8 files changed, 37 insertions, 25 deletions
diff --git a/admin/stats.php b/admin/stats.php
index 345d4c669..61f6e236d 100644
--- a/admin/stats.php
+++ b/admin/stats.php
@@ -42,13 +42,15 @@ $tpl = array( 'stats_last_days','date','login',
 templatize_array( $tpl, 'lang', $sub );
 $vtp->setGlobalVar( $sub, 'user_template', $user['template'] );
 //--------------------------------------------------- number of days to display
-if ( isset( $_GET['last_days'] ) ) define( MAX_DAYS, $_GET['last_days'] );
-else                               define( MAX_DAYS, 0 );
+if ( isset( $_GET['last_days'] ) ) define( 'MAX_DAYS', $_GET['last_days'] );
+else                               define( 'MAX_DAYS', 0 );
 
 foreach ( $conf['last_days'] as $option ) {
   $vtp->addSession( $sub, 'last_day_option' );
   $vtp->setVar( $sub, 'last_day_option.option', $option );
-  $url = './admin.php?page=stats&amp;expand='.$_GET['expand'];
+  $url = './admin.php?page=stats';
+  if (isset($_GET['expand']))
+	  $url .='&amp;expand='.$_GET['expand'];
   $url.= '&amp;last_days='.($option - 1);
   $vtp->setVar( $sub, 'last_day_option.link', add_session_id( $url ) );
   if ( $option == MAX_DAYS + 1 )
@@ -59,12 +61,18 @@ foreach ( $conf['last_days'] as $option ) {
 }
 //---------------------------------------------------------------- log  history
 // empty link
-$url = './admin.php?page=stats&amp;last_days='.$_GET['last_days'];
-$url.= '&amp;expand='.$_GET['expand'];
+$url = './admin.php?page=stats';
+if (isset($_GET['last_days']))
+  	$url .='&amp;last_days='.$_GET['last_days'];
+// expand array management
+$expand_days = array();
+if (isset($_GET['expand']))
+{
+	$url.= '&amp;expand='.$_GET['expand'];
+	$expand_days = explode( ',', $_GET['expand'] );
+}
 $url.= '&amp;act=empty';
 $vtp->setVar( $sub, 'emply_url', add_session_id( $url ) );
-// expand array management
-$expand_days = explode( ',', $_GET['expand'] );
 $page['expand_days'] = array();
 foreach ( $expand_days as $expand_day ) {
   if ( is_numeric( $expand_day ) )
@@ -99,7 +107,9 @@ for ( $i = 0; $i <= MAX_DAYS; $i++ )
     $vtp->setVar( $sub, 'day.open_or_close', $lang['open'] );
     array_push( $local_expand, $i );
   }
-  $url = './admin.php?page=stats&amp;last_days='.$_GET['last_days'];
+  $url = './admin.php?page=stats';
+  if (isset($_GET['last_days']))
+  	$url.= '&amp;last_days='.$_GET['last_days'];
   $url.= '&amp;expand='.implode( ',', $local_expand );
   $vtp->setVar( $sub, 'day.url', add_session_id( $url ) );
   // date displayed like this (in English ) :
diff --git a/admin/thumbnail.php b/admin/thumbnail.php
index 171049a1c..e3ab3e9a5 100644
--- a/admin/thumbnail.php
+++ b/admin/thumbnail.php
@@ -253,9 +253,8 @@ function get_displayed_dirs( $dir, $indent )
     }
     $vtp->closeSession( $sub, 'dir' );
     // recursive call
-    $dirs.= get_displayed_dirs( $dir.'/'.$sub_dir,
-                                $indent+30 );
-    
+    get_displayed_dirs( $dir.'/'.$sub_dir,
+                                $indent+30 );    
   }
 }
 //----------------------------------------------------- template initialization
diff --git a/admin/user_list.php b/admin/user_list.php
index 270ea2f4b..2fbf3ccc4 100644
--- a/admin/user_list.php
+++ b/admin/user_list.php
@@ -109,7 +109,8 @@ else
   $vtp->addSession( $sub, 'add_user' );
   $action = './admin.php?'.$_SERVER['QUERY_STRING'];
   $vtp->setVar( $sub, 'add_user.form_action', $action );
-  $vtp->setVar( $sub, 'add_user.f_username', $_POST['username'] );
+  if (isset( $_POST['username']))
+	  $vtp->setVar( $sub, 'add_user.f_username', $_POST['username'] );
   $vtp->closeSession( $sub, 'add_user' );
   
   $vtp->addSession( $sub, 'users' );
diff --git a/admin/user_perm.php b/admin/user_perm.php
index ff3b83dce..c572c585d 100644
--- a/admin/user_perm.php
+++ b/admin/user_perm.php
@@ -59,7 +59,7 @@ if ( isset( $_POST['submit'] ) )
   $vtp->closeSession( $sub, 'confirmation' );
 }
 //---------------------------------------------------------------- form display
-$restrictions = get_restrictions( $_GET['user_id'], $page['user_status'],
+$restrictions = get_user_restrictions( $_GET['user_id'], $page['user_status'],
                                   false, false );
 $action = './admin.php?page=user_perm&amp;user_id='.$_GET['user_id'];
 $vtp->setVar( $sub, 'action', add_session_id( $action ) );
diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php
index e27573ad7..de074e82c 100644
--- a/include/functions_category.inc.php
+++ b/include/functions_category.inc.php
@@ -406,7 +406,7 @@ function get_cat_display_name( $array_cat_names, $separation,
 function initialize_category( $calling_page = 'category' )
 {
   pwg_debug( 'start initialize_category' );
-  global $page,$lang,$user,$conf;
+  global $page,$lang,$user,$conf, $where_append;
 
   if ( isset( $page['cat'] ) )
   {
@@ -537,13 +537,13 @@ function initialize_category( $calling_page = 'category' )
         $page['where'] = ' WHERE category_id != -1'.$where_append;
         $conf['order_by'] = ' ORDER BY hit DESC, file ASC';
         $page['cat_nb_images'] = $conf['top_number'];
-        if ( $page['start'] + $user['nb_image_page'] >= $conf['top_number'] )
+        if ( isset($page['start']) &&  ($page['start']+ $user['nb_image_page'] >= $conf['top_number'] ))
         {
           $page['nb_image_page'] = $conf['top_number'] - $page['start'];
         }
       }
 
-      if ( $query != '' )
+      if ( isset($query))
       {
         $result = mysql_query( $query );
         $row = mysql_fetch_array( $result );
diff --git a/picture.php b/picture.php
index 49aa9fd70..a862af03b 100644
--- a/picture.php
+++ b/picture.php
@@ -71,7 +71,8 @@ $page['date_creation']  = $row['date_creation'];
 $page['filesize']       = $row['filesize'];
 $page['width']          = $row['width'];
 $page['height']         = $row['height'];
-$page['category_id']    = $row['category_id'];
+if (is_numeric( $page['cat'] ))
+	$page['category_id']    = $row['category_id'];
 $page['keywords']       = $row['keywords'];
 $page['storage_category_id'] = $row['storage_category_id'];
 // retrieving the number of the picture in its category (in order)
@@ -492,7 +493,7 @@ if ( $page['num'] < $page['cat_nb_images']-1 )
   $result = mysql_query( $query );
   $row = mysql_fetch_array( $result );
 
-  if ( $array_cat_directories[$row['storage_category_id']] == '' )
+  if ( !isset($array_cat_directories[$row['storage_category_id']]))
   {
     $array_cat_directories[$row['storage_category_id']] =
       get_complete_dir( $row['storage_category_id'] );
diff --git a/register.php b/register.php
index 0f0669926..0d32ca9db 100644
--- a/register.php
+++ b/register.php
@@ -70,7 +70,8 @@ $vtp->addSession( $handle, 'line' );
 $vtp->setVar( $handle, 'line.name', $lang['login'] );
 $vtp->addSession( $handle, 'text' );
 $vtp->setVar( $handle, 'text.name', 'login' );
-$vtp->setVar( $handle, 'text.value', $_POST['login'] );
+if (isset( $_POST['login']))
+	$vtp->setVar( $handle, 'text.value', $_POST['login'] );
 $vtp->closeSession( $handle, 'text' );
 $vtp->closeSession( $handle, 'line' );
 //-------------------------------------------------------------------- password
@@ -94,7 +95,8 @@ $vtp->addSession( $handle, 'line' );
 $vtp->setVar( $handle, 'line.name', $lang['mail_address'] );
 $vtp->addSession( $handle, 'text' );
 $vtp->setVar( $handle, 'text.name', 'mail_address' );
-$vtp->setVar( $handle, 'text.value', $_POST['mail_address'] );
+if (isset( $_POST['mail_address']))
+	$vtp->setVar( $handle, 'text.value', $_POST['mail_address'] );
 $vtp->closeSession( $handle, 'text' );
 $vtp->closeSession( $handle, 'line' );
 //----------------------------------------------------------- html code display
diff --git a/template/default/htmlfunctions.inc.php b/template/default/htmlfunctions.inc.php
index aade6e2e5..c3b2872b7 100644
--- a/template/default/htmlfunctions.inc.php
+++ b/template/default/htmlfunctions.inc.php
@@ -177,7 +177,6 @@ function display_category( $category, $indent, $handle )
 
   $vtp->addSession( $handle, 'category' );
   $vtp->setVar( $handle, 'category.indent', $indent );
-
   if ( $user['expand'] or $category['nb_sub_categories'] == 0 )
   {
     $vtp->addSession( $handle, 'bullet_wo_link' );
@@ -193,10 +192,10 @@ function display_category( $category, $indent, $handle )
 	{
 	$url .='?cat='.$page['cat'];
     $url.= '&amp;expand='.$category['expand_string'];
-    if ( $page['cat'] == 'search' )
-    {
-      $url.= '&amp;search='.$_GET['search'].'&amp;mode='.$_GET['mode'];
-    }
+	}
+	else if ($category['expand_string']<>'')
+	{
+		$url.= '?expand='.$category['expand_string'];
 	}
     $vtp->setVar( $handle, 'bullet_w_link.bullet_link', add_session_id($url) );
     if ( $category['expanded'] )