From 0ffe106e2cdb7cfa5213a93a12baf3fc89026267 Mon Sep 17 00:00:00 2001
From: arnaud <arnaud.saint-patrice@atm-consulting.fr>
Date: Thu, 30 Jun 2016 16:03:48 +0200
Subject: [PATCH] FIX #4749

---
 htdocs/compta/bank/annuel.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/htdocs/compta/bank/annuel.php b/htdocs/compta/bank/annuel.php
index 68ef0a42e32aa..61941a4cefb7b 100644
--- a/htdocs/compta/bank/annuel.php
+++ b/htdocs/compta/bank/annuel.php
@@ -36,10 +36,10 @@
 $ref=GETPOST('ref');
 
 // Security check
-$fieldid = (! empty($ref)?$ref:$id);
-$fieldname = isset($ref)?'ref':'rowid';
+$fieldvalue = (! empty($id) ? $id : (! empty($ref) ? $ref :''));
+$fieldtype = (! empty($ref) ? 'ref' :'rowid');
 if ($user->societe_id) $socid=$user->societe_id;
-$result=restrictedArea($user,'banque',$fieldid,'bank_account','','',$fieldname);
+$result=restrictedArea($user,'banque',$fieldvalue,'bank_account&bank_account','','',$fieldtype);
 
 $year_start=GETPOST('year_start');
 $year_current = strftime("%Y",time());
@@ -146,7 +146,7 @@
 // Ref
 print '<tr><td width="25%">'.$langs->trans("Ref").'</td>';
 print '<td colspan="3">';
-if ($_GET["account"])
+if (!empty($id))
 {
 	if (! preg_match('/,/', $id))
 	{