From 1574254dcfeecf2a500cdb777239894f809f2ecc Mon Sep 17 00:00:00 2001
From: Marc de Lima Lucio <68746600+marc-dll@users.noreply.github.com>
Date: Tue, 22 Feb 2022 17:13:26 +0100
Subject: [PATCH] FIX: viewimage.php: bad call to
 dol_check_secure_access_document() caused images to be blocked with
 multicompany from entities > 1

---
 htdocs/viewimage.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/viewimage.php b/htdocs/viewimage.php
index 3cb23b36fbc..50836186c7f 100644
--- a/htdocs/viewimage.php
+++ b/htdocs/viewimage.php
@@ -185,7 +185,7 @@ $refname = basename(dirname($original_file)."/");
 // Security check
 if (empty($modulepart)) accessforbidden('Bad value for parameter modulepart', 0, 0, 1);
 
-$check_access = dol_check_secure_access_document($modulepart, $original_file, $entity, $refname);
+$check_access = dol_check_secure_access_document($modulepart, $original_file, $entity, $user, $refname);
 $accessallowed              = $check_access['accessallowed'];
 $sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals'];
 $fullpath_original_file     = $check_access['original_file']; // $fullpath_original_file is now a full path name