From a75577516d1bf37c69418258b2dc5e9beec821ba Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sat, 3 Dec 2016 15:13:04 +0100
Subject: [PATCH] Fix pb with multicompany on expense report

---
 htdocs/expensereport/export_csv.php      | 1 +
 htdocs/expensereport/index.php           | 2 +-
 htdocs/expensereport/list.php            | 2 +-
 htdocs/expensereport/payment/card.php    | 2 +-
 htdocs/expensereport/payment/payment.php | 5 +++--
 htdocs/expensereport/synchro_compta.php  | 1 +
 6 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/htdocs/expensereport/export_csv.php b/htdocs/expensereport/export_csv.php
index 3cf520c6739..d55e262e2e4 100644
--- a/htdocs/expensereport/export_csv.php
+++ b/htdocs/expensereport/export_csv.php
@@ -128,6 +128,7 @@ if (isset($_POST['action']))
 
 		$sql = "SELECT d.rowid, d.ref, d.total_ht, d.total_tva, d.total_ttc";
 		$sql.= " FROM ".MAIN_DB_PREFIX."expensereport as d";
+        $sql.= ' AND d.entity IN ('.getEntity('expensereport', 1).')';
 		$sql.= " ORDER BY d.rowid";
 
 		$result = $db->query($sql);
diff --git a/htdocs/expensereport/index.php b/htdocs/expensereport/index.php
index 117ecc5e3c4..83e45d2a1b7 100644
--- a/htdocs/expensereport/index.php
+++ b/htdocs/expensereport/index.php
@@ -147,7 +147,7 @@ $sql.= " FROM ".MAIN_DB_PREFIX."expensereport as d, ".MAIN_DB_PREFIX."user as u"
 if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 $sql.= " WHERE u.rowid = d.fk_user_author";
 if (empty($user->rights->expensereport->readall) && empty($user->rights->expensereport->lire_tous)) $sql.=' AND d.fk_user_author IN ('.join(',',$childids).')';
-//$sql.= " AND d.entity = ".$conf->entity;
+$sql.= ' AND d.entity IN ('.getEntity('expensereport', 1).')';
 if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND d.fk_user_author = s.rowid AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
 if ($socid) $sql.= " AND d.fk_user_author = ".$socid;
 $sql.= $db->order($sortfield,$sortorder);
diff --git a/htdocs/expensereport/list.php b/htdocs/expensereport/list.php
index b857b9c92d4..476ef2224f5 100644
--- a/htdocs/expensereport/list.php
+++ b/htdocs/expensereport/list.php
@@ -133,7 +133,7 @@ $sql.= " d.date_debut, d.date_fin, d.date_valid,";
 $sql.= " u.rowid as id_user, u.firstname, u.lastname";
 $sql.= " FROM ".MAIN_DB_PREFIX."expensereport as d";
 $sql.= " INNER JOIN ".MAIN_DB_PREFIX."user as u ON d.fk_user_author = u.rowid";
-$sql.= " WHERE d.entity = ".$conf->entity;
+$sql.= ' WHERE d.entity IN ('.getEntity('expensereport', 1).')';
 // Search all
 if (!empty($sall))
 {
diff --git a/htdocs/expensereport/payment/card.php b/htdocs/expensereport/payment/card.php
index 19d5b3206f7..f9ba5af3dc0 100644
--- a/htdocs/expensereport/payment/card.php
+++ b/htdocs/expensereport/payment/card.php
@@ -199,7 +199,7 @@ $disable_delete = 0;
 $sql = 'SELECT er.rowid as did, er.paid, er.total_ttc, per.amount';
 $sql.= ' FROM '.MAIN_DB_PREFIX.'payment_expensereport as per,'.MAIN_DB_PREFIX.'expensereport as er';
 $sql.= ' WHERE per.fk_expensereport = er.rowid';
-$sql.= ' AND er.entity = '.$conf->entity;
+$sql.= ' AND er.entity IN ('.getEntity('expensereport', 1).')';
 $sql.= ' AND per.rowid = '.$id;
 
 dol_syslog("expensereport/payment/card.php", LOG_DEBUG);
diff --git a/htdocs/expensereport/payment/payment.php b/htdocs/expensereport/payment/payment.php
index c4351e4d038..e361a9954c0 100644
--- a/htdocs/expensereport/payment/payment.php
+++ b/htdocs/expensereport/payment/payment.php
@@ -193,8 +193,9 @@ if (GETPOST("action") == 'create')
 	print '<tr><td>'.$langs->trans("Amount").'</td><td colspan="2">'.price($expensereport->total_ttc,0,$outputlangs,1,-1,-1,$conf->currency).'</td></tr>';
 
 	$sql = "SELECT sum(p.amount) as total";
-	$sql.= " FROM ".MAIN_DB_PREFIX."payment_expensereport as p";
-	$sql.= " WHERE p.fk_expensereport = ".$chid;
+	$sql.= " FROM ".MAIN_DB_PREFIX."payment_expensereport as p, ".MAIN_DB_PREFIX."expensereport as e";
+	$sql.= " WHERE p.fk_expensereport = e.rowid AND p.fk_expensereport = ".$chid;
+    $sql.= ' AND e.entity IN ('.getEntity('expensereport', 1).')';
 	$resql = $db->query($sql);
 	if ($resql)
 	{
diff --git a/htdocs/expensereport/synchro_compta.php b/htdocs/expensereport/synchro_compta.php
index 31c2d985840..eba616d2620 100644
--- a/htdocs/expensereport/synchro_compta.php
+++ b/htdocs/expensereport/synchro_compta.php
@@ -139,6 +139,7 @@ else:
 	$sql.= " FROM ".MAIN_DB_PREFIX."expensereport as d";
 	$sql.= " INNER JOIN ".MAIN_DB_PREFIX."user as u ON d.fk_user_author = u.rowid";
 	$sql.= " WHERE d.fk_statut = 6";
+    $sql.= ' AND d.entity IN ('.getEntity('expensereport', 1).')';
 	$sql.= " ORDER BY d.date_valid DESC";
 
 	$resql=$db->query($sql);