noalyss-commit
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Noalyss-commit] [noalyss] 03/03: 0001438: Remplacement de HtmlInput par


From: Dany De Bontridder
Subject: [Noalyss-commit] [noalyss] 03/03: 0001438: Remplacement de HtmlInput par Http_Input
Date: Sat, 3 Jun 2017 13:13:27 -0400 (EDT)

sparkyx pushed a commit to branch master
in repository noalyss.

commit aa55ed6894bd94a27e0fbdf3c67e2cc78198758f
Author: Dany De Bontridder <address@hidden>
Date:   Sat Jun 3 19:13:15 2017 +0200

    0001438: Remplacement de HtmlInput par Http_Input
---
 dev/get_database_item.sh                      |   4 +
 html/do.php                                   |  15 +-
 html/export.php                               |  12 +-
 html/fid.php                                  |   8 +-
 html/lang/en_US/LC_MESSAGES/messages.po       |   8 +-
 html/user_login.php                           |  12 +-
 include/action.common.inc.php                 |   5 +-
 include/adm.inc.php                           |  26 +-
 include/admin_repo.inc.php                    |   4 +-
 include/ajax/ajax_action_remove_concerned.php |  18 +-
 include/anc_great_ledger.inc.php              |   4 +-
 include/anc_key.inc.php                       |  42 +--
 include/anc_pa.inc.php                        | 392 +++++++++++++-------------
 include/backup.inc.php                        |  17 +-
 include/balance.inc.php                       |  25 +-
 include/balance_age.inc.php                   |  20 +-
 include/bank.inc.php                          |   8 +-
 include/card_attr.inc.php                     |  12 +-
 include/cat_document.inc.php                  |  68 +++--
 include/category_card.inc.php                 | 145 +++++-----
 include/category_detail.inc.php               |  12 +-
 include/category_followup.inc.php             |  14 +-
 include/category_operation.inc.php            |   4 +-
 include/cfgfiche.inc.php                      |  49 ++--
 include/cfgledger.inc.php                     |  17 +-
 include/cfgplugin.inc.php                     |   3 +-
 include/class/class_calendar.php              |   4 +-
 include/class/class_follow_up.php             |  69 +++--
 include/company.inc.php                       |  38 +--
 include/compta_ach.inc.php                    |  15 +-
 include/compta_fin_rec.inc.php                |   6 +-
 include/compta_ods.inc.php                    |   4 +-
 include/compta_ven.inc.php                    |   6 +-
 include/constant.php                          |   2 +
 include/customer.inc.php                      |   9 +-
 include/database.item.php                     |  15 +-
 include/dossier.inc.php                       |  27 +-
 include/export/export_anc_receipt_pdf.php     |   5 +-
 include/export/export_balance_age_csv.php     |  18 +-
 include/export/export_balance_pdf.php         |  31 +-
 include/export/export_document.php            |  22 +-
 include/export/export_fiche_detail_csv.php    |  32 ++-
 include/export/export_fiche_detail_pdf.php    |  14 +-
 include/export/export_fiche_pdf.php           |   1 +
 include/export/export_form_csv.php            |  35 ++-
 include/export/export_form_pdf.php            |  38 ++-
 include/export/export_gl_csv.php              |  44 +--
 include/export/export_gl_pdf.php              |   8 +-
 include/export/export_ledger_csv.php          |  25 +-
 include/export/export_ledger_pdf.php          |  21 +-
 include/export/export_poste_detail_csv.php    |  30 +-
 include/export/export_poste_detail_pdf.php    |  28 +-
 include/export/export_rec_csv.php             |  23 +-
 include/export/export_receipt.php             |  13 +-
 include/export/export_security_pdf.php        |  53 ++--
 include/forecast.inc.php                      |  48 ++--
 include/history_operation.inc.php             |   6 +-
 include/impress_gl_comptes.inc.php            |   6 +-
 include/impress_jrn.inc.php                   |   4 +-
 include/impress_rapport.inc.php               |  99 ++++---
 include/lib/class_html_input.php              |  11 +-
 include/lib/class_http_input.php              | 147 ++++++++++
 include/lib/user_common.php                   |  13 +-
 include/manager.inc.php                       |   6 +-
 include/modele.inc.php                        |  24 +-
 include/param_pcmn.inc.php                    |   4 +-
 include/payment_middle.inc.php                |   4 +-
 include/preod.inc.php                         |  10 +-
 include/profile.inc.php                       |  82 +++---
 include/recover.php                           |   9 +-
 include/report.inc.php                        |   6 +-
 include/restore.inc.php                       |   5 +-
 include/search.inc.php                        |   4 +-
 include/stock_cfg.inc.php                     |  14 +-
 include/stock_inv_histo.inc.php               |   4 +-
 include/supplier.inc.php                      |   6 +-
 include/upgrade.inc.php                       |   5 +-
 include/user.inc.php                          |  36 +--
 include/user_detail.inc.php                   |  26 +-
 79 files changed, 1292 insertions(+), 867 deletions(-)

diff --git a/dev/get_database_item.sh b/dev/get_database_item.sh
index 9f0c3a4..273383c 100755
--- a/dev/get_database_item.sh
+++ b/dev/get_database_item.sh
@@ -36,5 +36,9 @@ echo "?>"  ) >> ../include/database.item.php
 echo "<?php "
 psql -A -F"  " -t -c "select 
'\$jrn_def_description[]=_('''||replace(jrn_def_description,'''',E'\\\\''')||''');'
 from jrn_def ;"
 echo "?>"  ) >> ../include/database.item.php
+(
+echo "<?php "
+psql -A -F"  " -t -c "select 
'\$jrn_type[]=_('''||replace(jrn_desc,'''',E'\\\\''')||''');' from jrn_type ;"
+echo "?>"  ) >> ../include/database.item.php
 
 echo "File ../include/database.item.php is created"
diff --git a/html/do.php b/html/do.php
index df7396b..6df0dd1 100644
--- a/html/do.php
+++ b/html/do.php
@@ -50,9 +50,9 @@ if ( ! isset ($_SESSION['g_theme']))
   }
 $cn = Dossier::connect();
 
-global $g_user, $cn,$g_parameter;
+global $g_user, $cn,$g_parameter,$http;
 $g_user = new User($cn);
-
+$http=new HttpInput();
 /*
  * check that the database is not empty
  */
@@ -70,8 +70,15 @@ if ( ! $cn->exist_table('version')) {
  */
 if ( isset ($_POST['set_preference'])) {
     //// Save value
-    extract($_POST, EXTR_SKIP );
-
+    $style_user=$http->post("style_user","string","Classique");
+    $lang=$http->post("lang","string","fr_FR.utf8");
+    $p_size=$http->post("p_size","number",50);
+    $pass_1=$http->post("pass_1","string","");
+    $pass_2=$http->post("pass_2","string","");
+    $p_email=$http->post("p_email","string","");
+    $minirap=$http->post("minirap","number",0);
+    $period=$http->post("period","number");
+    
     if (strlen(trim($pass_1)) != 0 && strlen(trim($pass_2)) != 0)
     {
        $g_user->save_password($pass_1,$pass_2);
diff --git a/html/export.php b/html/export.php
index 86cb679..b6fdab4 100644
--- a/html/export.php
+++ b/html/export.php
@@ -29,6 +29,7 @@ require_once '../include/constant.php';
 global $g_user,$cn,$g_parameter;
 require_once NOALYSS_INCLUDE.'/lib/class_database.php';
 require_once NOALYSS_INCLUDE.'/class/class_user.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
 $gDossier=dossier::id();
 $cn=Dossier::connect();
 mb_internal_encoding("UTF-8");
@@ -36,18 +37,17 @@ $g_user=new User($cn);
 $g_user->Check();
 $action=$g_user->check_dossier($gDossier);
 set_language();
-if ( $action=='X' || ! isset($_GET['act']) || 
$g_user->check_print($_GET['act'])==0 )
+$hi=new HttpInput();
+$action=$hi->get("act");
+
+if ( $action=='X'  || $g_user->check_print($action)==0 )
   {
     echo alert(_('Accès interdit'));
     redirect("do.php?".dossier::get());
     exit();
   }
 // get file and execute it
-$action=HtmlInput::default_value_get('act', null);
-if ($action == null )
-{
-    die(_('Appel invalide'));
-}
+
  $prfile=$cn->get_value("select me_file from menu_ref where 
me_code=$1",array($action));
  if ( $prfile == "") {
      die (_('Export impossible'));
diff --git a/html/fid.php b/html/fid.php
index 6953e08..b19e65a 100644
--- a/html/fid.php
+++ b/html/fid.php
@@ -36,6 +36,7 @@ require_once '../include/constant.php';
 require_once NOALYSS_INCLUDE.'/class/class_own.php';
 require_once NOALYSS_INCLUDE.'/lib/class_database.php';
 require_once NOALYSS_INCLUDE.'/lib/user_common.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
 require_once NOALYSS_INCLUDE.'/class/class_dossier.php';
 $gDossier=dossier::id();
 
@@ -52,13 +53,12 @@ $fTva_id=(isset($_REQUEST['t']))?$_REQUEST['t']:'none';
 $fPrice_sale=(isset($_REQUEST['p']))?$_REQUEST['p']:'none';
 $fPrice_purchase=(isset($_REQUEST['b']))?$_REQUEST['b']:'none';
 
-
+$hi=new HttpInput();
 
 if ( isset($_SESSION['isValid']) && $_SESSION['isValid'] == 1)
 {
-    $jrn=HtmlInput::default_value_get('j', '-1');
-    $jrn=sql_string($_GET['j']);
-    $d=HtmlInput::default_value_get('d', '');
+    $jrn=$hi->get('j', "number",'-1');
+    $d=$hi->get('d',"string", '');
     $d=sql_string($d);
 
     if ( $jrn == -1 )
diff --git a/html/lang/en_US/LC_MESSAGES/messages.po 
b/html/lang/en_US/LC_MESSAGES/messages.po
index 9db920c..453f64c 100644
--- a/html/lang/en_US/LC_MESSAGES/messages.po
+++ b/html/lang/en_US/LC_MESSAGES/messages.po
@@ -10,7 +10,7 @@ msgstr ""
 "Project-Id-Version: NOALYSS 672\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2017-03-25 17:13+0100\n"
-"PO-Revision-Date: 2017-03-25 17:13+0100\n"
+"PO-Revision-Date: 2017-06-02 21:54+0200\n"
 "Last-Translator: dany\n"
 "Language-Team: French <address@hidden>\n"
 "Language: en_US\n"
@@ -660,7 +660,7 @@ msgstr "Unauthorized"
 
 #: include/param_sec.inc.php:278
 msgid "Accès à tout"
-msgstr "Forbidden access"
+msgstr "all access"
 
 #: include/database.item.php:2 include/database.item.php:66
 #: include/database.item.php:196 include/database.item.php:5
@@ -2058,7 +2058,7 @@ msgstr "Other info"
 
 #: include/template/action_other_action.php:7
 msgid "Autres actions"
-msgstr "atiAdd Action"
+msgstr "Add Action"
 
 #: include/template/detail-action.php:64 include/template/detail-action.php:67
 #: include/template/detail-action.php:72 include/template/detail-action.php:71
@@ -5826,7 +5826,7 @@ msgstr "Opening writing"
 #: include/ext/tva/class_ext_tva.php:340
 #: include/class/class_pdf_operation.php:240
 msgid "Ecriture comptable"
-msgstr "Booking services"
+msgstr "Accounting records"
 
 #: include/database.item.php:86 include/database.item.php:89
 #: include/database.item.php:94 include/database.item.php:91
diff --git a/html/user_login.php b/html/user_login.php
index 49e972a..9bfa663 100644
--- a/html/user_login.php
+++ b/html/user_login.php
@@ -25,6 +25,7 @@ require_once '../include/constant.php';
 include_once NOALYSS_INCLUDE.'/lib/ac_common.php';
 require_once NOALYSS_INCLUDE.'/lib/class_database.php';
 require_once NOALYSS_INCLUDE.'/lib/class_itext.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
 require_once NOALYSS_INCLUDE.'/lib/function_javascript.php';
 
 @html_page_start($_SESSION['g_theme']);
@@ -60,6 +61,7 @@ EOF;
     exit();
 }
 $ac=new Database();
+$hi=new HttpInput();
 
 /* check if repo valid */
 if ( $ac->exist_table('version') == false)
@@ -104,11 +106,11 @@ 
$priv=($User->admin==1)?_("Administrateur"):_("Utilisateur");
 load_all_script();
 if ( isset ($_POST['set_preference'])) {
     //// Save value
-    $pass_1=HtmlInput::default_value_post("pass_1", "");
-    $pass_2=HtmlInput::default_value_post("pass_2", "");
-    $style_user=HtmlInput::default_value_post("style_user", "");
-    $lang=HtmlInput::default_value_post("lang", "");
-    $p_email=HtmlInput::default_value_post("email", "");
+    $pass_1=$hi->post("pass_1","string", "");
+    $pass_2=$hi->post("pass_2","string", "");
+    $style_user=$hi->post("style_user","string", "");
+    $lang=$hi->post("lang", "string","");
+    $p_email=$hi->post("email","string", "");
     if (strlen(trim($pass_1)) != 0 && strlen(trim($pass_2)) != 0)
     {
        $User->save_password($pass_1,$pass_2);
diff --git a/include/action.common.inc.php b/include/action.common.inc.php
index 71b46c2..43041e3 100644
--- a/include/action.common.inc.php
+++ b/include/action.common.inc.php
@@ -94,10 +94,7 @@ if (isset($_POST['generate']))
        {
                $act->Update();
        }
-        $doc_mod=HtmlInput::default_value_post('doc_mod', "-1");
-        if ( $doc_mod == "-1" ||isNumber($doc_mod) == 0) {
-            throw new Exception(_('Donnée invalide'));
-        }
+        $doc_mod=$hi->post('doc_mod',"number");
        $act->generate_document($doc_mod, $_POST);
        $sub_action = 'detail';
 }
diff --git a/include/adm.inc.php b/include/adm.inc.php
index c6cf215..bf0af10 100644
--- a/include/adm.inc.php
+++ b/include/adm.inc.php
@@ -29,17 +29,14 @@ require_once NOALYSS_INCLUDE.'/class/class_fiche_def.php';
 require_once NOALYSS_INCLUDE.'/class/class_fiche_def.php';
 require_once NOALYSS_INCLUDE.'/class/class_admin.php';
 
-global $g_user;
+global $g_user,$http;
 
-$low_action=(isset($_REQUEST['sb']))?$_REQUEST['sb']:"list";
+$low_action=$http->request('sb',"string","list");
 /*! \file
  * \brief Called from the module "Gestion" to manage the customer
  */
 $href=basename($_SERVER['PHP_SELF']);
 
-// by default open liste
-if ( $low_action  == "" )
-    $low_action="list";
 
 
 //-----------------------------------------------------
@@ -55,7 +52,7 @@ if ( isset($_POST['action_fiche'] ) )
             return;
         }
 
-        $f_id=$_REQUEST['f_id'];
+        $f_id=$hi->request('f_id',"number");
 
         $fiche=new Admin($cn,$f_id);
         $fiche->remove();
@@ -65,7 +62,7 @@ if ( isset($_POST['action_fiche'] ) )
 }
 
 //-----------------------------------------------------
-//    list of customer
+//    list of Admin
 //-----------------------------------------------------
 if ( $low_action == "list" )
 {
@@ -81,7 +78,7 @@ if ( $low_action == "list" )
         echo _("Cherche ").HtmlInput::filter_table_form("tiers_tb", '0,1,2', 
1,"query",$a);
 
         echo HtmlInput::request_to_hidden(array('ac'));
-        $choice_cat=HtmlInput::default_value_request("choice_cat", 1);
+        $choice_cat=$http->request("choice_cat","string", 1);
         if ( $choice_cat == 1 )
         {
             $sel_card=new ISelect('cat');
@@ -93,7 +90,7 @@ if ( $low_action == "list" )
             echo _('Catégorie :').$sel_card->input();
         } else
         {
-            $cat=HtmlInput::default_value_request('cat', '');
+            $cat=$http->request('cat', 'string','');
             echo HtmlInput::hidden("cat",$cat);
             echo HtmlInput::hidden('choice_cat', 0);
         }
@@ -106,12 +103,13 @@ if ( $low_action == "list" )
                                                                      </div>
                                                                      <?php
                                                                      $adm=new 
Admin($cn);
-    $search=(isset($_GET['query']))?$_GET['query']:"";
+    $search=$http->get("query","string","");
     $sql="";
-    if ( isset($_GET['cat']))
-       {
-        if ( $_GET['cat'] != -1) $sql=sprintf(" and fd_id = %d",$_GET['cat']);
-    }
+    $cat=$http->request("cat","number",-1);
+    if ( $cat != -1)
+     {
+             $sql=sprintf(" and fd_id = %d",$_GET['cat']);
+     }
 
     echo '<div class="content">';
     echo $adm->Summary($search,'adm',$sql);
diff --git a/include/admin_repo.inc.php b/include/admin_repo.inc.php
index 74a418b..8f5ad37 100644
--- a/include/admin_repo.inc.php
+++ b/include/admin_repo.inc.php
@@ -28,7 +28,9 @@ require_once NOALYSS_INCLUDE."/lib/user_common.php";
 include_once NOALYSS_INCLUDE."/lib/ac_common.php";
 require_once NOALYSS_INCLUDE.'/lib/class_database.php';
 require_once NOALYSS_INCLUDE."/lib/user_menu.php";
-$action = HtmlInput::default_value_request("action", "");
+require_once NOALYSS_INCLUDE."/lib/class_http_input.php";
+$http=new HttpInput();
+$action = $http->request("action","string", "");
 
 $rep=new Database();
 $User=new User($rep);
diff --git a/include/ajax/ajax_action_remove_concerned.php 
b/include/ajax/ajax_action_remove_concerned.php
index 7a0b47f..a82c58d 100644
--- a/include/ajax/ajax_action_remove_concerned.php
+++ b/include/ajax/ajax_action_remove_concerned.php
@@ -20,9 +20,21 @@
 // Copyright 2014 Author Dany De Bontridder address@hidden
 
 if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
-$ag_id=HtmlInput::default_value_get("ag_id", "0");
-$f_id=HtmlInput::default_value_get("f_id", "0");
-if ( $ag_id == 0 || $f_id == 0 ) throw new Exception ("Invalid values", 0);
+
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
+try
+{
+    $ag_id=$http->get("ag_id", "number");
+    $f_id=$http->get("f_id", "number");
+}
+catch (Exception $exc)
+{
+    echo $exc->getMessage();
+    error_log($exc->getTraceAsString());
+    return;
+}
+
 require_once 'class/class_follow_up.php';
 $follow=new Follow_Up($cn,$ag_id);
 
diff --git a/include/anc_great_ledger.inc.php b/include/anc_great_ledger.inc.php
index 73640e8..f20a4fb 100644
--- a/include/anc_great_ledger.inc.php
+++ b/include/anc_great_ledger.inc.php
@@ -4,7 +4,7 @@
 
 if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
 echo '<div style="content">';
-
+global $http;
 require_once NOALYSS_INCLUDE.'/class/class_anc_grandlivre.php';
 
 $grandLivre=new Anc_Grandlivre($cn);
@@ -20,7 +20,7 @@ echo '<p>' . HtmlInput::submit('Recherche', _('Rechercher')) 
. '</p>';
 echo HtmlInput::request_to_hidden(array('sa','ac','gDossier'));
 echo '</form>';
 
-$result=HtmlInput::default_value_request('result',null);
+$result=$http->request('result',"string",null);
 
 if ($result != null)
 {
diff --git a/include/anc_key.inc.php b/include/anc_key.inc.php
index dfae97b..063e6f6 100644
--- a/include/anc_key.inc.php
+++ b/include/anc_key.inc.php
@@ -30,8 +30,9 @@ if (!defined('ALLOWED'))
     die('Appel direct ne sont pas permis');
 global $cn, $g_user;
 require_once NOALYSS_INCLUDE.'/class/class_anc_key.php';
-$op=HtmlInput::default_value_request("op", "list");
+global $http;
 
+$op=$http->request("op", "string", "list");
 switch ($op)
 {
     case 'list':
@@ -39,15 +40,11 @@ switch ($op)
         Anc_Key::key_add();
         break;
     case 'consult':
-        $id=HtmlInput::default_value_request("key", "0");
-        if (isNumber($id)==0||$id==0)
+        try
         {
-            die(_('Clef invalide'));
-        }
-        $key=new Anc_Key($id);
-        if (isset($_POST['save_key']))
-        {
-            try
+            $id=$http->request("key", "number");
+            $key=new Anc_Key($id);
+            if (isset($_POST['save_key']))
             {
                 $key->save($_POST);
                 Anc_Key::display_list();
@@ -55,18 +52,27 @@ switch ($op)
 
                 break;
             }
-            catch (Exception $e)
-            {
-                record_log($e->getTraceAsString());
-                echo span($e->getMessage(),' class="notice"');
-            }
+            $key->input();
+        }
+        catch (Exception $e)
+        {
+            record_log($e->getTraceAsString());
+            echo span($e->getMessage(), ' class="notice"');
+            Anc_Key::display_list();
+            Anc_Key::key_add();
         }
-        $key->input();
         break;
     case 'delete_key':
-        $id=HtmlInput::default_value_request("key", "0");
-        $key=new Anc_Key($id);
-        $key->delete();
+        try
+        {
+            $id=$http->request("key", "number");
+            $key=new Anc_Key($id);
+            $key->delete();
+        }
+        catch (Exception $e)
+        {
+            echo span($e->getMessage(), ' class="notice"');
+        }
         Anc_Key::display_list();
         Anc_Key::key_add();
 }
diff --git a/include/anc_pa.inc.php b/include/anc_pa.inc.php
index a5477b2..e38d447 100644
--- a/include/anc_pa.inc.php
+++ b/include/anc_pa.inc.php
@@ -1,4 +1,5 @@
 <?php
+
 /*
  *   This file is part of NOALYSS.
  *
@@ -15,241 +16,232 @@
  *   You should have received a copy of the GNU General Public License
  *   along with NOALYSS; if not, write to the Free Software
  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
-*/
+ */
 
 // Copyright Author Dany De Bontridder address@hidden
 
-/*!\file
+/* !\file
  *
  * \brief Plan Analytique
  *
  */
-if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
+if (!defined('ALLOWED'))
+    die('Appel direct ne sont pas permis');
 require_once NOALYSS_INCLUDE.'/class/class_anc_plan.php';
 require_once NOALYSS_INCLUDE.'/class/class_anc_account.php';
 $ret="";
 $str_dossier=Dossier::get();
+
+global $http;
+
+$sa=$http->request("sa", "string", "anc_menu");
 //---------------------------------------------------------------------------
 // action
 // Compute the redcontent div
 //---------------------------------------------------------------------------
-if ( isset($_REQUEST['sa']))
+// show the form for adding a pa
+if ($sa=="add_pa")
 {
-    $sa=$_REQUEST['sa'];
-
-    // show the form for adding a pa
-    if ( $sa == "add_pa")
+    $new=new Anc_Plan($cn);
+    if ($new->isAppend()==true)
     {
-        $new=new Anc_Plan($cn);
-        if ( $new->isAppend() == true)
-        {
-            $ret.= '<div style="position:absolute;top:25%" class="inner_box">';
-            $ret.=HtmlInput::title_box(_('Nouveau plan'),'','none');
-            $ret.= '<form method="post">';
-            $ret.=dossier::hidden();
-            $ret.= $new->form();
-            $ret.= HtmlInput::hidden("sa","pa_write");
-            $ret.=HtmlInput::submit("submit",_("Enregistre"));
-            $ret.= '</form>';
-            $ret.= '</div>';
-        }
-        else
-        {
-            $ret.= '<div class="content">'.
-                   '<h2 class="notice">'.
-                   _("Maximum de plan analytique est atteint").
-                   "</h2></div>";
-        }
-        $sa="anc_menu";
+        $ret.= '<div style="position:absolute;top:25%" class="inner_box">';
+        $ret.=HtmlInput::title_box(_('Nouveau plan'), '', 'none');
+        $ret.= '<form method="post">';
+        $ret.=dossier::hidden();
+        $ret.= $new->form();
+        $ret.= HtmlInput::hidden("sa", "pa_write");
+        $ret.=HtmlInput::submit("submit", _("Enregistre"));
+        $ret.= '</form>';
+        $ret.= '</div>';
     }
-    // Add
-    if ( $sa == "pa_write")
+    else
     {
-        $new=new Anc_Plan($cn);
+        $ret.= '<div class="content">'.
+                '<h2 class="notice">'.
+                _("Maximum de plan analytique est atteint").
+                "</h2></div>";
+    }
+    $sa="anc_menu";
+}
+// Add
+if ($sa=="pa_write")
+{
+    $new=new Anc_Plan($cn);
 
 
-        if ( $new->isAppend() == false)
-        {
-            $ret.= '<h2 class="notice">'.
-                   _("Maximum de plan analytique est atteint").
-                   "</h2>";
-        }
-        else
-        {
-            $new=new Anc_Plan($cn);
-            $new->name=$_POST['pa_name'];
-            $new->description=$_POST['pa_description'];
-            $new->add();
-        }
-        $sa="anc_menu";
+    if ($new->isAppend()==false)
+    {
+        $ret.= '<h2 class="notice">'.
+                _("Maximum de plan analytique est atteint").
+                "</h2>";
     }
-    
-    // Update the PA
-    if ( $sa == "pa_update" )
+    else
     {
-        $new=new Anc_Plan($cn,$_GET['pa_id']);
+        $new=new Anc_Plan($cn);
         $new->name=$_POST['pa_name'];
         $new->description=$_POST['pa_description'];
-        $new->update();
-        $ret='<div class="content">';
-        $ret.='<h2 class="info">'._('Mis à jour').'</h2>';
-        $ret.="</div>";
-        $sa="anc_menu";
-    }
-    // show the form for add a poste
-    if ( $sa=='po_add')
-    {
-        $po=new Anc_Account($cn);
-        $po->pa_id=$_REQUEST['pa_id'];
-        $wSa=HtmlInput::hidden("sa","po_write");
-        $ret.='<div class="content">';
-        $ret.=h2(_("Ajout d'un poste analytique"));
-        $ret.='<form method="post">';
-        $ret.=dossier::hidden();
-        $ret.=$po->form();
-        $ret.=$wSa;
-        $ret.=HtmlInput::submit("add",_("Ajout"));
-        $ret.="</form>";
-        $ret.="</div>";
-        
+        $new->add();
     }
-    // record the poste
-    if ( $sa=="po_write")
-    {
-        //             var_dump($_POST);
-        $po=new Anc_Account($cn);
-        $po->get_from_array($_POST);
-        $po->add();
-        $sa="pa_detail";
-        
-
-    }
-    /* delete pa */
-    if ( $sa == "pa_delete")
-    {
-        $delete=new Anc_Plan($cn,$_GET['pa_id']);
-        $delete->delete();
-        $sa="anc_menu";
-    }
-    /* po detail
-     *---> in ajax : montre detail d'un poste analytique
-     * 
-     */
-    if ( $sa=="po_detail")
-    {
-        $ret.=h2(_('Modification'));
-        $po=new Anc_Account($cn,$_GET['po_id']);
-        $po->get_by_id();
-        $ret.='<div class="content">';
-        $ret.='<form method="post">';
-        $ret.=dossier::hidden();
+    $sa="anc_menu";
+}
 
-        $ret.=$po->form();
-        $ret.=HtmlInput::hidden('sa','po_update');
-        $ret.=HtmlInput::submit('Correction','Correction');
-        $ret.=sprintf('<input type="button" class="smallbutton" value="Efface" 
onClick="return confirm_box(\'anchor_del\',\' Voulez-vous vraiment effacer 
cette activité\','
-                . 'function () { 
window.location=\'do.php?ac='.$_REQUEST['ac'].'&sa=po_delete&po_id=%s&pa_id=%s&'.$str_dossier.'\'})
 ;"',
-                      $po->id,
-                      $_REQUEST['pa_id']
-                     );
+// Update the PA
+if ($sa=="pa_update")
+{
+    $new=new Anc_Plan($cn, $_GET['pa_id']);
+    $new->name=$_POST['pa_name'];
+    $new->description=$_POST['pa_description'];
+    $new->update();
+    $ret='<div class="content">';
+    $ret.='<h2 class="info">'._('Mis à jour').'</h2>';
+    $ret.="</div>";
+    $sa="anc_menu";
+}
+// show the form for add a poste
+if ($sa=='po_add')
+{
+    $po=new Anc_Account($cn);
+    $po->pa_id=$_REQUEST['pa_id'];
+    $wSa=HtmlInput::hidden("sa", "po_write");
+    $ret.='<div class="content">';
+    $ret.=h2(_("Ajout d'un poste analytique"));
+    $ret.='<form method="post">';
+    $ret.=dossier::hidden();
+    $ret.=$po->form();
+    $ret.=$wSa;
+    $ret.=HtmlInput::submit("add", _("Ajout"));
+    $ret.="</form>";
+    $ret.="</div>";
+}
+// record the poste
+if ($sa=="po_write")
+{
+    //         var_dump($_POST);
+    $po=new Anc_Account($cn);
+    $po->get_from_array($_POST);
+    $po->add();
+    $sa="pa_detail";
+}
+/* delete pa */
+if ($sa=="pa_delete")
+{
+    $delete=new Anc_Plan($cn, $_GET['pa_id']);
+    $delete->delete();
+    $sa="anc_menu";
+}
+/* po detail
+ * ---> in ajax : montre detail d'un poste analytique
+ * 
+ */
+if ($sa=="po_detail")
+{
+    $ret.=h2(_('Modification'));
+    $po=new Anc_Account($cn, $_GET['po_id']);
+    $po->get_by_id();
+    $ret.='<div class="content">';
+    $ret.='<form method="post">';
+    $ret.=dossier::hidden();
 
-        $ret.='</form>';
-        $ret.='</div>';
-        $sa="";
-    }
-    /**
-     * mise à jour po 
-     */
-    if ( $sa=="po_update")
-    {
-        $po=new Anc_Account($cn);
-        $po->get_from_array($_POST);
-        $po->update();
-        $sa="pa_detail";
-    }
-    /**
-     * Efface po
-     */
-    if ( $sa=="po_delete")
-    {
-        $po=new Anc_Account($cn,$_REQUEST['po_id']);
-        $po->delete();
-        $sa="pa_detail";
-    }
-    // show the detail
-    if ( $sa == "pa_detail" )
-    {
-        $new=new Anc_Plan($cn,$_GET['pa_id']);
-        $wSa=HtmlInput::hidden("sa","pa_update");
+    $ret.=$po->form();
+    $ret.=HtmlInput::hidden('sa', 'po_update');
+    $ret.=HtmlInput::submit('Correction', 'Correction');
+    $ret.=sprintf('<input type="button" class="smallbutton" value="Efface" 
onClick="return confirm_box(\'anchor_del\',\' Voulez-vous vraiment effacer 
cette activité\','
+            .'function () { 
window.location=\'do.php?ac='.$_REQUEST['ac'].'&sa=po_delete&po_id=%s&pa_id=%s&'.$str_dossier.'\'})
 ;"',
+            $po->id, $_REQUEST['pa_id']
+    );
 
-        $new->get();
+    $ret.='</form>';
+    $ret.='</div>';
+    $sa="";
+}
+/**
+ * mise à jour po 
+ */
+if ($sa=="po_update")
+{
+    $po=new Anc_Account($cn);
+    $po->get_from_array($_POST);
+    $po->update();
+    $sa="pa_detail";
+}
+/**
+ * Efface po
+ */
+if ($sa=="po_delete")
+{
+    $po=new Anc_Account($cn, $_REQUEST['po_id']);
+    $po->delete();
+    $sa="pa_detail";
+}
+// show the detail
+if ($sa=="pa_detail")
+{
+    $new=new Anc_Plan($cn, $_GET['pa_id']);
+    $wSa=HtmlInput::hidden("sa", "pa_update");
 
-        $ret.= '<div class="content">';
-        $ret.= '<h2 class="info">'._("Mise à jour").'</h2>';
-        $ret.= '<form method="post">';
-        $ret.=dossier::hidden();
+    $new->get();
 
-        $ret.= $new->form();
-        $ret.= $wSa;
-        $ret.=HtmlInput::submit("submit",_("Enregistre"));
-        $ret.=HtmlInput::button_anchor(_('Efface'),
-                '',
-                'remove_analytic_plan',
-                'onclick="return 
confirm_box(\'remove_analytic_plan\',\'Effacer ?\',function () 
{window.location=\'do.php?ac='.$_REQUEST['ac'].'&pa_id='.$_GET['pa_id'].'&sa=pa_delete&'.$str_dossier.'\';})"',
-                'smallbutton');
-        $ret.= '</form>';
-        /**
-         * Detail now
-         */
-            $count=0;
+    $ret.= '<div class="content">';
+    $ret.= '<h2 class="info">'._("Mise à jour").'</h2>';
+    $ret.= '<form method="post">';
+    $ret.=dossier::hidden();
 
-        $new=new Anc_Plan($cn,$_REQUEST['pa_id']);
-        $new->get();
-        $array=$new->get_poste_analytique(" order by po_name");
-        $ret.='<div class="content">';
-        $ret.='<table class="table_large">';
-        $ret.="<tr>";
-        $ret.="<th>"._("Nom")." </td>";
-        $ret.="<th>"._("Montant")." </td>";
-        $ret.="<th>"._("Description")." </td>";
-        $ret.="<th>"._("Groupe")."</th>";
-        $ret.="<th>"._("Plan A")." </td>";
-        $ret.="</tr>";
-        $class="";
-        foreach ($array as $obj)
-        {
-            $count++;
-            if ( $count %2 == 0 )
-                $class="even";
-            else
-                $class="odd";
+    $ret.= $new->form();
+    $ret.= $wSa;
+    $ret.=HtmlInput::submit("submit", _("Enregistre"));
+    $ret.=HtmlInput::button_anchor(_('Efface'), '', 'remove_analytic_plan',
+                    'onclick="return 
confirm_box(\'remove_analytic_plan\',\'Effacer ?\',function () 
{window.location=\'do.php?ac='.$_REQUEST['ac'].'&pa_id='.$_GET['pa_id'].'&sa=pa_delete&'.$str_dossier.'\';})"',
+                    'smallbutton');
+    $ret.= '</form>';
+    /**
+     * Detail now
+     */
+    $count=0;
 
-            $ret.="<TR class=\"$class\">";
-            $ret.="<TD class=\"vert_mtitle\">".
-                  '<a style="text-decoration:underline;" 
href="?ac='.$_REQUEST['ac'].'&sa=po_detail&po_id='.$obj->id.'&pa_id='.$_REQUEST['pa_id'].'&'.
-                  $str_dossier.'">'.
-                  h($obj->name).
-                  '</a>';
-            "</td>"
-            ;
-            $ret.="<TD align=\"right\">".$obj->amount."</td>";
-            $ret.="<TD>".h($obj->description)."</td>";
-            $ret.="<td>".$obj->ga_id."</td>";
-            $ret.="<TD>".h($new->name)."</td>";
-            $ret.="</tr>";
+    $new=new Anc_Plan($cn, $_REQUEST['pa_id']);
+    $new->get();
+    $array=$new->get_poste_analytique(" order by po_name");
+    $ret.='<div class="content">';
+    $ret.='<table class="table_large">';
+    $ret.="<tr>";
+    $ret.="<th>"._("Nom")." </td>";
+    $ret.="<th>"._("Montant")." </td>";
+    $ret.="<th>"._("Description")." </td>";
+    $ret.="<th>"._("Groupe")."</th>";
+    $ret.="<th>"._("Plan A")." </td>";
+    $ret.="</tr>";
+    $class="";
+    foreach ($array as $obj)
+    {
+        $count++;
+        if ($count%2==0)
+            $class="even";
+        else
+            $class="odd";
 
-        }
-        $ret.="</table>";
-        // ---> montre form pour ajouter po
-        
$ret.=HtmlInput::button_anchor(_('Ajout'),"?ac=".$_REQUEST['ac']."&sa=po_add&pa_id=".$_GET['pa_id']."&".$str_dossier,'','','smallbutton');
-        
$href=http_build_query(array('ac'=>$_REQUEST['ac'],'gDossier'=>$_REQUEST['gDossier']));
-        $ret.= '<a style="display:inline" class="smallbutton" 
href="do.php?'.$href.'">'._('Retour').'</a>';
-        $ret.= '</div>';
-        
+        $ret.="<TR class=\"$class\">";
+        $ret.="<TD class=\"vert_mtitle\">".
+                '<a style="text-decoration:underline;" 
href="?ac='.$_REQUEST['ac'].'&sa=po_detail&po_id='.$obj->id.'&pa_id='.$_REQUEST['pa_id'].'&'.
+                $str_dossier.'">'.
+                h($obj->name).
+                '</a>';
+        "</td>"
+        ;
+        $ret.="<TD align=\"right\">".$obj->amount."</td>";
+        $ret.="<TD>".h($obj->description)."</td>";
+        $ret.="<td>".$obj->ga_id."</td>";
+        $ret.="<TD>".h($new->name)."</td>";
+        $ret.="</tr>";
     }
-}
-else {
-    $sa="anc_menu";
+    $ret.="</table>";
+    // ---> montre form pour ajouter po
+    $ret.=HtmlInput::button_anchor(_('Ajout'),
+                    
"?ac=".$_REQUEST['ac']."&sa=po_add&pa_id=".$_GET['pa_id']."&".$str_dossier,
+                    '', '', 'smallbutton');
+    $href=http_build_query(array('ac'=>$_REQUEST['ac'], 
'gDossier'=>$_REQUEST['gDossier']));
+    $ret.= '<a style="display:inline" class="smallbutton" 
href="do.php?'.$href.'">'._('Retour').'</a>';
+    $ret.= '</div>';
 }
 
 //---------------------------------------------------------------------------
diff --git a/include/backup.inc.php b/include/backup.inc.php
index 176e3ba..53611de 100644
--- a/include/backup.inc.php
+++ b/include/backup.inc.php
@@ -20,14 +20,17 @@
  * \brief Make and restore backup
  */
 if ( !defined("ALLOWED")) { die (_("Non autorisé")); }
+ require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
 
+ $http=new HttpInput();
+ 
 // Copyright Author Dany De Bontridder address@hidden
-$dossier_number=HtmlInput::default_value_request("d", 0);
-if ($dossier_number == 0  
-   || isNumber($dossier_number) ==0 ) {
-    die ('Invalid folder number');
-}
-
+ try {
+    $dossier_number=$http->request("d", "number");
+ } catch (Exception $e){
+    echo span(_("Dossier invalide")," class=\"error\" ");
+     exit();
+ }
 if ( isset ($_REQUEST['sa']) )
 {
     if ( defined ('PG_PATH') )
@@ -40,7 +43,7 @@ if ( isset ($_REQUEST['sa']) )
         exit();
     }
 
-    $sa=$_REQUEST['sa'];
+    $sa=$http->request("sa");
     // backup
     if ( $sa=='b')
     {
diff --git a/include/balance.inc.php b/include/balance.inc.php
index 39d86e7..63ac578 100644
--- a/include/balance.inc.php
+++ b/include/balance.inc.php
@@ -33,7 +33,7 @@ require_once NOALYSS_INCLUDE.'/lib/class_ihidden.php';
 require_once NOALYSS_INCLUDE.'/class/class_acc_ledger.php';
 require_once NOALYSS_INCLUDE.'/class/class_periode.php';
 require_once NOALYSS_INCLUDE.'/class/class_exercice.php';
-global $g_user;
+global $g_user, $http;
 $gDossier=dossier::id();
 $exercice=(isset($_GET['exercice']))?$_GET['exercice']:$g_user->get_exercice();
 bcscale(2);
@@ -64,7 +64,7 @@ echo dossier::hidden();
 
 
 // filter on the current year
-$from=HtmlInput::default_value_get("from_periode", "");
+$from=$http->get("from_periode", "number",0);
 $input_from=new IPeriod("from_periode",$from,$exercice);
 $input_from->show_end_date=false;
 $input_from->type=ALL;
@@ -74,9 +74,10 @@ $input_from->user=$g_user;
 
 echo _('Depuis').' :'.$input_from->input();
 // filter on the current year
-$to=HtmlInput::default_value_get("to_periode", "");
+$to=$http->get("to_periode", "number",0);
 
-if( $to == "") {
+
+if( $to == 0) {
      $t_periode=new Periode($cn);
      list($per_max,$per_min)=$t_periode->get_limit($exercice);
      $to=$per_min->p_id;
@@ -126,11 +127,11 @@ $ck_lev3->value=1;
 
 echo '<ul style="list-style-type:none">';
 
-if (HtmlInput::default_value('lvl1',false,$_GET) !== false)
+if ($http->get('lvl1',"string",false) !== false)
   $ck_lev1->selected=true;
-if (HtmlInput::default_value('lvl2',false,$_GET) !== false)
+if ($http->get('lvl2',"string",false) !== false)
   $ck_lev2->selected=true;
-if (HtmlInput::default_value('lvl3',false,$_GET) !== false)
+if ($http->get('lvl3',"string",false) !== false)
   $ck_lev3->selected=true;
 echo '<li>'.$ck_lev1->input()._('Niveau 1').'</li>';
 echo '<li>'.$ck_lev2->input()._('Niveau 2').'</li>';
@@ -138,12 +139,12 @@ echo '<li>'.$ck_lev3->input()._('Niveau 3').'</li>';
 echo '</ul>';
 
 $unsold=new ICheckBox('unsold');
-if (HtmlInput::default_value('unsold',false,$_GET) !== false)
+if ($http->get('unsold',"string",false) !== false)
   $unsold->selected=true;
 
 // previous exercice if checked
 $previous_exc=new ICheckBox('previous_exc');
-if (HtmlInput::default_value('previous_exc',false,$_GET) !== false)
+if ($http->get('previous_exc',"string",false) !== false)
   $previous_exc->selected=true;
 
 
@@ -153,7 +154,7 @@ $from_poste->set_attribute('ipopup','ipop_account');
 $from_poste->set_attribute('label','from_poste_label');
 $from_poste->set_attribute('account','from_poste');
 
-$from_poste->value=HtmlInput::default_value_get('from_poste',''); 
+$from_poste->value=$http->get('from_poste',"string",''); 
 $from_span=new ISpan("from_poste_label","");
 
 $to_poste=new IPoste();
@@ -162,7 +163,7 @@ $to_poste->set_attribute('ipopup','ipop_account');
 $to_poste->set_attribute('label','to_poste_label');
 $to_poste->set_attribute('account','to_poste');
 
-$to_poste->value=HtmlInput::default_value_get('to_poste',''); 
+$to_poste->value=$http->get('to_poste',"string",''); 
 $to_span=new ISpan("to_poste_label","");
 
 echo "<div>";
@@ -185,7 +186,7 @@ echo '</div>';
     <?php 
         $summary=new ICheckBox("summary");
         $summary->value=1;
-        $is_summary=HtmlInput::default_value_get("summary", 0);
+        $is_summary=$http->get("summary","string", 0);
         $summary->set_check($is_summary);
         echo $summary->input();
     ?>
diff --git a/include/balance_age.inc.php b/include/balance_age.inc.php
index 3f96f8b..9cc592a 100644
--- a/include/balance_age.inc.php
+++ b/include/balance_age.inc.php
@@ -19,27 +19,31 @@
 // Copyright (2014) Author Dany De Bontridder <address@hidden>
 
 if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
-
+global $http;
 /**
  * @file
  * @brief 
  * @param type $name Descriptionara
  */
-$date_start=HtmlInput::default_value_get('p_date_start', 
'01.01.'.$g_user->get_exercice());
+
+$type=$http->get('p_type','string','C');
+$let=$http->get('p_let','string','unlet');
+
+$date_start=$http->get('p_date_start','string', 
'01.01.'.$g_user->get_exercice());
 $w_date_start=new IDate('p_date_start',$date_start);
 $w_select=new ISelect('p_type');
 $w_select->value=array( 
     array('value'=>'C','label'=>_('Client')),
     array('value'=>'F','label'=>_('Fournisseur'))
 );
-$w_select->selected=HtmlInput::default_value_get('p_type','C');
+$w_select->selected=$type;
 
 $w_lettre=new ISelect('p_let');
 $w_lettre->value=array( 
     array('value'=>'let','label'=>_('lettrées et non lettrées')),
     array('value'=>'unlet','label'=>_('non lettrées'))
 );
-$w_lettre->selected=HtmlInput::default_value_get('p_let','unlet');
+$w_lettre->selected=$let;
 
 ?>
 <form method="GET">
@@ -67,13 +71,11 @@ 
$w_lettre->selected=HtmlInput::default_value_get('p_let','unlet');
 <?php
     require_once NOALYSS_INCLUDE.'/class/class_balance_age.php';
     $balance=new Balance_Age($cn);
-    $type=HtmlInput::default_value_get('p_type', 'C');
-    $let=HtmlInput::default_value_get('p_let', 'unlet');
-    $date=HtmlInput::default_value_get('p_date_start', date('d.m.Y'));
+    
     if ( $type == "C") :
-        $balance->display_sale($date,$let);
+        $balance->display_sale($date_start,$let);
     else:
-        $balance->display_purchase($date,$let);
+        $balance->display_purchase($date_start,$let);
     endif;
 
 ?>
\ No newline at end of file
diff --git a/include/bank.inc.php b/include/bank.inc.php
index a0a265f..438edcf 100644
--- a/include/bank.inc.php
+++ b/include/bank.inc.php
@@ -25,9 +25,9 @@ require_once NOALYSS_INCLUDE.'/lib/class_iselect.php';
 require_once NOALYSS_INCLUDE.'/lib/class_ihidden.php';
 require_once NOALYSS_INCLUDE.'/class/class_bank.php';
 require_once NOALYSS_INCLUDE.'/lib/class_ibutton.php';
-global $g_user;
+global $g_user  , $http;
 
-$low_action=(isset($_REQUEST['sb']))?$_REQUEST['sb']:'list';
+$low_action=$http->request('sb',"string",'list');
 /*! \file
  * \brief Called from the module 'Gestion' to manage the supplier
  */
@@ -73,7 +73,7 @@ if ( $low_action == "list" )
     $a=(isset($_GET['query']))?$_GET['query']:"";
     echo _("Cherche ").HtmlInput::filter_table_form("tiers_tb", '0,1,2', 
1,"query",$a);
 
-     $choice_cat=HtmlInput::default_value_request("choice_cat", 1);
+     $choice_cat=$http->request("choice_cat", "string",1);
 
     if ( $choice_cat == 1 )
     {
@@ -87,7 +87,7 @@ if ( $low_action == "list" )
     }
     else
     {
-        $cat=HtmlInput::default_value_request('cat', '');
+        $cat=$http->request('cat',"string", '');
         echo HtmlInput::hidden("cat", $cat);
         echo HtmlInput::hidden('choice_cat', 0);
     }
diff --git a/include/card_attr.inc.php b/include/card_attr.inc.php
index 7a09347..87013d9 100644
--- a/include/card_attr.inc.php
+++ b/include/card_attr.inc.php
@@ -24,7 +24,7 @@
  */
 if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
 require_once NOALYSS_INCLUDE.'/class/class_fiche_attr.php';
-
+global $http;
 
 
 $fa=new Fiche_Attr($cn);
@@ -34,13 +34,13 @@ $fa=new Fiche_Attr($cn);
 /////////////////////////////////////////////////////////////////////////////
 if ( isset($_POST['save']))
 {
-    $ad_id=$_POST['ad_id'];
-    $ad_text=$_POST['desc'];
-    $ad_type=$_POST['type'];
-    $ad_size=$_POST['size'];
-    $ad_extra=$_POST['extra'];
     try
     {
+        $ad_id=$http->post('ad_id');
+        $ad_text=$http->post('desc');
+        $ad_type=$http->post('type');
+        $ad_size=$http->post('size');
+        $ad_extra=$http->post('extra');
         $cn->start();
         for ($e=0;$e<count($ad_id);$e++)
         {
diff --git a/include/cat_document.inc.php b/include/cat_document.inc.php
index 8ab6466..5e8e6dc 100644
--- a/include/cat_document.inc.php
+++ b/include/cat_document.inc.php
@@ -1,4 +1,5 @@
 <?php
+
 /*
  *   This file is part of NOALYSS.
  *
@@ -15,44 +16,73 @@
  *   You should have received a copy of the GNU General Public License
  *   along with NOALYSS; if not, write to the Free Software
  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
-*/
+ */
 
 // Copyright Author Dany De Bontridder address@hidden
 
-/*!\file
+/* !\file
  * \brief this file is included to perform modification on category of document
  * table document_type
  */
 
 // show list of document
-if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
+if (!defined('ALLOWED'))
+    die('Appel direct ne sont pas permis');
 require_once NOALYSS_INCLUDE.'/class/class_document_type.php';
 
-if ( isset($_POST['add']) )
+global $http;
+
+if (isset($_POST['add']))
 {
     $catDoc=new Document_Type($cn);
-    $catDoc->insert($_POST['cat'],$_POST['prefix']);
+    try
+    {
+        $cat=$http->post('cat');
+        $prefix=$http->post('prefix');
+        $catDoc->insert($cat, $prefix);
+    }
+    catch (Exception $exc)
+    {
+        echo $exc->getMessage();
+        error_log($exc->getTraceAsString());
+    }
 }
-if ( isset($_POST['save'])) {
-       $catDoc=new Document_Type($cn,$_POST['dt_id']);
-       $catDoc->get();
-       $catDoc->dt_value=trim($_POST['dt_name']);
-       $catDoc->dt_prefix=trim($_POST['dt_prefix']);
-       if ( $catDoc->dt_value=="") {
-               alert(_("Le nom ne peut pas être vide"));
-       } else {
-               $catDoc->update();
-       }
-       if ($_POST['seq'] != 0 && isNumber($_POST['seq'])==1){
-               $catDoc->set_number($_POST['seq']);
-       }
+if (isset($_POST['save']))
+{
+    try
+    {
+        $dt_id=$http->post("dt_id", "number");
+        $name=
+        $prefix=
+        $catDoc=new Document_Type($cn, $dt_id);
+        $catDoc->get();
+        $catDoc->dt_value=trim($http->post("dt_name"));;
+        $catDoc->dt_prefix=trim($http->post("dt_prefix"));
+        if ($catDoc->dt_value=="")
+        {
+            alert(_("Le nom ne peut pas être vide"));
+        }
+        else
+        {
+            $catDoc->update();
+        }
+        if ($_POST['seq']!=0&&isNumber($_POST['seq'])==1)
+        {
+            $catDoc->set_number($_POST['seq']);
+        }
+    }
+    catch (Exception $exc)
+    {
+        alert ($exc->getMessage());
+        error_log($exc->getTraceAsString());
+    }
 }
 $aList=Document_Type::get_list($cn);
 $addCat=new IText('cat');
 $addPrefix=new IText('prefix');
 $str_addCat=$addCat->input();
 $str_addPrefix=$addPrefix->input();
-$str_submit=HtmlInput::submit('add',_('Ajout'));
+$str_submit=HtmlInput::submit('add', _('Ajout'));
 echo '<div class="content">';
 require_once NOALYSS_TEMPLATE.'/list_category_document.php';
 
diff --git a/include/category_card.inc.php b/include/category_card.inc.php
index cc0e126..e8075ca 100644
--- a/include/category_card.inc.php
+++ b/include/category_card.inc.php
@@ -1,4 +1,5 @@
 <?php
+
 /*
  *   This file is part of NOALYSS.
  *
@@ -15,66 +16,70 @@
  *   You should have received a copy of the GNU General Public License
  *   along with NOALYSS; if not, write to the Free Software
  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
-*/
+ */
 
 // Copyright Author Dany De Bontridder address@hidden
 
-/*!\file
+/* !\file
  * \brief this file will handle all the actions for a specific customer (
  * contact,operation,invoice and financial)
  * include from client.inc.php and concerned only the customer card and
  * the customer category
  */
-if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
+if (!defined('ALLOWED'))
+    die('Appel direct ne sont pas permis');
 require_once NOALYSS_INCLUDE.'/class/class_contact.php';
 
+global $http;
+
 $str_dossier=Dossier::get();
-/* $sub_action = sb = detail */
-/* $cn database conx */
 
$root='?ac='.$_REQUEST['ac']."&sb=detail&f_id=".$_REQUEST["f_id"].'&'.$str_dossier;
-$ss_action=( isset ($_REQUEST['sc'] ))? $_REQUEST['sc']: '';
+
+$ss_action=$http->request("sc", "string", "dc");
+
 switch ($ss_action)
 {
-case 'dc':
-    $def=1;
-    break;
-case 'sv':                     /* all the actions (mail,meeting...) */
-    $def=2;
-    break;
-case 'cn':
-    $def=3;
-    break;
-case 'op':
-    $def=4;
-    break;
-case 'let':
-    $def=7;
-    break;
-case 'bal':
-  $def=5;
-  break;
-case 'balag':
-    $def=6;
-    break;
-default:
-    $def=1;
-    $ss_action='dc';
+    case 'dc':
+        $def=1;
+        break;
+    case 'sv': /* all the actions (mail,meeting...) */
+        $def=2;
+        break;
+    case 'cn':
+        $def=3;
+        break;
+    case 'op':
+        $def=4;
+        break;
+    case 'let':
+        $def=7;
+        break;
+    case 'bal':
+        $def=5;
+        break;
+    case 'balag':
+        $def=6;
+        break;
+    default:
+        $def=1;
+        $ss_action='dc';
 }
-$f=new Fiche($cn,$_REQUEST['f_id']);
+$f=new Fiche($cn, $_REQUEST['f_id']);
 
 echo '<div class="content">';
 echo $f->get_gestion_title();
-$menu = array(
-                  
array('href'=>$root."&sc=dc",'label'=>_('Fiche'),'alt'=>_('Détail de la 
fiche')),
-                  
array('href'=>$root.'&sc=sv','label'=>_('Suivi'),'alt'=>_('Suivi Fournisseur, 
client, banque, devis, bon de commande, courrier')),
-                  
array('href'=>$root.'&sc=cn','label'=>_('Contact'),'alt'=>_('Liste de 
contacts')),
-                  
array('href'=>$root.'&sc=op','label'=>_('Opérations'),'alt'=>_('Toutes les 
opérations')),
-                  
array('href'=>$root.'&sc=bal','label'=>_('Balance'),'alt'=>_('Balance du 
tiers')),
-                  array('href'=>$root.'&sc=balag','label'=>_('Balance 
âgée'),'alt'=>_('Balance âgée du tiers')),
-                  
array('href'=>$root.'&sc=let','label'=>_('Lettrage'),'alt'=>_('Opérations & 
Lettrages'))
-                  );
+$menu=array(
+    array('href'=>$root."&sc=dc", 'label'=>_('Fiche'), 'alt'=>_('Détail de la 
fiche')),
+    array('href'=>$root.'&sc=sv', 'label'=>_('Suivi'), 'alt'=>_('Suivi 
Fournisseur, client, banque, devis, bon de commande, courrier')),
+    array('href'=>$root.'&sc=cn', 'label'=>_('Contact'), 'alt'=>_('Liste de 
contacts')),
+    array('href'=>$root.'&sc=op', 'label'=>_('Opérations'), 'alt'=>_('Toutes 
les opérations')),
+    array('href'=>$root.'&sc=bal', 'label'=>_('Balance'), 'alt'=>_('Balance du 
tiers')),
+    array('href'=>$root.'&sc=balag', 'label'=>_('Balance âgée'), 
'alt'=>_('Balance âgée du tiers')),
+    array('href'=>$root.'&sc=let', 'label'=>_('Lettrage'), 
'alt'=>_('Opérations & Lettrages'))
+);
 echo '<ul class="tabs">';
-for ($i=0;$i<count($menu);$i++) {
+for ($i=0; $i<count($menu); $i++)
+{
     $style=($def==($i+1))?"tabs_selected":"tabs";
     echo '<li class="'.$style.'">';
     echo '<a href="'.$menu[$i]['href'].'" title="'.$menu[$i]['alt'].'">';
@@ -90,80 +95,80 @@ echo '<div class="myfieldset">';
 //---------------------------------------------------------------------------
 // Show Detail of a card and category
 //---------------------------------------------------------------------------
-if ( $ss_action == 'dc' )
+if ($ss_action=='dc')
 {
     require_once NOALYSS_INCLUDE.'/category_detail.inc.php';
 }
 //---------------------------------------------------------------------------
 // Follow up : mail, bons de commande, livraison, rendez-vous...
 //---------------------------------------------------------------------------
-if ( $ss_action == 'sv' )
+if ($ss_action=='sv')
 {
     require_once NOALYSS_INCLUDE.'/category_followup.inc.php';
 }
-/*----------------------------------------------------------------------
+/* ----------------------------------------------------------------------
  * Operation all the operation of this customer
  *
- * ----------------------------------------------------------------------*/
-if ( $ss_action == 'op')
+ * ---------------------------------------------------------------------- */
+if ($ss_action=='op')
 {
     require_once NOALYSS_INCLUDE.'/category_operation.inc.php';
 }
-/*-------------------------------------------------------------------------
+/* -------------------------------------------------------------------------
  * Balance of the card
- *-------------------------------------------------------------------------*/
-if ( $ss_action=='bal')
-  {
+ * ------------------------------------------------------------------------- */
+if ($ss_action=='bal')
+{
     require_once NOALYSS_INCLUDE.'/balance_card.inc.php';
-  }
-/*-------------------------------------------------------------------------
+}
+/* -------------------------------------------------------------------------
  * Ageing Balance of the card
- *-------------------------------------------------------------------------*/
-if ( $ss_action=='balag')
-  {
+ * ------------------------------------------------------------------------- */
+if ($ss_action=='balag')
+{
     require_once NOALYSS_INCLUDE.'/balance_card_ageing.inc.php';
-  }
-/*----------------------------------------------------------------------
+}
+/* ----------------------------------------------------------------------
  * All the contact
  *
- *----------------------------------------------------------------------*/
-if ( $ss_action == 'cn')
+ * ---------------------------------------------------------------------- */
+if ($ss_action=='cn')
 {
     echo '<div class="content">';
 
-       echo dossier::hidden();
-       $f = new Fiche($cn, $_REQUEST['f_id']);
-       $contact=new Contact($cn);
+    echo dossier::hidden();
+    $f=new Fiche($cn, $_REQUEST['f_id']);
+    $contact=new Contact($cn);
     $contact->company=$f->get_quick_code();
     echo $contact->summary("");
 
     $sql=' select fd_id from fiche_def where frd_id='.FICHE_TYPE_CONTACT;
     $filter=$cn->make_list($sql);
-    if ( empty ($filter))
+    if (empty($filter))
     {
         echo '<span class="notice">';
-        
$url="do.php?".http_build_query(array('gDossier'=>Dossier::id(),'ac'=>'CFGCARD'));
+        $url="do.php?".http_build_query(array('gDossier'=>Dossier::id(), 
'ac'=>'CFGCARD'));
         echo '<a class="line" href="'.$url.'" targer="_blank">';
         echo _("Vous devez aller dans fiche et créer une catégorie pour les 
contacts");
         echo '</a>';
         echo '</span>';
-       return;
+        return;
     }
     /* Add button */
     $f_add_button=new IButton('add_card');
     $f_add_button->label=_('Créer une nouvelle fiche');
 
-    $f_add_button->set_attribute('filter',$filter);
+    $f_add_button->set_attribute('filter', $filter);
     $f_add_button->javascript=" select_card_type(this);";
 
     echo $f_add_button->input();
     echo '</div>';
 }
-/*----------------------------------------------------------------------------
+/* ----------------------------------------------------------------------------
  * Lettering
- 
*----------------------------------------------------------------------------*/
-if ( $def==7 )
+ * 
---------------------------------------------------------------------------- */
+if ($def==7)
 {
     require_once NOALYSS_INCLUDE.'/lettering.gestion.inc.php';
 }
-echo '</div>';
\ No newline at end of file
+echo '</div>';
diff --git a/include/category_detail.inc.php b/include/category_detail.inc.php
index bd08122..d4321be 100644
--- a/include/category_detail.inc.php
+++ b/include/category_detail.inc.php
@@ -33,19 +33,17 @@
 //---------------------------------------------------------------------------
 if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
 require_once NOALYSS_INCLUDE.'/class/class_customer.php';
+global $http;
+
+ $f_id=$http->request('f_id','number');
 if ( isset ($_POST['mod']))
 {
-
     // modification is asked
-    $f_id=$_REQUEST['f_id'];
-
     $supplier=new Customer($cn,$f_id);
     $supplier->Save();
-
 }
 
 echo '<div class="u_content">';
-$f_id=$_REQUEST['f_id'];
 echo '<div class="content" style="width:50%">';
 if ( isset($_POST['mod'])) echo hb(_('Information sauvée'));
 
@@ -68,7 +66,9 @@ if ( ! $p_readonly)
 {
        echo HtmlInput::submit('mod',_('Sauver les modifications'),' 
onclick="$(\'action_fiche\').value=\'mod\';"');
        echo HtmlInput::reset(_("Annuler"));
-       echo HtmlInput::submit('delete_card',_('Effacer cette 
fiche'),'onclick="$(\'action_fiche\').value=\'delete_card\';return 
confirm_box(\'catergory_detail_frm\',\''.('Confirmer effacement ?').'\');"');
+       echo HtmlInput::submit('delete_card',
+                _('Effacer cette fiche'),
+                'onclick="$(\'action_fiche\').value=\'delete_card\';return 
confirm_box(\'catergory_detail_frm\',\''.('Confirmer effacement ?').'\');"');
        echo '</form>';
 }
 echo '</div>';
diff --git a/include/category_followup.inc.php 
b/include/category_followup.inc.php
index 1e011c8..aec345c 100644
--- a/include/category_followup.inc.php
+++ b/include/category_followup.inc.php
@@ -28,20 +28,22 @@
  */
 if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
 require_once NOALYSS_INCLUDE.'/class/class_follow_up.php';
-
+global $http;
 /**
  *\note problem with ShowActionList, this function is local
  * to the file action.inc.php. And this function must different for each
- *  suivi
+ *  follow-up
  */
-$sub_action=(isset($_REQUEST['sa']))?$_REQUEST['sa']:"list";
-$ag_id=(isset($_REQUEST['ag_id']))?$_REQUEST['ag_id']:0;
+$sub_action=$http->request('sa',"string","list");
+
+$ag_id=$http->request("ag_id","string","0");
 if (! isset($_GET['submit_query'])) 
{$_REQUEST['closed_action']=1;$_GET['closed_action']=1;}
 
-$p_action=$_REQUEST['ac'];
+$p_action=$http->request('ac');
 
$base="ac=$p_action&sc=sv&sb=detail&f_id=".$_REQUEST['f_id']."&".HtmlInput::request_to_string(array("closed_action","remind_date_end","remind_date","sag_ref","only_internal","state","gDossier","qcode","ag_dest","query","tdoc","date_start","date_end","hsstate","searchtag","sb","sc"),"");
 $retour=HtmlInput::button_anchor('Retour','?'.dossier::get().'&'.$base);
-$fiche=new Fiche($cn,$_REQUEST['f_id']);
+
+$fiche=new Fiche($cn,$http->request("f_id","number"));
 
 $_GET['qcode']=$fiche->get_quick_code();
 $_REQUEST['qcode'] = $fiche->get_quick_code();
diff --git a/include/category_operation.inc.php 
b/include/category_operation.inc.php
index 34b8fac..b101113 100644
--- a/include/category_operation.inc.php
+++ b/include/category_operation.inc.php
@@ -30,7 +30,9 @@
  */
 if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
 require_once NOALYSS_INCLUDE.'/class/class_acc_ledger.php';
-$f=new Fiche($cn,$_REQUEST['f_id']);
+global $http;
+
+$f=new Fiche($cn,$http->request('f_id',"number"));
 $qcode=$f->get_quick_code();
 $_GET['qcode']=$qcode;
 $_REQUEST['qcode']=$qcode;
diff --git a/include/cfgfiche.inc.php b/include/cfgfiche.inc.php
index 5d30d62..4d5c683 100644
--- a/include/cfgfiche.inc.php
+++ b/include/cfgfiche.inc.php
@@ -31,38 +31,52 @@ require_once NOALYSS_INCLUDE.'/class/class_dossier.php';
 require_once NOALYSS_INCLUDE.'/lib/class_sort_table.php';
 require_once NOALYSS_INCLUDE.'/class/class_fiche_def.php';
 require_once NOALYSS_INCLUDE.'/lib/class_single_record.php';
+global $http;
 
 $retour=HtmlInput::button_anchor("Retour à la liste", 
HtmlInput::get_to_string(array("gDossier","ac")));
-$action=HtmlInput::default_value_post('action', '');
+$action=$http->post('action',"string", '');
 
/*******************************************************************************************/
 // Add an attribut
 
/*******************************************************************************************/
 if ( $action == 'add_line')
 {
-        $fiche_def=new Fiche_Def($cn,$_REQUEST['fd_id']);
-     $fiche_def->InsertAttribut($_REQUEST['ad_id']);
-     echo $fiche_def->input_detail();
-        echo $retour;
-        return;
+    $fd_id=$http->request("fd_id","number");
+    $ad_id=$http->request("ad_id","number");
+    $fiche_def=new Fiche_Def($cn,$fd_id);
+    $fiche_def->InsertAttribut($ad_id);
+    echo $fiche_def->input_detail();
+    echo $retour;
+    return;
 }
 
/*******************************************************************************************/
 // Remove an attribut
 
/*******************************************************************************************/
 if ( $action == 'remove_line' )
 {
-       $fiche_def=new Fiche_Def($cn,$_REQUEST['fd_id']);
-       $fiche_def=new Fiche_Def($cn,$_REQUEST['fd_id']);
-       $fiche_def->RemoveAttribut($_REQUEST['chk_remove']);
-    echo $fiche_def->input_detail();
-       echo $retour;
-       return;
+    $fd_id=$http->request("fd_id","number");
+    $fiche_def=new Fiche_Def($cn,$fd_id);
+    try
+    {
+        $ck_remove=$http->request('chk_remove');
+         $fiche_def->RemoveAttribut($ck_remove);
+    }
+    catch (Exception $exc)
+    {
+        throw new Exception(_("Vous devez choisir au moins une ligne"));
+    }    finally
+    {
+      echo $fiche_def->input_detail();
+      echo $retour;
+      return;
+    }
+
 }
 
/*******************************************************************************************/
 // Try to remove a category
 
/*******************************************************************************************/
 if ( $action == 'remove_cat' ) 
 {
-    $post_id=HtmlInput::default_value_post('fd_id', 0);
+    $post_id=$http->request("fd_id","number");
     if ($post_id == 0 || $post_id >= 500000)
     {
         alert(_('Impossible d\'enlever cette catégorie'));
@@ -106,11 +120,12 @@ if ( isset ($_POST['change_name']))
 
/*******************************************************************************************/
 if ( $action == 'save_line' )
 {
-    $fiche_def=new Fiche_Def($cn,$_REQUEST['fd_id']);
+    $fd_id=$http->request("fd_id","number");
+    $fiche_def=new Fiche_Def($cn,$fd_id);
     $fiche_def->save_order($_POST);
-       echo $fiche_def->input_detail();
-       echo $retour;
-       return;
+    echo $fiche_def->input_detail();
+    echo $retour;
+    return;
 }
 
/*******************************************************************************************/
 // Save a new category of card
diff --git a/include/cfgledger.inc.php b/include/cfgledger.inc.php
index fe57429..1103f71 100644
--- a/include/cfgledger.inc.php
+++ b/include/cfgledger.inc.php
@@ -36,18 +36,21 @@ require_once NOALYSS_INCLUDE.'/class/class_acc_ledger.php';
 
 $gDossier=dossier::id();
 global $cn;
+global $http;
 $show_menu=1;
 $ledger=new Acc_Ledger($cn,-1);
-$sa=HtmlInput::default_value("sa","",$_REQUEST);
+
+$sa=$http->request("sa","string","");
+
 //////////////////////////////////////////////////////////////////////////
 // Perform request action : update
 //////////////////////////////////////////////////////////////////////////
-$action_frm = HtmlInput::default_value_post('action_frm', '');
+$action_frm = $http->post("action_frm","string","");
 if (  $action_frm == 'update')
 {
        try
        {
-               $ledger->id=$_POST['p_jrn'];
+               $ledger->id=$http->post('p_jrn',"number");
                if ( $ledger->load() == -1) throw new Exception (_('Journal 
inexistant'));
                $ledger->verify_ledger($_POST);
                $ledger->update($_POST);
@@ -64,8 +67,7 @@ if (  $action_frm == 'update')
 //////////////////////////////////////////////////////////////////////////
 if ($action_frm == 'delete' )
 {
-       $ledger->jrn_def_id=$_POST['p_jrn'];
-       $ledger->id=$_POST['p_jrn'];
+       $ledger->id=$http->post('p_jrn',"number");;
        $ledger->load();
        $name=$ledger->get_name();
        try {
@@ -94,7 +96,8 @@ if (isset($_POST['add']))
                $ledger->verify_ledger($_POST);
                $ledger->save_new($_POST);
                $sa="detail";
-               $_REQUEST['p_jrn']=$ledger->jrn_def_id;
+                $a[]=["key"=>'p_jrn',"value"=>$ledger->id];
+               put_global($a);
                 $show_menu=1;
        }
        catch (Exception $e)
@@ -117,7 +120,7 @@ switch ($sa)
        case 'detail': /* detail of a ledger */
                try
                {
-                       $ledger->id=$_REQUEST['p_jrn'];
+                       $ledger->id=$http->request('p_jrn',"number");
                        echo '<div class="content">';
                        echo '<form id="cfg_ledger_frm"  method="POST">';
                        echo $ledger->display_ledger();
diff --git a/include/cfgplugin.inc.php b/include/cfgplugin.inc.php
index 2af913b..dcbc049 100644
--- a/include/cfgplugin.inc.php
+++ b/include/cfgplugin.inc.php
@@ -26,6 +26,7 @@ require_once NOALYSS_INCLUDE.'/class/class_extension.php';
  * @brief Automatic installation of plugins and activation
  */
 global $cn;
+global $http;
 
 /******************************************************************************
  * Scan the plugin folder and file in each subfolder a property file and
@@ -61,7 +62,7 @@ $nb_profile=count($a_profile);
  
******************************************************************************/
 if ( isset ($_POST['save_plugin'])){
     // retrieve array of plugin
-    $plugin=HtmlInput::default_value_post('plugin', array());
+    $plugin=$http->post('plugin', "string",array());
     // for each extension
     for ($i=0;$i<$nb_plugin;$i++) {
         
diff --git a/include/class/class_calendar.php b/include/class/class_calendar.php
index a675ca2..0234e86 100644
--- a/include/class/class_calendar.php
+++ b/include/class/class_calendar.php
@@ -270,7 +270,8 @@ class Calendar
         $this->fill_from_todo($cell,"long");
         $wMonth=new ISelect('per_div');
         $cn=Dossier::connect();
-        $wMonth->value=$cn->make_array("select p_id,to_char(p_start,'MM/YYYY') 
from parm_periode where p_exercice = '$exercice_user' order by p_start");
+        $wMonth->value=$cn->make_array("select p_id,to_char(p_start,'MM/YYYY') 
from parm_periode where p_exercice = $1 order by p_start"
+                ,0,array($exercice_user));
         $wMonth->selected=$this->default_periode;
         
$wMonth->javascript=sprintf("onchange=calendar_zoom({gDossier:%d,invalue:'%s',outvalue:'%s',distype:'%s',notitle:%d})",
             dossier::id(),'per_div','calendar_zoom_div','cal',$notitle);
@@ -278,7 +279,6 @@ class Calendar
         $month_year=$wMonth->input().$wMonth->get_js_attr();
         ob_start();
          $zoom=1;
-         $notitle=HtmlInput::default_value_get('notitle', 0);
         require_once NOALYSS_TEMPLATE.'/calendar.php';
 
         if (count($this->action_div) > 0)
diff --git a/include/class/class_follow_up.php 
b/include/class/class_follow_up.php
index 5982f55..a021513 100644
--- a/include/class/class_follow_up.php
+++ b/include/class/class_follow_up.php
@@ -1294,14 +1294,13 @@ class Follow_Up
         if ($p_array==null)
             $p_array=$_GET;
 
-        extract($p_array, EXTR_SKIP);
         $query="";
-        if (count($searchtag)==0)
+        if (count($p_array['searchtag'])==0)
             return "";
-        for ($i=0; $i<count($searchtag); $i++)
+        for ($i=0; $i<count($p_array['searchtag']); $i++)
         {
-            if (isNumber($searchtag[$i])==1)
-                $query .= ' and ag_id in (select ag_id from action_tags where 
t_id= '.sql_string($searchtag[$i]).')';
+            if (isNumber($p_array['searchtag'][$i])==1)
+                $query .= ' and ag_id in (select ag_id from action_tags where 
t_id= '.sql_string($p_array['searchtag'][$i]).')';
         }
         return $query;
     }
@@ -1314,13 +1313,10 @@ class Follow_Up
      */
     static function create_query($cn, $p_array=null)
     {
-        if ($p_array==null)
-            $p_array=$_GET;
-
-        extract($p_array, EXTR_SKIP);
+        if ($p_array==null)             $p_array=$_GET;
+        
         $action_query="";
 
-
         if (isset($_REQUEST['action_query']))
         {
             // if a query is request build the sql stmt
@@ -1331,10 +1327,10 @@ class Follow_Up
         }
 
         $str="";
-        if (isset($qcode))
+        if (isset($p_array['qcode']))
         {
             // verify that qcode is not empty
-            if (strlen(trim($qcode))!=0)
+            if (strlen(trim($p_array['qcode']))!=0)
             {
 
                 $fiche=new Fiche($cn);
@@ -1346,38 +1342,38 @@ class Follow_Up
                     $str=" and (f_id_dest= ".$fiche->id." or ag_id in (select 
ag_id from action_person as ap where ap.f_id=".$fiche->id.")  )";
             }
         }
-        if (isset($tdoc)&&$tdoc!=-1)
+        if (isset($p_array['tdoc'])&&$p_array['tdoc'] !=-1)
         {
-            $action_query .= ' and dt_id = '.sql_string($tdoc);
+            $action_query .= ' and dt_id = '.sql_string($p_array['tdoc']);
         }
-        if (isset($state)&&$state!=-1)
+        if (isset($p_array['state'])&&$p_array['state'] !=-1)
         {
-            $action_query .= ' and ag_state= '.sql_string($state);
+            $action_query .= ' and ag_state= '.sql_string($p_array['state']);
         }
-        if (isset($hsstate)&&$hsstate!=-1)
+        if (isset($p_array['hsstate'])&&$p_array['hsstate']!=-1)
         {
-            $action_query .= ' and ag_state <> '.sql_string($hsstate);
+            $action_query .= ' and ag_state <> 
'.sql_string($p_array['hsstate']);
         }
-        if (isset($sag_ref)&&trim($sag_ref)!="")
+        if (isset($p_array['sag_ref'])&&trim($p_array['sag_ref'])!="")
         {
-            $query .= ' and ag_ref= \''.sql_string($sag_ref)."'";
+            $query .= " and ag_ref= '".sql_string($p_array['sag_ref'])."'";
         }
 
         if (isset($_GET['only_internal']))
             $action_query .= ' and f_id_dest=0 ';
 
-        if (isset($date_start)&&isDate($date_start)!=null)
+        if 
(isset($p_array['date_start'])&&isDate($p_array['date_start'])!=null)
         {
-            $action_query.=" and ag_timestamp >= 
to_date('$date_start','DD.MM.YYYY')";
+            $action_query.=" and ag_timestamp >= 
to_date('".$p_array['date_start']."','DD.MM.YYYY')";
         }
-        if (isset($date_end)&&isDate($date_end)!=null)
+        if (isset($p_array['date_end'])&&isDate($p_array['date_end'])!=null)
         {
-            $action_query.=" and ag_timestamp <= 
to_date('$date_end','DD.MM.YYYY')";
+            $action_query.=" and ag_timestamp <= 
to_date('".$p_array['date_end']."','DD.MM.YYYY')";
         }
-        if (isset($ag_dest_query)&&$ag_dest_query!=-2)
+        if (isset($p_array['ag_dest_query'])&&$p_array['ag_dest_query']!=-2)
         {
-            $action_query.= " and ((ag_dest = ".sql_string($ag_dest_query)." 
and ".self::sql_security_filter($cn, "R").") or ".
-                    "(ag_dest = ".sql_string($ag_dest_query)." and 
".self::sql_security_filter($cn, "R")." and ".
+            $action_query.= " and ((ag_dest = 
".sql_string($p_array['ag_dest_query'])." and ".self::sql_security_filter($cn, 
"R").") or ".
+                    "(ag_dest = ".sql_string($p_array['ag_dest_query'])." and 
".self::sql_security_filter($cn, "R")." and ".
                     " ag_owner='".$_SESSION['g_user']."'))";
         }
         else
@@ -1386,23 +1382,23 @@ class Follow_Up
         }
 
 
-        if (isNumber($ag_id)==1&&$ag_id!=0)
+        if (isset ($p_array['ag_id']) && 
isNumber($p_array['ag_id'])==1&&$p_array['ag_id']!=0)
         {
-            $action_query=" and ag_id= ".sql_string($ag_id);
+            $action_query=" and ag_id= ".sql_string($p_array['ag_id']);
         }
-        if 
(isset($remind_date)&&$remind_date!=""&&isDate($remind_date)==$remind_date)
+        if 
(isset($p_array['$remind_date'])&&$p_array['remind_date']!=""&&isDate($p_array['remind_date'])==$p_array['remind_date'])
         {
-            $action_query .= " and 
to_date('".sql_string($remind_date)."','DD.MM.YYYY')<= ag_remind_date";
+            $action_query .= " and 
to_date('".sql_string($p_array['$remind_date'])."','DD.MM.YYYY')<= 
ag_remind_date";
         }
-        if 
(isset($remind_date_end)&&$remind_date_end!=""&&isDate($remind_date_end)==$remind_date_end)
+        if 
(isset($p_array['remind_date_end'])&&$p_array['remind_date_end']!=""&&isDate($p_array['$remind_date_end'])==$p_array['remind_date_end'])
         {
-            $action_query .= " and 
to_date('".sql_string($remind_date_end)."','DD.MM.YYYY')>= ag_remind_date";
+            $action_query .= " and 
to_date('".sql_string($p_array['remind_date_end'])."','DD.MM.YYYY')>= 
ag_remind_date";
         }
-        if (!isset($closed_action))
+        if (!isset($p_array['closed_action']))
         {
             $action_query.=" and s_status is null ";
         }
-        if (isset($searchtag))
+        if (isset($p_array['searchtag']))
         {
             $action_query .= Follow_Up::filter_by_tag($cn, $p_array);
         }
@@ -1463,9 +1459,8 @@ class Follow_Up
      */
     function export_csv($p_array)
     {
-        extract($p_array, EXTR_SKIP);
-
 
+        
         $p_search=self::create_query($this->db, $p_array);
         $sql="
              select ag_id,
diff --git a/include/company.inc.php b/include/company.inc.php
index 1bfac93..803e21b 100644
--- a/include/company.inc.php
+++ b/include/company.inc.php
@@ -24,30 +24,30 @@
  */
 if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
 global $g_user;
+global $http;
 echo '<div class="content">';
 require_once NOALYSS_INCLUDE.'/class/class_own.php';
 if (isset($_POST['record_company']))
 {
        $m = new Own($cn);
-       extract($_POST, EXTR_SKIP);
-       $m->MY_NAME = $p_name;
-       $m->MY_TVA = $p_tva;
-       $m->MY_STREET = $p_street;
-       $m->MY_NUMBER = $p_no;
-       $m->MY_CP = $p_cp;
-       $m->MY_COMMUNE = $p_Commune;
-       $m->MY_TEL = $p_tel;
-       $m->MY_FAX = $p_fax;
-       $m->MY_PAYS = $p_pays;
-       $m->MY_CHECK_PERIODE = $p_check_periode;
-       $m->MY_DATE_SUGGEST = $p_date_suggest;
-       $m->MY_ANALYTIC = $p_compta;
-       $m->MY_STRICT = $p_strict;
-       $m->MY_TVA_USE = $p_tva_use;
-       $m->MY_PJ_SUGGEST = $p_pj;
-       $m->MY_ALPHANUM = $p_alphanum;
-       $m->MY_UPDLAB = $p_updlab;
-       $m->MY_STOCK = $p_stock;
+       $m->MY_NAME = $http->post("p_name");
+       $m->MY_TVA = $http->post("p_tva");
+       $m->MY_STREET = $http->post("p_street");
+       $m->MY_NUMBER = $http->post("p_no");
+       $m->MY_CP = $http->post("p_cp");
+       $m->MY_COMMUNE = $http->post("p_Commune");
+       $m->MY_TEL = $http->post("p_tel");
+       $m->MY_FAX = $http->post("p_fax");
+       $m->MY_PAYS = $http->post("p_pays");
+       $m->MY_CHECK_PERIODE =$http->post("p_check_periode");
+       $m->MY_DATE_SUGGEST = $http->post("p_date_suggest");
+       $m->MY_ANALYTIC =$http->post("p_compta");
+       $m->MY_STRICT = $http->post("p_strict");
+       $m->MY_TVA_USE = $http->post("p_tva_use");
+       $m->MY_PJ_SUGGEST = $http->post("p_pj");
+       $m->MY_ALPHANUM = $http->post("p_alphanum");
+       $m->MY_UPDLAB = $http->post("p_updlab");
+       $m->MY_STOCK =$http->post("p_stock");
 
        $m->Update();
 }
diff --git a/include/compta_ach.inc.php b/include/compta_ach.inc.php
index 9fea2d6..35e703b 100644
--- a/include/compta_ach.inc.php
+++ b/include/compta_ach.inc.php
@@ -31,12 +31,13 @@ require_once  NOALYSS_INCLUDE.'/class/class_pre_op_ach.php';
 require_once NOALYSS_INCLUDE.'/lib/class_ipopup.php';
 $gDossier = dossier::id();
 global $g_parameter;
+global $http;
 $cn = Dossier::connect();
 //menu = show a list of ledger
 $str_dossier = dossier::get();
-$ac=HtmlInput::default_value_request("ac", "");
+$ac=$http->request("ac");
 
-$request_jrn=HtmlInput::default_value_request("p_jrn", "");
+$request_jrn=$http->request("p_jrn", "string","");
 // Check privilege
 if ($request_jrn !="" && 
     $g_user->check_jrn($request_jrn) != 'W')
@@ -45,7 +46,7 @@ if ($request_jrn !="" &&
         exit - 1;
 }
 $p_msg="";
-$post_jrn=HtmlInput::default_value_post("p_jrn", "");
+$post_jrn=$http->post("p_jrn", "string","");
 /* if a new invoice is encoded, we display a form for confirmation */
 if (isset($_POST['view_invoice']))
 {
@@ -173,7 +174,7 @@ if (isset($_POST['record']))
                 // extourne
                 if (isset($_POST['reverse_ck']))
                 {
-                    $p_date=HtmlInput::default_value_post('reverse_date', '');
+                    $p_date=$htt->post('reverse_date','string', '');
                     if (isDate($p_date)==$p_date)
                     {
                         // reverse the operation
@@ -256,14 +257,14 @@ echo '<div class="content">';
 echo '<p class="notice">'.$p_msg.'</p>';
 try
 {
-    $payment=HtmlInput::default_value_request("e_mp", 0);
+    $payment=$http->request("e_mp", "string",0);
     echo "<FORM class=\"print\"NAME=\"form_detail\" METHOD=\"POST\" >";
     /* request for a predefined operation */
     if (isset($_REQUEST['pre_def'])&&!isset($_POST['correct']) && ! 
isset($correct) )
     {
         // used a predefined operation
-        $predef=HtmlInput::default_value_request("pre_def", "0");
-        $p_jrn_predef=HtmlInput::default_value_request("p_jrn_predef", "0");
+        $predef=$http->request("pre_def","string", "0");
+        $p_jrn_predef=$http->request("p_jrn_predef","string", "0");
         $op=new Pre_op_ach($cn);
         $op->set_od_id($predef);
         $p_post=$op->compute_array();
diff --git a/include/compta_fin_rec.inc.php b/include/compta_fin_rec.inc.php
index 9dfaa27..40223be 100644
--- a/include/compta_fin_rec.inc.php
+++ b/include/compta_fin_rec.inc.php
@@ -27,7 +27,7 @@
  *
  */
 if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
-global $g_failed,$g_succeed;
+global $g_failed,$g_succeed,$http;
 require_once NOALYSS_INCLUDE.'/class/class_acc_ledger_fin.php';
 bcscale(2);
 ?>
@@ -107,8 +107,8 @@ if (isset($_GET["p_jrn"]) && $jrn_priv == "X")
        NoAccess();
        return;
 }
-$end_extrait=HtmlInput::default_value_post("end_extrait", 0);
-$start_extrait=HtmlInput::default_value_post("start_extrait", 0);
+$end_extrait=$http->post("end_extrait", "string",0);
+$start_extrait=$http->post("start_extrait","string", 0);
 if ( isNumber($end_extrait) == 0 )
 {
     echo '<span class="notice">';
diff --git a/include/compta_ods.inc.php b/include/compta_ods.inc.php
index d4dd5bd..71fcacd 100644
--- a/include/compta_ods.inc.php
+++ b/include/compta_ods.inc.php
@@ -36,7 +36,7 @@ require_once NOALYSS_INCLUDE.'/class/class_periode.php';
 require_once NOALYSS_INCLUDE.'/lib/function_javascript.php';
 require_once NOALYSS_INCLUDE.'/lib/class_ipopup.php';
 
-global $g_user;
+global $g_user,$http;
 
 $cn = Dossier::connect();
 
@@ -104,7 +104,7 @@ elseif (isset($_POST['save']))
                  // extourne
                 if (isset($_POST['reverse_ck']))
                 {
-                    $p_date=HtmlInput::default_value_post('reverse_date', '');
+                    $p_date=$http->post('reverse_date',"string", '');
                     if (isDate($p_date)==$p_date)
                     {
                         // reverse the operation
diff --git a/include/compta_ven.inc.php b/include/compta_ven.inc.php
index 25e753c..9ef70f8 100644
--- a/include/compta_ven.inc.php
+++ b/include/compta_ven.inc.php
@@ -35,7 +35,7 @@ $cn=Dossier::connect();
 //menu = show a list of ledger
 $str_dossier=dossier::get();
 $ac="ac=".$_REQUEST['ac'];
-global $g_parameter;
+global $g_parameter,$http;
 $p_msg="";
 //----------------------------------------------------------------------
 // Encode a new invoice
@@ -190,7 +190,7 @@ show_tab(a_tab,'facturation_div_id');
              // extourne
             if (isset($_POST['reverse_ck']))
             {
-                $p_date=HtmlInput::default_value_post('reverse_date', '');
+                $p_date=$http->post('reverse_date', "string",'');
                 if (isDate($p_date)==$p_date)
                 {
                     // reverse the operation
@@ -268,7 +268,7 @@ echo '<div class="content">';
 echo '<p class="notice">'.$p_msg.'</p>';
 try
 {
-    $payment=HtmlInput::default_value_request("e_mp", 0);
+    $payment=$http->request("e_mp","string", 0);
 
     echo "<FORM class=\"print\" NAME=\"form_detail\" METHOD=\"POST\" >";
     /* request for a predefined operation */
diff --git a/include/constant.php b/include/constant.php
index a2bb131..cfa2127 100644
--- a/include/constant.php
+++ b/include/constant.php
@@ -306,3 +306,5 @@ define ("SQL_LIST_UNPAID_INVOICE_DATE_LIMIT" ,"
  */
 // Limit email exceeds parameter
 define ('EMAIL_LIMIT',1002);
+define ('EXC_PARAM_VALUE',1005);
+define ('EXC_PARAM_TYPE',1006);
diff --git a/include/customer.inc.php b/include/customer.inc.php
index 1a3faaa..e644718 100644
--- a/include/customer.inc.php
+++ b/include/customer.inc.php
@@ -27,7 +27,8 @@ require_once NOALYSS_INCLUDE.'/lib/class_ihidden.php';
 require_once NOALYSS_INCLUDE.'/class/class_customer.php';
 require_once NOALYSS_INCLUDE.'/lib/class_ibutton.php';
 require_once NOALYSS_INCLUDE.'/class/class_fiche_def.php';
-
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
 
 
 $low_action = (isset($_REQUEST['sb'])) ? $_REQUEST['sb'] : "list";
@@ -54,7 +55,7 @@ if (isset($_POST['action_fiche']))
             return;
         }
 
-        $f_id = $_REQUEST['f_id'];
+        $f_id = $http->request('f_id',"number");
 
         $fiche = new Customer($cn, $f_id);
         $fiche->remove();
@@ -76,7 +77,7 @@ if ($low_action == "list")
             $a=(isset($_GET['query']))?$_GET['query']:"";
             echo _("Cherche ").HtmlInput::filter_table_form("tiers_tb", 
'0,1,2', 1,"query",$a);
 
-            $choice_cat=HtmlInput::default_value_request("choice_cat", 1);
+            $choice_cat=$http->request("choice_cat", "",1);
 
             if ( $choice_cat == 1 )
             {
@@ -89,7 +90,7 @@ if ($low_action == "list")
                 echo _('Catégorie :').$sel_card->input();
             } else 
             {
-                $cat=HtmlInput::default_value_request('cat', '');
+                $cat=$http->request('cat',"string", '');
                 echo HtmlInput::hidden("cat",$cat);
                 echo HtmlInput::hidden('choice_cat', 0);
             }
diff --git a/include/database.item.php b/include/database.item.php
index a2416f0..195bae3 100644
--- a/include/database.item.php
+++ b/include/database.item.php
@@ -4,6 +4,9 @@ $menu[]=_('Clef de répartition');
 $menu[]=_('Configuration extension');  
 $menu[]=_('Balance agée');  $desc[]=_('Balance agée');$desc_long[]=_('Balance 
agée pour les clients et fournisseurs');
 $menu[]=_('Export Balance agée');  $desc[]=_('Balance 
agée');$desc_long[]=_('Balance agée pour les clients et fournisseurs');
+$menu[]=_('Exporte la pièce');  
+$menu[]=_('Export le document');  
+$menu[]=_('Exporte le modèle de document');  
 $menu[]=_('Achat');  $desc[]=_('Nouvel achat ou dépense');$desc_long[]=_('Vous 
permet d\'encoder des achats, dépenses, des notes de frais ou des notes de 
crédits, vous pouvez spécifier un bénéficiaire ou un autre moyen de paiement');
 $menu[]=_('Historique');  $desc[]=_('Historique des imputations 
analytiques');$desc_long[]=_('Historique des imputations analytiques');
 $menu[]=_('Balance simple');  $desc[]=_('Balance simple des imputations 
analytiques');$desc_long[]=_('Balance simple des imputations analytiques');
@@ -126,15 +129,13 @@ $menu[]=_('Liste Suivi');  $desc[]=_('Document de suivi 
sous forme de liste');$d
 $menu[]=_('Moyen de paiement');  $desc[]=_('Config. des méthodes de 
paiement');$desc_long[]=_('Configuration des moyens de paiements que vous 
voulez utiliser dans les journaux de type VEN ou ACH, les moyens de paiement 
permettent de générer l\'opération de trésorerie en même temps que l\'achat, la 
note de frais ou la vente');
 $menu[]=_('Administration');  $desc[]=_('Suivi administration, 
banque');$desc_long[]=_('Suivi des administrations : courrrier, déclarations.');
 $menu[]=_('Prévision');  $desc[]=_('Prévision');$desc_long[]=_('Prévision de 
vos achats, revenus, permet de suivre l\'évolution de votre société. Vos 
prévisions sont des formules sur les postes comptables et vous permettent aussi 
vos marges brutes.');
-$menu[]=_('Export opérations rapprochées');  $desc[]=_('Export opérations 
rapprochées en CSV');
+$menu[]=_('Export opérations rapprochées');  $desc[]=_('Export opérations 
rapprochées en CSV');$desc_long[]=_('');
 $menu[]=_('Administrateur');  $desc[]=_('Suivi des gérants, administrateurs et 
salariés');$desc_long[]=_('Suivi de vos salariés, managers ainsi que des 
administrateurs, pour les documents et les opérations comptables');
 $menu[]=_('Menu par défaut');  $desc[]=_('Configuration des menus par 
défaut');$desc_long[]=_('Configuration des menus par défaut, ces menus sont 
appelés par des actions dans d\'autres menus');
 $menu[]=_('Agenda');  $desc[]=_('Agenda');$desc_long[]=_('Agenda, présentation 
du suivi sous forme d\'agenda ');
 $menu[]=_('Favori &#9733 ');  $desc[]=_('Raccourci vers vos menus 
préférés');$desc_long[]=_('Ce menu vous présente  un menu rapide de vos menus 
préférés');
 ?>
 <?php 
-$attr_def[]=_('Prix vente');
-$attr_def[]=_('Prix achat');
 $attr_def[]=_('Durée Amortissement');
 $attr_def[]=_('Montant initial');
 $attr_def[]=_('TVA non déductible');
@@ -142,6 +143,8 @@ $attr_def[]=_('TVA non déductible récupérable par 
l\'impôt');
 $attr_def[]=_('Partie fiscalement non déductible');
 $attr_def[]=_('Dépense  charge du grant (partie privé) ');
 $attr_def[]=_('Compte bancaire');
+$attr_def[]=_('Prix vente');
+$attr_def[]=_('Prix achat');
 $attr_def[]=_('Date début');
 $attr_def[]=_('Nom');
 $attr_def[]=_('Taux TVA');
@@ -215,3 +218,9 @@ $jrn_def_description[]=_('Concerne tous les mouvements 
financiers (comptes en ba
 $jrn_def_description[]=_('Concerne toutes les opérations comme les 
amortissements, les comptes TVA, ...');
 $jrn_def_description[]=_('Concerne toutes les ventes, notes de crédit 
envoyées');
 ?>
+<?php 
+$jrn_type[]=_('Financier');
+$jrn_type[]=_('Vente');
+$jrn_type[]=_('Achat');
+$jrn_type[]=_('Opérations Diverses');
+?>
diff --git a/include/dossier.inc.php b/include/dossier.inc.php
index d89323b..6ec89cc 100644
--- a/include/dossier.inc.php
+++ b/include/dossier.inc.php
@@ -27,18 +27,19 @@ require_once NOALYSS_INCLUDE.'/lib/class_itext.php';
 require_once NOALYSS_INCLUDE.'/lib/class_icheckbox.php';
 require_once NOALYSS_INCLUDE.'/lib/class_itextarea.php';
 require_once NOALYSS_INCLUDE.'/lib/class_html_input.php';
+global $http;
 
-$sa=(isset($_REQUEST['sa']))?$_REQUEST['sa']:'list';
+$sa=$http->request('sa','string','list');
 //---------------------------------------------------------------------------
 // Update
-$dossier_id=HtmlInput::default_value_request('d', -1);
+$dossier_id=$http->request('d', "string",-1);
 
 if ( isset ($_POST['upd']) && isNumber($dossier_id) == 1 && $dossier_id != -1)
 {
     $dos=new dossier($dossier_id);
-    $name=HtmlInput::default_value_post('name', "--vide--");
-    $desc=HtmlInput::default_value_post('desc', "--vide--");
-     $max_email=HtmlInput::default_value_post("max_email", -1);
+    $name=$http->post('name');
+    $desc=$http->post('desc');
+     $max_email=$http->post("max_email");
     $dos->set_parameter('name',$name);
     $dos->set_parameter('desc',$desc);
     $dos->set_parameter("max_email", $max_email);
@@ -51,7 +52,13 @@ echo '<div class="content" 
style="width:80%;margin-left:10%">';
 if ( isset ($_POST["DATABASE"]) )
 {
     $repo=new Database();
-    $dos=HtmlInput::default_value_post('DATABASE', "");
+    try {
+        $dos=$http->post('DATABASE');
+        $template=$http->post("FMOD_ID","numnber");
+    } catch (Exception $ex) {
+        echo $ex->getMessage();
+        return;
+    }
     $dos=sql_string($dos);
     if (strlen($dos)==0)
     {
@@ -63,9 +70,7 @@ if ( isset ($_POST["DATABASE"]) )
      */
     
     // Get the modeledef.mod_id
-    $template=HtmlInput::default_value_post("FMOD_ID",-1);
-    if ( $template == -1 || isNumber($template ) == 0) 
-        die (_('Parametre invalide'));
+
     /*
      * If template is not empty
      */
@@ -90,8 +95,8 @@ if ( isset ($_POST["DATABASE"]) )
     /*
      * Insert new dossier with description
      */
-    $desc=HtmlInput::default_value_post("DESCRIPTION","");
-    $max_email=HtmlInput::default_value_post("max_email", -1);
+    $desc=$http->post("DESCRIPTION");
+    $max_email=$http->post("max_email","number");
     try
     {
         $repo->start();
diff --git a/include/export/export_anc_receipt_pdf.php 
b/include/export/export_anc_receipt_pdf.php
index 88b642f..1f83325 100644
--- a/include/export/export_anc_receipt_pdf.php
+++ b/include/export/export_anc_receipt_pdf.php
@@ -28,8 +28,9 @@ if (!defined('ALLOWED'))
  * export all the selected documents for Ana Accountancy in PDF
  */
 require_once NOALYSS_INCLUDE.'/class/class_document_export.php';
-
-$ck = HtmlInput::default_value_get('ck', 0);
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
+$ck = $http->get('ck',"string", 0);
 if ($ck == 0)
 {
     echo "Aucune sélection";
diff --git a/include/export/export_balance_age_csv.php 
b/include/export/export_balance_age_csv.php
index 7f2a6f3..3c17643 100644
--- a/include/export/export_balance_age_csv.php
+++ b/include/export/export_balance_age_csv.php
@@ -22,6 +22,8 @@
 if (!defined('ALLOWED'))
     die('Appel direct ne sont pas permis');
 require 'class/class_balance_age.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
 
 /**
  * @file
@@ -41,12 +43,12 @@ require 'class/class_balance_age.php';
  * Retrieve card
  */
 $bal=new Balance_Age($cn);
-$p_type = HtmlInput::default_value_get('p_type', "-");
-$p_date= HtmlInput::default_value_get('p_date_start', "-");
-$p_let= HtmlInput::default_value_get('p_let', "let");
-$cat= HtmlInput::default_value_get('cat', "");
-$fiche= HtmlInput::default_value_get('fiche', "0");
-$all= HtmlInput::default_value_get('all', "0");
+$p_type = $http->get('p_type',"string", "-");
+$p_date= $http->get('p_date_start',"string", "-");
+$p_let= $http->get('p_let',"string", "let");
+$cat= $http->get('cat',"string", "");
+$fiche= $http->get('fiche',"string", "0");
+$all= $http->get('all',"string", "0");
 switch ($p_type)
 {
     case 'C':
@@ -62,10 +64,10 @@ switch ($p_type)
         $bal->export_csv($p_date, $p_let);
         break;
     case 'X':
-        $all=HtmlInput::default_value_get('all', 0);
+        $all=$http->get('all', "string",0);
         if ($all==0)
         {
-            $bal->get_array_card('X', $_GET['cat']);
+            $bal->get_array_card('X', $http->get('cat'));
             $bal->export_csv($p_date, $p_let);
         }
         else
diff --git a/include/export/export_balance_pdf.php 
b/include/export/export_balance_pdf.php
index 8fe6fea..6a08def 100644
--- a/include/export/export_balance_pdf.php
+++ b/include/export/export_balance_pdf.php
@@ -36,6 +36,9 @@ include_once("class/class_acc_balance.php");
 require_once  NOALYSS_INCLUDE.'/header_print.php';
 require_once NOALYSS_INCLUDE.'/class/class_dossier.php';
 require_once NOALYSS_INCLUDE.'/lib/class_pdf.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
+
 $gDossier=dossier::id();
 bcscale(4);
 $cn=Dossier::connect();
@@ -44,15 +47,27 @@ require_once  NOALYSS_INCLUDE.'/class/class_user.php';
 $g_user->Check();
 
 $bal=new Acc_Balance($cn);
+try
+{
+    $from_periode=$http->request("from_periode");
+    $to_periode=$http->request("to_periode");
+    $from_poste=$http->request("from_poste");
+    $to_poste=$http->request("to_poste");
+    $p_filter=$http->request("p_filter","string");
+}
+catch (Exception $exc)
+{
+    error_log($exc->getTraceAsString());
+    return;
+}
 
 // Compute for the summary
 $summary_tab=$bal->summary_init();
 $summary_prev_tab=$bal->summary_init();
-$is_summary=HtmlInput::default_value_get("summary", 0);
+$is_summary=$http->get("summary","string", 0);
   
-extract ($_GET, EXTR_SKIP);
 $bal->jrn=null;
-switch( $_GET['p_filter'])
+switch( $p_filter)
 {
 case 0:
         $bal->jrn=null;
@@ -75,8 +90,8 @@ case 2:
     break;
 }
 
-$bal->from_poste=$_GET['from_poste'];
-$bal->to_poste=$_GET['to_poste'];
+$bal->from_poste=$from_poste;
+$bal->to_poste=$to_poste;
 if (isset($_GET['unsold'])) $bal->unsold=true;
 $previous=(isset($_GET['previous_exc']))?1:0;
   
@@ -105,9 +120,9 @@ $pdf->AliasNbPages();
 $pdf->AddPage();
 $pdf->SetAuthor('NOALYSS');
 $pdf->SetFont('DejaVuCond','',7);
-$pdf->setTitle("Balance comptable",true);
-$pdf->write_cell(30,6,'poste');
-$pdf->LongLine(60,6,'Libellé');
+$pdf->setTitle(_("Balance comptable"),true);
+$pdf->write_cell(30,6,_('poste'));
+$pdf->LongLine(60,6,_('Libellé'));
 if ($previous == 1 ){ 
     $pdf->write_cell(20,6,'Débit N-1',0,0,'R');
     $pdf->write_cell(20,6,'Crédit N-1',0,0,'R');
diff --git a/include/export/export_document.php 
b/include/export/export_document.php
index 1a6ab07..77ee794 100644
--- a/include/export/export_document.php
+++ b/include/export/export_document.php
@@ -28,25 +28,21 @@ if ( ! defined ('ALLOWED')) die (_('Non autorisé'));
 require_once NOALYSS_INCLUDE.'/lib/ac_common.php';
 require_once NOALYSS_INCLUDE.'/class/class_document.php';
 require_once NOALYSS_INCLUDE.'/class/class_dossier.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
+
 $action = (isset($_REQUEST['a'])) ? $_REQUEST['a'] : 'sh';
 
-$d_id=HtmlInput::default_value_request('d_id',0);
-$id=HtmlInput::default_value_request('id',0);
-$ag_id=HtmlInput::default_value_request('ag_id',0);
-$value=HtmlInput::default_value_request('value', null);
+$id=$http->request('id','number');
+$ag_id=$http->request('ag_id','number');
+$value=$http->request('value',"string", null);
 
-if (    isNumber($id)    == 0 ||
-        isNumber($ag_id) == 0 ||
-        isNumber($d_id)  == 0 
-        )
-{
-    die (_('Données invalides'));
-}
 /* Show the document */
 if ($action == 'sh')
 {
        if ($g_user->check_action(VIEWDOC) == 1)
        {
+            $d_id=$http->request('d_id',"number");
                // retrieve the document
                $doc = new Document($cn, $d_id);
                $doc->Send();
@@ -58,6 +54,8 @@ if ($action == 'rm')
        $json='{"d_id":"-1"}';
        if ($g_user->check_action(RMDOC) == 1)
        {
+            $d_id=$http->request('d_id',"number");
+
                $doc = new Document($cn, $d_id);
                $doc->remove();
                $json = sprintf('{"d_id":"%s"}', $d_id);
@@ -70,6 +68,8 @@ if ( $action == "upd_doc")
 {
        if ($g_user->check_action(VIEWDOC) == 1)
        {
+            $d_id=$http->request('d_id',"number");
+
             $doc = new Document($cn, $d_id);
             $doc->get();
             if ( $g_user->can_write_action($doc->ag_id))
diff --git a/include/export/export_fiche_detail_csv.php 
b/include/export/export_fiche_detail_csv.php
index bfe6ca2..13f59ee 100644
--- a/include/export/export_fiche_detail_csv.php
+++ b/include/export/export_fiche_detail_csv.php
@@ -25,11 +25,14 @@ include_once("lib/ac_common.php");
 require_once NOALYSS_INCLUDE.'/lib/class_database.php';
 require_once NOALYSS_INCLUDE.'/class/class_fiche.php';
 require_once NOALYSS_INCLUDE.'/lib/class_noalyss_csv.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
+
+$f_id=$http->request("f_id", "number");
+$from_periode=$http->get("from_periode");
+$to_periode=$http->get("to_periode");
+$ople=$http->get("ople");
 
-$f_id=HtmlInput::default_value_request("f_id", "-");
-if ( $f_id == "-") {
-     throw new Exception ('Invalid parameter');
-}
 require_once NOALYSS_INCLUDE.'/class/class_dossier.php';
 $gDossier=dossier::id();
 
@@ -46,9 +49,9 @@ $export->send_header();
 
 $Fiche->getName();
 list($array,$tot_deb,$tot_cred)=$Fiche->get_row_date(
-                                    $_GET['from_periode'],
-                                    $_GET['to_periode'],
-                                    $_GET['ople']
+                                    $from_periode,
+                                    $to_periode,
+                                    $ople
                                 );
 if ( count($Fiche->row ) == 0 )
 {
@@ -100,7 +103,8 @@ if ( ! isset ($_REQUEST['oper_detail']))
                 */
                 $progress=0;
                 $current_exercice=$op['p_exercice'];
-                $tot_deb=0;$tot_cred=0;    
+                $tot_deb=0;$tot_cred=0;   
+                 $export->write();
             }
         $diff=bcsub($op['deb_montant'],$op['cred_montant']);
         $progress=bcadd($progress,$diff);
@@ -160,14 +164,16 @@ else
 $solde_type=($tot_deb>$tot_cred)?"solde débiteur":"solde créditeur";
 $solde_type=($tot_cred == $tot_deb)?" solde = ":$solde_type;
 $diff=abs($tot_deb-$tot_cred);
+$export->add("");
+$export->add("");
+$export->add("");
 $export->add(_("totaux"));
-$export->add("D");
-$export->add($tot_deb,"number");
-
-$export->add("C");
-$export->add($tot_cred,"number");
+$export->add("");
 $export->add($solde_type);
 $export->add($diff,"number");
+$export->add($tot_deb,"number");
+$export->add($tot_cred,"number");
+
 $export->write();
 exit;
 ?>
diff --git a/include/export/export_fiche_detail_pdf.php 
b/include/export/export_fiche_detail_pdf.php
index 6be26d7..13ad6a7 100644
--- a/include/export/export_fiche_detail_pdf.php
+++ b/include/export/export_fiche_detail_pdf.php
@@ -31,19 +31,25 @@ require_once NOALYSS_INCLUDE.'/class/class_fiche.php';
 require_once  NOALYSS_INCLUDE.'/header_print.php';
 require_once NOALYSS_INCLUDE.'/class/class_dossier.php';
 require_once NOALYSS_INCLUDE.'/lib/class_pdf.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
+
+$f_id=$http->request("f_id", "number");
+$from_periode=$http->get("from_periode","date");
+$to_periode=$http->get("to_periode","date");
+$ople=$http->get("ople");
+
 $gDossier=dossier::id();
 
 $cn=Dossier::connect();
 
-extract($_GET, EXTR_SKIP);
-
 $ret="";
 $pdf= new PDF($cn);
-$pdf->setDossierInfo("  Periode : ".$_GET['from_periode']." - 
".$_GET['to_periode']);
+$pdf->setDossierInfo("  Periode : ".$from_periode." - ".$to_periode);
 $pdf->AliasNbPages();
 $pdf->AddPage();
 $pdf->SetAuthor('NOALYSS');
-$pdf->setTitle("Détail fiche",true);
+$pdf->setTitle(_("Détail fiche"),true);
 
 
 $Fiche=new Fiche($cn,$f_id);
diff --git a/include/export/export_fiche_pdf.php 
b/include/export/export_fiche_pdf.php
index 6fb536f..42dc7ce 100644
--- a/include/export/export_fiche_pdf.php
+++ b/include/export/export_fiche_pdf.php
@@ -22,6 +22,7 @@
 /*!\file
  * \brief Called by impress->category, export in PDF the history of a category
  * of card
+ * @bug NOT USED MUST BE REMOVED
  */
 if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
 // Security we check if user does exist and his privilege
diff --git a/include/export/export_form_csv.php 
b/include/export/export_form_csv.php
index 4b151b3..9b2a935 100644
--- a/include/export/export_form_csv.php
+++ b/include/export/export_form_csv.php
@@ -28,26 +28,41 @@ require_once NOALYSS_INCLUDE.'/class/class_acc_report.php';
 require_once NOALYSS_INCLUDE.'/lib/class_impress.php';
 require_once NOALYSS_INCLUDE.'/class/class_dossier.php';
 require_once NOALYSS_INCLUDE.'/lib/class_noalyss_csv.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
 
 $gDossier=dossier::id();
 
 /* Admin. Dossier */
 $cn=Dossier::connect();
 
-$Form=new Acc_Report($cn,$_GET['form_id']);
+$form_id=$http->get('form_id','number');
+$type_periode=$http->get('type_periode',"number");
+
+
+
+$Form=new Acc_Report($cn,$form_id);
 $Form->get_name();
 
 $export=new Noalyss_Csv('report');
 $export->send_header();
 // Step ?
 //--
-$step=HtmlInput::default_value_get("p_step", 0);
+$p_step=$http->get('p_step',"string",0);
 if (  $step == 0 )
 {
-    if ( $_GET ['type_periode'] == 0 )
-        $array=$Form->get_row( $_GET['from_periode'],$_GET['to_periode'], 
$_GET['type_periode']);
-    else
-        $array=$Form->get_row( $_GET['from_date'],$_GET['to_date'], 
$_GET['type_periode']);
+    if ( $type_periode == 0 )
+    {
+        $from_periode=$http->get('from_periode',"number");
+        $to_periode=$http->get('to_periode',"number");
+        $array=$Form->get_row( $from_periode,$to_periode, $type_periode);
+    }
+    else 
+    {
+        $from_date=$http->get('from_date',"date");
+        $to_date=$http->get('to_date',"date");
+        $array=$Form->get_row( $from_date,$to_date, $type_periode);
+    }
 
 
     if ( count($Form->row ) == 0 )
@@ -69,11 +84,15 @@ elseif ($step == 1)
 {
     // Gather all the data
     //---
-    for ($e=$_GET['from_periode'];$e<=$_GET['to_periode'];$e+=$_GET['p_step'])
+    $from_periode=$http->get('from_periode',"number");
+    $to_periode=$http->get('to_periode',"number");
+    $p_step=$http->get('p_step',"number");
+    
+    for ($e=$from_periode;$e<=$to_periode;$e+=$p_step)
     {
         $periode=getPeriodeName($cn,$e);
         if ( $periode == null ) continue;
-        $array[]=$Form->get_row($e,$e,$_GET['type_periode']);
+        $array[]=$Form->get_row($e,$e,$type_periode);
         $periode_name[]=$periode;
     }
     // Display column heading
diff --git a/include/export/export_form_pdf.php 
b/include/export/export_form_pdf.php
index e967c08..d4b5e91 100644
--- a/include/export/export_form_pdf.php
+++ b/include/export/export_form_pdf.php
@@ -32,12 +32,17 @@ require_once  NOALYSS_INCLUDE.'/header_print.php';
 require_once NOALYSS_INCLUDE.'/class/class_dossier.php';
 require_once NOALYSS_INCLUDE.'/class/class_acc_report.php';
 require_once NOALYSS_INCLUDE.'/lib/class_pdf.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
+
+$form_id=$http->get('form_id','number');
+$type_periode=$http->get('type_periode',"number");
+
 
 $gDossier=dossier::id();
 
 $cn=Dossier::connect();
 
-extract($_GET, EXTR_SKIP);
 $ret="";
 $Form=new Acc_Report($cn,$form_id);
 $Libelle=sprintf("%s ",$Form->get_name());
@@ -50,23 +55,34 @@ $pdf->setTitle("Rapport ".$Libelle,true);
 
 // Step ??
 //--
-$step=HtmlInput::default_value_get("p_step", 0);
-
+$p_step=$http->get('p_step',"string",0);
 if ( $step == 0 )
 {
     // No step asked
     //--
-    if ( $_GET ['type_periode'] == 0 )
-        $array=$Form->get_row( $_GET['from_periode'],$_GET['to_periode'], 
$_GET['type_periode']);
+    if ( $_GET ['type_periode'] == 0 ) 
+    {
+        $from_periode=$http->get('from_periode',"number");
+        $to_periode=$http->get('to_periode',"number");
+        $array=$Form->get_row( $from_periode,$to_periode, $type_periode);
+    }
     else
-        $array=$Form->get_row( $_GET['from_date'],$_GET['to_date'], 
$_GET['type_periode']);
+    {
+        $from_date=$http->get('from_date',"date");
+        $to_date=$http->get('to_date',"date");
+        $array=$Form->get_row( $from_date,$to_date, $type_periode);
+    }
 
 }
 else
 {
     // yes with step
     //--
-    for ($e=$_GET['from_periode'];$e<=$_GET['to_periode'];$e+=$_GET['p_step'])
+    $from_periode=$http->get('from_periode',"number");
+    $to_periode=$http->get('to_periode',"number");
+    $p_step=$http->get('p_step',"number");
+    
+    for ($e=$from_periode;$e<=$to_periode;$e+=$p_step)
     {
         $periode=getPeriodeName($cn,$e);
         if ( $periode == null ) continue;
@@ -82,21 +98,21 @@ $pdf->SetFont('DejaVuCond','',8);
 // without step
 if ( $step == 0 )
 {
-    if ( $_GET['type_periode'] == 0 )
+    if ( $type_periode == 0 )
     {
         $q=getPeriodeName($cn,$from_periode);
         if ( $from_periode != $to_periode)
         {
-            $periode=sprintf("Période %s à 
%s",$q,getPeriodeName($cn,$to_periode));
+            $periode=sprintf(_("Période de %s à 
%s"),$q,getPeriodeName($cn,$to_periode));
         }
         else
         {
-            $periode=sprintf("Période %s",$q);
+            $periode=sprintf(_("Période %s"),$q);
         }
     }
     else
     {
-        $periode=sprintf("Date %s jusque 
%s",$_GET['from_date'],$_GET['to_date']);
+        $periode=sprintf(_("Date %s jusque %s"),$from_date,$to_date);
     }
     $pdf->write_cell(0,7,$periode,'B');
     $pdf->line_new();
diff --git a/include/export/export_gl_csv.php b/include/export/export_gl_csv.php
index bc82929..f9af4c5 100644
--- a/include/export/export_gl_csv.php
+++ b/include/export/export_gl_csv.php
@@ -20,8 +20,24 @@
 // Copyright Author Dany De Bontridder address@hidden
 
 /*! \file
- * \brief create GL comptes as PDF
+ * \brief create GL comptes as CSV.
+ * Argument $_GET
+ * @code
+ * Array
+(
+    [gDossier] => 10104
+    [bt_csv] => Export CSV
+    [act] => CSV:glcompte
+    [type] => poste
+    [p_action] => impress
+    [from_periode] => 01.01.2016
+    [to_periode] => 31.12.2016
+    [from_poste] => 
+    [to_poste] => 
+)
+ * @encode
  */
+
 if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
 include_once NOALYSS_INCLUDE.'/class/class_acc_account_ledger.php';
 include_once NOALYSS_INCLUDE.'/lib/ac_common.php';
@@ -31,28 +47,20 @@ require_once NOALYSS_INCLUDE.'/class/class_own.php';
 require_once NOALYSS_INCLUDE.'/class/class_dossier.php';
 require_once NOALYSS_INCLUDE.'/class/class_user.php';
 require_once NOALYSS_INCLUDE.'/lib/class_noalyss_csv.php';
-$gDossier=dossier::id();
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
+$from_periode = $http->get("from_periode","date");
+$to_periode = $http->get("to_periode","date");
+$from_poste = $http->get("from_poste");
+$to_poste = $http->get("to_poste");
 
+$gDossier=dossier::id();
 /* Security */
 $cn=Dossier::connect();
 
 $export=new Noalyss_Csv(_('grandlivre'));
-extract($_GET, EXTR_SKIP);
+$poste_id=$http->get('poste_id',"string","");
 $export->send_header();
-if ( isset($poste_id) && strlen(trim($poste_id)) != 0 && isNumber($poste_id) )
-{
-    if ( isset ($poste_fille) )
-    {
-        $parent=$poste_id;
-        $a_poste=$cn->get_array("select pcm_val from tmp_pcmn where 
pcm_val::text like '$parent%' order by pcm_val::text");
-    }
-    elseif ( $cn->count_sql('select * from tmp_pcmn where 
pcm_val='.sql_string($poste_id)) != 0 )
-    {
-        $a_poste=array('pcm_val' => $poste_id);
-    }
-}
-else
-{
   $cond_poste='';
   $sql="select pcm_val from tmp_pcmn ";
     if ($from_poste != '')
@@ -77,8 +85,6 @@ else
 
     $a_poste=$cn->get_array($sql);
 
-}
-
 if ( count($a_poste) == 0 )
 {
     echo _('Aucun résultat');
diff --git a/include/export/export_gl_pdf.php b/include/export/export_gl_pdf.php
index 80aa54b..9daca37 100644
--- a/include/export/export_gl_pdf.php
+++ b/include/export/export_gl_pdf.php
@@ -31,6 +31,13 @@ require_once NOALYSS_INCLUDE.'/class/class_own.php';
 require_once NOALYSS_INCLUDE.'/class/class_dossier.php';
 require_once NOALYSS_INCLUDE.'/class/class_user.php';
 require_once NOALYSS_INCLUDE.'/lib/class_pdf.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
+$from_periode = $http->get("from_periode","date");
+$to_periode = $http->get("to_periode","date");
+$from_poste = $http->get("from_poste");
+$to_poste = $http->get("to_poste");
+
 bcscale(2);
 
 $gDossier=dossier::id();
@@ -42,7 +49,6 @@ $g_user->check_dossier($gDossier);
 
 $sql="select pcm_val from tmp_pcmn ";
 
-extract($_GET, EXTR_SKIP);
 $cond_poste="";
 if ($from_poste != '')
   {
diff --git a/include/export/export_ledger_csv.php 
b/include/export/export_ledger_csv.php
index aa11270..10e1086 100644
--- a/include/export/export_ledger_csv.php
+++ b/include/export/export_ledger_csv.php
@@ -31,6 +31,10 @@ $gDossier=dossier::id();
 require_once NOALYSS_INCLUDE.'/lib/class_database.php';
 require_once NOALYSS_INCLUDE.'/class/class_acc_ledger.php';
 require_once NOALYSS_INCLUDE.'/lib/class_noalyss_csv.php';
+
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
+
 $export=new Noalyss_Csv(_('journal'));
 
 $export->send_header();
@@ -39,17 +43,20 @@ $export->send_header();
 /*
  * Variable from $_GET
  */
-$get_jrn=HtmlInput::default_value_get('jrn_id', -1);
-$get_option=HtmlInput::default_value_get('p_simple', -1);
-$get_from_periode=  HtmlInput::default_value_get('from_periode', null);
-$get_to_periode=HtmlInput::default_value_get('to_periode', NULL);
-
-//--- Check validity
-if ( $get_jrn ==-1  || $get_option == -1 || $get_from_periode == null || 
$get_to_periode == null)
+try
 {
-    die (_('Options invalides'));
+    $get_jrn=$http->get('jrn_id',"number");
+    $get_option=$http->get('p_simple',"number");
+    $get_from_periode=  $http->get('from_periode');
+    $get_to_periode=$http->get('to_periode');
+    
+}
+catch (Exception $exc)
+{
+    echo $exc->getMessage();
+    error_log($exc->getTraceAsString());
+    throw $exc;
 }
-
 
 require_once  NOALYSS_INCLUDE.'/class/class_user.php';
 $g_user->Check();
diff --git a/include/export/export_ledger_pdf.php 
b/include/export/export_ledger_pdf.php
index 17e4934..dfa7995 100644
--- a/include/export/export_ledger_pdf.php
+++ b/include/export/export_ledger_pdf.php
@@ -37,22 +37,35 @@ require_once NOALYSS_INCLUDE.'/class/class_acc_ledger.php';
 require_once NOALYSS_INCLUDE.'/class/class_own.php';
 require_once NOALYSS_INCLUDE.'/class/class_periode.php';
 require_once NOALYSS_INCLUDE.'/class/class_print_ledger.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
 
-
+$http=new HttpInput();
 $cn = Dossier::connect();
 $periode = new Periode($cn);
+try
+{
+    $jrn_id=$http->get('jrn_id',"number");
+    $p_simple=$http->get('p_simple',"number");
 
+    
+}
+catch (Exception $exc)
+{
+    echo $exc->getMessage();
+    error_log($exc->getTraceAsString());
+    throw $exc;
+}
 $l_type = "JRN";
 $own = new Own($cn);
 
-$Jrn = new Acc_Ledger($cn, $_GET['jrn_id']);
+$Jrn = new Acc_Ledger($cn, $jrn_id);
 
 $Jrn->get_name();
 $g_user->Check();
 $g_user->check_dossier($gDossier);
 
 // Security
-if ($_GET['jrn_id'] != 0 && $g_user->check_jrn($_GET['jrn_id']) == 'X') {
+if ($g_user->check_jrn($jrn_id) == 'X') {
     /* Cannot Access */
     NoAccess();
 }
@@ -61,7 +74,7 @@ $ret = "";
 
 $jrn_type = $Jrn->get_type();
 
-$pdf = Print_Ledger::factory($cn, $_REQUEST['p_simple'], "PDF", $Jrn);
+$pdf = Print_Ledger::factory($cn, $p_simple, "PDF", $Jrn);
 
 $pdf->setDossierInfo($Jrn->name);
 $pdf->AliasNbPages();
diff --git a/include/export/export_poste_detail_csv.php 
b/include/export/export_poste_detail_csv.php
index c8644aa..5180b80 100644
--- a/include/export/export_poste_detail_csv.php
+++ b/include/export/export_poste_detail_csv.php
@@ -26,8 +26,13 @@ require_once NOALYSS_INCLUDE.'/lib/class_database.php';
 require_once NOALYSS_INCLUDE.'/class/class_acc_account_ledger.php';
 require_once  NOALYSS_INCLUDE.'/class/class_acc_operation.php';
 require_once NOALYSS_INCLUDE.'/lib/class_noalyss_csv.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
 
-$r_poste=HtmlInput::default_value_request("poste_id", "error");
+$r_poste=$http->request("poste_id");
+$from_periode=$http->request("from_periode");
+$to_periode=$http->request("to_periode");
+$ople=$http->request("ople");
 
 $export=new Noalyss_Csv(_('poste').'_'.$r_poste);
 
@@ -39,16 +44,19 @@ $cn=Dossier::connect();
 
 if ( isset ( $_REQUEST['poste_fille']) )
 { //choisit de voir tous les postes
-  $a_poste=$cn->get_array("select pcm_val from tmp_pcmn where pcm_val::text 
like $1||'%'",array($_REQUEST["poste_id"]));
+  $a_poste=$cn->get_array("select pcm_val from tmp_pcmn where pcm_val::text 
like $1||'%'",array($r_poste));
 }
 else
 {
-  $a_poste=$cn->get_array("select pcm_val from tmp_pcmn where pcm_val = 
$1",array($_REQUEST['poste_id']));
+  $a_poste=$cn->get_array("select pcm_val from tmp_pcmn where pcm_val = 
$1",array($r_poste));
 }
 bcscale(2);
 $export->send_header();
 if ( ! isset ($_REQUEST['oper_detail']))
 {
+    /*
+     * Without detail for accounting
+     */
     if ( count($a_poste) == 0 )
         exit;
 
@@ -56,9 +64,9 @@ if ( ! isset ($_REQUEST['oper_detail']))
     {
         $Poste=new Acc_Account_Ledger($cn,$pos['pcm_val']);
         $name=$Poste->get_name();
-        list($array,$tot_deb,$tot_cred)=$Poste->get_row_date( 
$_REQUEST['from_periode'],
-                                                             
$_REQUEST['to_periode'],
-                                                             $_GET['ople']
+        list($array,$tot_deb,$tot_cred)=$Poste->get_row_date( $from_periode,
+                                                             $to_periode,
+                                                             $ople
                                                              );
         if ( count($Poste->row ) == 0 )
             continue;
@@ -153,7 +161,9 @@ if ( ! isset ($_REQUEST['oper_detail']))
 }
 else
 {
-    /* detail of all operation */
+    /* 
+     * detail of all operation 
+     */
     if ( count($a_poste) == 0 )
         exit;
 
@@ -161,9 +171,9 @@ else
     {
         $Poste=new Acc_Account_Ledger($cn,$pos['pcm_val']);
         $Poste->get_name();
-        list($array,$tot_deb,$tot_cred)=$Poste->get_row_date( 
$_REQUEST['from_periode'],
-                                        $_REQUEST['to_periode'],
-                                                                             
$_GET['ople']
+        list($array,$tot_deb,$tot_cred)=$Poste->get_row_date($from_periode,
+                                                             $to_periode,
+                                                             $ople
                                                             );
         if ( count($Poste->row ) == 0 )
             continue;
diff --git a/include/export/export_poste_detail_pdf.php 
b/include/export/export_poste_detail_pdf.php
index 04977a3..6d613bb 100644
--- a/include/export/export_poste_detail_pdf.php
+++ b/include/export/export_poste_detail_pdf.php
@@ -31,12 +31,18 @@ require_once NOALYSS_INCLUDE.'/header_print.php';
 require_once NOALYSS_INCLUDE.'/class/class_dossier.php';
 require_once NOALYSS_INCLUDE.'/class/class_user.php';
 require_once NOALYSS_INCLUDE.'/lib/class_pdf.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
+
+$poste_id=$http->request("poste_id");
+$from_periode=$http->request("from_periode");
+$to_periode=$http->request("to_periode");
+$ople=$http->request("ople");
 
 $gDossier=dossier::id();
 
 /* Security */
 $cn=Dossier::connect();
-extract($_GET, EXTR_SKIP);
 
 if ( isset ( $poste_fille) )
 { //choisit de voir tous les postes
@@ -49,11 +55,11 @@ else
 $ret="";
 
 $pdf=new PDF($cn);
-$pdf->setDossierInfo("  Periode : ".$_GET['from_periode']." - 
".$_GET['to_periode']);
+$pdf->setDossierInfo(sprintf(_("  Période : %s 
%s"),$from_periode,$to_periode));
 $pdf->AliasNbPages();
 $pdf->AddPage();
 $pdf->SetAuthor('NOALYSS');
-$pdf->setTitle("Détail poste comptable",true);
+$pdf->setTitle(_("Détail poste comptable"),true);
 
 
 if ( count($a_poste) == 0 )
@@ -80,21 +86,21 @@ foreach ($a_poste as $poste)
 
     $pdf->SetFont('DejaVuCond','',8);
     $l=0;
-    $pdf->write_cell($size[$l],6,'Date',0,0,'L');
+    $pdf->write_cell($size[$l],6,_('Date'),0,0,'L');
     $l++;
-    $pdf->write_cell($size[$l],6,'Ref',0,0,'C');
+    $pdf->write_cell($size[$l],6,_('Ref'),0,0,'C');
     $l++;
-    $pdf->write_cell($size[$l],6,'Journal',0,0,'C');
+    $pdf->write_cell($size[$l],6,_('Journal'),0,0,'C');
     $l++;
-    $pdf->LongLine($size[$l],6,'Libellé',0,'L');
+    $pdf->LongLine($size[$l],6,_('Libellé'),0,'L');
     $l++;
-    $pdf->write_cell($size[$l],6,'Let',0,0,'R');
+    $pdf->write_cell($size[$l],6,_('Let'),0,0,'R');
     $l++;
-    $pdf->write_cell($size[$l],6,'Debit',0,0,'R');
+    $pdf->write_cell($size[$l],6,_('Debit'),0,0,'R');
     $l++;
-    $pdf->write_cell($size[$l],6,'Credit',0,0,'R');
+    $pdf->write_cell($size[$l],6,_('Credit'),0,0,'R');
     $l++;
-    $pdf->write_cell($size[$l],6,'Prog',0,0,'R');
+    $pdf->write_cell($size[$l],6,_('Prog'),0,0,'R');
     $l++;
     $pdf->line_new();
     $tot_deb=0;
diff --git a/include/export/export_rec_csv.php 
b/include/export/export_rec_csv.php
index 901ade8..0acccdc 100644
--- a/include/export/export_rec_csv.php
+++ b/include/export/export_rec_csv.php
@@ -14,17 +14,22 @@ require_once NOALYSS_INCLUDE.'/lib/ac_common.php';
 require_once NOALYSS_INCLUDE.'/lib/class_database.php';
 require_once NOALYSS_INCLUDE.'/class/class_dossier.php';
 require_once NOALYSS_INCLUDE.'/lib/class_noalyss_csv.php';
-
-// --------------------------
-// Check if all mandatory arg are passed
-foreach (array('choice','p_end','p_start') as $arg)
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
+try
+{
+    $choice=$http->get("choice");
+    $p_start=$http->get("p_start");
+    $p_end=$http->get("p_end");
+    $r_jrn=$http->get("r_jrn","string","");
+   
+}
+catch (Exception $exc)
 {
-    if ( ! isset ($_GET[$arg])) {
-        die ("argument [".$arg."] is missing");
-    }
+    error_log($exc->getTraceAsString());
+    return;
 }
-extract($_GET, EXTR_SKIP);
-$r_jrn=(isset($r_jrn))?$r_jrn:'';
+
 // -------------------------
 // Create object and export
 $acc_reconciliation=new Acc_Reconciliation($cn);
diff --git a/include/export/export_receipt.php 
b/include/export/export_receipt.php
index 93981ee..01cdb17 100644
--- a/include/export/export_receipt.php
+++ b/include/export/export_receipt.php
@@ -26,10 +26,19 @@ if ( ! defined ('ALLOWED')) die (_('Non autorisé'));
 include_once NOALYSS_INCLUDE.'/lib/ac_common.php';
 require_once  NOALYSS_INCLUDE.'/class/class_dossier.php';
 require_once NOALYSS_INCLUDE.'/lib/class_database.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
 
-$jr_id=HtmlInput::default_value_get('jr_id',"0");
+try
+{
+    $jr_id=$http->get('jr_id',"number");
+}
+catch (Exception $exc)
+{
+    error_log($exc->getTraceAsString());
+    return;
+}
 
-if ( $jr_id==0 || isNumber($jr_id) != 1 ) die (_('Données invalides'));
 
 $r=$cn->exec_sql("select jr_def_id from jrn where jr_id=$1",array($jr_id));
 
diff --git a/include/export/export_security_pdf.php 
b/include/export/export_security_pdf.php
index d55ca14..03639d1 100755
--- a/include/export/export_security_pdf.php
+++ b/include/export/export_security_pdf.php
@@ -27,7 +27,20 @@ $gDossier=dossier::id();
 require_once NOALYSS_INCLUDE.'/lib/ac_common.php';
 require_once NOALYSS_INCLUDE.'/lib/class_database.php';
 require_once NOALYSS_INCLUDE.'/lib/class_pdf.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
+
 $cn=Dossier::connect();
+try
+{
+    $user_id=$http->get("user_id");
+}
+catch (Exception $exc)
+{
+    error_log($exc->getTraceAsString());
+    return;
+}
+
 //-----------------------------------------------------
 // Security
 
@@ -38,31 +51,29 @@ $User=new User($rep);
 
 //-----------------------------------------------------
 // Get User's info
-if ( ! isset($_GET['user_id']) )
-    return;
 
-$SecUser=new User($rep,$_GET['user_id']);
+$SecUser=new User($rep,$user_id);
 $admin=0;
 $access=$SecUser->get_folder_access($gDossier);
 
 if ( $access == 'L')
 {
-    $str='Local Admin';
+    $str=_('Local Admin');
     $admin=1;
 }
 elseif ($access=='R')
 {
-    $str=' Utilisateur normal';
+    $str=_('Utilisateur normal');
 }
 elseif ($access=='P')
 {
-    $str=' Extension uniquement';
+    $str=_('Extension uniquement');
 }
 
 
 if ( $SecUser->admin==1 )
 {
-    $str=' Super Admin';
+    $str=_(' Super Admin');
     $admin=1;
 }
 
@@ -71,11 +82,11 @@ if ( $SecUser->admin==1 )
 // Print result
 
 $pdf=new PDF($cn);
-$pdf->setDossierInfo(dossier::name().' Sécurité');
+$pdf->setDossierInfo(dossier::name()._(' Sécurité'));
 $pdf->AliasNbPages();
 $pdf->AddPage();
 $pdf->SetAuthor('NOALYSS');
-$pdf->setTitle("Sécurité",true);
+$pdf->setTitle(_("Sécurité"),true);
 
 $str_user=sprintf("( %d ) %s %s [ %s ] - %s",
                   $SecUser->id,
@@ -90,7 +101,7 @@ $pdf->line_new();
 if ( $SecUser->active==0)
 {
     $pdf->SetTextColor(255,0,34);
-    $pdf->write_cell(0,7,'Bloqué',0,0,'R');
+    $pdf->write_cell(0,7,_('Bloqué'),0,0,'R');
     $pdf->line_new();
 }
 
@@ -98,14 +109,14 @@ if ( $SecUser->admin==1)
 {
     $pdf->SetTextColor(0,0,0);
     $pdf->setFillColor(239,251,255);
-    $pdf->write_cell(40,7,'Administrateur',1,1,'R');
+    $pdf->write_cell(40,7,_('Administrateur'),1,1,'R');
     $pdf->line_new();
 }
 $pdf->SetTextColor(0,0,0);
 
 //-----------------------------------------------------
 // Journal
-$pdf->write_cell(0,7,'Accès journaux',1,0,'C');
+$pdf->write_cell(0,7,_('Accès journaux'),1,0,'C');
 $pdf->line_new();
 $pdf->SetFont('DejaVu','',6);
 $Res=$cn->exec_sql("select jrn_def_id,jrn_def_name  from jrn_def ");
@@ -119,21 +130,21 @@ for ($e=0;$e < Database::num_row($Res);$e++)
     {
     case 'X':
             $pdf->SetTextColor(255,0,34);
-        $pdf->write_cell(30,6,"Pas d'accès");
+        $pdf->write_cell(30,6,_("Pas d'accès"));
         break;
     case 'R':
         $pdf->SetTextColor(54,233,0);
-        $pdf->write_cell(30,6,"Lecture");
+        $pdf->write_cell(30,6,_("Lecture"));
         break;
     case 'O':
         /**
-         *non implemente
+         *non implemented
          */
-        $pdf->write_cell(30,6,"Opérations prédéfinies uniquement");
+        $pdf->write_cell(30,6,_("Opérations prédéfinies uniquement"));
         break;
     case 'W':
         $pdf->SetTextColor(54,233,0);
-        $pdf->write_cell(30,6,'Ecriture');
+        $pdf->write_cell(30,6,_('Ecriture'));
         break;
     }
     $pdf->SetTextColor(0);
@@ -143,7 +154,7 @@ for ($e=0;$e < Database::num_row($Res);$e++)
 //-----------------------------------------------------
 // Follow_Up
 $pdf->SetFont('DejaVu','B',9);
-$pdf->write_cell(0,7,'Accès action',1,0,'C');
+$pdf->write_cell(0,7,_('Accès action'),1,0,'C');
 $pdf->line_new();
 $pdf->SetFont('DejaVu','',6);
 $Res=$cn->exec_sql(
@@ -161,12 +172,12 @@ for ( $i =0 ; $i < $Max; $i++ )
     case 0:
         $pdf->SetTextColor(255,0,34);
 
-        $pdf->write_cell(30,6,"Pas d'accès");
+        $pdf->write_cell(30,6,_("Pas d'accès"));
         break;
     case 1:
     case 2:
         $pdf->SetTextColor(54,233,0);
-        $pdf->write_cell(30,6,"Accès");
+        $pdf->write_cell(30,6,_("Accès"));
         break;
     }
     $pdf->SetTextColor(0);
@@ -174,5 +185,5 @@ for ( $i =0 ; $i < $Max; $i++ )
     $pdf->line_new();
 }
 $fDate=date('dmy-HI');
-$pdf->Output('security-'.$fDate.'pdf','D');
+$pdf->Output('security-'.$fDate.'.pdf','D');
 ?>
diff --git a/include/forecast.inc.php b/include/forecast.inc.php
index a4cf3a0..7c64115 100644
--- a/include/forecast.inc.php
+++ b/include/forecast.inc.php
@@ -26,11 +26,11 @@
 
 if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
 require_once NOALYSS_INCLUDE.'/class/class_anticipation.php';
-$action=HtmlInput::default_value_get('action','');
+global $http;
+$action=$http->get("action","string","");
 
 echo '<div class="content">';
-
-$sa = (isset($_REQUEST['sa'])) ? $_REQUEST['sa'] : 'list';
+$sa=$http->request("sa","string","list");
 /* * ********************************************************************
  * Remove a anticipation
  *
@@ -38,7 +38,8 @@ $sa = (isset($_REQUEST['sa'])) ? $_REQUEST['sa'] : 'list';
  * ******************************************************************** */
 if ( $action == 'del' )
 {
-    $forecast = new Forecast($cn, $_GET['f_id']);
+    $f_id=$http->get("f_id","number");
+    $forecast = new Forecast($cn, $f_id);
     $forecast->delete();
 }
 /*
@@ -50,7 +51,8 @@ if ( $action == 'clone' )
     /*
      * We need to clone the forecast
      */
-    $anti = new Forecast($cn, $_REQUEST ['f_id']);
+    $f_id=$http->get("f_id","number");
+    $anti = new Forecast($cn, $f_id);
     $anti->object_clone();
     $sa="list";
 }
@@ -64,14 +66,18 @@ if (isset($_POST['mod_cat_save']))
     /*
      * We save the forecast
      */
-    $anti = new Forecast($cn, $_POST['f_id']);
+    $f_id=$http->post("f_id","number");
+    $an_name=$http->post("an_name");
+    $start_date=$http->post("start_date");
+    $end_date=$http->post("end_date");
+    $anti = new Forecast($cn,$f_id);
     try
     {
        $cn->start();
        /* Save forecast */
-       $anti->set_parameter('name', $_POST['an_name']);
-       $anti->set_parameter('start_date', $_POST['start_date']);
-       $anti->set_parameter('end_date', $_POST['end_date']);
+       $anti->set_parameter('name', $an_name);
+       $anti->set_parameter('start_date', $start_date);
+       $anti->set_parameter('end_date', $end_date);
 
        $anti->save();
 
@@ -80,12 +86,16 @@ if (isset($_POST['mod_cat_save']))
        {
            if (isset($_POST['fr_cat_new' . $i]))
            {
-               if (strlen(trim($_POST['fr_cat_new' . $i])) != 0)
+                $fr_cat_name=$http->post("fr_cat_new".$i);
+               if (strlen(trim($fr_cat_name)) != 0)
                {
+                    $order=$http->post("fc_order_new".$i);
+                    $desc=$http->post('fr_cat_new' . $i);
+                    $f_id=$http->post("f_id","number");
                    $c = new Forecast_Cat($cn);
-                   $c->set_parameter('order', $_POST['fc_order_new' . $i]);
-                   $c->set_parameter('desc', $_POST['fr_cat_new' . $i]);
-                   $c->set_parameter('forecast', $_POST['f_id']);
+                   $c->set_parameter('order',$order);
+                   $c->set_parameter('desc', $desc);
+                   $c->set_parameter('forecast', $f_id);
                    $c->save();
                }
            }
@@ -105,9 +115,12 @@ if (isset($_POST['mod_cat_save']))
                }
                else
                {
-                   $fc->set_parameter('order', $_POST['fc_order' . $var[0]]);
-                   $fc->set_parameter('desc', $_POST['fr_cat' . $var[0]]);
-                   $fc->set_parameter('forecast', $_POST['f_id']);
+                     $order=$http->post("fc_order".$var[0]);
+                    $desc=$http->post('fr_cat' . $var[0]);
+                    $f_id=$http->post("f_id","number");
+                   $fc->set_parameter('order', $order);
+                   $fc->set_parameter('desc', $desc);
+                   $fc->set_parameter('forecast', $f_id);
                    $fc->save();
                }
            }
@@ -136,7 +149,8 @@ if ($sa == 'new' || isset($_POST['step3']))
        try
        {
            $cn->start();
-           for ($i = 0; $i < $_POST['nbrow']; $i++)
+            $nb_row=$http->post("nbrow");
+           for ($i = 0; $i < $nb_row; $i++)
            {
 
                // Delete if needed
diff --git a/include/history_operation.inc.php 
b/include/history_operation.inc.php
index 8e615ae..eeadbc3 100644
--- a/include/history_operation.inc.php
+++ b/include/history_operation.inc.php
@@ -32,9 +32,9 @@ require_once 
NOALYSS_INCLUDE.'/class/class_acc_ledger_purchase.php';
 require_once NOALYSS_INCLUDE.'/class/class_acc_ledger_fin.php';
 require_once NOALYSS_INCLUDE.'/class/class_acc_ledger_sold.php';
 require_once NOALYSS_INCLUDE.'/class/class_acc_ledger.php';
-global $g_user,$cn;
+global $g_user,$cn,$http;
 $p_array = $_GET;
-$ledger_type=HtmlInput::default_value_get("ledger_type", 'ALL');
+$ledger_type=$http->get("ledger_type","string", 'ALL');
 switch($ledger_type)
 {
         case 'ACH':
@@ -65,7 +65,7 @@ switch($ledger_type)
 }
 echo '<div class="content">';
 // Check privilege
-$p_jrn=HtmlInput::default_value_request("p_jrn", -1);
+$p_jrn=$http->request("p_jrn", "string",-1);
 if (isset($_REQUEST['p_jrn']) &&
                $g_user->check_jrn($_REQUEST['p_jrn']) == 'X')
 {
diff --git a/include/impress_gl_comptes.inc.php 
b/include/impress_gl_comptes.inc.php
index 1ae6dd1..1711978 100644
--- a/include/impress_gl_comptes.inc.php
+++ b/include/impress_gl_comptes.inc.php
@@ -34,7 +34,7 @@ require_once NOALYSS_INCLUDE.'/class/class_acc_operation.php';
 // Show the jrn and date
 //-----------------------------------------------------
 require_once NOALYSS_INCLUDE.'/lib/class_database.php';
-global $g_user;
+global $g_user,$http;
 //-----------------------------------------------------
 // Form
 //-----------------------------------------------------
@@ -66,11 +66,11 @@ $letter=new ICheckbox('letter');
 $letter->selected=(isset($_REQUEST['letter']))?true:false;
 
 $from_poste=new IPoste('from_poste');
-$from_poste->value=HtmlInput::default_value('from_poste','',$_REQUEST);
+$from_poste->value=$http->request('from_poste',"string",'');
 $from_poste->set_attribute('account','from_poste');
 
 $to_poste=new IPoste('to_poste');
-$to_poste->value=HtmlInput::default_value('to_poste','',$_REQUEST);
+$to_poste->value=$http->request('to_poste',"string",'');
 $to_poste->set_attribute('account','to_poste');
 
 $solded=new ICheckbox('solded');
diff --git a/include/impress_jrn.inc.php b/include/impress_jrn.inc.php
index 15a66b9..0083745 100644
--- a/include/impress_jrn.inc.php
+++ b/include/impress_jrn.inc.php
@@ -29,7 +29,7 @@ require_once NOALYSS_INCLUDE.'/class/class_exercice.php';
 require_once NOALYSS_INCLUDE.'/class/class_dossier.php';
 load_all_script();
 $gDossier = dossier::id();
-global $g_user;
+global $g_user,$http;
 //-----------------------------------------------------
 // Show the jrn and date
 //-----------------------------------------------------
@@ -103,7 +103,7 @@ echo '<TABLE  ><TR>';
 $w = new ISelect();
 $w->table = 1;
 $label = _("Choisissez le journal");
-$w->selected = HtmlInput::default_value_get('jrn_id','');
+$w->selected = $http->get('jrn_id',"number",0);
 print td($label) . $w->input("jrn_id", $ret);
 print '</TR>';
 print '<TR>';
diff --git a/include/impress_rapport.inc.php b/include/impress_rapport.inc.php
index 39a5245..0fb28a9 100644
--- a/include/impress_rapport.inc.php
+++ b/include/impress_rapport.inc.php
@@ -28,7 +28,7 @@ require_once NOALYSS_INCLUDE.'/lib/class_iselect.php';
 require_once NOALYSS_INCLUDE.'/lib/class_idate.php';
 require_once NOALYSS_INCLUDE.'/class/class_acc_report.php';
 require_once NOALYSS_INCLUDE.'/class/class_exercice.php';
-global $g_user;
+global $g_user,$http;
 //-----------------------------------------------------
 // If print is asked
 // First time in html
@@ -36,31 +36,56 @@ global $g_user;
 //-----------------------------------------------------
 if ( isset( $_GET['bt_html'] ) )
 {
-    $Form=new Acc_Report($cn,$_GET['form_id']);
-    $Form->get_name();
+    
     // step asked ?
     //--
-    $type_periode=HtmlInput::default_value_get("type_periode", -1);
-    if ( $type_periode == 1 )
-        $array=$Form->get_row( $_GET['from_date'],$_GET['to_date'], 
$type_periode);
-
-    if ($type_periode == 0   && $_GET['p_step'] == 0)
-        $array=$Form->get_row( $_GET['from_periode'],$_GET['to_periode'], 
$type_periode);
-
-
-    if ($type_periode  == 0  && $_GET['p_step'] == 1 )
+    try
     {
-        // step are asked
-        //--
-        for 
($e=$_GET['from_periode'];$e<=$_GET['to_periode'];$e+=$_GET['p_step'])
+        $Form=new Acc_Report($cn,$http->get('form_id',"number"));
+        $Form->get_name();
+        $type_periode=$http->get("type_periode", "number", -1);
+        
+        if ($type_periode==1)
+        {
+            $from_date=$http->get("from_date", "date");
+            $to_date=$http->get("to_date", "date");
+            $array=$Form->get_row(
+                    $from_date,
+                    $to_date,
+                    $type_periode);
+        }
+        // Printing asked by range of date
+        if ($type_periode==0)
         {
+            $from_periode=$http->get("from_periode");
+            $to_periode=$http->get("to_periode");
+            $p_step=$http->get('p_step');
+            if ( $http->get("p_step","number")==1) {
+                // step are asked
+                //--
+                for ($e=$from_periode; $e<=$to_periode;
+                            $e+=$p_step)
+                {
 
-            $periode=getPeriodeName($cn,$e);
-            if ( $periode == null ) continue;
-            $array[]=$Form->get_row($e,$e,$_GET['type_periode']);
-            $periode_name[]=$periode;
+                    $periode=getPeriodeName($cn, $e);
+                    if ($periode==null)
+                        continue;
+                    $array[]=$Form->get_row($e, $e, $type_periode);
+                    $periode_name[]=$periode;
+                }
+            } else {
+                 $array=$Form->get_row(
+                    $http->get('from_periode',"number"), 
+                    $http->get('to_periode',"number"),
+                    $type_periode);
+            }
         }
     }
+    catch (Exception $ex)
+    {
+        alert($ex->getMessage());;
+        
+    }
 
 
 
@@ -68,11 +93,11 @@ if ( isset( $_GET['bt_html'] ) )
 
     $hid=new IHidden();
     echo '<div class="content">';
-    if ( $_GET['type_periode'] == 0)
+    if ($type_periode == 0)
     {
-        $t=($_GET['from_periode']==$_GET['to_periode'])?"":" -> 
".getPeriodeName($cn,$_GET['to_periode'],'p_end');
+        $t=($from_periode==$to_periode)?"":" -> 
".getPeriodeName($cn,$to_periode,'p_end');
         echo '<h2 class="info">'.$Form->id." ".$Form->name.
-        " - ".getPeriodeName($cn,$_GET['from_periode'],'p_start').
+        " - ".getPeriodeName($cn,$from_periode,'p_start').
         " ".$t.
         '</h2>';
     }
@@ -80,9 +105,9 @@ if ( isset( $_GET['bt_html'] ) )
     {
         echo '<h2 class="info">'.$Form->id." ".$Form->name.
         ' Date :'.
-        $_GET['from_date'].
+        $from_date.
         " au ".
-        $_GET['to_date'].
+        $to_date.
         '</h2>';
     }
     echo '<table >';
@@ -99,12 +124,12 @@ if ( isset( $_GET['bt_html'] ) )
     $hid->input("type","rapport").
     $hid->input("ac",$_GET['ac']).
     $hid->input("form_id",$Form->id);
-    if ( isset($_GET['from_periode'])) echo 
$hid->input("from_periode",$_GET['from_periode']);
-    if ( isset($_GET['to_periode'])) echo 
$hid->input("to_periode",$_GET['to_periode']);
-    if (isset($_GET['p_step'])) echo $hid->input("p_step",$_GET['p_step']);
-    if ( isset($_GET['from_date'])) echo 
$hid->input("from_date",$_GET['from_date']);
-    if ( isset($_GET['to_date'])) echo $hid->input("to_date",$_GET['to_date']);
-    echo $hid->input("type_periode",$_GET['type_periode']);
+    if ( isset($from_periode)) echo $hid->input("from_periode",$from_periode);
+    if ( isset($to_periode)) echo $hid->input("to_periode",$to_periode);
+    if (isset($p_step)) echo $hid->input("p_step",$p_step);
+    if ( isset($from_date)) echo $hid->input("from_date",$from_date);
+    if ( isset($to_date)) echo $hid->input("to_date",$to_date);
+    echo $hid->input("type_periode",$type_periode);
 
 
 
@@ -117,11 +142,11 @@ if ( isset( $_GET['bt_html'] ) )
     $hid->input("type","form").
     $hid->input("ac",$_GET['ac']).
     $hid->input("form_id",$Form->id);
-    if ( isset($_GET['from_periode'])) echo 
$hid->input("from_periode",$_GET['from_periode']);
-    if ( isset($_GET['to_periode'])) echo 
$hid->input("to_periode",$_GET['to_periode']);
-    if (isset($_GET['p_step'])) echo $hid->input("p_step",$_GET['p_step']);
-    if ( isset($_GET['from_date'])) echo 
$hid->input("from_date",$_GET['from_date']);
-    if ( isset($_GET['to_date'])) echo $hid->input("to_date",$_GET['to_date']);
+    if ( isset($from_periode)) echo $hid->input("from_periode",$from_periode);
+    if ( isset($to_periode)) echo $hid->input("to_periode",$to_periode);
+    if (isset($p_step)) echo $hid->input("p_step",$p_step);
+    if ( isset($from_date)) echo $hid->input("from_date",$from_date);
+    if ( isset($to_date)) echo $hid->input("to_date",$to_date);
     echo       $hid->input("type_periode",$_GET['type_periode']);
 
 
@@ -132,9 +157,9 @@ if ( isset( $_GET['bt_html'] ) )
     echo "</table>";
     if ( count($Form->row ) == 0 )
         exit;
-    if ( $_GET['type_periode']== 0 )
+    if ( $type_periode== 0 )
     {
-        if ( $_GET['p_step'] == 0)
+        if ( $p_step == 0)
         { // check the step
             // show tables
             ShowReportResult($Form->row);
diff --git a/include/lib/class_html_input.php b/include/lib/class_html_input.php
index 5fad2b7..a367f7a 100755
--- a/include/lib/class_html_input.php
+++ b/include/lib/class_html_input.php
@@ -16,7 +16,7 @@
  *   along with NOALYSS; if not, write to the Free Software
  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */
-
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
 
 // Copyright Author Dany De Bontridder address@hidden
 
@@ -707,6 +707,9 @@ class HtmlInput
     }
        /**
         *  return default if the value if the value doesn't exist in $_GET
+         * use HttpInput instead
+         * @see HttpInput
+         * @deprecated 
         * @param  $ind name of the variable
         * @param type $default
         * @return type
@@ -721,6 +724,9 @@ class HtmlInput
        }
        /**
         *  return default if the value if the value doesn't exist in $_POST
+         * use HttpInput instead
+         * @see HttpInput
+         * @deprecated 
         * @param  $ind name of the variable
         * @param type $default
         * @return type
@@ -735,6 +741,9 @@ class HtmlInput
        }
        /**
         *  return default if the value if the value doesn't exist in $_REQUEST
+         * use HttpInput instead
+         * @see HttpInput
+         * @deprecated 
         * @param  $ind name of the variable
         * @param type $default
         * @return type
diff --git a/include/lib/class_http_input.php b/include/lib/class_http_input.php
new file mode 100644
index 0000000..dd97922
--- /dev/null
+++ b/include/lib/class_http_input.php
@@ -0,0 +1,147 @@
+<?php
+
+/*
+ *   This file is part of PhpCompta.
+ *
+ *   PhpCompta is free software; you can redistribute it and/or modify
+ *   it under the terms of the GNU General Public License as published by
+ *   the Free Software Foundation; either version 2 of the License, or
+ *   (at your option) any later version.
+ *
+ *   PhpCompta is distributed in the hope that it will be useful,
+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *   GNU General Public License for more details.
+ *
+ *   You should have received a copy of the GNU General Public License
+ *   along with PhpCompta; if not, write to the Free Software
+ *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+// Copyright (2016) Author Dany De Bontridder <address@hidden>
+
+/**
+ * @file
+ * @brief 
+ */
+class HttpInput
+{
+    private $array;
+    function _construct()
+    {
+        $this->array=null;
+    }
+
+    function check_type($p_name, $p_type)
+    {
+        try
+        {
+            // no check on string
+            if ( $p_type=="string") return;
+            if ( $p_type=="number" 
+                 && isNumber($this->array[$p_name]) == 0
+                 )                     
+                throw new Exception(_("Valeur invalide")."[ $p_name ] = 
{$this->array[$p_name]}"
+                    ,EXC_PARAM_TYPE);
+            if ( $p_type=="date") return;
+        }
+        catch (Exception $ex)
+        {
+            throw $ex;
+        }
+    }
+
+    function get_value($p_name, $p_type="string", $p_default="")
+    {
+        try
+        {
+            if (func_num_args()==3)
+            {
+                if (isset($this->array[$p_name]))
+                {
+                    $this->check_type($p_name, $p_type);
+                    return $this->array[$p_name];
+                }
+                else
+                {
+                    return $p_default;
+                }
+            }
+            if ( ! isset ($this->array[$p_name])) {
+                throw new Exception(_('Paramètre 
invalide')."[$p_name]",EXC_PARAM_VALUE);
+            }
+            $this->check_type($p_name, $p_type);
+            return $this->array[$p_name];
+        }
+        catch (Exception $e)
+        {
+            throw $e;
+        }
+    }
+
+    function get($p_name, $p_type="string", $p_default="")
+    {
+        try
+        {
+            $this->array=$_GET;
+            if (func_num_args()==1)  return $this->get_value($p_name);
+            if (func_num_args()==2)  return $this->get_value($p_name,$p_type);
+            if (func_num_args()==3)  return 
$this->get_value($p_name,$p_type,$p_default);
+            
+        }
+        catch (Exception $exc)
+        {
+            throw $exc;
+        }
+
+    }
+    function post($p_name, $p_type="string", $p_default="")
+    {
+        try
+        {
+            $this->array=$_POST;
+            if (func_num_args()==1)  return $this->get_value($p_name);
+            if (func_num_args()==2)  return $this->get_value($p_name,$p_type);
+            if (func_num_args()==3)  return 
$this->get_value($p_name,$p_type,$p_default);
+            
+        }
+        catch (Exception $exc)
+        {
+            throw $exc;
+        }
+
+        
+    }
+
+    function request($p_name, $p_type="string", $p_default="")
+    {
+        try
+        {
+            $this->array=$_REQUEST;
+            if (func_num_args()==1)  return $this->get_value($p_name);
+            if (func_num_args()==2)  return $this->get_value($p_name,$p_type);
+            if (func_num_args()==3)  return 
$this->get_value($p_name,$p_type,$p_default);
+        }
+        catch (Exception $exc)
+        {
+            throw $exc;
+        }
+    }
+    function extract($p_array,$p_name, $p_type="string", $p_default="")
+    {
+        try
+        {
+            $this->array=$p_array;
+            if (func_num_args()==1)  return $this->get_value($p_name);
+            if (func_num_args()==2)  return $this->get_value($p_name,$p_type);
+            if (func_num_args()==3)  return 
$this->get_value($p_name,$p_type,$p_default);
+            
+        }
+        catch (Exception $exc)
+        {
+            throw $exc;
+        }
+
+    }
+}
+
+?>
diff --git a/include/lib/user_common.php b/include/lib/user_common.php
index 6fc4a09..880d7e4 100644
--- a/include/lib/user_common.php
+++ b/include/lib/user_common.php
@@ -180,9 +180,8 @@ function 
navigation_bar($p_offset,$p_line,$p_size=0,$p_page=1,$p_javascript="")
 function CleanUrl()
 {
     // Compute the url
-    $url="";
-    $and="";
-    $get=$_GET;
+    $url=http_build_query($_GET);
+   /* $get=$_GET;
     if ( isset ($get) )
     {
         foreach ($get as $name=>$value )
@@ -190,7 +189,11 @@ function CleanUrl()
             // we clean the parameter offset, step, page and size
             if (  ! 
in_array($name,array('offset','step','page','size','s','o','r_jrn')))
             {
-                $url.=$and.$name."=".$value;
+                if (is_array($name)) {
+                    
+                } else {
+                    $url.=$and.$name."=".$value;
+                }
                 $and="&";
             }// if
         }//foreach
@@ -206,7 +209,7 @@ function CleanUrl()
                 }
             }
         }
-    }// if
+    }// if*/
     return $url;
 }
 function redirect($p_string,$p_time=0)
diff --git a/include/manager.inc.php b/include/manager.inc.php
index f21bdfd..a7e9fa8 100644
--- a/include/manager.inc.php
+++ b/include/manager.inc.php
@@ -31,7 +31,7 @@ require_once NOALYSS_INCLUDE.'/class/class_fiche_def.php';
 require_once NOALYSS_INCLUDE.'/lib/class_iaction.php';
 require_once NOALYSS_INCLUDE.'/class/class_fiche_def.php';
 
-global $g_user;
+global $g_user,$http;
 
 $low_action = (isset($_REQUEST['sb'])) ? $_REQUEST['sb'] : "list";
 /*! \file
@@ -81,7 +81,7 @@ if ($low_action == "list")
                 echo _("Cherche ").HtmlInput::filter_table_form("tiers_tb", 
'0,1,2', 1,"query",$a);
 
                 echo HtmlInput::request_to_hidden(array('ac'));
-                $choice_cat=HtmlInput::default_value_request("choice_cat", 1);
+                $choice_cat=$http->request("choice_cat", "number",1);
                 if ( $choice_cat == 1 )
                 {
                     $sel_card = new ISelect('cat');
@@ -94,7 +94,7 @@ if ($low_action == "list")
                 }
                 else
                 {
-                    $cat=HtmlInput::default_value_request('cat', '');
+                    $cat=$http->request('cat',"string", '');
                     echo HtmlInput::hidden("cat",$cat);
                     echo HtmlInput::hidden('choice_cat', 0);
                 }
diff --git a/include/modele.inc.php b/include/modele.inc.php
index 7c5f6da..f7ededa 100644
--- a/include/modele.inc.php
+++ b/include/modele.inc.php
@@ -31,14 +31,15 @@ require_once NOALYSS_INCLUDE.'/lib/class_itext.php';
 require_once NOALYSS_INCLUDE.'/lib/class_icheckbox.php';
 require_once  NOALYSS_INCLUDE.'/class/class_extension.php';
 require_once NOALYSS_INCLUDE.'/lib/class_html_input.php';
-
-$sa = (isset($_REQUEST['sa'])) ? $_REQUEST['sa'] : 'list';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
+$sa = $http->request("sa", "string", 'list');
 if (isset($_POST['upd']) &&
                isset($_POST['m']))
 {
-    $name=HtmlInput::default_value_post('name',"");
-    $desc =HtmlInput::default_value_post('desc',"");
-    $mod_id=HtmlInput::default_value_post("m", 0);
+    $name=$http->post('name');
+    $desc =$http->post('desc');
+    $mod_id=$http->post("m", 0);
     
        if (trim($name) != "" && $mod_id != 0 && isNumber($mod_id)==1)
        {
@@ -52,7 +53,7 @@ if (isset($_POST['upd']) &&
 
 $cn = new Database();
 
-$fmod_dbid=HtmlInput::default_value_post("FMOD_DBID", 0);
+$fmod_dbid=$http->post("FMOD_DBID");
 
 // IF FMOD_NAME is posted then must add a template
 if (isset($_POST["FMOD_NAME"]))
@@ -72,8 +73,8 @@ if (isset($_POST["FMOD_NAME"]))
                return;
        }
 
-       $mod_name = HtmlInput::default_value_post("FMOD_NAME",null);
-       $mod_desc = HtmlInput::default_value_post("FMOD_DESC",null);
+       $mod_name = $http->post("FMOD_NAME");
+       $mod_desc = $http->post("FMOD_DESC");
        if ($mod_name != null || trim ($mod_name) != "")
        {
                $Res = $cn->exec_sql("insert into modeledef(mod_name,mod_desc)
@@ -397,8 +398,11 @@ if ($sa == 'list')
                        echo HtmlInput::button_anchor(_('Retour'), 
'?action=modele_mgt');
                        return;
                }
-                $mod_id=HtmlInput::default_value_request('m', 0);
-                if ( $mod_id == 0 || isNumber($mod_id) == 0 )
+                try {
+                    $mod_id=$http->request('m', "number");
+                    
+                }
+                catch (Exception $e)
                 {
                     echo _('Donnée invalide');
                     return;
diff --git a/include/param_pcmn.inc.php b/include/param_pcmn.inc.php
index 65a132f..afc938a 100644
--- a/include/param_pcmn.inc.php
+++ b/include/param_pcmn.inc.php
@@ -26,7 +26,7 @@ require_once  NOALYSS_INCLUDE.'/lib/ac_common.php';
 require_once NOALYSS_INCLUDE.'/constant.php';
 require_once NOALYSS_INCLUDE.'/class/class_dossier.php';
 require_once NOALYSS_INCLUDE.'/lib/function_javascript.php';
-
+global $http;
 $gDossier=dossier::id();
 
 require_once NOALYSS_INCLUDE.'/lib/class_database.php';
@@ -41,7 +41,7 @@ echo '<div id="acc_update" class="inner_box" 
style="display:none;position:absolu
 
 /* Store the p_start parameter */
 
-$g_start=HtmlInput::default_value_get('p_start',1);
+$g_start=$http->get('p_start',"string",1);
 ?>
 <a  id="top"></a>
 
diff --git a/include/payment_middle.inc.php b/include/payment_middle.inc.php
index f7667ae..477c8f3 100644
--- a/include/payment_middle.inc.php
+++ b/include/payment_middle.inc.php
@@ -29,11 +29,11 @@ $tr='<tr>';
 $etr='</tr>';
 $th='<th>';
 $eth='</th>';
-
+global $http;
 /*!\file
  * \brief payment mode
  */
-$sb=HtmlInput::default_value('sb', "", $_REQUEST);
+$sb=$http->request('sb', "string","");
 echo '<div class="content">';
 
 //----------------------------------------------------------------------
diff --git a/include/preod.inc.php b/include/preod.inc.php
index 65837f2..37974e3 100644
--- a/include/preod.inc.php
+++ b/include/preod.inc.php
@@ -29,14 +29,14 @@ require_once NOALYSS_INCLUDE.'/lib/class_ihidden.php';
 require_once NOALYSS_INCLUDE.'/lib/class_database.php';
 require_once NOALYSS_INCLUDE.'/lib/ac_common.php';
 require_once NOALYSS_INCLUDE.'/class/class_pre_operation.php';
-
+global $http;
 /*
  * Value from $_GET or $_REQUEST
  */
-$request_jrn=HtmlInput::default_value_request("jrn", -1);
-$request_ac=HtmlInput::default_value_request("ac", "");
-$request_sa=HtmlInput::default_value_request("sa", "");
-$get_jrn=HtmlInput::default_value_get('jrn',-1);
+$request_jrn=$http->request("jrn","string", -1);
+$request_ac=$http->request("ac","string", "");
+$request_sa=$http->request("sa","string", "");
+$get_jrn=$http->get('jrn',"string",-1);
 
 echo '<div class="content">';
 echo '<form method="GET">';
diff --git a/include/profile.inc.php b/include/profile.inc.php
index 63715e8..81ed1af 100644
--- a/include/profile.inc.php
+++ b/include/profile.inc.php
@@ -21,7 +21,7 @@
 if (!defined('ALLOWED'))
     die('Appel direct ne sont pas permis');
 require_once NOALYSS_INCLUDE.'/database/class_profile_sql.php';
-global $cn;
+global $cn,$http;
 
 //**********************************************
 // Save avail. profiles
@@ -145,12 +145,9 @@ if (isset($_POST['save_name']))
 //************************************
 if (isset($_POST['clone']))
 {
-    $p_id = HtmlInput::default_value_post("p_id", 0);
-    if ( $p_id == 0 || isNumber($p_id) == 0) {
-     throw new Exception (_('Argument'));
-    }
     try
     {
+        $p_id = $http->post("p_id","number", 0);
         $cn->start();
         $new_id=$cn->get_value("insert into profile(p_name,p_desc,with_calc,
                        with_direct_form)
@@ -210,26 +207,20 @@ if (isset($_POST['delete_profil']))
 //************************************
 if (isset($_POST['mod']))
 {
-    // pm_id of the menu to modify
-    $pm_id=HtmlInput::default_value_post("pm_id", 0);
-    // profile id
-    $p_id=HtmlInput::default_value_post("p_id", "");
-    // display order 
-    $p_order=HtmlInput::default_value_post("p_order", 0);
-    // code to add
-    $me_code=HtmlInput::default_value_post("me_code", "");
-    // tab
-    $tab=HtmlInput::default_value_post("tab", "");
-    // set Default
-    $pm_default=HtmlInput::default_value_post('pm_default', 0);
     try
     {
-        if ($pm_id==""||
-                $p_id==""||
-                $p_order==""||
-                $me_code==""
-        )
-            throw new Exception('Argument');
+        // pm_id of the menu to modify
+        $pm_id=$http->post("pm_id", "number");
+        // profile id
+        $p_id=$http->post("p_id", "number");
+        // display order 
+        $p_order=$http->post("p_order", "number");
+        // code to add
+        $me_code=$http->post("me_code");
+        // tab
+        $tab=$http->post("tab");
+        // set Default
+        $pm_default=$http->post('pm_default', "string", 0);
         /**
          * Printing cannot be a menu and do not depend of anything
          */
@@ -267,22 +258,22 @@ if (isset($_POST['mod']))
 //****************************************************
 if (isset($_POST['add_menu'])||isset($_POST['add_impress']))
 {
-    // type of menu me or pr
-    $p_type=HtmlInput::default_value_post("type", "");
-    // level
-    $p_level=HtmlInput::default_value_post("p_level", "");
-    // pm_id of menu parent
-    $p_dep=HtmlInput::default_value_post("dep", "");
-    // profile id
-    $p_id=HtmlInput::default_value_post("p_id", "");
-    // display order 
-    $p_order=HtmlInput::default_value_post("p_order", 0);
-    // code to add
-    $me_code=HtmlInput::default_value_post("me_code", "");
-    // tab
-    $tab=HtmlInput::default_value_post("tab", "");
     try
     {
+        // type of menu me or pr
+        $p_type=$http->post("type");
+        // level
+        $p_level=$http->post("p_level");
+        // pm_id of menu parent
+        $p_dep=$http->post("dep");
+        // profile id
+        $p_id=$http->post("p_id", "number");
+        // display order 
+        $p_order=$http->post("p_order");
+        // code to add
+        $me_code=$http->post("me_code");
+        // tab
+        $tab=$http->post("tab");
         $cn->start();
 
 
@@ -302,16 +293,6 @@ if 
(isset($_POST['add_menu'])||isset($_POST['add_impress']))
         // Module never depends of anything
         if ($p_type=='me')
         {
-            /*
-             * Check variable
-             */
-            if ($p_type==""||
-                    $p_level==""||
-                    $p_dep==""||
-                    $p_id==""||
-                    $me_code==""
-            )
-                throw new Exception('Argument');
             if ($p_level==0)
             {
                 $me_code_dep=null;
@@ -333,12 +314,12 @@ if 
(isset($_POST['add_menu'])||isset($_POST['add_impress']))
                 where p_id=$1 and me_code_dep=$2 and me_code=$3",
                 array($p_id, $me_code, $me_code_dep));
         if ($inf>0)
-            throw new Exception("Boucle infinie");
+            throw new Exception(_("Boucle infinie"));
         /**
          * Check if we don't add a menu depending on itself
          */
         if ($me_code==$me_code_dep)
-            throw new Exception("Un menu ne peut pas dépendre de lui-même");
+            throw new Exception(_("Un menu ne peut pas dépendre de lui-même"));
 
 
         /**
@@ -367,6 +348,7 @@ if (isset($_POST['add_menu'])||isset($_POST['add_impress']))
     catch (Exception $exc)
     {
         alert($exc->getMessage());
+        $cn->rollback;
     }
 }
 
@@ -444,7 +426,7 @@ if (isset($_POST['delete_profil']))
     <?php
 
 }
-$dep=HtmlInput::default_value_post("dep", 0);
+$dep=$http->post("dep");
 ?>
 <script>
     var selected_menu="<?php echo $dep;?>";
diff --git a/include/recover.php b/include/recover.php
index eb0c2a9..e3e413c 100644
--- a/include/recover.php
+++ b/include/recover.php
@@ -24,6 +24,7 @@ define('SIZE_REQUEST', 70);
 
 
 require_once NOALYSS_INCLUDE.'/lib/class_html_input.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
 /**
  * @brief generate a random string of char
  * @param $car int length of the string
@@ -39,13 +40,13 @@ function generate_random($car)
     }
     return $string;
 }
-
+$http=new HttpInput();
 /**
  * @file
  * @brief 
  * @param type $name Descriptionara
  */
-$action=HtmlInput::default_value_request("id", "");
+$action=$http->request("id","string", "");
 if ($action=="") :
     /*
      * Display dialog box
@@ -67,8 +68,8 @@ elseif ($action=="send_email") :
     /*
      * Check if user exists, if yes save a recover request
      */
-    $login_input=HtmlInput::default_value_request("login", "");
-    $email_input=HtmlInput::default_value_request("email", "");
+    $login_input=$http->request("login", "string","");
+    $email_input=$http->request("email", "string","");
     $cn=new Database(0);
     $valid=false;
     if (trim($login_input)!=""):
diff --git a/include/report.inc.php b/include/report.inc.php
index 23a0772..3361823 100644
--- a/include/report.inc.php
+++ b/include/report.inc.php
@@ -32,7 +32,7 @@ require_once NOALYSS_INCLUDE.'/class/class_dossier.php';
 require_once NOALYSS_INCLUDE.'/lib/class_database.php';
 require_once  NOALYSS_INCLUDE.'/class/class_user.php';
 require_once NOALYSS_INCLUDE.'/lib/class_ipopup.php';
-
+global $http;
 
 $gDossier=dossier::id();
 $str_dossier=dossier::get();
@@ -47,7 +47,7 @@ $rap=new Acc_Report($cn);
 $menu=0;
 if (isset($_POST["del_form"]))
 {
-    $rap->id=$_POST['fr_id'];
+    $rap->id=$http->post("fr_id","number");
     $rap->delete();
     $menu=1;
 }
@@ -108,7 +108,7 @@ if (isset($_REQUEST["action"]) && $menu == 0)
     if ($action=="view" || $action == "record")
     {
         echo '<DIV class="content">';
-        $rap->id=$_REQUEST ['fr_id'];
+        $rap->id=$http->request("fr_id","number");
         echo '<form method="post" style="display:inline">';
         $rap->load();
         echo h1($rap->name);
diff --git a/include/restore.inc.php b/include/restore.inc.php
index c396197..56c276e 100644
--- a/include/restore.inc.php
+++ b/include/restore.inc.php
@@ -21,7 +21,8 @@
 if ( !defined ('ALLOWED')) die('Forbidden');
 require_once NOALYSS_INCLUDE.'/lib/class_iradio.php';
 require_once NOALYSS_INCLUDE.'/lib/class_ifile.php';
-
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
 /*!\file
  * \brief restaure a database
  */
@@ -155,7 +156,7 @@ if ( isset ($_REQUEST['sa'] ))
         else
             $lname=$id." ".$_REQUEST['database'];
         
-        $ldesc=HtmlInput::default_value_post("desc", "");
+        $ldesc=$http->post("desc");
         $sql="insert into modeledef (mod_id,mod_name,mod_desc) values 
($1,$2,$3)";
         $cn->start();
         try
diff --git a/include/search.inc.php b/include/search.inc.php
index 92ea604..ab1a0ad 100644
--- a/include/search.inc.php
+++ b/include/search.inc.php
@@ -25,7 +25,7 @@ require_once NOALYSS_INCLUDE.'/class/class_dossier.php';
 require_once NOALYSS_INCLUDE.'/lib/ac_common.php';
 require_once NOALYSS_INCLUDE.'/class/class_acc_ledger.php';
 
-
+global $ĥttp;
 $gDossier=dossier::id();
 
 require_once NOALYSS_INCLUDE.'/lib/class_database.php';
@@ -107,7 +107,7 @@ if ( isset ($_GET['viewsearch']) )
     list($sql,$where)=$ledger->build_search_sql($array);
     // Count nb of line
     $max_line=$cn->count_sql($sql);
-    $target=HtmlInput::default_value_get("target", "");
+    $target=$http->get("target");
     list($count,$content)=$ledger->list_operation_to_reconcile($sql,$target);
     $bar=navigation_bar($offset,$max_line,$step,$page);
 
diff --git a/include/stock_cfg.inc.php b/include/stock_cfg.inc.php
index 871ced6..04e05b7 100644
--- a/include/stock_cfg.inc.php
+++ b/include/stock_cfg.inc.php
@@ -29,7 +29,7 @@ if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas 
permis');
 require_once NOALYSS_INCLUDE.'/database/class_stock_sql.php';
 require_once NOALYSS_INCLUDE.'/lib/class_sort_table.php';
 
-global $g_user, $cn,$g_parameter;
+global $g_user, $cn,$g_parameter,$http;
 
 if ($g_parameter->MY_STOCK == 'N')
 {
@@ -40,7 +40,7 @@ if ($g_parameter->MY_STOCK == 'N')
 }
 if ( isset ($_POST['add_stock']))
 {
-    $post_name=HtmlInput::default_value_post('r_name', "");
+    $post_name=$http->post('r_name');
     if ( strlen(trim($post_name)) != 0)
     {
         $st=new Stock_Sql($cn);
@@ -50,11 +50,11 @@ if ( isset ($_POST['add_stock']))
 }
 if ( isset ($_POST['mod_stock']))
 {
-    $post_name=HtmlInput::default_value_post('r_name', "");
+    $post_name=$http->post('r_name');
     if ( strlen(trim($post_name)) != 0)
     {
 
-       $st=new Stock_Sql($cn,$_POST['r_id']);
+       $st=new Stock_Sql($cn,$http->post('r_id',"number"));
        $st->from_array($_POST);
        $st->update();
     }
@@ -114,9 +114,9 @@ $array=$cn->get_array($sql." ".$order);
 
 <?php endfor;?>
 </table>
-       <?php echo HtmlInput::button("show_add_depot_d", "Ajout d'un dépot", 
"onclick=\"$('add_depot_d').show();\"");?>
+       <?php echo HtmlInput::button("show_add_depot_d", _("Ajout d'un dépot"), 
"onclick=\"$('add_depot_d').show();\"");?>
        <div id="add_depot_d" class="inner_box" style="display:none">
-       <?php echo HtmlInput::title_box("Ajouter un 
dépôt","add_depot_d","hide")?>
+       <?php echo HtmlInput::title_box(_("Ajouter un 
dépôt"),"add_depot_d","hide")?>
        <form method="post">
                <table>
                        <tr>
@@ -161,7 +161,7 @@ $array=$cn->get_array($sql." ".$order);
                        </tr>
 
                </table>
-               <?php echo HtmlInput::submit("add_stock","Sauver")?>
+               <?php echo HtmlInput::submit("add_stock",_("Sauver"))?>
        </form>
        </div>
 </div>
diff --git a/include/stock_inv_histo.inc.php b/include/stock_inv_histo.inc.php
index 60327ab..65e4335 100644
--- a/include/stock_inv_histo.inc.php
+++ b/include/stock_inv_histo.inc.php
@@ -26,7 +26,7 @@
  */
 if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
 require_once NOALYSS_INCLUDE.'/class/class_exercice.php';
-
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
 if ( isset($_POST['del']))
 {
        if (isset($_POST['ok']))
@@ -48,7 +48,7 @@ if ( isset($_POST['del']))
 $profile=$g_user->get_profile();
 $gDossier=dossier::id();
 $default_exercice=$g_user->get_exercice();
-$p_exercice=HtmlInput::default_value_get("p_exercice", $default_exercice);
+$p_exercice=$http->get("p_exercice", "string",$default_exercice);
 
 $a_change=$cn->get_array("select *,to_char(c_date,'DD.MM.YY') as str_date from 
stock_change as sc
                        join stock_repository as sr on (sc.r_id=sr.r_id)
diff --git a/include/supplier.inc.php b/include/supplier.inc.php
index bfae2d1..e727c0b 100644
--- a/include/supplier.inc.php
+++ b/include/supplier.inc.php
@@ -30,7 +30,7 @@ require_once NOALYSS_INCLUDE.'/class/class_fiche_def.php';
 require_once NOALYSS_INCLUDE.'/lib/class_iaction.php';
 require_once NOALYSS_INCLUDE.'/class/class_fiche_def.php';
 require_once NOALYSS_INCLUDE.'/lib/class_ipopup.php';
-global $g_user;
+global $g_user,$http;
 
 $low_action=(isset($_REQUEST['sb']))?$_REQUEST['sb']:"list";
 /*! \file
@@ -80,7 +80,7 @@ if ( $low_action == "list" )
     $a=(isset($_GET['query']))?$_GET['query']:"";
     echo _("Cherche ").HtmlInput::filter_table_form("tiers_tb", '0,1,2', 
1,"query",$a);
 
-    $choice_cat=HtmlInput::default_value_request("choice_cat", 1);
+    $choice_cat=$http->request("choice_cat", "string",1);
     if ( $choice_cat == 1 )
     {
         $sel_card=new ISelect('cat');
@@ -92,7 +92,7 @@ if ( $low_action == "list" )
         echo _('Catégorie :').$sel_card->input();
     } else 
     {
-        $cat=HtmlInput::default_value_request('cat', '');
+        $cat=$http->request('cat','string', '');
         echo HtmlInput::hidden("cat",$cat);
         echo HtmlInput::hidden('choice_cat', 0);
     }
diff --git a/include/upgrade.inc.php b/include/upgrade.inc.php
index 991c1e3..6c00292 100644
--- a/include/upgrade.inc.php
+++ b/include/upgrade.inc.php
@@ -21,7 +21,7 @@
 
 if (!defined('ALLOWED'))
     die('Appel direct ne sont pas permis');
-
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.pĥp';
 /**
  * @file
  * @brief Upgrade all the database : the central repository , the templates and
@@ -31,7 +31,8 @@ if (!defined('ALLOWED'))
 ?>
 
 <?php
-$sb= HtmlInput::default_value_get("sb", "none");
+$http=new HttpInput();
+$sb= $http->get("sb", "string","none");
 if ($sb === "upg_all" && (!defined('MULTI')||(defined('MULTI')&&MULTI==1)))
 {
     echo '<div class="content">';
diff --git a/include/user.inc.php b/include/user.inc.php
index 0530dee..5b45a29 100644
--- a/include/user.inc.php
+++ b/include/user.inc.php
@@ -27,6 +27,8 @@ if ( !defined ('ALLOWED')) die('Forbidden');
  *
  */
 require_once NOALYSS_INCLUDE.'/lib/class_sort_table.php';
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
 echo '<div class="content" style="width:80%;margin-left:10%">';
 /******************************************************/
 // Add user
@@ -36,29 +38,29 @@ if ( isset ($_POST["ADD"]) )
     $cn=new Database();
     $pass5=md5($_POST['PASS']);
     $new_user=new User($cn,0);
-    $new_user->first_name=HtmlInput::default_value_post('FNAME','');
-    $new_user->last_name=HtmlInput::default_value_post('LNAME','');
-    $login=HtmlInput::default_value_post('LOGIN','');
+    $new_user->first_name=$http->post('FNAME');
+    $new_user->last_name=$http->post('LNAME');
+    $login=$http->post('LOGIN');
     $login=str_replace("'","",$login);
     $login=str_replace('"',"",$login);
     $login=str_replace(" ","",$login);
     $login=strtolower($login);
     $new_user->login=$login;
     $new_user->pass=$pass5;
-    $new_user->email=HtmlInput::default_value_post('EMAIL','');
-       if ( trim($login)=="")
-       {
-               alert(_("Le login ne peut pas être vide"));
-       }
-       else
-       {
-            $new_user->insert();
-            $new_user->load();
-            $_REQUEST['use_id']=$new_user->id;
-            require_once NOALYSS_INCLUDE.'/user_detail.inc.php';
-            return;
-
-       }
+    $new_user->email=$http->post('EMAIL','');
+    if ( trim($login)=="")
+    {
+            alert(_("Le login ne peut pas être vide"));
+    }
+    else
+    {
+        $new_user->insert();
+        $new_user->load();
+        $_REQUEST['use_id']=$new_user->id;
+        require_once NOALYSS_INCLUDE.'/user_detail.inc.php';
+        return;
+
+    }
 } //SET login
 
 // View user detail
diff --git a/include/user_detail.inc.php b/include/user_detail.inc.php
index 61dc4f0..584c5e8 100644
--- a/include/user_detail.inc.php
+++ b/include/user_detail.inc.php
@@ -25,15 +25,15 @@ require_once NOALYSS_INCLUDE.'/lib/ac_common.php';
 require_once NOALYSS_INCLUDE.'/lib/class_database.php';
 require_once NOALYSS_INCLUDE.'/lib/user_menu.php';
 require_once  NOALYSS_INCLUDE.'/class/class_user.php';
-
+require_once NOALYSS_INCLUDE.'/lib/class_http_input.php';
+$http=new HttpInput();
 $rep = new Database();
-
-if (!isset($_REQUEST['use_id']))
-{
-    html_page_stop();
-    return;
+try {
+$uid = $http->request('use_id');
+} catch (Exception $ex) {
+     echo_error($ex->getMessage());
+     throw $ex;
 }
-$uid = $_REQUEST['use_id'];
 $UserChange = new User($rep, $uid);
 
 if ($UserChange->id == false)
@@ -45,7 +45,7 @@ if ($UserChange->id == false)
 /*  
  * Update user changes 
  */
-$sbaction=HtmlInput::default_value_post('sbaction', "");
+$sbaction=$http->post('sbaction',"string", "");
 if ($sbaction == "save")
 {
     $uid = $_POST['UID'];
@@ -60,11 +60,11 @@ if ($sbaction == "save")
     }
     else
     {
-        $UserChange->first_name =HtmlInput::default_value_post('fname',null);
-        $UserChange->last_name = HtmlInput::default_value_post('lname',null);
-        $UserChange->active = HtmlInput::default_value_post('Actif',-1);
-        $UserChange->admin = HtmlInput::default_value_post('Admin',-1);
-        $UserChange->email = HtmlInput::default_value_post('email',null);
+        $UserChange->first_name =$http->post('fname');
+        $UserChange->last_name = $http->post('lname');
+        $UserChange->active = $http->post('Actif');
+        $UserChange->admin = $http->post('Admin');
+        $UserChange->email = $http->post('email');
         if ($UserChange->active ==-1 || $UserChange->admin ==-1)
         {
             die ('Missing data');



reply via email to

[Prev in Thread] Current Thread [Next in Thread]