diff --git a/htdocs/compta/bank/bankentries_list.php b/htdocs/compta/bank/bankentries_list.php
index d3ef0fc3077..d4cfbb83abd 100644
--- a/htdocs/compta/bank/bankentries_list.php
+++ b/htdocs/compta/bank/bankentries_list.php
@@ -1682,7 +1682,7 @@ if ($resql) {
 				}
 			}
 			if ($user->rights->banque->modifier) {
-				print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete&amp;token='.newToken().'&amp;rowid='.$objp->rowid.'&amp;id='.$objp->bankid.'&amp;page='.$page.'">';
+				print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&rowid='.$objp->rowid.'&page='.$page.'">';
 				print img_delete('', 'class="marginleftonly"');
 				print '</a>';
 			}
diff --git a/htdocs/compta/bank/info.php b/htdocs/compta/bank/info.php
index 8be615c4827..22e137c29c8 100644
--- a/htdocs/compta/bank/info.php
+++ b/htdocs/compta/bank/info.php
@@ -30,6 +30,7 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
 $langs->loadLangs(array('banks', 'categories', 'companies'));
 
 $id = GETPOST("rowid", 'int');
+$accountid = (GETPOST('id', 'int') ? GETPOST('id', 'int') : GETPOST('account', 'int'));
 $ref = GETPOST('ref', 'alpha');
 
 // Security check
@@ -40,7 +41,7 @@ if ($user->socid) {
 	$socid = $user->socid;
 }
 
-$result = restrictedArea($user, 'banque', $fieldvalue, 'bank_account', '', '', $fieldtype);
+$result = restrictedArea($user, 'banque', $accountid, 'bank_account');
 if (!$user->rights->banque->lire && !$user->rights->banque->consolidate) {
 	accessforbidden();
 }
diff --git a/htdocs/compta/bank/line.php b/htdocs/compta/bank/line.php
index f75a8240e00..e524371e29d 100644
--- a/htdocs/compta/bank/line.php
+++ b/htdocs/compta/bank/line.php
@@ -51,7 +51,8 @@ if (!empty($conf->salaries->enabled)) {
 }
 
 
-$id = (GETPOST('rowid', 'int') ? GETPOST('rowid', 'int') : GETPOST('account', 'int'));
+$id = GETPOST('rowid', 'int');
+$accountid = (GETPOST('id', 'int') ? GETPOST('id', 'int') : GETPOST('account', 'int'));
 $ref = GETPOST('ref', 'alpha');
 $action = GETPOST('action', 'aZ09');
 $confirm = GETPOST('confirm', 'alpha');
@@ -67,7 +68,7 @@ if ($user->socid) {
 	$socid = $user->socid;
 }
 
-$result = restrictedArea($user, 'banque', $fieldvalue, 'bank_account', '', '', $fieldtype);
+$result = restrictedArea($user, 'banque', $accountid, 'bank_account');
 if (!$user->rights->banque->lire && !$user->rights->banque->consolidate) {
 	accessforbidden();
 }
@@ -78,6 +79,7 @@ $hookmanager->initHooks(array('bankline'));
 /*
  * Actions
  */
+
 $parameters = array('socid' => $socid);
 $reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
 if ($reshook < 0) {
@@ -265,7 +267,7 @@ foreach ($cats as $cat) {
 $head = bankline_prepare_head($rowid);
 
 
-$sql = "SELECT b.rowid,b.dateo as do,b.datev as dv, b.amount, b.label, b.rappro,";
+$sql = "SELECT b.rowid, b.dateo as do, b.datev as dv, b.amount, b.label, b.rappro,";
 $sql .= " b.num_releve, b.fk_user_author, b.num_chq, b.fk_type, b.fk_account, b.fk_bordereau as receiptid,";
 $sql .= " b.emetteur,b.banque";
 $sql .= " FROM ".MAIN_DB_PREFIX."bank as b";
@@ -299,6 +301,7 @@ if ($result) {
 		print '<input type="hidden" name="token" value="'.newToken().'">';
 		print '<input type="hidden" name="action" value="update">';
 		print '<input type="hidden" name="orig_account" value="'.$orig_account.'">';
+		print '<input type="hidden" name="account" value="'.$acct->id.'">';
 		print '<input type="hidden" name="id" value="'.$acct->id.'">';
 
 		print dol_get_fiche_head($head, 'bankline', $langs->trans('LineRecord'), 0, 'accountline', 0);
@@ -490,9 +493,9 @@ if ($result) {
 			print $form->selectDate($db->jdate($objp->do), 'dateo', '', '', '', 'update', 1, 0, $objp->rappro);
 			if (!$objp->rappro) {
 				print ' &nbsp; ';
-				print '<a class="ajaxforbankoperationchange" href="'.$_SERVER['PHP_SELF'].'?action=doprev&amp;id='.$id.'&amp;rowid='.$objp->rowid.'">';
+				print '<a class="ajaxforbankoperationchange" href="'.$_SERVER['PHP_SELF'].'?action=doprev&id='.$objp->fk_account.'&rowid='.$objp->rowid.'&token='.newToken().'">';
 				print img_edit_remove()."</a> ";
-				print '<a class="ajaxforbankoperationchange" href="'.$_SERVER['PHP_SELF'].'?action=donext&amp;id='.$id.'&amp;rowid='.$objp->rowid.'">';
+				print '<a class="ajaxforbankoperationchange" href="'.$_SERVER['PHP_SELF'].'?action=donext&id='.$objp->fk_account.'&rowid='.$objp->rowid.'&token='.newToken().'">';
 				print img_edit_add()."</a>";
 			}
 			print '</td>';
@@ -510,9 +513,9 @@ if ($result) {
 			print $form->selectDate($db->jdate($objp->dv), 'datev', '', '', '', 'update', 1, 0, $objp->rappro);
 			if (!$objp->rappro) {
 				print ' &nbsp; ';
-				print '<a class="ajaxforbankoperationchange" href="'.$_SERVER['PHP_SELF'].'?action=dvprev&amp;id='.$id.'&amp;rowid='.$objp->rowid.'">';
+				print '<a class="ajaxforbankoperationchange" href="'.$_SERVER['PHP_SELF'].'?action=dvprev&id='.$objp->fk_account.'&rowid='.$objp->rowid.'&token='.newToken().'">';
 				print img_edit_remove()."</a> ";
-				print '<a class="ajaxforbankoperationchange" href="'.$_SERVER['PHP_SELF'].'?action=dvnext&amp;id='.$id.'&amp;rowid='.$objp->rowid.'">';
+				print '<a class="ajaxforbankoperationchange" href="'.$_SERVER['PHP_SELF'].'?action=dvnext&id='.$objp->fk_account.'&rowid='.$objp->rowid.'&token='.newToken().'">';
 				print img_edit_add()."</a>";
 			}
 			print '</td>';