diff --git a/calendar_domains.php b/calendar_domains.php
index 9ffc4b58..10ee586d 100644
--- a/calendar_domains.php
+++ b/calendar_domains.php
@@ -20,7 +20,7 @@
},
events: [
0");
+$sql_total_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE YEAR(revenue_date) = $year AND category_id > 0 AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_total_revenues);
$total_revenues = $row['total_revenues'];
$total_income = $total_payments_to_invoices + $total_revenues;
//Get Total expenses and do not grab transfer expenses as these have a vendor of 0
-$sql_total_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE vendor_id > 0 AND YEAR(expense_date) = $year");
+$sql_total_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE vendor_id > 0 AND YEAR(expense_date) = $year AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_total_expenses);
$total_expenses = $row['total_expenses'];
//Total up all the Invoices that are not draft or cancelled
-$sql_invoice_totals = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS invoice_totals FROM invoices WHERE invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled' AND YEAR(invoice_date) = $year");
+$sql_invoice_totals = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS invoice_totals FROM invoices WHERE invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled' AND YEAR(invoice_date) = $year AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_invoice_totals);
$invoice_totals = $row['invoice_totals'];
@@ -46,17 +46,19 @@ $recievables = $invoice_totals - $total_payments_to_invoices;
$profit = $total_income - $total_expenses;
-$sql_accounts = mysqli_query($mysqli,"SELECT * FROM accounts");
+$sql_accounts = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id");
$sql_latest_invoice_payments = mysqli_query($mysqli,"SELECT * FROM payments, invoices, clients
WHERE payments.invoice_id = invoices.invoice_id
- AND invoices.client_id = clients.client_id
+ AND invoices.client_id = clients.client_id
+ AND clients.company_id = $session_company_id
ORDER BY payment_id DESC LIMIT 5"
);
$sql_latest_expenses = mysqli_query($mysqli,"SELECT * FROM expenses, vendors, categories
WHERE expenses.vendor_id = vendors.vendor_id
AND expenses.category_id = categories.category_id
+ AND expenses.company_id = $session_company_id
ORDER BY expense_id DESC LIMIT 5"
);
diff --git a/edit_calendar_event_modal.php b/edit_calendar_event_modal.php
index d3bae01e..ee9ec517 100644
--- a/edit_calendar_event_modal.php
+++ b/edit_calendar_event_modal.php
@@ -29,7 +29,7 @@
- Category -
- Category -
- Account -
- Method of Payment -
diff --git a/edit_transfer_modal.php b/edit_transfer_modal.php
index 0c74064c..8b0a1b91 100644
--- a/edit_transfer_modal.php
+++ b/edit_transfer_modal.php
@@ -41,7 +41,7 @@
- Invoice -
diff --git a/invoices.php b/invoices.php
index 799dab3c..f380ffdc 100644
--- a/invoices.php
+++ b/invoices.php
@@ -2,43 +2,43 @@
CURDATE()"));
+ $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_due > CURDATE() AND company_id = $session_company_id"));
$overdue_count = $row['num'];
- $sql_total_draft = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_draft FROM invoices WHERE invoice_status = 'Draft'");
+ $sql_total_draft = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_draft FROM invoices WHERE invoice_status = 'Draft' AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_total_draft);
$total_draft = $row['total_draft'];
- $sql_total_sent = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_sent FROM invoices WHERE invoice_status = 'Sent'");
+ $sql_total_sent = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_sent FROM invoices WHERE invoice_status = 'Sent' AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_total_sent);
$total_sent = $row['total_sent'];
- $sql_total_cancelled = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_cancelled FROM invoices WHERE invoice_status = 'Cancelled'");
+ $sql_total_cancelled = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_cancelled FROM invoices WHERE invoice_status = 'Cancelled' AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_total_cancelled);
$total_cancelled = $row['total_cancelled'];
- $sql_total_partial = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_partial FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND invoices.invoice_status = 'Partial'");
+ $sql_total_partial = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_partial FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND invoices.invoice_status = 'Partial' AND invoices.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_total_partial);
$total_partial = $row['total_partial'];
$total_partial_count = mysqli_num_rows($sql_total_partial);
- $sql_total_overdue_partial = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_overdue_partial FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND invoices.invoice_status = 'Partial' AND invoices.invoice_due < CURDATE()");
+ $sql_total_overdue_partial = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_overdue_partial FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND invoices.invoice_status = 'Partial' AND invoices.invoice_due < CURDATE() AND invoices.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_total_overdue_partial);
$total_overdue_partial = $row['total_overdue_partial'];
- $sql_total_overdue = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_overdue FROM invoices WHERE invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Paid' AND invoice_due < CURDATE()");
+ $sql_total_overdue = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_overdue FROM invoices WHERE invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Paid' AND invoice_due < CURDATE() AND invoices.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_total_overdue);
$total_overdue = $row['total_overdue'];
@@ -86,6 +86,7 @@
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM invoices, clients, categories
WHERE invoices.client_id = clients.client_id
AND invoices.category_id = categories.category_id
+ AND invoices.company_id = $session_company_id
AND (invoice_number LIKE '%$q%' OR client_name LIKE '%$q%' OR invoice_status LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
diff --git a/payments.php b/payments.php
index 1d95b52b..e2a3bd73 100644
--- a/payments.php
+++ b/payments.php
@@ -43,6 +43,7 @@
WHERE invoices.client_id = clients.client_id
AND payments.invoice_id = invoices.invoice_id
AND payments.account_id = accounts.account_id
+ AND payments.company_id = $session_company_id
AND (invoice_number LIKE '%$q%' OR client_name LIKE '%$q%' OR account_name LIKE '%$q%' OR payment_method LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
diff --git a/post.php b/post.php
index be394cbb..0c3f01d3 100644
--- a/post.php
+++ b/post.php
@@ -48,7 +48,7 @@ if(isset($_POST['edit_general_settings'])){
move_uploaded_file($_FILES['file']['tmp_name'], $path);
}
- mysqli_query($mysqli,"UPDATE settings SET config_start_page = '$config_start_page', config_account_balance_threshold = '$config_account_balance_threshold', config_invoice_logo = '$path', config_api_key = '$config_api_key'");
+ mysqli_query($mysqli,"UPDATE settings SET config_start_page = '$config_start_page', config_account_balance_threshold = '$config_account_balance_threshold', config_invoice_logo = '$path', config_api_key = '$config_api_key' WHERE company_id = $session_company_id");
$_SESSION['alert_message'] = "Settings updated";
@@ -68,7 +68,7 @@ if(isset($_POST['edit_company_settings'])){
- mysqli_query($mysqli,"UPDATE settings SET config_company_name = '$config_company_name', config_company_address = '$config_company_address', config_company_city = '$config_company_city', config_company_state = '$config_company_state', config_company_zip = '$config_company_zip', config_company_phone = '$config_company_phone', config_company_site = '$config_company_site'");
+ mysqli_query($mysqli,"UPDATE settings SET config_company_name = '$config_company_name', config_company_address = '$config_company_address', config_company_city = '$config_company_city', config_company_state = '$config_company_state', config_company_zip = '$config_company_zip', config_company_phone = '$config_company_phone', config_company_site = '$config_company_site' WHERE company_id = $session_company_id");
$_SESSION['alert_message'] = "Company Settings updated";
@@ -83,7 +83,7 @@ if(isset($_POST['edit_mail_settings'])){
$config_smtp_username = strip_tags(mysqli_real_escape_string($mysqli,$_POST['config_smtp_username']));
$config_smtp_password = strip_tags(mysqli_real_escape_string($mysqli,$_POST['config_smtp_password']));
- mysqli_query($mysqli,"UPDATE settings SET config_smtp_host = '$config_smtp_host', config_smtp_port = $config_smtp_port, config_smtp_username = '$config_smtp_username', config_smtp_password = '$config_smtp_password'");
+ mysqli_query($mysqli,"UPDATE settings SET config_smtp_host = '$config_smtp_host', config_smtp_port = $config_smtp_port, config_smtp_username = '$config_smtp_username', config_smtp_password = '$config_smtp_password' WHERE company_id = $session_company_id");
$_SESSION['alert_message'] = "Mail Settings updated";
@@ -106,7 +106,7 @@ if(isset($_POST['edit_invoice_settings'])){
}
$config_invoice_overdue_reminders = strip_tags(mysqli_real_escape_string($mysqli,$_POST['config_invoice_overdue_reminders']));
- mysqli_query($mysqli,"UPDATE settings SET config_invoice_prefix = '$config_invoice_prefix', config_invoice_next_number = $config_invoice_next_number, config_mail_from_email = '$config_mail_from_email', config_mail_from_name = '$config_mail_from_name', config_invoice_footer = '$config_invoice_footer', config_send_invoice_reminders = $config_send_invoice_reminders, config_invoice_overdue_reminders = '$config_invoice_overdue_reminders'");
+ mysqli_query($mysqli,"UPDATE settings SET config_invoice_prefix = '$config_invoice_prefix', config_invoice_next_number = $config_invoice_next_number, config_mail_from_email = '$config_mail_from_email', config_mail_from_name = '$config_mail_from_name', config_invoice_footer = '$config_invoice_footer', config_send_invoice_reminders = $config_send_invoice_reminders, config_invoice_overdue_reminders = '$config_invoice_overdue_reminders' WHERE company_id = $session_company_id");
$_SESSION['alert_message'] = "Invoice Settings updated";
@@ -120,7 +120,7 @@ if(isset($_POST['edit_quote_settings'])){
$config_quote_next_number = intval($_POST['config_quote_next_number']);
$config_quote_footer = strip_tags(mysqli_real_escape_string($mysqli,$_POST['config_quote_footer']));
- mysqli_query($mysqli,"UPDATE settings SET config_quote_prefix = '$config_quote_prefix', config_quote_next_number = $config_quote_next_number, config_quote_footer = '$config_quote_footer'");
+ mysqli_query($mysqli,"UPDATE settings SET config_quote_prefix = '$config_quote_prefix', config_quote_next_number = $config_quote_next_number, config_quote_footer = '$config_quote_footer' WHERE company_id = $session_company_id");
$_SESSION['alert_message'] = "Quote Settings updated";
@@ -139,7 +139,7 @@ if(isset($_POST['edit_default_settings'])){
$config_default_transfer_to_account = intval($_POST['config_default_transfer_to_account']);
$config_default_calendar = intval($_POST['config_default_calendar']);
- mysqli_query($mysqli,"UPDATE settings SET config_default_expense_account = $config_default_expense_account, config_default_payment_account = $config_default_payment_account, config_default_payment_method = '$config_default_payment_method', config_default_expense_payment_method = '$config_default_expense_payment_method', config_default_transfer_from_account = $config_default_transfer_from_account, config_default_transfer_to_account = $config_default_transfer_to_account, config_default_calendar = $config_default_calendar");
+ mysqli_query($mysqli,"UPDATE settings SET config_default_expense_account = $config_default_expense_account, config_default_payment_account = $config_default_payment_account, config_default_payment_method = '$config_default_payment_method', config_default_expense_payment_method = '$config_default_expense_payment_method', config_default_transfer_from_account = $config_default_transfer_from_account, config_default_transfer_to_account = $config_default_transfer_to_account, config_default_calendar = $config_default_calendar WHERE company_id = $session_company_id");
$_SESSION['alert_message'] = "Default Settings updated";
diff --git a/products.php b/products.php
index ed1fd467..31d434b6 100644
--- a/products.php
+++ b/products.php
@@ -39,7 +39,7 @@
$disp = "ASC";
}
- $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM products WHERE product_name LIKE '%$q%' ORDER BY $sb $o LIMIT $record_from, $record_to");
+ $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM products WHERE product_name LIKE '%$q%' AND company_id = $session_company_id ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$total_found_rows = $num_rows[0];
diff --git a/quotes.php b/quotes.php
index 4678f500..200011a9 100644
--- a/quotes.php
+++ b/quotes.php
@@ -42,6 +42,7 @@
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM quotes, clients, categories
WHERE quotes.client_id = clients.client_id
AND quotes.category_id = categories.category_id
+ AND quotes.company_id = $session_company_id
AND (quote_number LIKE '%$q%' OR client_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
diff --git a/recurring.php b/recurring.php
index 45cc8dd3..e9ebd778 100644
--- a/recurring.php
+++ b/recurring.php
@@ -42,6 +42,7 @@
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM recurring, clients, categories
WHERE recurring.client_id = clients.client_id
AND recurring.category_id = categories.category_id
+ AND recurring.company_id = $session_company_id
AND (recurring_frequency LIKE '%$q%' OR client_name LIKE '%$q%' OR category_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
diff --git a/report_expense_summary.php b/report_expense_summary.php
index 3dd2c249..3a498428 100644
--- a/report_expense_summary.php
+++ b/report_expense_summary.php
@@ -7,9 +7,9 @@ if(isset($_GET['year'])){
$year = date('Y');
}
-$sql_expense_years = mysqli_query($mysqli,"SELECT DISTINCT YEAR(expense_date) AS expense_year FROM expenses WHERE category_id > 0 ORDER BY expense_year DESC");
+$sql_expense_years = mysqli_query($mysqli,"SELECT DISTINCT YEAR(expense_date) AS expense_year FROM expenses WHERE category_id > 0 AND company_id = $session_company_id ORDER BY expense_year DESC");
-$sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' ORDER BY category_name ASC");
+$sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' AND company_id = $session_company_id ORDER BY category_name ASC");
?>
@@ -98,7 +98,7 @@ $sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_
0");
+ $sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0 AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_expenses);
$expense_total_amount_for_month = $row['expense_total_amount_for_month'];
$total_expense_for_all_months = $expense_total_amount_for_month + $total_expense_for_all_months;
diff --git a/report_income_summary.php b/report_income_summary.php
index 4f488249..4e7a7f19 100644
--- a/report_income_summary.php
+++ b/report_income_summary.php
@@ -9,7 +9,7 @@ if(isset($_GET['year'])){
$sql_payment_years = mysqli_query($mysqli,"SELECT DISTINCT YEAR(payment_date) AS payment_year FROM payments UNION SELECT DISTINCT YEAR(revenue_date) AS payment_year FROM revenues ORDER BY payment_year DESC");
-$sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' ORDER BY category_name ASC");
+$sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND company_id = $session_company_id ORDER BY category_name ASC");
?>
@@ -107,11 +107,11 @@ $sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_
0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month");
+ $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_amount_for_month FROM revenues WHERE category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month AND revenues.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_revenues);
$revenues_total_amount_for_month = $row['revenue_amount_for_month'];
diff --git a/report_profit_loss.php b/report_profit_loss.php
index 5a3694b4..5e016985 100644
--- a/report_profit_loss.php
+++ b/report_profit_loss.php
@@ -11,9 +11,9 @@ if(isset($_GET['year'])){
//GET unique years from expenses, payments and revenues
$sql_all_years = mysqli_query($mysqli,"SELECT YEAR(expense_date) AS all_years FROM expenses UNION DISTINCT SELECT YEAR(payment_date) FROM payments UNION DISTINCT SELECT YEAR(revenue_date) FROM revenues ORDER BY all_years DESC");
-$sql_categories_income = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' ORDER BY category_name ASC");
+$sql_categories_income = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND company_id = $session_company_id ORDER BY category_name ASC");
-$sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' ORDER BY category_name ASC");
+$sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' AND company_id = $session_company_id ORDER BY category_name ASC");
?>
@@ -165,11 +165,11 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month");
+ $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_total_amount_for_month FROM revenues WHERE category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month AND revenues.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_revenues);
$revenue_total_amount_for_month = $row['revenue_total_amount_for_month'];
@@ -185,11 +185,11 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month");
+ $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_total_amount_for_month FROM revenues WHERE category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month AND revenues.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_revenues);
$revenue_total_amount_for_month = $row['revenue_total_amount_for_month'];
@@ -205,11 +205,11 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month");
+ $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_total_amount_for_month FROM revenues WHERE category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month AND revenues.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_revenues);
$revenue_total_amount_for_month = $row['revenue_total_amount_for_month'];
@@ -225,11 +225,11 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month");
+ $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_total_amount_for_month FROM revenues WHERE category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month AND revenues.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_revenues);
$revenue_total_amount_for_month = $row['revenue_total_amount_for_month'];
@@ -330,7 +330,7 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
0 AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0");
+ $sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE category_id > 0 AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0 AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_expenses);
$expense_total_amount_for_quarter_one = $expense_total_amount_for_quarter_one + $row['expense_total_amount_for_month'];
}
@@ -342,7 +342,7 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
0 AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0");
+ $sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE category_id > 0 AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0 AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_expenses);
$expense_total_amount_for_quarter_two = $expense_total_amount_for_quarter_two + $row['expense_total_amount_for_month'];
}
@@ -354,7 +354,7 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
0 AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0");
+ $sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE category_id > 0 AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0 AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_expenses);
$expense_total_amount_for_quarter_three = $expense_total_amount_for_quarter_three + $row['expense_total_amount_for_month'];
}
@@ -366,7 +366,7 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
0 AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0");
+ $sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE category_id > 0 AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0 AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_expenses);
$expense_total_amount_for_quarter_four = $expense_total_amount_for_quarter_four + $row['expense_total_amount_for_month'];
}
diff --git a/revenues.php b/revenues.php
index 20da0854..39abb1ed 100644
--- a/revenues.php
+++ b/revenues.php
@@ -42,6 +42,7 @@
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM accounts, revenues, categories
WHERE revenues.account_id = accounts.account_id
AND revenues.category_id = categories.category_id
+ AND revenues.company_id = $session_company_id
AND (account_name LIKE '%$q%' AND revenue_payment_method LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
diff --git a/settings-backup.php b/settings-backup.php
index 942fe98c..2ff487b6 100644
--- a/settings-backup.php
+++ b/settings-backup.php
@@ -1,7 +1,5 @@
-
-
diff --git a/settings-defaults.php b/settings-defaults.php
index a6a494e3..f99473c5 100644
--- a/settings-defaults.php
+++ b/settings-defaults.php
@@ -18,7 +18,7 @@
- None -
- None -
- None -
- None -
- None -
- None -
- None -
diff --git a/transfers.php b/transfers.php
index b4667b14..3d2ac77f 100644
--- a/transfers.php
+++ b/transfers.php
@@ -40,7 +40,7 @@
}
-$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS expenses.expense_date AS transfer_date, expenses.expense_amount AS transfer_amount, expenses.account_id AS transfer_account_from, revenues.account_id AS transfer_account_to, transfers.expense_id, transfers.revenue_id , transfers.transfer_id FROM transfers, expenses, revenues WHERE transfers.expense_id = expenses.expense_id AND transfers.revenue_id = revenues.revenue_id ORDER BY $sb $o LIMIT $record_from, $record_to");
+$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS expenses.expense_date AS transfer_date, expenses.expense_amount AS transfer_amount, expenses.account_id AS transfer_account_from, revenues.account_id AS transfer_account_to, transfers.expense_id, transfers.revenue_id , transfers.transfer_id FROM transfers, expenses, revenues WHERE transfers.expense_id = expenses.expense_id AND transfers.revenue_id = revenues.revenue_id AND transfers.company_id = $session_company_id ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$total_found_rows = $num_rows[0];
diff --git a/trips.php b/trips.php
index bb88dfce..e0e5fd1f 100644
--- a/trips.php
+++ b/trips.php
@@ -40,7 +40,8 @@
}
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM trips
- WHERE trip_purpose LIKE '%$q%' OR trip_starting_location LIKE '%$q%' OR trip_destination LIKE '%$q%'
+ WHERE (trip_purpose LIKE '%$q%' OR trip_starting_location LIKE '%$q%' OR trip_destination LIKE '%$q%')
+ AND company_id = $session_company_id
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
diff --git a/vendors.php b/vendors.php
index fc0d2116..5cb8e072 100644
--- a/vendors.php
+++ b/vendors.php
@@ -39,8 +39,7 @@
$disp = "ASC";
}
- $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM vendors WHERE client_id = 0
- AND (vendor_name LIKE '%$q%' OR vendor_description LIKE '%$q%' OR vendor_account_number LIKE '%$q%')
+ $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM vendors WHERE client_id = 0 AND company_id = $session_company_id AND (vendor_name LIKE '%$q%' OR vendor_description LIKE '%$q%' OR vendor_account_number LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));