Add: all tables with a field ref must contain a field entity

2025-12-08 18:48:22 +01:00 · 2009-05-07 14:33:52 +00:00
parent b543207a83
commit 5e7666c915
8 changed files with 138 additions and 62 deletions
--- a/htdocs/admin/syslog.php
+++ b/htdocs/admin/syslog.php
@@ -1,5 +1,6 @@
 <?php
 /* Copyright (C) 2005-2009 Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) 2005-2009 Regis Houssin        <regis@dolibarr.fr>
 * Copyright (C) 2007      Rodolphe Quiedeville <rodolphe@quiedeville.org>
 *
 * This program is free software; you can redistribute it and/or modify
--- a/htdocs/compta/bank/graph.php
+++ b/htdocs/compta/bank/graph.php
@@ -79,7 +79,6 @@ if ($_GET["ref"])
 	$account=$acct->id;
 }
 $result=create_exdir($conf->banque->dir_temp);
 if ($result < 0)
 {
--- a/htdocs/compta/paiement/cheque/fiche.php
+++ b/htdocs/compta/paiement/cheque/fiche.php
@@ -1,6 +1,7 @@
 <?php
 /* Copyright (C) 2006      Rodolphe Quiedeville <rodolphe@quiedeville.org>
 * Copyright (C) 2007-2008 Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) 2009      Regis Houssin        <regis@dolibarr.fr>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -35,8 +36,13 @@ $langs->load('banks');
 $langs->load('companies');
 // Security check
 if (isset($_GET["id"]) || isset($_GET["ref"]))
 {
 	$id = isset($_GET["id"])?$_GET["id"]:(isset($_GET["ref"])?$_GET["ref"]:'');
 }
 $fieldid = isset($_GET["ref"])?'number':'rowid';
 if ($user->societe_id) $socid=$user->societe_id;
-$result = restrictedArea($user, 'cheque', '','');
+$result = restrictedArea($user, 'cheque', $id, 'bordereau_cheque','','',$fieldid);
 $mesg='';
@@ -230,8 +236,11 @@ if ($_GET['action'] == 'new')
 	$sql.= " b.amount, ba.label, b.emetteur, b.num_chq, b.banque";
 	$sql.= " FROM ".MAIN_DB_PREFIX."bank as b ";
 	$sql.= ",".MAIN_DB_PREFIX."bank_account as ba ";
-	$sql.= " WHERE b.fk_type = 'CHQ' AND b.fk_account = ba.rowid";
+	$sql.= " WHERE b.fk_type = 'CHQ'";
-	$sql.= " AND b.fk_bordereau = 0 AND b.amount > 0";
+	$sql.= " AND b.fk_account = ba.rowid";
 	$sql.= " AND ba.entity = ".$conf->entity;
 	$sql.= " AND b.fk_bordereau = 0";
 	$sql.= " AND b.amount > 0";
 	$sql.= " ORDER BY b.emetteur ASC, b.rowid ASC";
 	$resql = $db->query($sql);
@@ -340,9 +349,12 @@ else
 	$sql = "SELECT b.rowid, b.amount, b.num_chq, b.emetteur,";
 	$sql.= " ".$db->pdate("b.dateo")." as date,".$db->pdate("b.datec")." as datec, b.banque,";
 	$sql.= " p.rowid as pid";
-	$sql.= " FROM ".MAIN_DB_PREFIX."bank as b";
+	$sql.= " FROM ".MAIN_DB_PREFIX."bank_account as ba";
 	$sql.= ", ".MAIN_DB_PREFIX."bank as b";
 	$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiement as p ON p.fk_bank = b.rowid";
-	$sql.= " WHERE b.fk_type= 'CHQ'";
+	$sql.= " WHERE ba.rowid = b.fk_account";
 	$sql.= " AND ba.entity = ".$conf->entity;
 	$sql.= " AND b.fk_type= 'CHQ'";
 	$sql.= " AND b.fk_bordereau = ".$remisecheque->id;
 	$sql.= " ORDER BY $sortfield $sortorder";
 	//print $sql;
--- a/htdocs/compta/paiement/cheque/index.php
+++ b/htdocs/compta/paiement/cheque/index.php
@@ -1,6 +1,7 @@
 <?php
 /* Copyright (C) 2006      Rodolphe Quiedeville <rodolphe@quiedeville.org>
 * Copyright (C) 2007-2008 Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) 2009      Regis Houssin        <regis@dolibarr.fr>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -53,7 +54,11 @@ print '<tr><td valign="top" width="30%" class="notopnoleft">';
 $sql = "SELECT count(b.rowid)";
 $sql.= " FROM ".MAIN_DB_PREFIX."bank as b";
-$sql.= " WHERE b.fk_type = 'CHQ' AND b.fk_bordereau = 0";
+$sql.= ", ".MAIN_DB_PREFIX."bank_account as ba";
 $sql.= " WHERE ba.rowid = b.fk_account";
 $sql.= " AND ba.entity = ".$conf->entity;
 $sql.= " AND b.fk_type = 'CHQ'";
 $sql.= " AND b.fk_bordereau = 0";
 $sql.= " AND b.amount > 0";
 $resql = $db->query($sql);
@@ -86,12 +91,13 @@ else
 print '</td><td valign="top" width="70%" class="notopnoleftnoright">';
-$sql = "SELECT bc.rowid,".$db->pdate("bc.date_bordereau")." as db, bc.amount, bc.number,";
+$sql = "SELECT bc.rowid,".$db->pdate("bc.date_bordereau")." as db, bc.amount, bc.number";
-$sql.= " bc.statut, bc.nbcheque,";
+$sql.= ", bc.statut, bc.nbcheque";
-$sql.= " ba.label, ba.rowid as bid";
+$sql.= ", ba.label, ba.rowid as bid";
-$sql.= " FROM ".MAIN_DB_PREFIX."bordereau_cheque as bc,";
+$sql.= " FROM ".MAIN_DB_PREFIX."bordereau_cheque as bc";
-$sql.= " ".MAIN_DB_PREFIX."bank_account as ba";
+$sql.= ", ".MAIN_DB_PREFIX."bank_account as ba";
-$sql.= " WHERE ba.rowid=bc.fk_bank_account"; 
+$sql.= " WHERE ba.rowid = bc.fk_bank_account";
 $sql.= " AND bc.entity = ".$conf->entity; 
 $sql.= " ORDER BY bc.rowid";
 $sql.= " DESC LIMIT 10";
--- a/htdocs/compta/paiement/cheque/liste.php
+++ b/htdocs/compta/paiement/cheque/liste.php
@@ -1,6 +1,7 @@
 <?php
 /* Copyright (C) 2006      Rodolphe Quiedeville <rodolphe@quiedeville.org>
 * Copyright (C) 2007-2008 Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) 2009      Regis Houssin        <regis@dolibarr.fr>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -59,6 +60,7 @@ $sql.= " ba.rowid as bid, ba.label";
 $sql.= " FROM ".MAIN_DB_PREFIX."bordereau_cheque as bc,";
 $sql.= " ".MAIN_DB_PREFIX."bank_account as ba";
 $sql.= " WHERE bc.fk_bank_account = ba.rowid";
 $sql.= " AND bc.entity = ".$conf->entity;
 if ($_GET["search_montant"])
 {
  $sql.=" AND bc.amount=".price2num($_GET["search_montant"]);
--- a/htdocs/compta/paiement/cheque/remisecheque.class.php
+++ b/htdocs/compta/paiement/cheque/remisecheque.class.php
@@ -47,7 +47,7 @@ class RemiseCheque extends CommonObject
 	/**
 	 *    \brief  Constructeur de la classe
-	 *    \param  DB          handler acc<EFBFBD>s base de donn<EFBFBD>es
+	 *    \param  DB          handler acces base de donnees
 	 *    \param  id          id compte (0 par defaut)
 	 */
 	function RemiseCheque($DB)
@@ -65,13 +65,16 @@ class RemiseCheque extends CommonObject
 	 */
 	function Fetch($id,$ref='')
 	{
-		$sql = "SELECT bc.rowid, bc.datec, bc.fk_user_author,bc.fk_bank_account,bc.amount,bc.number,bc.statut,bc.nbcheque";
+		global $conf;
-		$sql.= ",".$this->db->pdate("date_bordereau"). " as date_bordereau";
+		
-		$sql.=",ba.label as account_label";
+		$sql = "SELECT bc.rowid, bc.datec, bc.fk_user_author, bc.fk_bank_account, bc.amount, bc.number, bc.statut, bc.nbcheque";
 		$sql.= ", ".$this->db->pdate("bc.date_bordereau"). " as date_bordereau";
 		$sql.= ", ba.label as account_label";
 		$sql.= " FROM ".MAIN_DB_PREFIX."bordereau_cheque as bc";
 		$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."bank_account as ba ON bc.fk_bank_account = ba.rowid";
-		if ($id)  $sql.= " WHERE bc.rowid = ".$id;
+		$sql.= " WHERE bc.entity = ".$conf->entity;
-		if ($ref) $sql.= " WHERE bc.number = '".addslashes($ref)."'";
+		if ($id)  $sql.= " AND bc.rowid = ".$id;
 		if ($ref) $sql.= " AND bc.number = '".addslashes($ref)."'";
 		dol_syslog("RemiseCheque::fetch sql=".$sql, LOG_DEBUG);
 		$resql = $this->db->query($sql);
@@ -117,13 +120,32 @@ class RemiseCheque extends CommonObject
 	 */
 	function Create($user, $account_id)
 	{
 		global $conf;
 		$this->errno = 0;
 		$this->id = 0;
 		$this->db->begin();
-		$sql = "INSERT INTO ".MAIN_DB_PREFIX."bordereau_cheque (datec, date_bordereau, fk_user_author, fk_bank_account, amount, number, nbcheque)";
+		$sql = "INSERT INTO ".MAIN_DB_PREFIX."bordereau_cheque (";
-		$sql.= " VALUES (".$this->db->idate(mktime()).",".$this->db->idate(mktime()).",".$user->id.",".$account_id.",0,0,0)";
+		$sql.= "datec";
 		$sql.= ", date_bordereau";
 		$sql.= ", fk_user_author";
 		$sql.= ", fk_bank_account";
 		$sql.= ", amount";
 		$sql.= ", number";
 		$sql.= ", entity";
 		$sql.= ", nbcheque";
 		$sql.= ") VALUES (";
 		$sql.= $this->db->idate(mktime());
 		$sql.= ", ".$this->db->idate(mktime());
 		$sql.= ", ".$user->id;
 		$sql.= ", ".$account_id;
 		$sql.= ", 0";
 		$sql.= ", 0";
 		$sql.= ", ".$conf->entity;
 		$sql.= ", 0";
 		$sql.= ")";
 		dol_syslog("RemiseCheque::Create sql=".$sql, LOG_DEBUG);
 		$resql = $this->db->query($sql);
@@ -156,9 +178,11 @@ class RemiseCheque extends CommonObject
 				$lines = array();
 				$sql = "SELECT b.rowid";
 				$sql.= " FROM ".MAIN_DB_PREFIX."bank as b";
-				$sql.= " WHERE b.fk_type = 'CHQ' AND b.amount > 0";
+				$sql.= " WHERE b.fk_type = 'CHQ'";
-				$sql.= " AND b.fk_bordereau = 0 AND b.fk_account='".$account_id."'";
+				$sql.= " AND b.amount > 0";
-				$sql.= " LIMIT 40"; // On limite a 40 pour ne g<>n<EFBFBD>rer des PDF que d'une page
+				$sql.= " AND b.fk_bordereau = 0";
 				$sql.= " AND b.fk_account='".$account_id."'";
 				$sql.= " LIMIT 40"; // On limite a 40 pour ne generer des PDF que d'une page
 				dol_syslog("RemiseCheque::Create sql=".$sql, LOG_DEBUG);
 				$resql = $this->db->query($sql);
@@ -233,11 +257,14 @@ class RemiseCheque extends CommonObject
 	 */
 	function Delete($user='')
 	{
 		global $conf;
 		$this->errno = 0;
 		$this->db->begin();
 		$sql = "DELETE FROM ".MAIN_DB_PREFIX."bordereau_cheque";
-		$sql .= " WHERE rowid = $this->id;";
+		$sql.= " WHERE rowid = ".$this->id;
 		$sql.= " AND entity = ".$conf->entity;
 		$resql = $this->db->query($sql);
 		if ( $resql )
@@ -253,8 +280,9 @@ class RemiseCheque extends CommonObject
 	  if ( $this->errno === 0)
 	  {
 	  	$sql = "UPDATE ".MAIN_DB_PREFIX."bank";
-	  	$sql.= " SET fk_bordereau=0";
+	  	$sql.= " SET fk_bordereau = 0";
-	  	$sql.= " WHERE fk_bordereau='".$this->id."';";
+	  	$sql.= " WHERE fk_bordereau = '".$this->id."'";
 	  	$resql = $this->db->query($sql);
 	  	if (!$resql)
 	  	{
@@ -283,7 +311,7 @@ class RemiseCheque extends CommonObject
 	 */
 	function Validate($user)
 	{
-		global $langs;
+		global $langs,$conf;
 		$this->errno = 0;
@@ -294,8 +322,11 @@ class RemiseCheque extends CommonObject
 		if ($this->errno == 0 && $num)
 		{
 			$sql = "UPDATE ".MAIN_DB_PREFIX."bordereau_cheque";
-			$sql.= " SET statut=1, number='".$num."'";
+			$sql.= " SET statut = 1";
-			$sql .= " WHERE rowid = $this->id AND statut=0;";
+			$sql.= ", number = '".$num."'";
 			$sql.= " WHERE rowid = ".$this->id;
 			$sql.= " AND entity = ".$conf->entity;
 			$sql.= " AND statut = 0";
 			dol_syslog("RemiseCheque::Validate sql=".$sql, LOG_DEBUG);
 			$resql = $this->db->query($sql);
@@ -342,10 +373,14 @@ class RemiseCheque extends CommonObject
 	 */
 	function getNextNumber()
 	{
 		global $conf;
 		$num=0;
 		// We use +0 to convert varchar to number
-		$sql = "SELECT MAX(number+0) FROM ".MAIN_DB_PREFIX."bordereau_cheque";
+		$sql = "SELECT MAX(number+0)";
 		$sql.= " FROM ".MAIN_DB_PREFIX."bordereau_cheque";
 		$sql.= " WHERE entity = ".$conf->entity;
 		dol_syslog("Remisecheque::getNextNumber sql=".$sql);
 		$resql = $this->db->query($sql);
@@ -416,7 +451,7 @@ class RemiseCheque extends CommonObject
 	 */
 	function GeneratePdf($model='blochet', $outputlangs)
 	{
-		global $langs;
+		global $langs,$conf;
 		if (empty($model)) $model='blochet';
@@ -434,11 +469,14 @@ class RemiseCheque extends CommonObject
 			$classname='BordereauCheque'.ucfirst($model);
 			$pdf = new $classname($db);
-			$sql = "SELECT b.banque, b.emetteur, b.amount, b.num_chq ";
+			$sql = "SELECT b.banque, b.emetteur, b.amount, b.num_chq";
-			$sql.= " FROM ".MAIN_DB_PREFIX."bank as b, ".MAIN_DB_PREFIX."bank_account as ba ";
+			$sql.= " FROM ".MAIN_DB_PREFIX."bank as b";
-			$sql.= " , ".MAIN_DB_PREFIX."bordereau_cheque as bc";
+			$sql.= ", ".MAIN_DB_PREFIX."bank_account as ba";
-			$sql.= " WHERE b.fk_account = ba.rowid AND b.fk_bordereau = bc.rowid";
+			$sql.= ", ".MAIN_DB_PREFIX."bordereau_cheque as bc";
 			$sql.= " WHERE b.fk_account = ba.rowid";
 			$sql.= " AND b.fk_bordereau = bc.rowid";
 			$sql.= " AND bc.rowid = ".$this->id;
 			$sql.= " AND bc.entity = ".$conf->entity;
 			$sql.= " ORDER BY b.emetteur ASC, b.rowid ASC;";
 			dol_syslog("RemiseCheque::GeneratePdf sql=".$sql, LOG_DEBUG);
@@ -468,7 +506,7 @@ class RemiseCheque extends CommonObject
 			// We save charset_output to restore it because write_file can change it if needed for
 			// output format that does not support UTF8.
 			$sav_charset_output=$outputlangs->charset_output;
-			$result=$pdf->write_file(DOL_DATA_ROOT.'/compta/bordereau', $this->number, $outputlangs);
+			$result=$pdf->write_file($conf->comptabilite->dir_output.'/bordereau', $this->number, $outputlangs);
 			if ($result > 0)
 			{
 				$outputlangs->charset_output=$sav_charset_output;
@@ -495,13 +533,15 @@ class RemiseCheque extends CommonObject
 	 */
 	function UpdateAmount()
 	{
 		global $conf;
 		$this->errno = 0;
 		$this->db->begin();
 		$total = 0;
 		$nb = 0;
 		$sql = "SELECT amount ";
 		$sql.= " FROM ".MAIN_DB_PREFIX."bank";
-		$sql.= " WHERE fk_bordereau = $this->id;";
+		$sql.= " WHERE fk_bordereau = ".$this->id;
 		$resql = $this->db->query($sql);
 		if ( $resql )
@@ -515,9 +555,11 @@ class RemiseCheque extends CommonObject
 	  $this->db->free($resql);
 	  $sql = "UPDATE ".MAIN_DB_PREFIX."bordereau_cheque";
-	  $sql.= " SET amount='".price2num($total)."'";
+	  $sql.= " SET amount = '".price2num($total)."'";
-	  $sql.= " ,nbcheque=".$nb;
+	  $sql.= ", nbcheque = ".$nb;
-	  $sql.= " WHERE rowid='".$this->id."';";
+	  $sql.= " WHERE rowid = ".$this->id;
 	  $sql.= " AND entity = ".$conf->entity;
 	  $resql = $this->db->query($sql);
 	  if (!$resql)
 	  {
@@ -545,7 +587,7 @@ class RemiseCheque extends CommonObject
 	}
 	/**
-	 \brief  Ins<EFBFBD>re la remise en base
+	 \brief  Insere la remise en base
 	 \param  user utilisateur qui effectue l'operation
 	 \param  account_id Compte bancaire concerne
 	 */
@@ -556,8 +598,10 @@ class RemiseCheque extends CommonObject
 		if ($this->id > 0)
 		{
 			$sql = "UPDATE ".MAIN_DB_PREFIX."bank";
-			$sql.= " SET fk_bordereau = 0 ";
+			$sql.= " SET fk_bordereau = 0";
-			$sql.= " WHERE rowid = '".$account_id."' AND fk_bordereau='".$this->id."';";
+			$sql.= " WHERE rowid = '".$account_id."'";
 			$sql.= " AND fk_bordereau = ".$this->id;
 			$resql = $this->db->query($sql);
 			if ($resql)
 	  {
@@ -572,16 +616,19 @@ class RemiseCheque extends CommonObject
 		return 0;
 	}
 	/**
-	 \brief      Charge les propri<EFBFBD>t<EFBFBD>s ref_previous et ref_next
+	 \brief      Charge les proprietes ref_previous et ref_next
 	 \return     int   <0 si ko, 0 si ok
 	 */
 	function load_previous_next_id()
 	{
 		global $conf;
 		$this->errno = 0;
 		$sql = "SELECT MAX(rowid)";
 		$sql.= " FROM ".MAIN_DB_PREFIX."bordereau_cheque";
-		$sql.= " WHERE rowid < '".$this->id."'";
+		$sql.= " WHERE rowid < ".$this->id;
 		$sql.= " AND entity = ".$conf->entity;
 		$result = $this->db->query($sql) ;
 		if (! $result)
@@ -593,7 +640,9 @@ class RemiseCheque extends CommonObject
 		$sql = "SELECT MIN(rowid)";
 		$sql.= " FROM ".MAIN_DB_PREFIX."bordereau_cheque";
-		$sql.= " WHERE rowid > '".$this->id."'";
+		$sql.= " WHERE rowid > ".$this->id;
 		$sql.= " AND entity = ".$conf->entity;
 		$result = $this->db->query($sql) ;
 		if (! $result)
 		{
@@ -630,8 +679,8 @@ class RemiseCheque extends CommonObject
 	}
 	/**
-	 *    	\brief      Retourne le libell<EFBFBD> du statut d'une facture (brouillon, valid<EFBFBD>e, abandonn<EFBFBD>e, pay<EFBFBD>e)
+	 *    	\brief      Retourne le libelle du statut d'une facture (brouillon, validee, abandonnee, payee)
-	 *    	\param      mode        0=libell<EFBFBD> long, 1=libell<EFBFBD> court, 2=Picto + Libell<EFBFBD> court, 3=Picto, 4=Picto + Libell<EFBFBD> long, 5=Libell<EFBFBD> court + Picto
+	 *    	\param      mode        0=libelle long, 1=libelle court, 2=Picto + Libelle court, 3=Picto, 4=Picto + Libelle long, 5=Libelle court + Picto
 	 *    	\return     string		Libelle
 	 */
 	function getLibStatut($mode=0)
--- a/htdocs/core/conf.class.php
+++ b/htdocs/core/conf.class.php
@@ -180,9 +180,11 @@ class Conf
 		foreach($this->modules as $module)
 		{
 			if (empty($this->$module->dir_output)) $this->$module->dir_output=$rootfordata."/".$module;
-			else $this->$module->dir_output=$rootfordata.$this->$module->dir_output;
+			//else $this->$module->dir_output=$rootfordata.$this->$module->dir_output;
 			//print 'this->'.$module.'->dir_output='.$this->$module->dir_output.'<br>';
 			if (empty($this->$module->dir_temp)) $this->$module->dir_temp=$rootfordata."/".$module."/temp";
-			else $this->$module->dir_temp=$rootfordata.$this->$module->dir_temp;
+			//else $this->$module->dir_temp=$rootfordata.$this->$module->dir_temp;
 			//print 'this->'.$module.'->dir_temp='.$this->$module->dir_temp.'<br>';
 		}
 		// Exception: Some dir are not the name of module. So we keep exception here
--- a/htdocs/lib/functions.lib.php
+++ b/htdocs/lib/functions.lib.php
@@ -1355,10 +1355,11 @@ function info_admin($texte,$infoonimgalt=0)
 *	\param      objectid      	Object ID if we want to check permission on on object (optionnal)
 *	\param      dbtablename    	Table name where object is stored. Not used if objectid is null (optionnal)
 *	\param      feature2		    Feature to check (second level of permission)
- *  \param      dbt_socfield    Field name for socid foreign key if not fk_soc. (optionnal)
+ *  \param      dbt_keyfield    Field name for socid foreign key if not fk_soc. (optionnal)
 *  \param      dbt_select      Field name for select if not rowid. (optionnal)
 *  \param      dbt_tablename2  Secondary table name for compare keyfield. (optionnal)
 */
-function restrictedArea($user, $feature='societe', $objectid=0, $dbtablename='',$feature2='',$dbt_socfield='fk_soc',$dbt_select='rowid')
+function restrictedArea($user, $feature='societe', $objectid=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid', $dbtablename2='societe')
 {
 	global $db, $conf;
@@ -1366,7 +1367,7 @@ function restrictedArea($user, $feature='societe', $objectid=0, $dbtablename='',
 	if ($dbt_select != 'rowid') $objectid = "'".$objectid."'";
 	//print "user_id=".$user->id.", feature=".$feature.", feature2=".$feature2.", object_id=".$objectid;
-	//print ", dbtablename=".$dbtablename.", dbt_socfield=".$dbt_socfield.", dbt_select=".$dbt_select;
+	//print ", dbtablename=".$dbtablename.", dbt_socfield=".$dbt_keyfield.", dbt_select=".$dbt_select;
 	//print ", user_societe_contact_lire=".$user->rights->societe->contact->lire."<br>";
 	// Check read permission from module
@@ -1480,8 +1481,10 @@ function restrictedArea($user, $feature='societe', $objectid=0, $dbtablename='',
 			else if (! $user->rights->societe->client->voir)
 			{
 				$sql = "SELECT sc.fk_soc";
-				$sql.= " FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc, ".MAIN_DB_PREFIX."societe as s";
+				$sql.= " FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc";
-				$sql.= " WHERE sc.fk_soc = ".$objectid." AND sc.fk_user = ".$user->id;
+				$sql.= ", ".MAIN_DB_PREFIX."societe as s";
 				$sql.= " WHERE sc.fk_soc = ".$objectid;
 				$sql.= " AND sc.fk_user = ".$user->id;
 				$sql.= " AND sc.fk_soc = s.rowid";
 				$sql.= " AND s.entity = ".$conf->entity;
 			}
@@ -1508,8 +1511,9 @@ function restrictedArea($user, $feature='societe', $objectid=0, $dbtablename='',
 			else if (! $user->rights->societe->client->voir)
 			{
 				$sql = "SELECT sc.fk_soc";
-				$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt, ".MAIN_DB_PREFIX."societe as s";
+				$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
-				$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = dbt.".$dbt_socfield;
+				$sql.= ", ".MAIN_DB_PREFIX."societe as s";
 				$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = dbt.".$dbt_keyfield;
 				$sql.= " WHERE dbt.rowid = ".$objectid;
 				$sql.= " AND dbt.fk_soc = s.rowid";
 				$sql.= " AND s.entity = ".$conf->entity;
@@ -1519,7 +1523,7 @@ function restrictedArea($user, $feature='societe', $objectid=0, $dbtablename='',
 			else if ($conf->global->MAIN_MODULE_MULTICOMPANY)
 			{
 				// If the objects do not have fk_soc
-				if ($feature == 'banque')
+				if ($feature == 'banque' || $feature == 'cheque')
 				{
 					$sql = "SELECT dbt.".$dbt_select;
 					$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
@@ -1529,10 +1533,11 @@ function restrictedArea($user, $feature='societe', $objectid=0, $dbtablename='',
 				else
 				{
 					$sql = "SELECT dbt.".$dbt_select;
-					$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt, ".MAIN_DB_PREFIX."societe as s";
+					$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
 					$sql.= ", ".MAIN_DB_PREFIX.$dbtablename2." as dbt2";
 					$sql.= " WHERE dbt.".$dbt_select." = ".$objectid;
-					$sql.= " AND dbt.fk_soc = s.rowid";
+					$sql.= " AND dbt2.rowid = dbt.".$dbt_keyfield;
-					$sql.= " AND s.entity = ".$conf->entity;
+					$sql.= " AND dbt2.entity = ".$conf->entity;
 				}
 			}
 		}