diff --git a/app/Http/Controllers/ClientPortal/QuoteController.php b/app/Http/Controllers/ClientPortal/QuoteController.php
index 6678b914c6b4..253631fc5b3f 100644
--- a/app/Http/Controllers/ClientPortal/QuoteController.php
+++ b/app/Http/Controllers/ClientPortal/QuoteController.php
@@ -24,6 +24,7 @@ use App\Utils\TempFile;
 use App\Utils\Traits\MakesHash;
 use Illuminate\Contracts\View\Factory;
 use Illuminate\View\View;
+use Symfony\Component\HttpFoundation\BinaryFileResponse;
 use ZipStream\Option\Archive;
 use ZipStream\ZipStream;
 
@@ -46,7 +47,7 @@ class QuoteController extends Controller
      *
      * @param ShowQuoteRequest $request
      * @param Quote $quote
-     * @return Factory|View|\Symfony\Component\HttpFoundation\BinaryFileResponse
+     * @return Factory|View|BinaryFileResponse
      */
     public function show(ShowQuoteRequest $request, Quote $quote)
     {
@@ -110,16 +111,18 @@ class QuoteController extends Controller
     protected function approve(array $ids, $process = false)
     {
         $quotes = Quote::whereIn('id', $ids)
-            ->whereClientId(auth()->user()->client->id)
+            ->where('client_id', auth('contact')->user()->client->id)
+            ->where('company_id', auth('contact')->user()->client->company_id)
+            ->where('status_id', Quote::STATUS_SENT)
             ->get();
 
-        if (! $quotes || $quotes->count() == 0) {
+        if (!$quotes || $quotes->count() == 0) {
             return redirect()->route('client.quotes.index');
         }
 
         if ($process) {
             foreach ($quotes as $quote) {
-                $quote->service()->approve(auth('contact')->user())->save();
+                $quote->service()->approve(auth()->user())->save();
                 event(new QuoteWasApproved(auth('contact')->user(), $quote, $quote->company, Ninja::eventVars()));
 
                 if (request()->has('signature') && !is_null(request()->signature) && !empty(request()->signature)) {