From 81ed70ffc7ac61844088e1e664324e5fdacb8e78 Mon Sep 17 00:00:00 2001
From: Pierre Ardoin <32256817+mapiolca@users.noreply.github.com>
Date: Wed, 5 Feb 2020 09:18:39 +0100
Subject: [PATCH] Update box_project.php

---
 htdocs/core/boxes/box_project.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/core/boxes/box_project.php b/htdocs/core/boxes/box_project.php
index ca9618aab9a..071e4b013ec 100644
--- a/htdocs/core/boxes/box_project.php
+++ b/htdocs/core/boxes/box_project.php
@@ -99,8 +99,8 @@ class box_project extends ModeleBoxes
 
             $sql = "SELECT p.rowid, p.ref, p.title, p.fk_statut, p.public";
             $sql.= " FROM ".MAIN_DB_PREFIX."projet as p";
-            $sql.= " WHERE p.fk_statut = 1"; // Only open projects
-			$sql.= " WHERE entity IN (".getEntity('project').")"; // Only current entity or severals if permission ok
+            $sql.= " WHERE entity IN (".getEntity('project').")"; // Only current entity or severals if permission ok
+			$sql.= " AND p.fk_statut = 1"; // Only open projects
             if (! $user->rights->projet->all->lire) $sql.= " AND p.rowid IN (".$projectsListId.")"; // public and assigned to, or restricted to company for external users
 
             $sql.= " ORDER BY p.datec DESC";