log(&quot;123&quot;)'&gt;"
 		print __METHOD__." result for param6=".$result." - before=".$_POST["param6"]."\n";
 		//$this->assertEquals('InvalidHTMLStringCantBeCleaned', $result, 'Test 15b');   // With some PHP and libxml version, we got this result when parsing invalid HTML, but ...
 		//$this->assertEquals('"&gt;', $result);										// ... on other PHP and libxml versions, we got a HTML that has been cleaned
 
-		$result=GETPOST("param7", 'restricthtml');		// param7 = "c:\this is a path~1\aaa&#110; &#x&#x31;&#x31;&#x30;;" abc<bad>def</bad>
+		$result = GETPOST("param7", 'restricthtml'); // param7 = "c:\this is a path~1\aaa&#110; &#x&#x31;&#x31;&#x30;;" abc<bad>def</bad>
 		print __METHOD__." result param7 = ".$result."\n";
 		//$this->assertEquals('InvalidHTMLStringCantBeCleaned', $result, 'Test 15b');   // With some PHP and libxml version, we got this result when parsing invalid HTML, but ...
 		//$this->assertEquals('"c:\this is a path~1\aaan 110;" abcdef', $result);		// ... on other PHP and libxml versions, we got a HTML that has been cleaned
@@ -621,19 +621,19 @@ 
 			$conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML = 0;
 			$conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY = 1;
 
-			$result=GETPOST("param0", 'restricthtml');
+			$result = GETPOST("param0", 'restricthtml');
 			$resultexpected = 'A real string with <a href="rrr" title="aa&quot;bb">aaa</a> and " and \' and & inside content';
 			print __METHOD__." result for param0=".$result."\n";
 			$this->assertEquals($resultexpected, $result, 'Test on param0');
 
-			$result=GETPOST("param15", 'restricthtml');		// param15 = <img onerror<=alert(document.domain)> src=>0xbeefed that is a dangerous string
+			$result = GETPOST("param15", 'restricthtml'); // param15 = <img onerror<=alert(document.domain)> src=>0xbeefed that is a dangerous string
 			print __METHOD__." result=".$result."\n";
 
-			$result=GETPOST("param6", 'restricthtml');
+			$result = GETPOST("param6", 'restricthtml');
 			print __METHOD__." result for param6=".$result." - before=".$_POST["param6"]."\n";
 			$this->assertEquals('"&gt;', $result);
 
-			$result=GETPOST("param7", 'restricthtml');
+			$result = GETPOST("param7", 'restricthtml');
 			print __METHOD__." result param7 = ".$result."\n";
 			$this->assertEquals('"c:\this is a path~1\aaan &amp;#x110;" abcdef', $result);
 		}
@@ -645,19 +645,19 @@ 
 			$conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML = 1;
 			$conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY = 1;
 
-			$result=GETPOST("param0", 'restricthtml');
+			$result = GETPOST("param0", 'restricthtml');
 			$resultexpected = 'A real string with <a href="rrr" title=\'aa"bb\'>aaa</a> and " and \' and & inside content';
 			print __METHOD__." result for param0=".$result."\n";
 			$this->assertEquals($resultexpected, $result, 'Test on param0');
 
-			$result=GETPOST("param15", 'restricthtml');		// param15 = <img onerror<=alert(document.domain)> src=>0xbeefed that is a dangerous string
+			$result = GETPOST("param15", 'restricthtml'); // param15 = <img onerror<=alert(document.domain)> src=>0xbeefed that is a dangerous string
 			print __METHOD__." result=".$result."\n";
 
-			$result=GETPOST("param6", 'restricthtml');
+			$result = GETPOST("param6", 'restricthtml');
 			print __METHOD__." result for param6=".$result." - before=".$_POST["param6"]."\n";
 			$this->assertEquals('"&gt;', $result);
 
-			$result=GETPOST("param7", 'restricthtml');
+			$result = GETPOST("param7", 'restricthtml');
 			print __METHOD__." result param7 = ".$result."\n";
 			$this->assertEquals('"c:\this is a path~1\aaan 110;" abcdef', $result);
 		}
@@ -669,19 +669,19 @@ 
 		unset($conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY);
 		$conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES = 1;
 
-		$result=GETPOST("param15", 'restricthtml');
+		$result = GETPOST("param15", 'restricthtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('<img src="">0xbeefed', $result, 'Test 15c');
 
-		$result=GETPOST('param16', 'restricthtml');
+		$result = GETPOST('param16', 'restricthtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('<a style=" 1000">abc</a>', $result, 'Test tag a with forbidden attribute z-index');
 
-		$result=GETPOST('param17', 'restricthtml');
+		$result = GETPOST('param17', 'restricthtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('<span style="background-image: url()">abc</span>', $result, 'Test anytag with a forbidden value for attribute');
 
-		$result=GETPOST('param18', 'restricthtml');
+		$result = GETPOST('param18', 'restricthtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('<span style="background-image: url(...?...aaa)">abc</span>', $result, 'Test anytag with a forbidden value for attribute');
 
@@ -690,75 +690,75 @@ 
 
 		// Special test for GETPOST of backtopage, backtolist or backtourl parameter
 
-		$_POST["backtopage"]='//www.google.com';
-		$result=GETPOST("backtopage");
+		$_POST["backtopage"] = '//www.google.com';
+		$result = GETPOST("backtopage");
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('www.google.com', $result, 'Test for backtopage param');
 
-		$_POST["backtopage"]='https:https://www.google.com';
-		$result=GETPOST("backtopage");
+		$_POST["backtopage"] = 'https:https://www.google.com';
+		$result = GETPOST("backtopage");
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('www.google.com', $result, 'Test for backtopage param');
 
-		$_POST["backtolist"]='::HTTPS://www.google.com';
-		$result=GETPOST("backtolist");
+		$_POST["backtolist"] = '::HTTPS://www.google.com';
+		$result = GETPOST("backtolist");
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('www.google.com', $result, 'Test for backtopage param');
 
-		$_POST["backtopage"]='http:www.google.com';
-		$result=GETPOST("backtopage");
+		$_POST["backtopage"] = 'http:www.google.com';
+		$result = GETPOST("backtopage");
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('httpwww.google.com', $result, 'Test for backtopage param');
 
-		$_POST["backtopage"]='/mydir/mypage.php?aa=a%10a';
-		$result=GETPOST("backtopage");
+		$_POST["backtopage"] = '/mydir/mypage.php?aa=a%10a';
+		$result = GETPOST("backtopage");
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('/mydir/mypage.php?aa=a%10a', $result, 'Test for backtopage param');
 
-		$_POST["backtopage"]='javascripT&javascript#javascriptxjavascript3a alert(1)';
-		$result=GETPOST("backtopage");
+		$_POST["backtopage"] = 'javascripT&javascript#javascriptxjavascript3a alert(1)';
+		$result = GETPOST("backtopage");
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('x3aalert(1)', $result, 'Test for backtopage param');
 
 
 		$conf->global->MAIN_SECURITY_MAX_IMG_IN_HTML_CONTENT = 3;
-		$_POST["pagecontentwithlinks"]='<img src="aaa"><img src="bbb"><img src="/ccc"><span style="background: url(/ddd)"></span>';
-		$result=GETPOST("pagecontentwithlinks", 'restricthtml');
+		$_POST["pagecontentwithlinks"] = '<img src="aaa"><img src="bbb"><img src="/ccc"><span style="background: url(/ddd)"></span>';
+		$result = GETPOST("pagecontentwithlinks", 'restricthtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('ErrorTooManyLinksIntoHTMLString', $result, 'Test on limit on GETPOST fails');
 
 		// Test that img src="data:..." is excluded from the count of external links
 		$conf->global->MAIN_SECURITY_MAX_IMG_IN_HTML_CONTENT = 3;
-		$_POST["pagecontentwithlinks"]='<img src="data:abc"><img src="bbb"><img src="/ccc"><span style="background: url(/ddd)"></span>';
-		$result=GETPOST("pagecontentwithlinks", 'restricthtml');
+		$_POST["pagecontentwithlinks"] = '<img src="data:abc"><img src="bbb"><img src="/ccc"><span style="background: url(/ddd)"></span>';
+		$result = GETPOST("pagecontentwithlinks", 'restricthtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('<img src="data:abc"><img src="bbb"><img src="/ccc"><span style="background: url(/ddd)"></span>', $result, 'Test on limit on GETPOST fails');
 
 		$conf->global->MAIN_DISALLOW_URL_INTO_DESCRIPTIONS = 2;
 
 		// Test that no links is allowed
-		$_POST["pagecontentwithlinks"]='<img src="data:abc"><img src="bbb"><img src="/ccc"><span style="background: url(/ddd)"></span>';
-		$result=GETPOST("pagecontentwithlinks", 'restricthtml');
+		$_POST["pagecontentwithlinks"] = '<img src="data:abc"><img src="bbb"><img src="/ccc"><span style="background: url(/ddd)"></span>';
+		$result = GETPOST("pagecontentwithlinks", 'restricthtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('ErrorHTMLLinksNotAllowed', $result, 'Test on limit on MAIN_DISALLOW_URL_INTO_DESCRIPTIONS = 2 (no links allowed)');
 
 		$conf->global->MAIN_DISALLOW_URL_INTO_DESCRIPTIONS = 1;
 
 		// Test that links on wrapper or local url are allowed
-		$_POST["pagecontentwithnowrapperlinks"]='<img src="data:abc"><img src="bbb"><img src="/ccc"><span style="background: url(/ddd)"></span>';
-		$result=GETPOST("pagecontentwithnowrapperlinks", 'restricthtml');
+		$_POST["pagecontentwithnowrapperlinks"] = '<img src="data:abc"><img src="bbb"><img src="/ccc"><span style="background: url(/ddd)"></span>';
+		$result = GETPOST("pagecontentwithnowrapperlinks", 'restricthtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('<img src="data:abc"><img src="bbb"><img src="/ccc"><span style="background: url(/ddd)"></span>', $result, 'Test on MAIN_DISALLOW_URL_INTO_DESCRIPTIONS = 1 (links on data or relative links ar allowed)');
 
 		// Test that links not on wrapper and not data are disallowed
-		$_POST["pagecontentwithnowrapperlinks"]='<img src="https://aaa">';
-		$result=GETPOST("pagecontentwithnowrapperlinks", 'restricthtml');
+		$_POST["pagecontentwithnowrapperlinks"] = '<img src="https://aaa">';
+		$result = GETPOST("pagecontentwithnowrapperlinks", 'restricthtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('ErrorHTMLExternalLinksNotAllowed', $result, 'Test on MAIN_DISALLOW_URL_INTO_DESCRIPTIONS = 1 (no links to http allowed)');
 
 		// Test that links not on wrapper and not data are disallowed
-		$_POST["pagecontentwithnowrapperlinks"]='<span style="background: url(http://ddd)"></span>';
-		$result=GETPOST("pagecontentwithnowrapperlinks", 'restricthtml');
+		$_POST["pagecontentwithnowrapperlinks"] = '<span style="background: url(http://ddd)"></span>';
+		$result = GETPOST("pagecontentwithnowrapperlinks", 'restricthtml');
 		print __METHOD__." result=".$result."\n";
 		$this->assertEquals('ErrorHTMLExternalLinksNotAllowed', $result, 'Test on MAIN_DISALLOW_URL_INTO_DESCRIPTIONS = 1 (no links to http allowed)');
 
@@ -772,15 +772,15 @@ 
 	 */
 	public function testEncodeDecode()
 	{
-		$stringtotest="This is a string to test encode/decode. This is a string to test encode/decode. This is a string to test encode/decode.";
+		$stringtotest = "This is a string to test encode/decode. This is a string to test encode/decode. This is a string to test encode/decode.";
 
-		$encodedstring=dol_encode($stringtotest);
-		$decodedstring=dol_decode($encodedstring);
+		$encodedstring = dol_encode($stringtotest);
+		$decodedstring = dol_decode($encodedstring);
 		print __METHOD__." encodedstring=".$encodedstring." ".base64_encode($stringtotest)."\n";
 		$this->assertEquals($stringtotest, $decodedstring, 'Use dol_encode/decode with no parameter');
 
-		$encodedstring=dol_encode($stringtotest, 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
-		$decodedstring=dol_decode($encodedstring, 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
+		$encodedstring = dol_encode($stringtotest, 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
+		$decodedstring = dol_decode($encodedstring, 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
 		print __METHOD__." encodedstring=".$encodedstring." ".base64_encode($stringtotest)."\n";
 		$this->assertEquals($stringtotest, $decodedstring, 'Use dol_encode/decode with a key parameter');
 
@@ -799,7 +799,7 @@ 
 		$this->assertEquals('a &colon; b " c \' d &apos; e é', $decodedstring, 'Function did not sanitize correclty');
 
 		$stringtotest = 'a &colon; b &quot; c &#039; d &apos; e &eacute;';
-		$decodedstring = dol_html_entity_decode($stringtotest, ENT_QUOTES|ENT_HTML5);
+		$decodedstring = dol_html_entity_decode($stringtotest, ENT_QUOTES | ENT_HTML5);
 		$this->assertEquals('a : b " c \' d \' e é', $decodedstring, 'Function did not sanitize correclty');
 
 		return 0;
@@ -863,21 +863,21 @@ 
 	{
 		global $conf;
 
-		$genpass1=getRandomPassword(true);				// Should be a string return by dol_hash (if no option set, will be md5)
+		$genpass1 = getRandomPassword(true); // Should be a string return by dol_hash (if no option set, will be md5)
 		print __METHOD__." genpass1=".$genpass1."\n";
 		$this->assertEquals(strlen($genpass1), 32);
 
-		$genpass1=getRandomPassword(true, array('I'));	// Should be a string return by dol_hash (if no option set, will be md5)
+		$genpass1 = getRandomPassword(true, array('I')); // Should be a string return by dol_hash (if no option set, will be md5)
 		print __METHOD__." genpass1=".$genpass1."\n";
 		$this->assertEquals(strlen($genpass1), 32);
 
-		$conf->global->USER_PASSWORD_GENERATED='None';
-		$genpass2=getRandomPassword(false);				// Should return an empty string
+		$conf->global->USER_PASSWORD_GENERATED = 'None';
+		$genpass2 = getRandomPassword(false); // Should return an empty string
 		print __METHOD__." genpass2=".$genpass2."\n";
 		$this->assertEquals($genpass2, '');
 
-		$conf->global->USER_PASSWORD_GENERATED='Standard';
-		$genpass3=getRandomPassword(false);				// Should return a password of 12 chars
+		$conf->global->USER_PASSWORD_GENERATED = 'Standard';
+		$genpass3 = getRandomPassword(false); // Should return a password of 12 chars
 		print __METHOD__." genpass3=".$genpass3."\n";
 		$this->assertEquals(strlen($genpass3), 12);
 
@@ -891,16 +891,16 @@ 
 	 */
 	public function testRestrictedArea()
 	{
-		global $conf,$user,$langs,$db;
-		$conf=$this->savconf;
-		$user=$this->savuser;
-		$langs=$this->savlangs;
-		$db=$this->savdb;
+		global $conf, $user, $langs, $db;
+		$conf = $this->savconf;
+		$user = $this->savuser;
+		$langs = $this->savlangs;
+		$db = $this->savdb;
 
 		//$dummyuser=new User($db);
 		//$result=restrictedArea($dummyuser,'societe');
 
-		$result=restrictedArea($user, 'societe');
+		$result = restrictedArea($user, 'societe');
 		$this->assertEquals(1, $result);
 	}
 
@@ -918,42 +918,42 @@ 
 		$url = 'ftp://mydomain.com';
 		$tmp = getURLContent($url);
 		print __METHOD__." url=".$url."\n";
-		$this->assertRegExp("/not supported/", $tmp['curl_error_msg'], "Should disable ftp connection");	// Test error if return does not contains 'not supported'
+		$this->assertRegExp("/not supported/", $tmp['curl_error_msg'], "Should disable ftp connection"); // Test error if return does not contains 'not supported'
 
-		$url = 'https://www.dolibarr.fr';	// This is a redirect 301 page
-		$tmp = getURLContent($url, 'GET', '', 0);	// We do NOT follow
+		$url = 'https://www.dolibarr.fr'; // This is a redirect 301 page
+		$tmp = getURLContent($url, 'GET', '', 0); // We do NOT follow
 		print __METHOD__." url=".$url."\n";
 		$this->assertEquals(301, (empty($tmp['http_code']) ? 0 : $tmp['http_code']), 'Should GET url 301 response');
 
-		$url = 'https://www.dolibarr.fr';	// This is a redirect 301 page
-		$tmp = getURLContent($url);		// We DO follow a page with return 300 so result should be 200
+		$url = 'https://www.dolibarr.fr'; // This is a redirect 301 page
+		$tmp = getURLContent($url); // We DO follow a page with return 300 so result should be 200
 		print __METHOD__." url=".$url."\n";
 		$this->assertEquals(200, (empty($tmp['http_code']) ? 0 : $tmp['http_code']), 'Should GET url 301 with a follow -> 200 but we get '.(empty($tmp['http_code']) ? 0 : $tmp['http_code']));
 
 		$url = 'http://localhost';
-		$tmp = getURLContent($url, 'GET', '', 0, array(), array('http', 'https'), 0);		// Only external URL
+		$tmp = getURLContent($url, 'GET', '', 0, array(), array('http', 'https'), 0); // Only external URL
 		print __METHOD__." url=".$url."\n";
-		$this->assertEquals(400, (empty($tmp['http_code']) ? 0 : $tmp['http_code']), 'Should GET url to '.$url.' that resolves to a local URL');	// Test we receive an error because localtest.me is not an external URL
+		$this->assertEquals(400, (empty($tmp['http_code']) ? 0 : $tmp['http_code']), 'Should GET url to '.$url.' that resolves to a local URL'); // Test we receive an error because localtest.me is not an external URL
 
 		$url = 'http://127.0.0.1';
-		$tmp = getURLContent($url, 'GET', '', 0, array(), array('http', 'https'), 0);		// Only external URL
+		$tmp = getURLContent($url, 'GET', '', 0, array(), array('http', 'https'), 0); // Only external URL
 		print __METHOD__." url=".$url."\n";
-		$this->assertEquals(400, (empty($tmp['http_code']) ? 0 : $tmp['http_code']), 'Should GET url to '.$url.' that is a local URL');	// Test we receive an error because 127.0.0.1 is not an external URL
+		$this->assertEquals(400, (empty($tmp['http_code']) ? 0 : $tmp['http_code']), 'Should GET url to '.$url.' that is a local URL'); // Test we receive an error because 127.0.0.1 is not an external URL
 
 		$url = 'http://127.0.2.1';
-		$tmp = getURLContent($url, 'GET', '', 0, array(), array('http', 'https'), 0);		// Only external URL
+		$tmp = getURLContent($url, 'GET', '', 0, array(), array('http', 'https'), 0); // Only external URL
 		print __METHOD__." url=".$url."\n";
-		$this->assertEquals(400, (empty($tmp['http_code']) ? 0 : $tmp['http_code']), 'Should GET url to '.$url.' that is a local URL');	// Test we receive an error because 127.0.2.1 is not an external URL
+		$this->assertEquals(400, (empty($tmp['http_code']) ? 0 : $tmp['http_code']), 'Should GET url to '.$url.' that is a local URL'); // Test we receive an error because 127.0.2.1 is not an external URL
 
 		$url = 'https://169.254.0.1';
-		$tmp = getURLContent($url, 'GET', '', 0, array(), array('http', 'https'), 0);		// Only external URL
+		$tmp = getURLContent($url, 'GET', '', 0, array(), array('http', 'https'), 0); // Only external URL
 		print __METHOD__." url=".$url."\n";
-		$this->assertEquals(400, (empty($tmp['http_code']) ? 0 : $tmp['http_code']), 'Should GET url to '.$url.' that is a local URL');	// Test we receive an error because 169.254.0.1 is not an external URL
+		$this->assertEquals(400, (empty($tmp['http_code']) ? 0 : $tmp['http_code']), 'Should GET url to '.$url.' that is a local URL'); // Test we receive an error because 169.254.0.1 is not an external URL
 
 		$url = 'http://[::1]';
-		$tmp = getURLContent($url, 'GET', '', 0, array(), array('http', 'https'), 0);		// Only external URL
+		$tmp = getURLContent($url, 'GET', '', 0, array(), array('http', 'https'), 0); // Only external URL
 		print __METHOD__." url=".$url."\n";
-		$this->assertEquals(400, (empty($tmp['http_code']) ? 0 : $tmp['http_code']), 'Should GET url to '.$url.' that is a local URL');	// Test we receive an error because [::1] is not an external URL
+		$this->assertEquals(400, (empty($tmp['http_code']) ? 0 : $tmp['http_code']), 'Should GET url to '.$url.' that is a local URL'); // Test we receive an error because [::1] is not an external URL
 
 		/*$url = 'localtest.me';
 		 $tmp = getURLContent($url, 'GET', '', 0, array(), array('http', 'https'), 0);		// Only external URL
@@ -962,9 +962,9 @@ 
 		 */
 
 		$url = 'http://192.0.0.192';
-		$tmp = getURLContent($url, 'GET', '', 0, array(), array('http', 'https'), 0);		// Only external URL but on an IP in blacklist
+		$tmp = getURLContent($url, 'GET', '', 0, array(), array('http', 'https'), 0); // Only external URL but on an IP in blacklist
 		print __METHOD__." url=".$url." tmp['http_code'] = ".(empty($tmp['http_code']) ? 0 : $tmp['http_code'])."\n";
-		$this->assertEquals(400, (empty($tmp['http_code']) ? 0 : $tmp['http_code']), 'Access should be refused and was not');	// Test we receive an error because ip is in blacklist
+		$this->assertEquals(400, (empty($tmp['http_code']) ? 0 : $tmp['http_code']), 'Access should be refused and was not'); // Test we receive an error because ip is in blacklist
 
 		return 0;
 	}
@@ -976,22 +976,22 @@ 
 	 */
 	public function testDolSanitizeUrl()
 	{
-		global $conf,$user,$langs,$db;
-		$conf=$this->savconf;
-		$user=$this->savuser;
-		$langs=$this->savlangs;
-		$db=$this->savdb;
+		global $conf, $user, $langs, $db;
+		$conf = $this->savconf;
+		$user = $this->savuser;
+		$langs = $this->savlangs;
+		$db = $this->savdb;
 
 		$test = 'javascripT&javascript#x3a alert(1)';
-		$result=dol_sanitizeUrl($test);
+		$result = dol_sanitizeUrl($test);
 		$this->assertEquals('x3a alert(1)', $result, 'Test on dol_sanitizeUrl A');
 
 		$test = 'javajavascriptscript&cjavascriptolon;alert(1)';
-		$result=dol_sanitizeUrl($test);
+		$result = dol_sanitizeUrl($test);
 		$this->assertEquals('alert(1)', $result, 'Test on dol_sanitizeUrl B');
 
 		$test = '/javas:cript/google.com';
-		$result=dol_sanitizeUrl($test);
+		$result = dol_sanitizeUrl($test);
 		$this->assertEquals('google.com', $result, 'Test on dol_sanitizeUrl C');
 	}
 
@@ -1002,26 +1002,26 @@ 
 	 */
 	public function testDolSanitizeEmail()
 	{
-		global $conf,$user,$langs,$db;
-		$conf=$this->savconf;
-		$user=$this->savuser;
-		$langs=$this->savlangs;
-		$db=$this->savdb;
+		global $conf, $user, $langs, $db;
+		$conf = $this->savconf;
+		$user = $this->savuser;
+		$langs = $this->savlangs;
+		$db = $this->savdb;
 
 		$test = 'aaa@mycompany.com <My name>, bbb@mycompany.com <Another name>';
-		$result=dol_sanitizeEmail($test);
+		$result = dol_sanitizeEmail($test);
 		$this->assertEquals($test, $result, 'Test on dol_sanitizeEmail A');
 
 		$test = "aaa@mycompany.com <My name>,\nbbb@mycompany.com <Another name>";
-		$result=dol_sanitizeEmail($test);
+		$result = dol_sanitizeEmail($test);
 		$this->assertEquals('aaa@mycompany.com <My name>,bbb@mycompany.com <Another name>', $result, 'Test on dol_sanitizeEmail B');
 
 		$test = 'aaa@mycompany.com <My name>,\nbbb@mycompany.com <Another name>';
-		$result=dol_sanitizeEmail($test);
+		$result = dol_sanitizeEmail($test);
 		$this->assertEquals('aaa@mycompany.com <My name>,nbbb@mycompany.com <Another name>', $result, 'Test on dol_sanitizeEmail C');
 
 		$test = 'aaa@mycompany.com <My name>, "bcc:bbb"@mycompany.com <Another name>';
-		$result=dol_sanitizeEmail($test);
+		$result = dol_sanitizeEmail($test);
 		$this->assertEquals('aaa@mycompany.com <My name>, bccbbb@mycompany.com <Another name>', $result, 'Test on dol_sanitizeEmail D');
 	}
 
@@ -1032,19 +1032,19 @@ 
 	 */
 	public function testDolSanitizeFileName()
 	{
-		global $conf,$user,$langs,$db;
-		$conf=$this->savconf;
-		$user=$this->savuser;
-		$langs=$this->savlangs;
-		$db=$this->savdb;
+		global $conf, $user, $langs, $db;
+		$conf = $this->savconf;
+		$user = $this->savuser;
+		$langs = $this->savlangs;
+		$db = $this->savdb;
 
 		//$dummyuser=new User($db);
 		//$result=restrictedArea($dummyuser,'societe');
 
-		$result=dol_sanitizeFileName('bad file | evilaction');
+		$result = dol_sanitizeFileName('bad file | evilaction');
 		$this->assertEquals('bad file _ evilaction', $result);
 
-		$result=dol_sanitizeFileName('bad file -evilparam --evilparam ---evilparam ----evilparam');
+		$result = dol_sanitizeFileName('bad file -evilparam --evilparam ---evilparam ----evilparam');
 		$this->assertEquals('bad file _evilparam _evilparam _evilparam _evilparam', $result);
 	}
 
@@ -1055,17 +1055,17 @@ 
 	 */
 	public function testDolEval()
 	{
-		global $conf,$user,$langs,$db;
-		$conf=$this->savconf;
-		$user=$this->savuser;
-		$langs=$this->savlangs;
-		$db=$this->savdb;
+		global $conf, $user, $langs, $db;
+		$conf = $this->savconf;
+		$user = $this->savuser;
+		$langs = $this->savlangs;
+		$db = $this->savdb;
 
-		$result=dol_eval('1==1', 1, 0);
+		$result = dol_eval('1==1', 1, 0);
 		print "result1 = ".$result."\n";
 		$this->assertTrue($result);
 
-		$result=dol_eval('1==2', 1, 0);
+		$result = dol_eval('1==2', 1, 0);
 		print "result2 = ".$result."\n";
 		$this->assertFalse($result);
 
@@ -1073,7 +1073,7 @@ 
 		include_once DOL_DOCUMENT_ROOT.'/projet/class/task.class.php';
 
 		$s = '(($reloadedobj = new Task($db)) && ($reloadedobj->fetchNoCompute($object->id) > 0) && ($secondloadedobj = new Project($db)) && ($secondloadedobj->fetchNoCompute($reloadedobj->fk_project) > 0)) ? $secondloadedobj->ref : "Parent project not found"';
-		$result=dol_eval($s, 1, 1, '2');
+		$result = dol_eval($s, 1, 1, '2');
 		print "result3 = ".$result."\n";
 		$this->assertEquals('Parent project not found', $result);
 
@@ -1114,48 +1114,48 @@ 
 		print "result12 = ".$result."\n";
 		$this->assertStringContainsString('Bad string syntax to evaluate', $result);
 
-		$result=dol_eval("90402.38+267678+0", 1, 1, 1);
+		$result = dol_eval("90402.38+267678+0", 1, 1, 1);
 		print "result13 = ".$result."\n";
 		$this->assertEquals('358080.38', $result);
 
-		global $leftmenu;	// Used into strings to eval
+		global $leftmenu; // Used into strings to eval
 
 		$leftmenu = 'AAA';
-		$result=dol_eval('$conf->currency && preg_match(\'/^(AAA|BBB)/\',$leftmenu)', 1, 1, '1');
+		$result = dol_eval('$conf->currency && preg_match(\'/^(AAA|BBB)/\',$leftmenu)', 1, 1, '1');
 		print "result = ".$result."\n";
 		$this->assertTrue($result);
 
 		// Same with a value that does not match
 		$leftmenu = 'XXX';
-		$result=dol_eval('$conf->currency && preg_match(\'/^(AAA|BBB)/\',$leftmenu)', 1, 1, '1');
+		$result = dol_eval('$conf->currency && preg_match(\'/^(AAA|BBB)/\',$leftmenu)', 1, 1, '1');
 		print "result14 = ".$result."\n";
 		$this->assertFalse($result);
 
 		$leftmenu = 'AAA';
-		$result=dol_eval('$conf->currency && isStringVarMatching(\'leftmenu\', \'(AAA|BBB)\')', 1, 1, '1');
+		$result = dol_eval('$conf->currency && isStringVarMatching(\'leftmenu\', \'(AAA|BBB)\')', 1, 1, '1');
 		print "result15 = ".$result."\n";
 		$this->assertTrue($result);
 
 		$leftmenu = 'XXX';
-		$result=dol_eval('$conf->currency && isStringVarMatching(\'leftmenu\', \'(AAA|BBB)\')', 1, 1, '1');
+		$result = dol_eval('$conf->currency && isStringVarMatching(\'leftmenu\', \'(AAA|BBB)\')', 1, 1, '1');
 		print "result16 = ".$result."\n";
 		$this->assertFalse($result);
 
 		$string = '(isModEnabled("agenda") || isModEnabled("resource")) && getDolGlobalInt("MAIN_FEATURES_LEVEL") >= 0 && preg_match(\'/^(admintools|all|XXX)/\', $leftmenu)';
-		$result=dol_eval($string, 1, 1, '1');
+		$result = dol_eval($string, 1, 1, '1');
 		print "result17 = ".$result."\n";
 		$this->assertTrue($result);
 
-		$result=dol_eval('1 && getDolGlobalInt("doesnotexist1") && $conf->global->MAIN_FEATURES_LEVEL', 1, 0);	// Should return false and not a 'Bad string syntax to evaluate ...'
+		$result = dol_eval('1 && getDolGlobalInt("doesnotexist1") && $conf->global->MAIN_FEATURES_LEVEL', 1, 0); // Should return false and not a 'Bad string syntax to evaluate ...'
 		print "result18 = ".$result."\n";
 		$this->assertFalse($result);
 
-		$a='ab';
+		$a = 'ab';
 		$result = (string) dol_eval("(\$a.'s')", 1, 0);
 		print "result19 = ".$result."\n";
 		$this->assertStringContainsString('Bad string syntax to evaluate', $result);
 
-		$leftmenu='abs';
+		$leftmenu = 'abs';
 		$result = (string) dol_eval('$leftmenu(-5)', 1, 0);
 		print "result20 = ".$result."\n";
 		$this->assertStringContainsString('Bad string syntax to evaluate', $result);
@@ -1173,12 +1173,12 @@ 
 		global $conf;
 
 		// Set options for cleaning data
-		$conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML = 0;	// disabled, does not work on HTML5 and some libxml versions
+		$conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML = 0; // disabled, does not work on HTML5 and some libxml versions
 		// Enabled option MAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY if possible
 		if (extension_loaded('tidy') && class_exists("tidy")) {
 			$conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML_TIDY = 1;
 		}
-		$conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES = 0;	// disabled, does not work on HTML5 and some libxml versions
+		$conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES = 0; // disabled, does not work on HTML5 and some libxml versions
 
 
 
@@ -1191,7 +1191,7 @@ 
 		//$result = dol_escape_htmltag(dol_htmlwithnojs(dol_string_onlythesehtmltags(dol_htmlentitiesbr($stringtotest), 1, 1, 1, 0)), 1, 1, 'common', 0, 1);
 		$result = dolPrintHTML($stringtotest);
 		print __METHOD__." result=".$result."\n";
-		$this->assertEquals($stringfixed, $result, 'Error');    // Expected '' because should failed because login 'auto' does not exists
+		$this->assertEquals($stringfixed, $result, 'Error'); // Expected '' because should failed because login 'auto' does not exists
 
 
 		// For a string that is already HTML (contains HTML tags) with special tags but badly formatted
@@ -1240,24 +1240,24 @@ 
 	 */
 	public function testCheckLoginPassEntity()
 	{
-		$login=checkLoginPassEntity('loginbidon', 'passwordbidon', 1, array('dolibarr'));
+		$login = checkLoginPassEntity('loginbidon', 'passwordbidon', 1, array('dolibarr'));
 		print __METHOD__." login=".$login."\n";
 		$this->assertEquals($login, '');
 
-		$login=checkLoginPassEntity('admin', 'passwordbidon', 1, array('dolibarr'));
+		$login = checkLoginPassEntity('admin', 'passwordbidon', 1, array('dolibarr'));
 		print __METHOD__." login=".$login."\n";
 		$this->assertEquals($login, '');
 
-		$login=checkLoginPassEntity('admin', 'admin', 1, array('dolibarr'));            // Should works because admin/admin exists
+		$login = checkLoginPassEntity('admin', 'admin', 1, array('dolibarr')); // Should works because admin/admin exists
 		print __METHOD__." login=".$login."\n";
 		$this->assertEquals($login, 'admin', 'The test to check if pass of user "admin" is "admin" has failed');
 
-		$login=checkLoginPassEntity('admin', 'admin', 1, array('http','dolibarr'));    // Should work because of second authentication method
+		$login = checkLoginPassEntity('admin', 'admin', 1, array('http', 'dolibarr')); // Should work because of second authentication method
 		print __METHOD__." login=".$login."\n";
 		$this->assertEquals($login, 'admin');
 
-		$login=checkLoginPassEntity('admin', 'admin', 1, array('forceuser'));
+		$login = checkLoginPassEntity('admin', 'admin', 1, array('forceuser'));
 		print __METHOD__." login=".$login."\n";
-		$this->assertEquals('', $login, 'Error');    // Expected '' because should failed because login 'auto' does not exists
+		$this->assertEquals('', $login, 'Error'); // Expected '' because should failed because login 'auto' does not exists
 	}
 }