diff --git a/htdocs/fourn/commande/orderstoinvoice.php b/htdocs/fourn/commande/orderstoinvoice.php
index a1fa57f97f4..e11e70b12ef 100644
--- a/htdocs/fourn/commande/orderstoinvoice.php
+++ b/htdocs/fourn/commande/orderstoinvoice.php
@@ -44,7 +44,7 @@ $langs->load('orders');
 $langs->load('deliveries');
 $langs->load('companies');
 
-if (! $user->rights->facture->creer)
+if (! $user->rights->fournisseur->facture->creer)
 	accessforbidden();
 
 $id = (GETPOST('id') ? GETPOST('id', 'int') : GETPOST("facid")); // For backward compatibility
diff --git a/htdocs/product/stats/commande.php b/htdocs/product/stats/commande.php
index 42925a704ec..2769c1a699e 100644
--- a/htdocs/product/stats/commande.php
+++ b/htdocs/product/stats/commande.php
@@ -129,7 +129,7 @@ if ($id > 0 || ! empty($ref))
 		if ($user->rights->commande->lire)
 		{
 			$sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, s.code_client, c.rowid, d.total_ht as total_ht, c.ref,";
-			$sql .= " c.ref_client,";
+			$sql.= " c.ref_client,";
 			$sql.= " c.date_commande, c.fk_statut as statut, c.facture, c.rowid as commandeid, d.rowid, d.qty";
 			if (!$user->rights->societe->client->voir && !$socid) $sql.= ", sc.fk_soc, sc.fk_user ";
 			$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
diff --git a/htdocs/product/stats/commande_fournisseur.php b/htdocs/product/stats/commande_fournisseur.php
index 0516163b2a1..07d9dc3ad4b 100644
--- a/htdocs/product/stats/commande_fournisseur.php
+++ b/htdocs/product/stats/commande_fournisseur.php
@@ -134,7 +134,8 @@ if ($id > 0 || ! empty($ref)) {
 
 		print '</div>';
 
-		if ($user->rights->fournisseur->commande->lire) {
+		if ($user->rights->fournisseur->commande->lire)
+		{
 			$sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, s.code_client,";
 			$sql .= " c.rowid, d.total_ht as total_ht, c.ref,";
 			$sql .= " c.date_commande, c.fk_statut as statut, c.rowid as commandeid, d.rowid, d.qty";
diff --git a/htdocs/product/stats/propal.php b/htdocs/product/stats/propal.php
index 84d1ba72a80..4992cd7c728 100644
--- a/htdocs/product/stats/propal.php
+++ b/htdocs/product/stats/propal.php
@@ -126,7 +126,8 @@ if ($id > 0 || ! empty($ref))
 
 		print '</div>';
 
-		if ($user->rights->propale->lire) {
+		if ($user->rights->propale->lire) 
+		{
 			$sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, p.rowid as propalid, p.ref, d.total_ht as amount,";
 			$sql .= " p.ref_client,";
 			$sql .= "p.datep, p.fk_statut as statut, d.rowid, d.qty";