From 91885c9d6fee6c785f3de70a059d07b185669043 Mon Sep 17 00:00:00 2001
From: Alexis Algoud <alexis@atm-consulting.fr>
Date: Fri, 22 May 2015 17:22:57 +0200
Subject: [PATCH 1/3] FIX when multicompany was enabled, this function didn't
 check just on the good entity (problem when both company use same mask)

---
 htdocs/core/class/commonobject.class.php | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php
index e0bab998982..10e83d80595 100644
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -65,13 +65,17 @@ abstract class CommonObject
      */
     static function isExistingObject($element, $id, $ref='', $ref_ext='')
     {
-    	global $db;
+    	global $db,$conf;
 
 		$sql = "SELECT rowid, ref, ref_ext";
 		$sql.= " FROM ".MAIN_DB_PREFIX.$element;
-		if ($id > 0) $sql.= " WHERE rowid = ".$db->escape($id);
-		else if ($ref) $sql.= " WHERE ref = '".$db->escape($ref)."'";
-		else if ($ref_ext) $sql.= " WHERE ref_ext = '".$db->escape($ref_ext)."'";
+		
+		if($conf->multicompany->enabled)$sql.= " WHERE entity=".$conf->entity; 
+		else $sql.=" WHERE 1 ";
+		
+		if ($id > 0) $sql.= " AND rowid = ".$db->escape($id);
+		else if ($ref) $sql.= " AND ref = '".$db->escape($ref)."'";
+		else if ($ref_ext) $sql.= " AND ref_ext = '".$db->escape($ref_ext)."'";
 		else {
 			$error='ErrorWrongParameters';
 			dol_print_error(get_class()."::isExistingObject ".$error, LOG_ERR);

From 44c46d68ed4a443962dbdbb8d8ad130f9ee31f82 Mon Sep 17 00:00:00 2001
From: Alexis ALGOUD <alexis@atm-consulting.fr>
Date: Sat, 23 May 2015 23:51:49 +0200
Subject: [PATCH 2/3] Remove the useless if

---
 htdocs/core/class/commonobject.class.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php
index 10e83d80595..73019b52eef 100644
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -70,8 +70,7 @@ abstract class CommonObject
 		$sql = "SELECT rowid, ref, ref_ext";
 		$sql.= " FROM ".MAIN_DB_PREFIX.$element;
 		
-		if($conf->multicompany->enabled)$sql.= " WHERE entity=".$conf->entity; 
-		else $sql.=" WHERE 1 ";
+		$sql.= " WHERE entity=".$conf->entity; 
 		
 		if ($id > 0) $sql.= " AND rowid = ".$db->escape($id);
 		else if ($ref) $sql.= " AND ref = '".$db->escape($ref)."'";

From dd7febe2b984f0ab2c60d435279e3a0a6374a5c0 Mon Sep 17 00:00:00 2001
From: Alexis Algoud <alexis@atm-consulting.fr>
Date: Fri, 29 May 2015 15:10:59 +0200
Subject: [PATCH 3/3] replace test by getEntity()

---
 htdocs/core/class/commonobject.class.php | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php
index 10e83d80595..03d044a2ee6 100644
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -69,9 +69,7 @@ abstract class CommonObject
 
 		$sql = "SELECT rowid, ref, ref_ext";
 		$sql.= " FROM ".MAIN_DB_PREFIX.$element;
-		
-		if($conf->multicompany->enabled)$sql.= " WHERE entity=".$conf->entity; 
-		else $sql.=" WHERE 1 ";
+		$sql.= " WHERE entity IN (".getEntity($element).")" ; 
 		
 		if ($id > 0) $sql.= " AND rowid = ".$db->escape($id);
 		else if ($ref) $sql.= " AND ref = '".$db->escape($ref)."'";