diff --git a/apps/maarch_entreprise/class/class_lists_Abstract.php b/apps/maarch_entreprise/class/class_lists_Abstract.php
index eaa4646731292e072522e68f6f9f639c3a4b4c6a..4a5774c1e1774b6c65e5fb144e9df1adc672721a 100755
--- a/apps/maarch_entreprise/class/class_lists_Abstract.php
+++ b/apps/maarch_entreprise/class/class_lists_Abstract.php
@@ -2069,9 +2069,13 @@ abstract class lists_Abstract extends Database
             //Eval disabled rule
             if (!empty($disabledRules)) {
                 $rules = "return($disabledRules);";
-                //echo $rules."<br>\n";
-                if (@eval($rules)) {
-                    $disabled = true;
+//                echo $rules."<br>\n";
+                try {
+                    if (@eval($rules)) {
+                        $disabled = true;
+                    }
+                } catch (Throwable $t) {
+
                 }
             }
         }
diff --git a/apps/maarch_entreprise/indexing_searching/documents_list_mlb_search_adv.php b/apps/maarch_entreprise/indexing_searching/documents_list_mlb_search_adv.php
index 8a8a527839c3f79a31c98095d4862f0a0944aa07..fd9fad0ef6160cc9404a74cee0c10439be218806 100755
--- a/apps/maarch_entreprise/indexing_searching/documents_list_mlb_search_adv.php
+++ b/apps/maarch_entreprise/indexing_searching/documents_list_mlb_search_adv.php
@@ -253,7 +253,7 @@ if ($mode == 'normal') {
         'entity_label',
         'address_id',
         'exp_user_id',
-        'doc_custom_n1 as count_attachment',
+        'res_id as count_attachment',
         'is_multicontacts',
         'filename',
         'res_id as real_dest'
diff --git a/apps/maarch_entreprise/indexing_searching/search_adv.php b/apps/maarch_entreprise/indexing_searching/search_adv.php
index 5a44e66a2d88cbec2ec285ecfe5ed7c72908b3ec..5814994d3e7f07eb238354137ee6f6803854eda1 100755
--- a/apps/maarch_entreprise/indexing_searching/search_adv.php
+++ b/apps/maarch_entreprise/indexing_searching/search_adv.php
@@ -281,6 +281,10 @@ if ($core_tools->is_module_loaded('entities')) {
     'id' => 'initiatorServices', 'options' => $arr_tmp, ));
 }
 
+// Folder
+$arr_tmp2 = array('label' => _PROJECT, 'type' => 'input_text', 'param' => array('field_label' => _PROJECT, 'other' => $size));
+$param['project'] = $arr_tmp2;
+
 // Reference courrier externe
 $arr_tmp2 = array('label' => _REFERENCE_MAIL, 'type' => 'input_text', 'param' => array('field_label' => _REFERENCE_MAIL, 'other' => $size));
 $param['external_reference'] = $arr_tmp2;
diff --git a/apps/maarch_entreprise/indexing_searching/search_adv_result.php b/apps/maarch_entreprise/indexing_searching/search_adv_result.php
index c32ee2d226c49ecbc9427247ee210007a83a8829..da0181ee0dd76452ba5d0a5cd0affabaf7173cc3 100755
--- a/apps/maarch_entreprise/indexing_searching/search_adv_result.php
+++ b/apps/maarch_entreprise/indexing_searching/search_adv_result.php
@@ -246,6 +246,38 @@ if (count($_REQUEST['meta']) > 0) {
                 $where_request .= " (contact_id in(select contact_id from view_contacts where contact_type = :contactType))) and ";
                 $arrayPDO = array_merge($arrayPDO, array(":contactType" => $_REQUEST['contact_type']));
             }
+            elseif ($tab_id_fields[$j] == 'project' && !empty($_REQUEST['project'])) {
+                $json_txt .= " 'project' : ['".addslashes(trim($_REQUEST['project']))."'],";
+                $project = $func->wash($_REQUEST['project'], "no", _MARKET, "no");
+
+                $where_request .= " res_id in ( ";
+
+                $where_request .= "select res_id
+from resources_folders
+         left join folders on resources_folders.folder_id = folders.id
+where lower(translate(folders.label , 'Ã€ÃÃ‚ÃƒÃ„Ã…Ã†Ã‡ÃˆÃ‰ÃŠÃ‹ÃŒÃÃŽÃÃÃ‘Ã’Ã“Ã”Ã•Ã–Ã˜Ã™ÃšÃ›ÃœÃÃžÃŸÃ Ã¡Ã¢Ã£Ã¤Ã¥Ã¦Ã§Ã¨Ã©ÃªÃ«Ã¬ÃÃ®Ã¯Ã°Ã±Ã²Ã³Ã´ÃµÃ¶Ã¸Ã¹ÃºÃ»Ã½Ã½Ã¾Ã¿Å”Å•',
+                                       'aaaaaaaceeeeiiiidnoooooouuuuybsaaaaaaaceeeeiiiidnoooooouuuyybyRr')) ilike
+                       lower(translate(:label, 'Ã€ÃÃ‚ÃƒÃ„Ã…Ã†Ã‡ÃˆÃ‰ÃŠÃ‹ÃŒÃÃŽÃÃÃ‘Ã’Ã“Ã”Ã•Ã–Ã˜Ã™ÃšÃ›ÃœÃÃžÃŸÃ Ã¡Ã¢Ã£Ã¤Ã¥Ã¦Ã§Ã¨Ã©ÃªÃ«Ã¬ÃÃ®Ã¯Ã°Ã±Ã²Ã³Ã´ÃµÃ¶Ã¸Ã¹ÃºÃ»Ã½Ã½Ã¾Ã¿Å”Å•',
+                                      'aaaaaaaceeeeiiiidnoooooouuuuybsaaaaaaaceeeeiiiidnoooooouuuyybyRr'))
+    and (
+        folders.id in (
+            select folders.id
+            from folders
+            left join users on folders.user_id = users.id
+            where users.user_id = :user_id
+        ) or folders.id in (
+            select entities_folders.folder_id
+            from entities_folders
+                left join entities on entities_folders.entity_id = entities.id
+                left join users_entities on entities.entity_id = users_entities.entity_id
+            where users_entities.user_id = :user_id
+        )
+    )";
+
+                $where_request .=" ) and ";
+
+                $arrayPDO = array_merge($arrayPDO, array(":label" => "%".$project."%", ":user_id" => $GLOBALS['userId']));
+            }
             // GED NUM
             elseif ($tab_id_fields[$j] == 'numged' && !empty($_REQUEST['numged'])) {
                 $json_txt .= " 'numged' : ['".addslashes(trim($_REQUEST['numged']))."'],";
diff --git a/core/class/class_request.php b/core/class/class_request.php
index fc674450601ae229806bae5d1afa58f9d1f02d2f..c2cee26fd92b063b0523bdea809371ffdffcc3fe 100755
--- a/core/class/class_request.php
+++ b/core/class/class_request.php
@@ -119,7 +119,36 @@ class request extends dbquery
                             $where_string = "( ".$_SESSION['user']['security'][$coll]['DOC']['where']." ) ";
                             //$where_string = " where ( ".$_SESSION['user']['security'][$coll]['DOC']['where']." ) ";
                         } else {
-                            $where_string = ''.$where_string." and ( ".$_SESSION['user']['security'][$coll]['DOC']['where']." ) ";
+
+                            if (array_key_exists(':label', $parameters)) {
+                                $whereFolders = "select res_id
+from resources_folders
+         left join folders on resources_folders.folder_id = folders.id
+where lower(translate(folders.label , 'Ã€ÃÃ‚ÃƒÃ„Ã…Ã†Ã‡ÃˆÃ‰ÃŠÃ‹ÃŒÃÃŽÃÃÃ‘Ã’Ã“Ã”Ã•Ã–Ã˜Ã™ÃšÃ›ÃœÃÃžÃŸÃ Ã¡Ã¢Ã£Ã¤Ã¥Ã¦Ã§Ã¨Ã©ÃªÃ«Ã¬ÃÃ®Ã¯Ã°Ã±Ã²Ã³Ã´ÃµÃ¶Ã¸Ã¹ÃºÃ»Ã½Ã½Ã¾Ã¿Å”Å•',
+                                       'aaaaaaaceeeeiiiidnoooooouuuuybsaaaaaaaceeeeiiiidnoooooouuuyybyRr')) ilike
+                       lower(translate(:label, 'Ã€ÃÃ‚ÃƒÃ„Ã…Ã†Ã‡ÃˆÃ‰ÃŠÃ‹ÃŒÃÃŽÃÃÃ‘Ã’Ã“Ã”Ã•Ã–Ã˜Ã™ÃšÃ›ÃœÃÃžÃŸÃ Ã¡Ã¢Ã£Ã¤Ã¥Ã¦Ã§Ã¨Ã©ÃªÃ«Ã¬ÃÃ®Ã¯Ã°Ã±Ã²Ã³Ã´ÃµÃ¶Ã¸Ã¹ÃºÃ»Ã½Ã½Ã¾Ã¿Å”Å•',
+                                      'aaaaaaaceeeeiiiidnoooooouuuuybsaaaaaaaceeeeiiiidnoooooouuuyybyRr'))
+    and (
+        folders.id in (
+            select folders.id
+            from folders
+            left join users on folders.user_id = users.id
+            where users.user_id = :user_id
+        ) or folders.id in (
+            select entities_folders.folder_id
+            from entities_folders
+                left join entities on entities_folders.entity_id = entities.id
+                left join users_entities on entities.entity_id = users_entities.entity_id
+            where users_entities.user_id = :user_id
+        )
+    )";
+
+                                $where_string = ''.$where_string." and ( ".$_SESSION['user']['security'][$coll]['DOC']['where']." or res_id in (".$whereFolders.")) ";
+                                $parameters = array_merge($parameters, array(":label" => $parameters[':label'], ":user_id" => $parameters[':user_id']));
+                            } else {
+                                $where_string = '' . $where_string . " and ( " . $_SESSION['user']['security'][$coll]['DOC']['where'] . " ) ";
+                            }
+
                         }
                         break;
                     }