diff --git a/main/admin/settings.lib.php b/main/admin/settings.lib.php
index b4becd02f4..a1150a2b02 100755
--- a/main/admin/settings.lib.php
+++ b/main/admin/settings.lib.php
@@ -250,7 +250,7 @@ function handle_stylesheets() {
     $list_of_names  = array();
 
     if ($handle = @opendir(api_get_path(SYS_PATH).'main/css/')) {
-        $counter=1;
+        $counter = 1;
         while (false !== ($style_dir = readdir($handle))) {
             if (substr($style_dir, 0, 1) == '.') { // Skip directories starting with a '.'
                 continue;
@@ -304,8 +304,7 @@ function handle_stylesheets() {
  * @version May 2008
  * @since Dokeos 1.8.5
  */
-function upload_stylesheet($values,$picture)
-{
+function upload_stylesheet($values, $picture) {
     // Valid name for the stylesheet folder.
     $style_name = api_preg_replace('/[^A-Za-z0-9]/', '', $values['name_stylesheet']);
 
@@ -320,12 +319,12 @@ function upload_stylesheet($values,$picture)
         $zip = new ZipArchive();
         if ($zip->open($picture['tmp_name'])) {
             // Make sure all files inside the zip are images or css.
-            $numFiles = $zip->numFiles;
+            $num_files = $zip->numFiles;
             $valid = true;
             $single_directory = true;
             $invalid_files = array();
 
-            for ($i =0; $i < $numFiles; $i++) {
+            for ($i = 0; $i < $num_files; $i++) {
                 $file = $zip->statIndex($i);
                 if (substr($file['name'], -1) != '/') {
                     $path_parts = pathinfo($file['name']);
@@ -341,7 +340,7 @@ function upload_stylesheet($values,$picture)
             }
             if (!$valid) {
                 $error_string = '<ul>';
-                foreach($invalid_files as $invalid_file) {
+                foreach ($invalid_files as $invalid_file) {
                     $error_string .= '<li>'.$invalid_file.'</li>';
                 }
                 $error_string .= '</ul>';
@@ -353,7 +352,7 @@ function upload_stylesheet($values,$picture)
                     $zip->extractTo(api_get_path(SYS_CODE_PATH).'css/'.$style_name.'/');
                 } else {
                     $extraction_path = api_get_path(SYS_CODE_PATH).'css/'.$style_name.'/';
-                    for ($i = 0; $i < $numFiles; $i++) {
+                    for ($i = 0; $i < $num_files; $i++) {
                         $entry = $zip->getNameIndex($i);
                         if (substr($entry, -1) == '/') continue;
 
@@ -402,7 +401,7 @@ function store_plugins() {
     // Step 1 : We remove all the plugins.
     //$sql = "DELETE FROM $table_settings_current WHERE category='Plugins'";
     //Database::query($sql);
-    $r = api_delete_category_settings('Plugins',$_configuration['access_url']);
+    $r = api_delete_category_settings('Plugins', $_configuration['access_url']);
 
     // Step 2: Looping through all the post values we only store these which are really a valid plugin location.
     foreach ($_POST as $form_name => $formvalue) {
@@ -653,8 +652,8 @@ function get_template_data($from, $number_of_items, $column, $direction) {
  * @since Dokeos 1.8.6
  */
 function actions_filter($id) {
-    $return .= '<a href="settings.php?category=Templates&amp;action=edit&amp;id='.Security::remove_XSS($id).'">'.Display::return_icon('edit.gif', get_lang('Edit')).'</a>';
-    $return .= '<a href="settings.php?category=Templates&amp;action=delete&amp;id='.Security::remove_XSS($id).'" onclick="javascript:if(!confirm('."'".get_lang("ConfirmYourChoice")."'".')) return false;">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
+    $return = '<a href="settings.php?category=Templates&amp;action=edit&amp;id='.Security::remove_XSS($id).'">'.Display::return_icon('edit.gif', get_lang('Edit')).'</a>';
+    $return .= '<a href="settings.php?category=Templates&amp;action=delete&amp;id='.Security::remove_XSS($id).'" onclick="javascript:if(!confirm('."'".get_lang('ConfirmYourChoice')."'".')) return false;">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
     return $return;
 }
 
@@ -778,7 +777,7 @@ function add_edit_template() {
                         }
                         $new_height = round(($thumbwidth / $picture_infos[0]) * $picture_infos[1]);
 
-                        $temp->resize($thumbwidth, $new_height,0);
+                        $temp->resize($thumbwidth, $new_height, 0);
                     }
 
                     $type = $picture_infos[2];
diff --git a/main/admin/settings.php b/main/admin/settings.php
index 0d0c04e80f..634f89ee19 100755
--- a/main/admin/settings.php
+++ b/main/admin/settings.php
@@ -150,9 +150,9 @@ if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', '
 
         ($countsetting['0'] % 10) < 5 ? $b = $countsetting['0'] - 10 : $b = $countsetting['0'];
         if ($i % 10 == 0 and $i < $b) {
-            $form->addElement('html','<div align="right">');
+            $form->addElement('html', '<div align="right">');
             $form->addElement('style_submit_button', null, get_lang('SaveSettings'), 'class="save"');
-            $form->addElement('html','</div>');
+            $form->addElement('html', '</div>');
         }
 
         $i++;
@@ -179,9 +179,9 @@ if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', '
                 if (empty($row['category']))
                     $row['category'] = 0;
 
-                if (is_array ($settings_by_access_list[ $row['variable'] ] [ $row['subkey'] ] [ $row['category'] ])) {
-                    // Ee are sure that the other site have a selected value.
-                    if ($settings_by_access_list[ $row['variable'] ] [ $row['subkey'] ] [ $row['category'] ]['selected_value']!='')
+                if (is_array($settings_by_access_list[ $row['variable'] ] [ $row['subkey'] ] [ $row['category'] ])) {
+                    // We are sure that the other site have a selected value.
+                    if ($settings_by_access_list[ $row['variable'] ] [ $row['subkey'] ] [ $row['category'] ]['selected_value'] != '')
                         $row['selected_value'] =$settings_by_access_list[$row['variable']] [$row['subkey']] [ $row['category'] ]['selected_value'];
                 }
                 // There is no else{} statement because we load the default $row['selected_value'] of the main Chamilo site.
@@ -223,13 +223,13 @@ if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', '
                     $form->addElement('select', $row['variable'], get_lang($row['comment']), $valid_encodings);
                     $default_values[$row['variable']] = $current_system_encoding;
                 } else {
-                    $form->addElement('text', $row['variable'], get_lang($row['comment']),$hideme);
+                    $form->addElement('text', $row['variable'], get_lang($row['comment']), $hideme);
                     $form->applyFilter($row['variable'],'html_filter');
                     $default_values[$row['variable']] = $row['selected_value'];
                 }
                 break;
             case 'textarea':
-                $form->addElement('textarea', $row['variable'], get_lang($row['comment']),$hideme);
+                $form->addElement('textarea', $row['variable'], get_lang($row['comment']), $hideme);
                 $default_values[$row['variable']] = $row['selected_value'];
                 break;
             case 'radio':
@@ -265,7 +265,7 @@ if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', '
                      if ($rowkeys['variable'] == 'show_tabs' && $rowkeys['subkey'] == 'my_gradebook') { continue; }
 
                     $element = & $form->createElement('checkbox', $rowkeys['subkey'], '', get_lang($rowkeys['subkeytext']));
-                    if ($row['access_url_changeable']==1) {
+                    if ($row['access_url_changeable'] == 1) {
                         // 2. We look into the DB if there is a setting for a specific access_url.
                         $access_url = $_configuration['access_url'];
                         if (empty($access_url )) $access_url = 1;
@@ -334,8 +334,8 @@ if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', '
 
                         $elementTemplateTwoLabel2 =
                         '<!-- BEGIN error --><span class="form_error">{error}</span><br /><!-- END error -->&nbsp{element}
-                        <a href="javascript:minItem(' . ($counter) . ')"><img style="display: '.(($counter>=$nr_items && $counter!=1)?'inline':'none').';" id="min-' . $counter . '" src="../img/gradebook_remove.gif" alt="'.get_lang('Delete').'" title="'.get_lang('Delete').'"></img></a>
-                        <a href="javascript:plusItem(' . ($counter+1) . ')"><img style="display: '.(($counter>=$nr_items)?'inline':'none').';" id="plus-' . ($counter+1) . '" src="../img/gradebook_add.gif" alt="'.get_lang('Add').'" title="'.get_lang('Add').'"></img></a>
+                        <a href="javascript:minItem(' . ($counter) . ')"><img style="display: '.(($counter >= $nr_items && $counter != 1) ? 'inline' : 'none').';" id="min-' . $counter . '" src="../img/gradebook_remove.gif" alt="'.get_lang('Delete').'" title="'.get_lang('Delete').'"></img></a>
+                        <a href="javascript:plusItem(' . ($counter+1) . ')"><img style="display: '.(($counter >= $nr_items) ? 'inline' : 'none').';" id="plus-' . ($counter+1) . '" src="../img/gradebook_add.gif" alt="'.get_lang('Add').'" title="'.get_lang('Add').'"></img></a>
                         </div></p></div>';
 
                         $scorebetw= array ();
@@ -352,16 +352,15 @@ if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', '
                         $renderer->setElementTemplate($elementTemplateTwoLabel,'gradebook_score_display_custom_values_endscore[' . $counter . ']');
                         $renderer->setElementTemplate($elementTemplateTwoLabel2,'gradebook_score_display_custom_values_displaytext[' . $counter . ']');
                         $form->addRule('gradebook_score_display_custom_values_endscore[' . $counter . ']', get_lang('OnlyNumbers'), 'numeric');
-                        $form->addRule(array ('gradebook_score_display_custom_values_endscore[' . $counter . ']', 'gradebook_score_display_custom_values_maxvalue'), get_lang('Over100'), 'compare', '<=');
-                        $form->addRule(array ('gradebook_score_display_custom_values_endscore[' . $counter . ']', 'gradebook_score_display_custom_values_minvalue'), get_lang('UnderMin'), 'compare', '>');
+                        $form->addRule(array('gradebook_score_display_custom_values_endscore[' . $counter . ']', 'gradebook_score_display_custom_values_maxvalue'), get_lang('Over100'), 'compare', '<=');
+                        $form->addRule(array('gradebook_score_display_custom_values_endscore[' . $counter . ']', 'gradebook_score_display_custom_values_minvalue'), get_lang('UnderMin'), 'compare', '>');
                         if ($customdisplays[$counter - 1]) {
-                            $default_values['gradebook_score_display_custom_values_endscore['.$counter.']'] = $customdisplays[$counter-1]['score'];
-                            $default_values['gradebook_score_display_custom_values_displaytext['.$counter.']'] = $customdisplays[$counter-1]['display'];
+                            $default_values['gradebook_score_display_custom_values_endscore['.$counter.']'] = $customdisplays[$counter - 1]['score'];
+                            $default_values['gradebook_score_display_custom_values_displaytext['.$counter.']'] = $customdisplays[$counter - 1]['display'];
                         }
                     }
                 }
                 break;
-
                 */
         }
     }
@@ -384,22 +383,55 @@ if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', '
         // therefore not be set to false.
         // This, however, also means that if the process breaks on the third of five checkboxes, the others
         // will be set to false.
-        $r = api_set_settings_category($my_category,'false',$_configuration['access_url'],array('checkbox','radio'));
+        $r = api_set_settings_category($my_category, 'false', $_configuration['access_url'], array('checkbox', 'radio'));
         //$sql = "UPDATE $table_settings_current SET selected_value='false' WHERE category='$my_category' AND type='checkbox'";
         //$result = Database::query($sql);
-        // Save the settings
+        // Save the settings.
         $keys = array();
         //$gradebook_score_display_custom_values = array();
         foreach ($values as $key => $value) {
             // Treat gradebook values in separate function.
-            //if(strpos($key, 'gradebook_score_display_custom_values') === false) {
+            //if (strpos($key, 'gradebook_score_display_custom_values') === false) {
                 if (!is_array($value)) {
                     //$sql = "UPDATE $table_settings_current SET selected_value='".Database::escape_string($value)."' WHERE variable='$key'";
                     //$result = Database::query($sql);
 
-                    if (api_get_setting($key) != $value) $keys[] = $key;
+                    $old_value = api_get_setting($key);
+
+                    switch ($key) {
+
+                        // URL validation for some settings.
+                        case 'InstitutionUrl':
+                        case 'course_validation_terms_and_conditions_url':
+                            $value = trim(Security::remove_XSS($value));
+                            if ($value != '') {
+                                // Here we accept absolute URLs only.
+                                if (strpos($value, '://') === false) {
+                                    $value = 'http://'.$value;
+                                }
+                                if (!api_valid_url($value, true)) {
+                                    // If the new (non-empty) URL value is invalid, then the old URL value stays.
+                                    $value = $old_value;
+                                }
+                            }
+                            // If the new URL value is empty, then it will be stored (i.e. the setting will be deleted).
+                            break;
+
+                        // Validation against e-mail address for some settings.
+                        case 'emailAdministrator':
+                            $value = trim(Security::remove_XSS($value));
+                            if ($value != '' && !api_valid_email($value)) {
+                                // If the new (non-empty) e-mail address is invalid, then the old e-mail address stays.
+                                // If the new e-mail address is empty, then it will be stored (i.e. the setting will be deleted).
+                                $value = $old_value;
+                            }
+                            break;
+
+                    }
+
+                    if ($old_value != $value) $keys[] = $key;
 
-                    $result = api_set_setting($key,$value,null,null,$_configuration['access_url']);
+                    $result = api_set_setting($key, $value, null, null, $_configuration['access_url']);
 
                 } else {
 
@@ -408,8 +440,8 @@ if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', '
                     $subkeys = array();
                     while ($row_subkeys = Database::fetch_array($res)) {
                         // If subkey is changed:
-                        if ( (isset($value[$row_subkeys['subkey']]) && api_get_setting($key,$row_subkeys['subkey']) == 'false') ||
-                             (!isset($value[$row_subkeys['subkey']]) && api_get_setting($key,$row_subkeys['subkey']) == 'true')) {
+                        if ((isset($value[$row_subkeys['subkey']]) && api_get_setting($key, $row_subkeys['subkey']) == 'false') ||
+                            (!isset($value[$row_subkeys['subkey']]) && api_get_setting($key, $row_subkeys['subkey']) == 'true')) {
                             $keys[] = $key;
                             break;
                         }
@@ -420,7 +452,7 @@ if (!empty($_GET['category']) && !in_array($_GET['category'], array('Plugins', '
                         //$sql = "UPDATE $table_settings_current SET selected_value='true' WHERE variable='$key' AND subkey = '$subkey'";
                         //$result = Database::query($sql);
 
-                        $result = api_set_setting($key,'true',$subkey,null,$_configuration['access_url']);
+                        $result = api_set_setting($key, 'true', $subkey, null, $_configuration['access_url']);
 
                     }
                 }
@@ -483,7 +515,7 @@ $action_images['timezones']     = 'timezones.png';
 // Grabbing the categories.
 //$selectcategories = "SELECT DISTINCT category FROM ".$table_settings_current." WHERE category NOT IN ('stylesheets','Plugins')";
 //$resultcategories = Database::query($selectcategories);
-$resultcategories = api_get_settings_categories(array('stylesheets','Plugins', 'Templates', 'Search'));
+$resultcategories = api_get_settings_categories(array('stylesheets', 'Plugins', 'Templates', 'Search'));
 echo "\n<div class=\"actions\">";
 //while ($row = Database::fetch_array($resultcategories))
 foreach ($resultcategories as $row) {