From 4bec281dd84cbdd0e2ed8d9f88fb78790c76fcb9 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis@dolibarr.fr>
Date: Mon, 27 Feb 2012 17:36:27 +0100
Subject: [PATCH] Fix: access forbidden if rowid is empty

---
 htdocs/adherents/fiche.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/htdocs/adherents/fiche.php b/htdocs/adherents/fiche.php
index d567cb5bd23..3278d89ae44 100644
--- a/htdocs/adherents/fiche.php
+++ b/htdocs/adherents/fiche.php
@@ -56,7 +56,7 @@ $typeid=GETPOST('typeid','int');
 $userid=GETPOST('userid','int');
 $socid=GETPOST('socid','int');
 
-if ($rowid)
+if ($rowid > 0)
 {
 	// Load member
 	$result = $object->fetch($rowid);
@@ -73,6 +73,10 @@ if ($rowid)
 		|| (($user->id != $adh->user_id) && $user->rights->user->user->password) );
 	}
 }
+else
+{
+	accessforbidden();
+}
 
 // Define variables to know what current user can do on members
 $canaddmember=$user->rights->adherent->creer;