From 01f820b39445f9324f4a28be3fbe5f60ff5c4cfd Mon Sep 17 00:00:00 2001
From: "johnny@pittpc.com" <admin@webdev.localDomain>
Date: Wed, 14 Aug 2019 13:28:25 -0400
Subject: [PATCH] Added further refinements to multi-company feature

---
 accounts.php                  |  2 +-
 add_calendar_event_modal.php  |  2 +-
 add_expense_copy_modal.php    |  6 +++---
 add_expense_modal.php         | 10 +++++-----
 add_invoice_modal.php         |  4 ++--
 add_payment_modal.php         |  4 ++--
 add_quote_modal.php           |  4 ++--
 add_recurring_modal.php       |  4 ++--
 add_revenue_modal.php         |  6 +++---
 add_ticket_modal.php          |  2 +-
 add_transfer_modal.php        |  4 ++--
 add_trip_copy_modal.php       |  8 ++++----
 add_trip_modal.php            |  8 ++++----
 alerts.php                    |  2 +-
 calendar_domains.php          |  2 +-
 calendar_events.php           |  4 ++--
 categories.php                |  2 +-
 client.php                    |  2 +-
 clients.php                   |  2 +-
 dashboard.php                 | 14 ++++++++------
 edit_calendar_event_modal.php |  2 +-
 edit_expense_modal.php        |  6 +++---
 edit_invoice_modal.php        |  2 +-
 edit_quote_modal.php          |  2 +-
 edit_revenue_modal.php        |  4 ++--
 edit_transfer_modal.php       |  6 +++---
 edit_trip_modal.php           |  2 +-
 expenses.php                  |  1 +
 global_search.php             |  8 ++++----
 invoices.php                  | 23 ++++++++++++-----------
 payments.php                  |  1 +
 post.php                      | 12 ++++++------
 products.php                  |  2 +-
 quotes.php                    |  1 +
 recurring.php                 |  1 +
 report_expense_summary.php    |  6 +++---
 report_income_summary.php     |  6 +++---
 report_profit_loss.php        | 28 ++++++++++++++--------------
 revenues.php                  |  1 +
 settings-backup.php           |  2 --
 settings-defaults.php         | 14 +++++++-------
 setup.php                     |  2 +-
 tickets.php                   |  3 ++-
 transactions.php              |  1 +
 transfers.php                 |  2 +-
 trips.php                     |  3 ++-
 vendors.php                   |  3 +--
 47 files changed, 122 insertions(+), 114 deletions(-)

diff --git a/accounts.php b/accounts.php
index 8951caa1..6bf648fb 100644
--- a/accounts.php
+++ b/accounts.php
@@ -40,7 +40,7 @@
   }
 
   $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM accounts 
-    WHERE account_name LIKE '%$q%'
+    WHERE account_name LIKE '%$q%' AND company_id = $session_company_id
     ORDER BY $sb $o LIMIT $record_from, $record_to");
 
   $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
diff --git a/add_calendar_event_modal.php b/add_calendar_event_modal.php
index 1402dc4d..d34d641c 100644
--- a/add_calendar_event_modal.php
+++ b/add_calendar_event_modal.php
@@ -28,7 +28,7 @@
                 <option value="">- Calendar -</option>
                 <?php 
                 
-                $sql = mysqli_query($mysqli,"SELECT * FROM calendars"); 
+                $sql = mysqli_query($mysqli,"SELECT * FROM calendars WHERE company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql)){
                   $calendar_id = $row['calendar_id'];
                   $calendar_name = $row['calendar_name'];
diff --git a/add_expense_copy_modal.php b/add_expense_copy_modal.php
index ebb10767..cc688906 100644
--- a/add_expense_copy_modal.php
+++ b/add_expense_copy_modal.php
@@ -44,7 +44,7 @@
                 <select class="form-control selectpicker show-tick" name="account" required>
                   <?php 
                   
-                  $sql_accounts = mysqli_query($mysqli,"SELECT * FROM accounts"); 
+                  $sql_accounts = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id"); 
                   while($row = mysqli_fetch_array($sql_accounts)){
                     $account_id_select = $row['account_id'];
                     $account_name_select = $row['account_name'];
@@ -82,7 +82,7 @@
                 <select class="form-control selectpicker show-tick" data-live-search="true" name="vendor" required>
                   <?php 
                   
-                  $sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors"); 
+                  $sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE company_id = $session_company_id"); 
                   while($row = mysqli_fetch_array($sql_vendors)){
                     $vendor_id_select = $row['vendor_id'];
                     $vendor_name_select = $row['vendor_name'];
@@ -114,7 +114,7 @@
                 <select class="form-control selectpicker show-tick" name="category" required>
                   <?php 
                   
-                  $sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense'"); 
+                  $sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' AND company_id = $session_company_id"); 
                   while($row = mysqli_fetch_array($sql_categories)){
                     $category_id_select = $row['category_id'];
                     $category_name_select = $row['category_name'];
diff --git a/add_expense_modal.php b/add_expense_modal.php
index bd9b5605..ecde9d80 100644
--- a/add_expense_modal.php
+++ b/add_expense_modal.php
@@ -43,7 +43,7 @@
                   <option value="">- Account -</option>
                   <?php 
                   
-                  $sql = mysqli_query($mysqli,"SELECT * FROM accounts"); 
+                  $sql = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id"); 
                   while($row = mysqli_fetch_array($sql)){
                     $account_id = $row['account_id'];
                     $account_name = $row['account_name'];
@@ -83,12 +83,12 @@
                   <option value="">- Vendor -</option>
                   <?php 
                   
-                  $sql = mysqli_query($mysqli,"SELECT * FROM vendors WHERE client_id = 0 order by vendor_name ASC"); 
+                  $sql = mysqli_query($mysqli,"SELECT * FROM vendors WHERE client_id = 0 AND company_id = $session_company_id ORDER BY vendor_name ASC"); 
                   while($row = mysqli_fetch_array($sql)){
                     $vendor_id = $row['vendor_id'];
                     $vendor_name = $row['vendor_name'];
                   ?>
-                    <option value="<?php echo "$vendor_id"; ?>"><?php echo "$vendor_name"; ?></option>
+                    <option value="<?php echo $vendor_id; ?>"><?php echo $vendor_name; ?></option>
                   
                   <?php
                   }
@@ -115,12 +115,12 @@
                   <option value="">- Category -</option>
                   <?php 
                   
-                  $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense'"); 
+                  $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' AND company_id = $session_company_id"); 
                   while($row = mysqli_fetch_array($sql)){
                     $category_id = $row['category_id'];
                     $category_name = $row['category_name'];
                   ?>
-                    <option value="<?php echo "$category_id"; ?>"><?php echo "$category_name"; ?></option>
+                    <option value="<?php echo $category_id; ?>"><?php echo $category_name; ?></option>
                   
                   <?php
                   }
diff --git a/add_invoice_modal.php b/add_invoice_modal.php
index e2e6938c..d9d5b649 100644
--- a/add_invoice_modal.php
+++ b/add_invoice_modal.php
@@ -24,7 +24,7 @@
                 <option value="">- Client -</option>
                 <?php 
                 
-                $sql = mysqli_query($mysqli,"SELECT * FROM clients"); 
+                $sql = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql)){
                   $client_id = $row['client_id'];
                   $client_name = $row['client_name'];
@@ -60,7 +60,7 @@
                 <option value="">- Category -</option>
                 <?php 
                 
-                $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income'"); 
+                $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql)){
                   $category_id = $row['category_id'];
                   $category_name = $row['category_name'];
diff --git a/add_payment_modal.php b/add_payment_modal.php
index 9371db8c..d642206f 100644
--- a/add_payment_modal.php
+++ b/add_payment_modal.php
@@ -42,7 +42,7 @@
                 <option value="">- Account -</option>
                 <?php 
                 
-                $sql = mysqli_query($mysqli,"SELECT * FROM accounts"); 
+                $sql = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql)){
                   $account_id = $row['account_id'];
                   $account_name = $row['account_name'];
@@ -82,7 +82,7 @@
                 <option value="">- Method of Payment -</option>
                 <?php 
                 
-                $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Payment Method'"); 
+                $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Payment Method' AND company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql)){
                   $category_name = $row['category_name'];
                 ?>
diff --git a/add_quote_modal.php b/add_quote_modal.php
index ef717c9d..f4bcb743 100644
--- a/add_quote_modal.php
+++ b/add_quote_modal.php
@@ -25,7 +25,7 @@
                 <option value="">- Client -</option>
                 <?php 
                 
-                $sql = mysqli_query($mysqli,"SELECT * FROM clients"); 
+                $sql = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql)){
                   $client_id = $row['client_id'];
                   $client_name = $row['client_name'];
@@ -60,7 +60,7 @@
                 <option value="">- Category -</option>
                 <?php 
                 
-                $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income'"); 
+                $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql)){
                   $category_id = $row['category_id'];
                   $category_name = $row['category_name'];
diff --git a/add_recurring_modal.php b/add_recurring_modal.php
index 43e6396b..17f3b320 100644
--- a/add_recurring_modal.php
+++ b/add_recurring_modal.php
@@ -24,7 +24,7 @@
                 <option value="">- Client -</option>
                 <?php 
                 
-                $sql = mysqli_query($mysqli,"SELECT * FROM clients"); 
+                $sql = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql)){
                   $client_id = $row['client_id'];
                   $client_name = $row['client_name'];
@@ -76,7 +76,7 @@
                 <option value="">- Category -</option>
                 <?php 
                 
-                $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income'"); 
+                $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql)){
                   $category_id = $row['category_id'];
                   $category_name = $row['category_name'];
diff --git a/add_revenue_modal.php b/add_revenue_modal.php
index f25945e2..6b6474b1 100644
--- a/add_revenue_modal.php
+++ b/add_revenue_modal.php
@@ -40,7 +40,7 @@
                 <option value="">- Account -</option>
                 <?php 
                 
-                $sql = mysqli_query($mysqli,"SELECT * FROM accounts"); 
+                $sql = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql)){
                   $account_id = $row['account_id'];
                   $account_name = $row['account_name'];
@@ -76,7 +76,7 @@
                 <option value="">- Category -</option>
                 <?php 
                 
-                $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income'"); 
+                $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql)){
                   $category_id = $row['category_id'];
                   $category_name = $row['category_name'];
@@ -100,7 +100,7 @@
                 <option value="">- Method of Payment -</option>
                 <?php 
                 
-                $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Payment Method'"); 
+                $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Payment Method' AND company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql)){
                   $category_name = $row['category_name'];
                 ?>
diff --git a/add_ticket_modal.php b/add_ticket_modal.php
index 05c2f6a0..9491630e 100644
--- a/add_ticket_modal.php
+++ b/add_ticket_modal.php
@@ -22,7 +22,7 @@
                 <option value="">- Client -</option>
                 <?php 
                 
-                $sql = mysqli_query($mysqli,"SELECT * FROM clients"); 
+                $sql = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql)){
                   $client_id = $row['client_id'];
                   $client_name = $row['client_name'];
diff --git a/add_transfer_modal.php b/add_transfer_modal.php
index 3389fffe..0f251953 100644
--- a/add_transfer_modal.php
+++ b/add_transfer_modal.php
@@ -40,7 +40,7 @@
                 <option value="">- Account From -</option>
                 <?php 
                 
-                $sql = mysqli_query($mysqli,"SELECT * FROM accounts"); 
+                $sql = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql)){
                   $account_id = $row['account_id'];
                   $account_name = $row['account_name'];
@@ -78,7 +78,7 @@
                 <option value="">- Account To -</option>
                 <?php 
                 
-                $sql = mysqli_query($mysqli,"SELECT * FROM accounts"); 
+                $sql = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql)){
                   $account_id = $row['account_id'];
                   $account_name = $row['account_name'];
diff --git a/add_trip_copy_modal.php b/add_trip_copy_modal.php
index db2e129a..89902c0e 100644
--- a/add_trip_copy_modal.php
+++ b/add_trip_copy_modal.php
@@ -87,7 +87,7 @@
                     <option value="">- Invoice -</option>
                     <?php 
                     
-                    $sql_invoices = mysqli_query($mysqli,"SELECT * FROM clients, invoices WHERE invoices.client_id = clients.client_id ORDER BY invoice_number DESC"); 
+                    $sql_invoices = mysqli_query($mysqli,"SELECT * FROM clients, invoices WHERE invoices.client_id = clients.client_id AND invoices.company_id = $session_company_id ORDER BY invoice_number DESC"); 
                     while($row = mysqli_fetch_array($sql_invoices)){
                       $client_id_select = $row['client_id'];
                       $client_name_select = $row['client_name'];
@@ -115,7 +115,7 @@
                     <option value="">- Client -</option>
                     <?php 
                     
-                    $sql_clients = mysqli_query($mysqli,"SELECT * FROM clients"); 
+                    $sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id"); 
                     while($row = mysqli_fetch_array($sql_clients)){
                       $client_id_select = $row['client_id'];
                       $client_name_select = $row['client_name'];
@@ -139,7 +139,7 @@
                     <option value="">- Location -</option>
                     <?php 
                     
-                    $sql_locations = mysqli_query($mysqli,"SELECT * FROM locations, clients WHERE locations.client_id = clients.client_id ORDER BY clients.client_id DESC"); 
+                    $sql_locations = mysqli_query($mysqli,"SELECT * FROM locations, clients WHERE locations.client_id = clients.client_id AND locations.company_id = $session_company_id ORDER BY clients.client_id DESC"); 
                     while($row = mysqli_fetch_array($sql_locations)){
                       $location_id_select = $row['location_id'];
                       $location_name_select = $row['location_name'];
@@ -164,7 +164,7 @@
                     <option value="">- Vendor -</option>
                     <?php 
                     
-                    $sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE client_id = 0 ORDER BY vendor_name ASC"); 
+                    $sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE client_id = 0 AND company_id = $session_company_id ORDER BY vendor_name ASC"); 
                     while($row = mysqli_fetch_array($sql_vendors)){
                       $vendor_id_select = $row['vendor_id'];
                       $vendor_name_select = $row['vendor_name'];
diff --git a/add_trip_modal.php b/add_trip_modal.php
index 5a03bc6f..3144dc4c 100644
--- a/add_trip_modal.php
+++ b/add_trip_modal.php
@@ -85,7 +85,7 @@
                     <option value="">- Invoice -</option>
                     <?php 
                     
-                    $sql = mysqli_query($mysqli,"SELECT * FROM clients, invoices WHERE invoices.client_id = clients.client_id ORDER BY invoice_number DESC"); 
+                    $sql = mysqli_query($mysqli,"SELECT * FROM clients, invoices WHERE invoices.client_id = clients.client_id AND invoices.company_id = $session_company_id ORDER BY invoice_number DESC"); 
                     while($row = mysqli_fetch_array($sql)){
                       $client_id = $row['client_id'];
                       $client_name = $row['client_name'];
@@ -113,7 +113,7 @@
                     <option value="">- Client -</option>
                     <?php 
                     
-                    $sql = mysqli_query($mysqli,"SELECT * FROM clients"); 
+                    $sql = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id"); 
                     while($row = mysqli_fetch_array($sql)){
                       $client_id = $row['client_id'];
                       $client_name = $row['client_name'];
@@ -137,7 +137,7 @@
                     <option value="">- Location -</option>
                     <?php 
                     
-                    $sql = mysqli_query($mysqli,"SELECT * FROM locations, clients WHERE locations.client_id = clients.client_id ORDER BY clients.client_id DESC"); 
+                    $sql = mysqli_query($mysqli,"SELECT * FROM locations, clients WHERE locations.client_id = clients.client_id AND locations.company_id = $session_company_id ORDER BY clients.client_id DESC");
                     while($row = mysqli_fetch_array($sql)){
                       $location_id = $row['location_id'];
                       $location_name = $row['location_name'];
@@ -162,7 +162,7 @@
                     <option value="">- Vendor -</option>
                     <?php 
                     
-                    $sql = mysqli_query($mysqli,"SELECT * FROM vendors WHERE client_id = 0 ORDER BY vendor_name ASC"); 
+                    $sql = mysqli_query($mysqli,"SELECT * FROM vendors WHERE client_id = 0 AND company_id = $session_company_id ORDER BY vendor_name ASC"); 
                     while($row = mysqli_fetch_array($sql)){
                       $vendor_id = $row['vendor_id'];
                       $vendor_name = $row['vendor_name'];
diff --git a/alerts.php b/alerts.php
index 09f9de83..810ad892 100644
--- a/alerts.php
+++ b/alerts.php
@@ -9,7 +9,7 @@ if($_GET['status'] == "archived"){
 
 ?>
 
-<?php $sql = mysqli_query($mysqli,"SELECT * FROM alerts WHERE alert_ack_date $where_clause ORDER BY alert_id DESC"); ?>
+<?php $sql = mysqli_query($mysqli,"SELECT * FROM alerts WHERE alert_ack_date $where_clause AND company_id = $session_company_id ORDER BY alert_id DESC"); ?>
 
 
 <div class="card mb-3">
diff --git a/calendar_domains.php b/calendar_domains.php
index 9ffc4b58..10ee586d 100644
--- a/calendar_domains.php
+++ b/calendar_domains.php
@@ -20,7 +20,7 @@
         },
         events: [
           <?php
-          $sql = mysqli_query($mysqli,"SELECT * FROM domains");
+          $sql = mysqli_query($mysqli,"SELECT * FROM domains WHERE company_id = $session_company_id");
           while($row = mysqli_fetch_array($sql)){
             $domain_id = $row['domain_id'];
             $domain = $row['domain_name'];
diff --git a/calendar_events.php b/calendar_events.php
index eb584bbb..db636e7b 100644
--- a/calendar_events.php
+++ b/calendar_events.php
@@ -15,7 +15,7 @@ if(isset($_GET['calendar_id'])){
 
 <?php
 //loop through IDs and create a modal for each
-$sql = mysqli_query($mysqli,"SELECT * FROM events, calendars WHERE events.calendar_id = calendars.calendar_id");
+$sql = mysqli_query($mysqli,"SELECT * FROM events, calendars WHERE events.calendar_id = calendars.calendar_id AND company_id = $session_company_id");
 while($row = mysqli_fetch_array($sql)){
   $event_id = $row['event_id'];
   $event_title = $row['event_title'];
@@ -63,7 +63,7 @@ while($row = mysqli_fetch_array($sql)){
         },
         events: [
           <?php
-          $sql = mysqli_query($mysqli,"SELECT * FROM events, calendars WHERE events.calendar_id = calendars.calendar_id");
+          $sql = mysqli_query($mysqli,"SELECT * FROM events, calendars WHERE events.calendar_id = calendars.calendar_id AND company_id = $session_company_id");
           while($row = mysqli_fetch_array($sql)){
             $event_id = $row['event_id'];
             $event_title = $row['event_title'];
diff --git a/categories.php b/categories.php
index d049ad82..e454c1a0 100644
--- a/categories.php
+++ b/categories.php
@@ -39,7 +39,7 @@
     $disp = "ASC";
   }
 
-  $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM categories WHERE category_name LIKE '%$q%' OR category_type LIKE '%$q%' ORDER BY $sb $o LIMIT $record_from, $record_to");
+  $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM categories WHERE (category_name LIKE '%$q%' OR category_type LIKE '%$q%') AND company_id = $session_company_id ORDER BY $sb $o LIMIT $record_from, $record_to");
 
   $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
   $total_found_rows = $num_rows[0];
diff --git a/client.php b/client.php
index 8a385562..0f662137 100644
--- a/client.php
+++ b/client.php
@@ -5,7 +5,7 @@
 if(isset($_GET['client_id'])){
   $client_id = intval($_GET['client_id']);
 
-  $sql = mysqli_query($mysqli,"SELECT * FROM clients WHERE client_id = $client_id");
+  $sql = mysqli_query($mysqli,"SELECT * FROM clients WHERE client_id = $client_id AND company_id = $session_company_id");
 
   $row = mysqli_fetch_array($sql);
   $client_name = $row['client_name'];
diff --git a/clients.php b/clients.php
index c64d32ff..5f8f1a95 100644
--- a/clients.php
+++ b/clients.php
@@ -39,7 +39,7 @@ if(isset($_GET['o'])){
   $disp = "ASC";
 }
 
-$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM clients WHERE (client_name LIKE '%$q%' OR client_email LIKE '%$q%') AND (company_id = $session_company_id) ORDER BY $sb $o LIMIT $record_from, $record_to"); 
+$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM clients WHERE (client_name LIKE '%$q%' OR client_email LIKE '%$q%') AND company_id = $session_company_id ORDER BY $sb $o LIMIT $record_from, $record_to"); 
 
 $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
 
diff --git a/dashboard.php b/dashboard.php
index 498d9a38..870f1be8 100644
--- a/dashboard.php
+++ b/dashboard.php
@@ -22,23 +22,23 @@ $sql_payment_years = mysqli_query($mysqli,"SELECT YEAR(expense_date) AS all_year
 
 
 //Get Total income
-$sql_total_payments_to_invoices = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_payments_to_invoices FROM payments WHERE YEAR(payment_date) = $year");
+$sql_total_payments_to_invoices = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_payments_to_invoices FROM payments WHERE YEAR(payment_date) = $year AND company_id = $session_company_id");
 $row = mysqli_fetch_array($sql_total_payments_to_invoices);
 $total_payments_to_invoices = $row['total_payments_to_invoices'];
 //Do not grab transfer payment as these have an category_id of 0
-$sql_total_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE YEAR(revenue_date) = $year AND category_id > 0");
+$sql_total_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE YEAR(revenue_date) = $year AND category_id > 0 AND company_id = $session_company_id");
 $row = mysqli_fetch_array($sql_total_revenues);
 $total_revenues = $row['total_revenues'];
 
 $total_income = $total_payments_to_invoices + $total_revenues;
 
 //Get Total expenses and do not grab transfer expenses as these have a vendor of 0
-$sql_total_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE vendor_id > 0 AND YEAR(expense_date) = $year");
+$sql_total_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE vendor_id > 0 AND YEAR(expense_date) = $year AND company_id = $session_company_id");
 $row = mysqli_fetch_array($sql_total_expenses);
 $total_expenses = $row['total_expenses'];
 
 //Total up all the Invoices that are not draft or cancelled
-$sql_invoice_totals = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS invoice_totals FROM invoices WHERE invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled' AND YEAR(invoice_date) = $year");
+$sql_invoice_totals = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS invoice_totals FROM invoices WHERE invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled' AND YEAR(invoice_date) = $year AND company_id = $session_company_id");
 $row = mysqli_fetch_array($sql_invoice_totals);
 $invoice_totals = $row['invoice_totals'];
 
@@ -46,17 +46,19 @@ $recievables = $invoice_totals - $total_payments_to_invoices;
 
 $profit = $total_income - $total_expenses;
 
-$sql_accounts = mysqli_query($mysqli,"SELECT * FROM accounts");
+$sql_accounts = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id");
 
 $sql_latest_invoice_payments = mysqli_query($mysqli,"SELECT * FROM payments, invoices, clients 
 	WHERE payments.invoice_id = invoices.invoice_id 
-	AND invoices.client_id = clients.client_id 
+	AND invoices.client_id = clients.client_id
+  AND clients.company_id = $session_company_id
 	ORDER BY payment_id DESC LIMIT 5"
 );
 
 $sql_latest_expenses = mysqli_query($mysqli,"SELECT * FROM expenses, vendors, categories 
 	WHERE expenses.vendor_id = vendors.vendor_id 
 	AND expenses.category_id = categories.category_id
+  AND expenses.company_id = $session_company_id
 	ORDER BY expense_id DESC LIMIT 5"
 );
 
diff --git a/edit_calendar_event_modal.php b/edit_calendar_event_modal.php
index d3bae01e..ee9ec517 100644
--- a/edit_calendar_event_modal.php
+++ b/edit_calendar_event_modal.php
@@ -29,7 +29,7 @@
               <select class="form-control selectpicker show-tick" name="calendar" required>
                 <?php 
                 
-                $sql_calendars_select = mysqli_query($mysqli,"SELECT * FROM calendars"); 
+                $sql_calendars_select = mysqli_query($mysqli,"SELECT * FROM calendars WHERE company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql_calendars_select)){
                   $calendar_id_select = $row['calendar_id'];
                   $calendar_name_select = $row['calendar_name'];
diff --git a/edit_expense_modal.php b/edit_expense_modal.php
index c0f51bac..d5740d66 100644
--- a/edit_expense_modal.php
+++ b/edit_expense_modal.php
@@ -46,7 +46,7 @@
                 <select class="form-control selectpicker show-tick" name="account" required>
                   <?php 
                   
-                  $sql_accounts = mysqli_query($mysqli,"SELECT * FROM accounts"); 
+                  $sql_accounts = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id"); 
                   while($row = mysqli_fetch_array($sql_accounts)){
                     $account_id_select = $row['account_id'];
                     $account_name_select = $row['account_name'];
@@ -85,7 +85,7 @@
                 <select class="form-control selectpicker show-tick" data-live-search="true" name="vendor" required>
                   <?php 
                   
-                  $sql_select = mysqli_query($mysqli,"SELECT * FROM vendors WHERE client_id = 0 ORDER BY vendor_name ASC"); 
+                  $sql_select = mysqli_query($mysqli,"SELECT * FROM vendors WHERE client_id = 0 AND company_id = $session_company_id ORDER BY vendor_name ASC"); 
                   while($row = mysqli_fetch_array($sql_select)){
                     $vendor_id_select = $row['vendor_id'];
                     $vendor_name_select = $row['vendor_name'];
@@ -117,7 +117,7 @@
                 <select class="form-control selectpicker show-tick" name="category" required>
                   <?php 
                   
-                  $sql_select = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense'"); 
+                  $sql_select = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' AND company_id = $session_company_id"); 
                   while($row = mysqli_fetch_array($sql_select)){
                     $category_id_select = $row['category_id'];
                     $category_name_select = $row['category_name'];
diff --git a/edit_invoice_modal.php b/edit_invoice_modal.php
index 601c83b1..3049e610 100644
--- a/edit_invoice_modal.php
+++ b/edit_invoice_modal.php
@@ -42,7 +42,7 @@
                 <option value="">- Category -</option>
                 <?php 
                 
-                $sql_income_category = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income'"); 
+                $sql_income_category = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql_income_category)){
                   $category_id_select= $row['category_id'];
                   $category_name_select = $row['category_name'];
diff --git a/edit_quote_modal.php b/edit_quote_modal.php
index d42a5ad6..4504a9ea 100644
--- a/edit_quote_modal.php
+++ b/edit_quote_modal.php
@@ -32,7 +32,7 @@
                 <option value="">- Category -</option>
                 <?php 
                 
-                $sql_income_category = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income'"); 
+                $sql_income_category = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql_income_category)){
                   $category_id_select = $row['category_id'];
                   $category_name_select = $row['category_name'];
diff --git a/edit_revenue_modal.php b/edit_revenue_modal.php
index 8cc66d2f..536f3005 100644
--- a/edit_revenue_modal.php
+++ b/edit_revenue_modal.php
@@ -41,7 +41,7 @@
                 <option value="">- Account -</option>
                 <?php 
                 
-                $sql_accounts = mysqli_query($mysqli,"SELECT * FROM accounts"); 
+                $sql_accounts = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql_accounts)){
                   $account_id_select = $row['account_id'];
                   $account_name_select = $row['account_name'];
@@ -81,7 +81,7 @@
                 <option value="">- Method of Payment -</option>
                 <?php 
                 
-                $sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Payment Method'"); 
+                $sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Payment Method' AND company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql_categories)){
                   $category_name_select = $row['category_name'];
                 ?>
diff --git a/edit_transfer_modal.php b/edit_transfer_modal.php
index 0c74064c..8b0a1b91 100644
--- a/edit_transfer_modal.php
+++ b/edit_transfer_modal.php
@@ -41,7 +41,7 @@
               <select class="form-control selectpicker show-tick" name="account_from" required>
                 <?php 
                 
-                $sql_accounts = mysqli_query($mysqli,"SELECT * FROM accounts"); 
+                $sql_accounts = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id"); 
                   while($row = mysqli_fetch_array($sql_accounts)){
                     $account_id_select = $row['account_id'];
                     $account_name_select = $row['account_name'];
@@ -78,7 +78,7 @@
               <select class="form-control selectpicker show-tick" name="account_to" required>
                 <?php 
                 
-                $sql2 = mysqli_query($mysqli,"SELECT * FROM accounts"); 
+                $sql2 = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id"); 
                 while($row = mysqli_fetch_array($sql2)){
                   $account_id2 = $row['account_id'];
                   $account_name = $row['account_name'];
@@ -88,7 +88,7 @@
                   $row = mysqli_fetch_array($sql_payments);
                   $total_payments = $row['total_payments'];
 
-                  $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE account_id = $account_id");
+                  $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE account_id = $account_id2");
                   $row = mysqli_fetch_array($sql_revenues);
                   $total_revenues = $row['total_revenues'];
                   
diff --git a/edit_trip_modal.php b/edit_trip_modal.php
index 95ee14cf..9efe5bb3 100644
--- a/edit_trip_modal.php
+++ b/edit_trip_modal.php
@@ -93,7 +93,7 @@
                     <option value="">- Invoice -</option>
                     <?php 
                     
-                    $sql_invoices = mysqli_query($mysqli,"SELECT * FROM clients, invoices WHERE invoices.client_id = clients.client_id ORDER BY invoice_number DESC"); 
+                    $sql_invoices = mysqli_query($mysqli,"SELECT * FROM clients, invoices WHERE invoices.client_id = clients.client_id AND clients.company_id = $session_company_id ORDER BY invoice_number DESC"); 
                     while($row = mysqli_fetch_array($sql_invoices)){
                       $client_id_select = $row['client_id'];
                       $client_name_select = $row['client_name'];
diff --git a/expenses.php b/expenses.php
index a9c7d2a9..c007e59b 100644
--- a/expenses.php
+++ b/expenses.php
@@ -43,6 +43,7 @@
     WHERE expenses.category_id = categories.category_id
     AND expenses.vendor_id = vendors.vendor_id
     AND expenses.account_id = accounts.account_id
+    AND expenses.company_id = $session_company_id
     AND (vendor_name LIKE '%$q%' OR category_name LIKE '%$q%' OR account_name LIKE '%$q%')
     ORDER BY $sb $o LIMIT $record_from, $record_to");
 
diff --git a/global_search.php b/global_search.php
index a8f8738c..efb99573 100644
--- a/global_search.php
+++ b/global_search.php
@@ -6,10 +6,10 @@ if(isset($_GET['query'])){
 
   $query = $_GET['query'];
 
-  $sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE client_name LIKE '%$query%' ORDER BY client_id DESC LIMIT 5");
-  $sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_name LIKE '%$query%' ORDER BY vendor_id DESC LIMIT 5");
-  $sql_products = mysqli_query($mysqli,"SELECT * FROM products WHERE product_name LIKE '%$query%' ORDER BY product_id DESC LIMIT 5");
-  $sql_logins = mysqli_query($mysqli,"SELECT * FROM logins WHERE login_description LIKE '%$query%' ORDER BY login_id DESC LIMIT 5");
+  $sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE client_name LIKE '%$query%' AND company_id = $session_company_id ORDER BY client_id DESC LIMIT 5");
+  $sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_name LIKE '%$query%' AND company_id = $session_company_id ORDER BY vendor_id DESC LIMIT 5");
+  $sql_products = mysqli_query($mysqli,"SELECT * FROM products WHERE product_name LIKE '%$query%' AND company_id = $session_company_id ORDER BY product_id DESC LIMIT 5");
+  $sql_logins = mysqli_query($mysqli,"SELECT * FROM logins WHERE login_description LIKE '%$query%' AND company_id = $session_company_id ORDER BY login_id DESC LIMIT 5");
 
 ?>
 
diff --git a/invoices.php b/invoices.php
index 799dab3c..f380ffdc 100644
--- a/invoices.php
+++ b/invoices.php
@@ -2,43 +2,43 @@
 
 <?php 
   
-  $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Sent'"));
+  $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Sent' AND company_id = $session_company_id"));
   $sent_count = $row['num'];
 
-  $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Partial'"));
+  $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Partial' AND company_id = $session_company_id"));
   $partial_count = $row['num'];
 
-  $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Draft'"));
+  $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Draft' AND company_id = $session_company_id"));
   $draft_count = $row['num'];
 
-  $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Cancelled'"));
+  $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Cancelled' AND company_id = $session_company_id"));
   $cancelled_count = $row['num'];
 
-  $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_due > CURDATE()"));
+  $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_due > CURDATE() AND company_id = $session_company_id"));
   $overdue_count = $row['num'];
 
-  $sql_total_draft = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_draft FROM invoices WHERE invoice_status = 'Draft'");
+  $sql_total_draft = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_draft FROM invoices WHERE invoice_status = 'Draft' AND company_id = $session_company_id");
   $row = mysqli_fetch_array($sql_total_draft);
   $total_draft = $row['total_draft'];
 
-  $sql_total_sent = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_sent FROM invoices WHERE invoice_status = 'Sent'");
+  $sql_total_sent = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_sent FROM invoices WHERE invoice_status = 'Sent' AND company_id = $session_company_id");
   $row = mysqli_fetch_array($sql_total_sent);
   $total_sent = $row['total_sent'];
 
-  $sql_total_cancelled = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_cancelled FROM invoices WHERE invoice_status = 'Cancelled'");
+  $sql_total_cancelled = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_cancelled FROM invoices WHERE invoice_status = 'Cancelled' AND company_id = $session_company_id");
   $row = mysqli_fetch_array($sql_total_cancelled);
   $total_cancelled = $row['total_cancelled'];
   
-  $sql_total_partial = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_partial FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND invoices.invoice_status = 'Partial'");
+  $sql_total_partial = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_partial FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND invoices.invoice_status = 'Partial' AND invoices.company_id = $session_company_id");
   $row = mysqli_fetch_array($sql_total_partial);
   $total_partial = $row['total_partial'];
   $total_partial_count = mysqli_num_rows($sql_total_partial);
 
-  $sql_total_overdue_partial = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_overdue_partial FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND invoices.invoice_status = 'Partial' AND invoices.invoice_due < CURDATE()");
+  $sql_total_overdue_partial = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_overdue_partial FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND invoices.invoice_status = 'Partial' AND invoices.invoice_due < CURDATE() AND invoices.company_id = $session_company_id");
   $row = mysqli_fetch_array($sql_total_overdue_partial);
   $total_overdue_partial = $row['total_overdue_partial'];
 
-  $sql_total_overdue = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_overdue FROM invoices WHERE invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Paid' AND invoice_due < CURDATE()");
+  $sql_total_overdue = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_overdue FROM invoices WHERE invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Paid' AND invoice_due < CURDATE() AND invoices.company_id = $session_company_id");
   $row = mysqli_fetch_array($sql_total_overdue);
   $total_overdue = $row['total_overdue'];
 
@@ -86,6 +86,7 @@
   $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM invoices, clients, categories
     WHERE invoices.client_id = clients.client_id
     AND invoices.category_id = categories.category_id
+    AND invoices.company_id = $session_company_id
     AND (invoice_number LIKE '%$q%' OR client_name LIKE '%$q%' OR invoice_status LIKE '%$q%')
     ORDER BY $sb $o LIMIT $record_from, $record_to");
 
diff --git a/payments.php b/payments.php
index 1d95b52b..e2a3bd73 100644
--- a/payments.php
+++ b/payments.php
@@ -43,6 +43,7 @@
     WHERE invoices.client_id = clients.client_id
     AND payments.invoice_id = invoices.invoice_id
     AND payments.account_id = accounts.account_id
+    AND payments.company_id = $session_company_id
     AND (invoice_number LIKE '%$q%' OR client_name LIKE '%$q%' OR account_name LIKE '%$q%' OR payment_method LIKE '%$q%')
     ORDER BY $sb $o LIMIT $record_from, $record_to");
 
diff --git a/post.php b/post.php
index be394cbb..0c3f01d3 100644
--- a/post.php
+++ b/post.php
@@ -48,7 +48,7 @@ if(isset($_POST['edit_general_settings'])){
         move_uploaded_file($_FILES['file']['tmp_name'], $path);   
     }
 
-    mysqli_query($mysqli,"UPDATE settings SET config_start_page = '$config_start_page', config_account_balance_threshold = '$config_account_balance_threshold', config_invoice_logo = '$path', config_api_key = '$config_api_key'");
+    mysqli_query($mysqli,"UPDATE settings SET config_start_page = '$config_start_page', config_account_balance_threshold = '$config_account_balance_threshold', config_invoice_logo = '$path', config_api_key = '$config_api_key' WHERE company_id = $session_company_id");
 
     $_SESSION['alert_message'] = "Settings updated";
 
@@ -68,7 +68,7 @@ if(isset($_POST['edit_company_settings'])){
    
 
 
-    mysqli_query($mysqli,"UPDATE settings SET config_company_name = '$config_company_name', config_company_address = '$config_company_address', config_company_city = '$config_company_city', config_company_state = '$config_company_state', config_company_zip = '$config_company_zip', config_company_phone = '$config_company_phone', config_company_site = '$config_company_site'");
+    mysqli_query($mysqli,"UPDATE settings SET config_company_name = '$config_company_name', config_company_address = '$config_company_address', config_company_city = '$config_company_city', config_company_state = '$config_company_state', config_company_zip = '$config_company_zip', config_company_phone = '$config_company_phone', config_company_site = '$config_company_site' WHERE company_id = $session_company_id");
 
     $_SESSION['alert_message'] = "Company Settings updated";
 
@@ -83,7 +83,7 @@ if(isset($_POST['edit_mail_settings'])){
     $config_smtp_username = strip_tags(mysqli_real_escape_string($mysqli,$_POST['config_smtp_username']));
     $config_smtp_password = strip_tags(mysqli_real_escape_string($mysqli,$_POST['config_smtp_password']));
 
-    mysqli_query($mysqli,"UPDATE settings SET config_smtp_host = '$config_smtp_host', config_smtp_port = $config_smtp_port, config_smtp_username = '$config_smtp_username', config_smtp_password = '$config_smtp_password'");
+    mysqli_query($mysqli,"UPDATE settings SET config_smtp_host = '$config_smtp_host', config_smtp_port = $config_smtp_port, config_smtp_username = '$config_smtp_username', config_smtp_password = '$config_smtp_password' WHERE company_id = $session_company_id");
 
     $_SESSION['alert_message'] = "Mail Settings updated";
 
@@ -106,7 +106,7 @@ if(isset($_POST['edit_invoice_settings'])){
     }
     $config_invoice_overdue_reminders = strip_tags(mysqli_real_escape_string($mysqli,$_POST['config_invoice_overdue_reminders']));
 
-    mysqli_query($mysqli,"UPDATE settings SET config_invoice_prefix = '$config_invoice_prefix', config_invoice_next_number = $config_invoice_next_number, config_mail_from_email = '$config_mail_from_email', config_mail_from_name = '$config_mail_from_name', config_invoice_footer = '$config_invoice_footer', config_send_invoice_reminders = $config_send_invoice_reminders, config_invoice_overdue_reminders = '$config_invoice_overdue_reminders'");
+    mysqli_query($mysqli,"UPDATE settings SET config_invoice_prefix = '$config_invoice_prefix', config_invoice_next_number = $config_invoice_next_number, config_mail_from_email = '$config_mail_from_email', config_mail_from_name = '$config_mail_from_name', config_invoice_footer = '$config_invoice_footer', config_send_invoice_reminders = $config_send_invoice_reminders, config_invoice_overdue_reminders = '$config_invoice_overdue_reminders' WHERE company_id = $session_company_id");
 
     $_SESSION['alert_message'] = "Invoice Settings updated";
 
@@ -120,7 +120,7 @@ if(isset($_POST['edit_quote_settings'])){
     $config_quote_next_number = intval($_POST['config_quote_next_number']);
     $config_quote_footer = strip_tags(mysqli_real_escape_string($mysqli,$_POST['config_quote_footer']));
 
-    mysqli_query($mysqli,"UPDATE settings SET config_quote_prefix = '$config_quote_prefix', config_quote_next_number = $config_quote_next_number, config_quote_footer = '$config_quote_footer'");
+    mysqli_query($mysqli,"UPDATE settings SET config_quote_prefix = '$config_quote_prefix', config_quote_next_number = $config_quote_next_number, config_quote_footer = '$config_quote_footer' WHERE company_id = $session_company_id");
 
     $_SESSION['alert_message'] = "Quote Settings updated";
 
@@ -139,7 +139,7 @@ if(isset($_POST['edit_default_settings'])){
     $config_default_transfer_to_account = intval($_POST['config_default_transfer_to_account']);
     $config_default_calendar = intval($_POST['config_default_calendar']);
 
-    mysqli_query($mysqli,"UPDATE settings SET config_default_expense_account = $config_default_expense_account, config_default_payment_account = $config_default_payment_account, config_default_payment_method = '$config_default_payment_method', config_default_expense_payment_method = '$config_default_expense_payment_method', config_default_transfer_from_account = $config_default_transfer_from_account, config_default_transfer_to_account = $config_default_transfer_to_account, config_default_calendar = $config_default_calendar");
+    mysqli_query($mysqli,"UPDATE settings SET config_default_expense_account = $config_default_expense_account, config_default_payment_account = $config_default_payment_account, config_default_payment_method = '$config_default_payment_method', config_default_expense_payment_method = '$config_default_expense_payment_method', config_default_transfer_from_account = $config_default_transfer_from_account, config_default_transfer_to_account = $config_default_transfer_to_account, config_default_calendar = $config_default_calendar WHERE company_id = $session_company_id");
 
     $_SESSION['alert_message'] = "Default Settings updated";
 
diff --git a/products.php b/products.php
index ed1fd467..31d434b6 100644
--- a/products.php
+++ b/products.php
@@ -39,7 +39,7 @@
     $disp = "ASC";
   }
 
-  $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM products WHERE product_name LIKE '%$q%' ORDER BY $sb $o LIMIT $record_from, $record_to");
+  $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM products WHERE product_name LIKE '%$q%' AND company_id = $session_company_id ORDER BY $sb $o LIMIT $record_from, $record_to");
 
   $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
   $total_found_rows = $num_rows[0];
diff --git a/quotes.php b/quotes.php
index 4678f500..200011a9 100644
--- a/quotes.php
+++ b/quotes.php
@@ -42,6 +42,7 @@
   $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM quotes, clients, categories
     WHERE quotes.client_id = clients.client_id
     AND quotes.category_id = categories.category_id
+    AND quotes.company_id = $session_company_id
     AND (quote_number LIKE '%$q%' OR client_name LIKE '%$q%')
     ORDER BY $sb $o LIMIT $record_from, $record_to");
 
diff --git a/recurring.php b/recurring.php
index 45cc8dd3..e9ebd778 100644
--- a/recurring.php
+++ b/recurring.php
@@ -42,6 +42,7 @@
   $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM recurring, clients, categories
     WHERE recurring.client_id = clients.client_id
     AND recurring.category_id = categories.category_id
+    AND recurring.company_id = $session_company_id
     AND (recurring_frequency LIKE '%$q%' OR client_name LIKE '%$q%' OR category_name LIKE '%$q%')
     ORDER BY $sb $o LIMIT $record_from, $record_to");
 
diff --git a/report_expense_summary.php b/report_expense_summary.php
index 3dd2c249..3a498428 100644
--- a/report_expense_summary.php
+++ b/report_expense_summary.php
@@ -7,9 +7,9 @@ if(isset($_GET['year'])){
   $year = date('Y');
 }
 
-$sql_expense_years = mysqli_query($mysqli,"SELECT DISTINCT YEAR(expense_date) AS expense_year FROM expenses WHERE category_id > 0 ORDER BY expense_year DESC");
+$sql_expense_years = mysqli_query($mysqli,"SELECT DISTINCT YEAR(expense_date) AS expense_year FROM expenses WHERE category_id > 0 AND company_id = $session_company_id ORDER BY expense_year DESC");
 
-$sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type =  'Expense' ORDER BY category_name ASC");
+$sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' AND company_id = $session_company_id ORDER BY category_name ASC");
 
 ?>
 
@@ -98,7 +98,7 @@ $sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_
             <?php
               
             for($month = 1; $month<=12; $month++) {
-              $sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0");
+              $sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0 AND company_id = $session_company_id");
               $row = mysqli_fetch_array($sql_expenses);
               $expense_total_amount_for_month = $row['expense_total_amount_for_month'];
               $total_expense_for_all_months = $expense_total_amount_for_month + $total_expense_for_all_months;
diff --git a/report_income_summary.php b/report_income_summary.php
index 4f488249..4e7a7f19 100644
--- a/report_income_summary.php
+++ b/report_income_summary.php
@@ -9,7 +9,7 @@ if(isset($_GET['year'])){
 
 $sql_payment_years = mysqli_query($mysqli,"SELECT DISTINCT YEAR(payment_date) AS payment_year FROM payments UNION SELECT DISTINCT YEAR(revenue_date) AS payment_year FROM revenues ORDER BY payment_year DESC");
 
-$sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type =  'Income' ORDER BY category_name ASC");
+$sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND company_id = $session_company_id ORDER BY category_name ASC");
 
 ?>
 
@@ -107,11 +107,11 @@ $sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_
             <?php
               
             for($month = 1; $month<=12; $month++) {
-              $sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payment_total_amount_for_month FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month");
+              $sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payment_total_amount_for_month FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month AND payments.company_id = $session_company_id");
               $row = mysqli_fetch_array($sql_payments);
               $payment_total_amount_for_month = $row['payment_total_amount_for_month'];
 
-              $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_amount_for_month FROM revenues WHERE category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month");
+              $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_amount_for_month FROM revenues WHERE category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month AND revenues.company_id = $session_company_id");
               $row = mysqli_fetch_array($sql_revenues);
               $revenues_total_amount_for_month = $row['revenue_amount_for_month'];
 
diff --git a/report_profit_loss.php b/report_profit_loss.php
index 5a3694b4..5e016985 100644
--- a/report_profit_loss.php
+++ b/report_profit_loss.php
@@ -11,9 +11,9 @@ if(isset($_GET['year'])){
 //GET unique years from expenses, payments and revenues
 $sql_all_years = mysqli_query($mysqli,"SELECT YEAR(expense_date) AS all_years FROM expenses UNION DISTINCT SELECT YEAR(payment_date) FROM payments UNION DISTINCT SELECT YEAR(revenue_date) FROM revenues ORDER BY all_years DESC");
 
-$sql_categories_income = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' ORDER BY category_name ASC");
+$sql_categories_income = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND company_id = $session_company_id ORDER BY category_name ASC");
 
-$sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' ORDER BY category_name ASC");
+$sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' AND company_id = $session_company_id ORDER BY category_name ASC");
 
 
 ?>
@@ -165,11 +165,11 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
             <?php
               
             for($month = 1; $month<=3; $month++) {
-              $sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payment_total_amount_for_month FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month");
+              $sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payment_total_amount_for_month FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month AND payments.company_id = $session_company_id");
               $row = mysqli_fetch_array($sql_payments);
               $payment_total_amount_for_month = $row['payment_total_amount_for_month'];
 
-              $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_total_amount_for_month FROM revenues WHERE category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month");
+              $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_total_amount_for_month FROM revenues WHERE category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month AND revenues.company_id = $session_company_id");
               $row = mysqli_fetch_array($sql_revenues);
               $revenue_total_amount_for_month = $row['revenue_total_amount_for_month'];
 
@@ -185,11 +185,11 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
             <?php
  
             for($month = 4; $month<=6; $month++) {
-              $sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payment_total_amount_for_month FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month");
+              $sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payment_total_amount_for_month FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month AND payments.company_id = $session_company_id");
               $row = mysqli_fetch_array($sql_payments);
               $payment_total_amount_for_month = $row['payment_total_amount_for_month'];
 
-              $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_total_amount_for_month FROM revenues WHERE category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month");
+              $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_total_amount_for_month FROM revenues WHERE category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month AND revenues.company_id = $session_company_id");
               $row = mysqli_fetch_array($sql_revenues);
               $revenue_total_amount_for_month = $row['revenue_total_amount_for_month'];
 
@@ -205,11 +205,11 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
             <?php
  
             for($month = 7; $month<=9; $month++) {
-              $sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payment_total_amount_for_month FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month");
+              $sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payment_total_amount_for_month FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month AND payments.company_id = $session_company_id");
               $row = mysqli_fetch_array($sql_payments);
               $payment_total_amount_for_month = $row['payment_total_amount_for_month'];
 
-              $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_total_amount_for_month FROM revenues WHERE category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month");
+              $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_total_amount_for_month FROM revenues WHERE category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month AND revenues.company_id = $session_company_id");
               $row = mysqli_fetch_array($sql_revenues);
               $revenue_total_amount_for_month = $row['revenue_total_amount_for_month'];
 
@@ -225,11 +225,11 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
             <?php
  
             for($month = 10; $month<=12; $month++) {
-              $sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payment_total_amount_for_month FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month");
+              $sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payment_total_amount_for_month FROM payments, invoices WHERE payments.invoice_id = invoices.invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month AND payments.company_id = $session_company_id");
               $row = mysqli_fetch_array($sql_payments);
               $payment_total_amount_for_month = $row['payment_total_amount_for_month'];
 
-              $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_total_amount_for_month FROM revenues WHERE category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month");
+              $sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_total_amount_for_month FROM revenues WHERE category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month AND revenues.company_id = $session_company_id");
               $row = mysqli_fetch_array($sql_revenues);
               $revenue_total_amount_for_month = $row['revenue_total_amount_for_month'];
 
@@ -330,7 +330,7 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
             <?php
               
             for($month = 1; $month<=3; $month++) {
-              $sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE category_id > 0 AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0");
+              $sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE category_id > 0 AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0 AND company_id = $session_company_id");
               $row = mysqli_fetch_array($sql_expenses);
               $expense_total_amount_for_quarter_one = $expense_total_amount_for_quarter_one + $row['expense_total_amount_for_month'];
             }
@@ -342,7 +342,7 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
             <?php
  
             for($month = 4; $month<=6; $month++) {
-              $sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE category_id > 0 AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0");
+              $sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE category_id > 0 AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0 AND company_id = $session_company_id");
               $row = mysqli_fetch_array($sql_expenses);
               $expense_total_amount_for_quarter_two = $expense_total_amount_for_quarter_two + $row['expense_total_amount_for_month'];
             }
@@ -354,7 +354,7 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
             <?php
  
             for($month = 7; $month<=9; $month++) {
-              $sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE category_id > 0 AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0");
+              $sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE category_id > 0 AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0 AND company_id = $session_company_id");
               $row = mysqli_fetch_array($sql_expenses);
               $expense_total_amount_for_quarter_three = $expense_total_amount_for_quarter_three + $row['expense_total_amount_for_month'];
             }
@@ -366,7 +366,7 @@ $sql_categories_expense = mysqli_query($mysqli,"SELECT * FROM categories WHERE c
             <?php
  
             for($month = 10; $month<=12; $month++) {
-              $sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE category_id > 0 AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0");
+              $sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE category_id > 0 AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND vendor_id > 0 AND company_id = $session_company_id");
               $row = mysqli_fetch_array($sql_expenses);
               $expense_total_amount_for_quarter_four = $expense_total_amount_for_quarter_four + $row['expense_total_amount_for_month'];
             }
diff --git a/revenues.php b/revenues.php
index 20da0854..39abb1ed 100644
--- a/revenues.php
+++ b/revenues.php
@@ -42,6 +42,7 @@
   $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM accounts, revenues, categories
     WHERE revenues.account_id = accounts.account_id
     AND revenues.category_id = categories.category_id
+    AND revenues.company_id = $session_company_id
     AND (account_name LIKE '%$q%' AND revenue_payment_method LIKE '%$q%')
     ORDER BY $sb $o LIMIT $record_from, $record_to");
 
diff --git a/settings-backup.php b/settings-backup.php
index 942fe98c..2ff487b6 100644
--- a/settings-backup.php
+++ b/settings-backup.php
@@ -1,7 +1,5 @@
 <?php include("header.php"); ?>
 
-<?php $sql = mysqli_query($mysqli,"SELECT * FROM accounts ORDER BY account_id DESC"); ?>
-
 <?php include("settings-nav.php"); ?>
 
 <div class="card">
diff --git a/settings-defaults.php b/settings-defaults.php
index a6a494e3..f99473c5 100644
--- a/settings-defaults.php
+++ b/settings-defaults.php
@@ -18,7 +18,7 @@
             <option value="0">- None -</option>
             <?php 
             
-            $sql = mysqli_query($mysqli,"SELECT * FROM accounts"); 
+            $sql = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id"); 
             while($row = mysqli_fetch_array($sql)){
               $account_id = $row['account_id'];
               $account_name = $row['account_name'];
@@ -43,7 +43,7 @@
             <option value="0">- None -</option>
             <?php 
             
-            $sql = mysqli_query($mysqli,"SELECT * FROM accounts"); 
+            $sql = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id"); 
             while($row = mysqli_fetch_array($sql)){
               $account_id = $row['account_id'];
               $account_name = $row['account_name'];
@@ -68,7 +68,7 @@
             <option value="0">- None -</option>
             <?php 
             
-            $sql = mysqli_query($mysqli,"SELECT * FROM accounts"); 
+            $sql = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id"); 
             while($row = mysqli_fetch_array($sql)){
               $account_id = $row['account_id'];
               $account_name = $row['account_name'];
@@ -93,7 +93,7 @@
             <option value="0">- None -</option>
             <?php 
             
-            $sql = mysqli_query($mysqli,"SELECT * FROM accounts"); 
+            $sql = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id"); 
             while($row = mysqli_fetch_array($sql)){
               $account_id = $row['account_id'];
               $account_name = $row['account_name'];
@@ -118,7 +118,7 @@
             <option value="">- None -</option>
             <?php 
             
-            $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Payment Method'"); 
+            $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Payment Method' AND company_id = $session_company_id"); 
             while($row = mysqli_fetch_array($sql)){
               $payment_method = $row['category_name'];
 
@@ -142,7 +142,7 @@
             <option value="">- None -</option>
             <?php 
             
-            $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Payment Method'"); 
+            $sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Payment Method' AND company_id = $session_company_id"); 
             while($row = mysqli_fetch_array($sql)){
               $payment_method = $row['category_name'];
 
@@ -166,7 +166,7 @@
             <option value="0">- None -</option>
             <?php 
             
-            $sql = mysqli_query($mysqli,"SELECT * FROM calendars"); 
+            $sql = mysqli_query($mysqli,"SELECT * FROM calendars WHERE company_id = $session_company_id"); 
             while($row = mysqli_fetch_array($sql)){
               $calendar_id = $row['calendar_id'];
               $calendar_name = $row['calendar_name'];
diff --git a/setup.php b/setup.php
index 811e46c6..783a6c66 100644
--- a/setup.php
+++ b/setup.php
@@ -23,7 +23,7 @@ if(isset($_POST['add_database'])){
 
   fwrite($myfile, $txt);
 
-  $txt = "config_app_name = IT CRM\n\n";
+  $txt = "\$config_app_name = 'IT CRM';\n\n";
 
   fwrite($myfile, $txt);
 
diff --git a/tickets.php b/tickets.php
index a086737f..8cb38867 100644
--- a/tickets.php
+++ b/tickets.php
@@ -40,7 +40,8 @@
   }
 
   $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM tickets, clients
-    WHERE tickets.client_id = clients.client_id 
+    WHERE tickets.client_id = clients.client_id
+    AND tickets.company_id = $session_company_id
     AND (ticket_id LIKE '%$q%' OR client_name LIKE '%$q%' OR ticket_subject LIKE '%$q%' OR ticket_status LIKE '%$q%')
     ORDER BY $sb $o LIMIT $record_from, $record_to");
 
diff --git a/transactions.php b/transactions.php
index 9c105b19..c706cea1 100644
--- a/transactions.php
+++ b/transactions.php
@@ -6,6 +6,7 @@
     WHERE invoices.client_id = clients.client_id
     AND payments.invoice_id = invoices.invoice_id
     AND payments.account_id = accounts.account_id
+    AND payments.company_id = $session_company_id
     ORDER BY payments.payment_id DESC");
 
 ?>
diff --git a/transfers.php b/transfers.php
index b4667b14..3d2ac77f 100644
--- a/transfers.php
+++ b/transfers.php
@@ -40,7 +40,7 @@
   }
  
 
-$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS expenses.expense_date AS transfer_date, expenses.expense_amount AS transfer_amount, expenses.account_id AS transfer_account_from, revenues.account_id AS transfer_account_to, transfers.expense_id, transfers.revenue_id , transfers.transfer_id FROM transfers, expenses, revenues WHERE transfers.expense_id = expenses.expense_id AND transfers.revenue_id = revenues.revenue_id ORDER BY $sb $o LIMIT $record_from, $record_to");
+$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS expenses.expense_date AS transfer_date, expenses.expense_amount AS transfer_amount, expenses.account_id AS transfer_account_from, revenues.account_id AS transfer_account_to, transfers.expense_id, transfers.revenue_id , transfers.transfer_id FROM transfers, expenses, revenues WHERE transfers.expense_id = expenses.expense_id AND transfers.revenue_id = revenues.revenue_id AND transfers.company_id = $session_company_id ORDER BY $sb $o LIMIT $record_from, $record_to");
 
 $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
 $total_found_rows = $num_rows[0];
diff --git a/trips.php b/trips.php
index bb88dfce..e0e5fd1f 100644
--- a/trips.php
+++ b/trips.php
@@ -40,7 +40,8 @@
   }
 
   $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM trips  
-    WHERE trip_purpose LIKE '%$q%' OR trip_starting_location LIKE '%$q%' OR trip_destination LIKE '%$q%'
+    WHERE (trip_purpose LIKE '%$q%' OR trip_starting_location LIKE '%$q%' OR trip_destination LIKE '%$q%')
+    AND company_id = $session_company_id
     ORDER BY $sb $o LIMIT $record_from, $record_to");
 
   $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
diff --git a/vendors.php b/vendors.php
index fc0d2116..5cb8e072 100644
--- a/vendors.php
+++ b/vendors.php
@@ -39,8 +39,7 @@
     $disp = "ASC";
   }
 
-  $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM vendors WHERE client_id = 0 
-    AND (vendor_name LIKE '%$q%' OR vendor_description LIKE '%$q%' OR vendor_account_number LIKE '%$q%')
+  $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM vendors WHERE client_id = 0 AND company_id = $session_company_id AND (vendor_name LIKE '%$q%' OR vendor_description LIKE '%$q%' OR vendor_account_number LIKE '%$q%')
     ORDER BY $sb $o LIMIT $record_from, $record_to");
 
   $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));