From 3e5271967bfe8509bde95bb9e53542d3122924f3 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis.houssin@capnetworks.com>
Date: Sun, 8 Jul 2018 12:11:22 +0200
Subject: [PATCH] FIX missing entity field

---
 htdocs/contact/class/contact.class.php |  7 +++-
 htdocs/societe/card.php                | 54 +++++++++++++-------------
 htdocs/societe/class/societe.class.php |  6 +--
 3 files changed, 35 insertions(+), 32 deletions(-)

diff --git a/htdocs/contact/class/contact.class.php b/htdocs/contact/class/contact.class.php
index 4724f0d97cd..013751e8282 100644
--- a/htdocs/contact/class/contact.class.php
+++ b/htdocs/contact/class/contact.class.php
@@ -204,7 +204,7 @@ class Contact extends CommonObject
 		if (empty($this->priv)) $this->priv = 0;
 		if (empty($this->statut)) $this->statut = 0; // This is to convert '' into '0' to avoid bad sql request
 
-		$entity = ((isset($this->entity) && is_numeric($this->entity))?$this->entity:$conf->entity);
+		$this->entity = ((isset($this->entity) && is_numeric($this->entity))?$this->entity:$conf->entity);
 
 		$sql = "INSERT INTO ".MAIN_DB_PREFIX."socpeople (";
 		$sql.= " datec";
@@ -228,7 +228,7 @@ class Contact extends CommonObject
 		$sql.= " ".$this->db->escape($this->priv).",";
 		$sql.= " ".$this->db->escape($this->statut).",";
         $sql.= " ".(! empty($this->canvas)?"'".$this->db->escape($this->canvas)."'":"null").",";
-        $sql.= " ".$this->db->escape($entity).",";
+        $sql.= " ".$this->db->escape($this->entity).",";
         $sql.= "'".$this->db->escape($this->ref_ext)."',";
         $sql.= " ".(! empty($this->import_key)?"'".$this->db->escape($this->import_key)."'":"null");
 		$sql.= ")";
@@ -307,6 +307,8 @@ class Contact extends CommonObject
 
 		$this->id = $id;
 
+		$this->entity = ((isset($this->entity) && is_numeric($this->entity))?$this->entity:$conf->entity);
+
 		// Clean parameters
 		$this->lastname=trim($this->lastname)?trim($this->lastname):trim($this->lastname);
 		$this->firstname=trim($this->firstname);
@@ -354,6 +356,7 @@ class Contact extends CommonObject
 		$sql .= ", fk_user_modif=".($user->id > 0 ? "'".$this->db->escape($user->id)."'":"NULL");
 		$sql .= ", default_lang=".($this->default_lang?"'".$this->db->escape($this->default_lang)."'":"NULL");
 		$sql .= ", no_email=".($this->no_email?"'".$this->db->escape($this->no_email)."'":"0");
+		$sql .= ", entity = " . $this->db->escape($this->entity);
 		$sql .= " WHERE rowid=".$this->db->escape($id);
 
 		dol_syslog(get_class($this)."::update", LOG_DEBUG);
diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php
index e4a7684012f..419c007906a 100644
--- a/htdocs/societe/card.php
+++ b/htdocs/societe/card.php
@@ -376,19 +376,19 @@ if (empty($reshook))
 
         if (! $error)
         {
-        		if ($action == 'update')
+        	if ($action == 'update')
 	        {
-	        		$ret=$object->fetch($socid);
+	        	$ret=$object->fetch($socid);
 				$object->oldcopy = clone $object;
 	        }
 			else $object->canvas=$canvas;
 
 	        if (GETPOST("private") == 1)	// Ask to create a contact
 	        {
-	            $object->particulier			= GETPOST("private");
+	            $object->particulier		= GETPOST("private");
 
 	            $object->name				= dolGetFirstLastname(GETPOST('firstname','alpha'),GETPOST('name','alpha'));
-	            $object->civility_id			= GETPOST('civility_id');	// Note: civility id is a code, not an int
+	            $object->civility_id		= GETPOST('civility_id');	// Note: civility id is a code, not an int
 	            // Add non official properties
 	            $object->name_bis			= GETPOST('name','alpha');
 	            $object->firstname			= GETPOST('firstname','alpha');
@@ -399,54 +399,54 @@ if (empty($reshook))
 	        }
 	        $object->entity					= (GETPOSTISSET('entity')?GETPOST('entity', 'int'):$conf->entity);
 	        $object->name_alias				= GETPOST('name_alias');
-	        $object->address					= GETPOST('address');
-	        $object->zip						= GETPOST('zipcode', 'alpha');
+	        $object->address				= GETPOST('address');
+	        $object->zip					= GETPOST('zipcode', 'alpha');
 	        $object->town					= GETPOST('town', 'alpha');
 	        $object->country_id				= GETPOST('country_id', 'int');
 	        $object->state_id				= GETPOST('state_id', 'int');
 	        $object->skype					= GETPOST('skype', 'alpha');
 	        $object->phone					= GETPOST('phone', 'alpha');
-	        $object->fax						= GETPOST('fax','alpha');
+	        $object->fax					= GETPOST('fax','alpha');
 	        $object->email					= trim(GETPOST('email', 'custom', 0, FILTER_SANITIZE_EMAIL));
-	        $object->url						= trim(GETPOST('url', 'custom', 0, FILTER_SANITIZE_URL));
-	        $object->idprof1					= trim(GETPOST('idprof1', 'alpha'));
-	        $object->idprof2					= trim(GETPOST('idprof2', 'alpha'));
-	        $object->idprof3					= trim(GETPOST('idprof3', 'alpha'));
-	        $object->idprof4					= trim(GETPOST('idprof4', 'alpha'));
-	        $object->idprof5					= trim(GETPOST('idprof5', 'alpha'));
-	        $object->idprof6					= trim(GETPOST('idprof6', 'alpha'));
-	        $object->prefix_comm				= GETPOST('prefix_comm', 'alpha');
-	        $object->code_client				= GETPOST('code_client', 'alpha');
+	        $object->url					= trim(GETPOST('url', 'custom', 0, FILTER_SANITIZE_URL));
+	        $object->idprof1				= trim(GETPOST('idprof1', 'alpha'));
+	        $object->idprof2				= trim(GETPOST('idprof2', 'alpha'));
+	        $object->idprof3				= trim(GETPOST('idprof3', 'alpha'));
+	        $object->idprof4				= trim(GETPOST('idprof4', 'alpha'));
+	        $object->idprof5				= trim(GETPOST('idprof5', 'alpha'));
+	        $object->idprof6				= trim(GETPOST('idprof6', 'alpha'));
+	        $object->prefix_comm			= GETPOST('prefix_comm', 'alpha');
+	        $object->code_client			= GETPOST('code_client', 'alpha');
 	        $object->code_fournisseur		= GETPOST('code_fournisseur', 'alpha');
-	        $object->capital					= GETPOST('capital', 'alpha');
-	        $object->barcode					= GETPOST('barcode', 'alpha');
+	        $object->capital				= GETPOST('capital', 'alpha');
+	        $object->barcode				= GETPOST('barcode', 'alpha');
 
 	        $object->tva_intra				= GETPOST('tva_intra', 'alpha');
 	        $object->tva_assuj				= GETPOST('assujtva_value', 'alpha');
 	        $object->status					= GETPOST('status', 'alpha');
 
 	        // Local Taxes
-	        $object->localtax1_assuj			= GETPOST('localtax1assuj_value', 'alpha');
-	        $object->localtax2_assuj			= GETPOST('localtax2assuj_value', 'alpha');
+	        $object->localtax1_assuj		= GETPOST('localtax1assuj_value', 'alpha');
+	        $object->localtax2_assuj		= GETPOST('localtax2assuj_value', 'alpha');
 
-	        $object->localtax1_value			= GETPOST('lt1', 'alpha');
-	        $object->localtax2_value			= GETPOST('lt2', 'alpha');
+	        $object->localtax1_value		= GETPOST('lt1', 'alpha');
+	        $object->localtax2_value		= GETPOST('lt2', 'alpha');
 
 	        $object->forme_juridique_code	= GETPOST('forme_juridique_code', 'int');
-	        $object->effectif_id				= GETPOST('effectif_id', 'int');
+	        $object->effectif_id			= GETPOST('effectif_id', 'int');
 	        $object->typent_id				= GETPOST('typent_id','int');
 
-	        $object->typent_code				= dol_getIdFromCode($db, $object->typent_id, 'c_typent', 'id', 'code');	// Force typent_code too so check in verify() will be done on new type
+	        $object->typent_code			= dol_getIdFromCode($db, $object->typent_id, 'c_typent', 'id', 'code');	// Force typent_code too so check in verify() will be done on new type
 
 	        $object->client					= GETPOST('client', 'int');
-	        $object->fournisseur				= GETPOST('fournisseur', 'int');
+	        $object->fournisseur			= GETPOST('fournisseur', 'int');
 
 	        $object->commercial_id			= GETPOST('commercial_id', 'int');
 	        $object->default_lang			= GETPOST('default_lang');
 
 	        // Webservices url/key
-	        $object->webservices_url			= GETPOST('webservices_url', 'custom', 0, FILTER_SANITIZE_URL);
-	        $object->webservices_key			= GETPOST('webservices_key', 'san_alpha');
+	        $object->webservices_url		= GETPOST('webservices_url', 'custom', 0, FILTER_SANITIZE_URL);
+	        $object->webservices_key		= GETPOST('webservices_key', 'san_alpha');
 
 			// Incoterms
 			if (!empty($conf->incoterm->enabled))
diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php
index 03bdedd3d4f..f5b291ba2a0 100644
--- a/htdocs/societe/class/societe.class.php
+++ b/htdocs/societe/class/societe.class.php
@@ -480,10 +480,10 @@ class Societe extends CommonObject
 
 		if ($result >= 0)
 		{
-			$entity = ((isset($this->entity) && is_numeric($this->entity))?$this->entity:$conf->entity);
+			$this->entity = ((isset($this->entity) && is_numeric($this->entity))?$this->entity:$conf->entity);
 
 			$sql = "INSERT INTO ".MAIN_DB_PREFIX."societe (nom, name_alias, entity, datec, fk_user_creat, canvas, status, ref_int, ref_ext, fk_stcomm, fk_incoterms, location_incoterms ,import_key, fk_multicurrency, multicurrency_code)";
-			$sql.= " VALUES ('".$this->db->escape($this->name)."', '".$this->db->escape($this->name_alias)."', ".$entity.", '".$this->db->idate($now)."'";
+			$sql.= " VALUES ('".$this->db->escape($this->name)."', '".$this->db->escape($this->name_alias)."', ".$this->db->escape($this->entity).", '".$this->db->idate($now)."'";
 			$sql.= ", ".(! empty($user->id) ? "'".$user->id."'":"null");
 			$sql.= ", ".(! empty($this->canvas) ? "'".$this->db->escape($this->canvas)."'":"null");
 			$sql.= ", ".$this->status;
@@ -891,7 +891,7 @@ class Societe extends CommonObject
 			dol_syslog(get_class($this)."::update verify ok or not done");
 
 			$sql  = "UPDATE ".MAIN_DB_PREFIX."societe SET ";
-			$sql .= "entity = " . $this->entity;
+			$sql .= "entity = " . $this->db->escape($this->entity);
 			$sql .= ",nom = '" . $this->db->escape($this->name) ."'"; // Required
 			$sql .= ",name_alias = '" . $this->db->escape($this->name_alias) ."'";
 			$sql .= ",ref_ext = " .(! empty($this->ref_ext)?"'".$this->db->escape($this->ref_ext) ."'":"null");