From 56245e2c9a888da1d84d02b5dbca99602975bd23 Mon Sep 17 00:00:00 2001
From: Juanjo Menent <jmenent@2byte.es>
Date: Tue, 4 Oct 2016 16:51:44 +0200
Subject: [PATCH] FIX: only show projects of related third if external user

---
 htdocs/core/boxes/box_project.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/htdocs/core/boxes/box_project.php b/htdocs/core/boxes/box_project.php
index 7d819ec0d2b..1db7b5729db 100644
--- a/htdocs/core/boxes/box_project.php
+++ b/htdocs/core/boxes/box_project.php
@@ -2,6 +2,7 @@
 /* Copyright (C) 2012-2014 Charles-François BENKE <charles.fr@benke.fr>
  * Copyright (C) 2014      Marcos García          <marcosgdf@gmail.com>
  * Copyright (C) 2015      Frederic France        <frederic.france@free.fr>
+ * Copyright (C) 2016      Juan José Menent       <jmenent@2byte.es>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -79,8 +80,10 @@ class box_project extends ModeleBoxes
 
 			$sql = "SELECT p.rowid, p.ref, p.title, p.fk_statut ";
 			$sql.= " FROM ".MAIN_DB_PREFIX."projet as p";
+            if($user->socid) $sql.= " INNER JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid=p.fk_soc";
 			$sql.= " WHERE p.entity = ".$conf->entity;
-			$sql.= " AND p.fk_statut = 1"; // Seulement les projets ouverts
+            if($user->socid) $sql.= " AND s.rowid = ".$user->socid;
+            $sql.= " AND p.fk_statut = 1"; // Seulement les projets ouverts
 			$sql.= " ORDER BY p.datec DESC";
 			$sql.= $db->plimit($max, 0);
 
-- 
GitLab