diff --git a/htdocs/takepos/genimg/index.php b/htdocs/takepos/genimg/index.php
index a5686054193..e668b01aacb 100644
--- a/htdocs/takepos/genimg/index.php
+++ b/htdocs/takepos/genimg/index.php
@@ -25,7 +25,7 @@ if (!defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1');
if (!defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1');
if (!defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1');
-require '../../main.inc.php'; // Load $user and permissions
+if (!defined('INCLUDE_PHONEPAGE_FROM_PUBLIC_PAGE')) require '../../main.inc.php'; // Load $user and permissions
$id = GETPOST('id', 'int');
$w = GETPOST('w', 'int');
@@ -72,12 +72,12 @@ elseif ($query == "pro")
$objProd = new Product($db);
$objProd->fetch($id);
- $image = $objProd->show_photos('product', $conf->product->multidir_output[$entity], 'small', 1);
+ $image = $objProd->show_photos('product', $conf->product->multidir_output[$objProd->entity], 'small', 1);
preg_match('@src="([^"]+)"@', $image, $match);
$file = array_pop($match);
if ($file == "") header('Location: ../../public/theme/common/nophoto.png');
- else header('Location: '.$file.'&cache=1');
+ else header('Location: '.$file.'&cache=1&publictakepos=1&modulepart=product');
}
else
{
diff --git a/htdocs/takepos/phone.php b/htdocs/takepos/phone.php
index b06bdd0bfed..90f0aa363dc 100644
--- a/htdocs/takepos/phone.php
+++ b/htdocs/takepos/phone.php
@@ -77,7 +77,7 @@ if ($action == "productinfo") {
$prod = new Product($db);
$prod->fetch($idproduct);
print "".$prod->label."
";
- print '
';
+ print '
';
print "
".$prod->description;
print "
".price($prod->price_ttc, 1, $langs, 1, -1, -1, $conf->currency)."";
print '
';
@@ -95,7 +95,7 @@ elseif ($action == "editline") {
$prod = new Product($db);
$prod->fetch($line->fk_product);
print "".$prod->label."
";
- print '
';
+ print '
';
print "
".$prod->description;
print "
".price($prod->price_ttc, 1, $langs, 1, -1, -1, $conf->currency)."";
print '
';
diff --git a/htdocs/takepos/public/auto_order.php b/htdocs/takepos/public/auto_order.php
index c7612711df0..910c00327b4 100644
--- a/htdocs/takepos/public/auto_order.php
+++ b/htdocs/takepos/public/auto_order.php
@@ -33,4 +33,5 @@ $_SESSION["takeposterminal"] = 1;
define('INCLUDE_PHONEPAGE_FROM_PUBLIC_PAGE', 1);
if (GETPOSTISSET("mobilepage")) require '../invoice.php';
+elseif (GETPOSTISSET("genimg")) require DOL_DOCUMENT_ROOT.'/takepos/genimg/index.php';
else require '../phone.php';
diff --git a/htdocs/viewimage.php b/htdocs/viewimage.php
index 3cb23b36fbc..b2534ee92dd 100644
--- a/htdocs/viewimage.php
+++ b/htdocs/viewimage.php
@@ -52,7 +52,15 @@ if (isset($_GET["hashp"]) && !defined("NOLOGIN"))
if (!defined("NOIPCHECK")) define("NOIPCHECK", 1); // Do not check IP defined into conf $dolibarr_main_restrict_ip
}
// Some value of modulepart can be used to get resources that are public so no login are required.
-if ((isset($_GET["modulepart"]) && $_GET["modulepart"] == 'medias'))
+if (isset($_GET["modulepart"]) && $_GET["modulepart"] == 'medias')
+{
+ if (!defined("NOLOGIN")) define("NOLOGIN", 1);
+ if (!defined("NOCSRFCHECK")) define("NOCSRFCHECK", 1); // We accept to go on this page from external web site.
+ if (!defined("NOIPCHECK")) define("NOIPCHECK", 1); // Do not check IP defined into conf $dolibarr_main_restrict_ip
+}
+
+// Used by TakePOS Auto Order
+if (isset($_GET["modulepart"]) && $_GET["modulepart"] == 'product' && isset($_GET["publictakepos"]))
{
if (!defined("NOLOGIN")) define("NOLOGIN", 1);
if (!defined("NOCSRFCHECK")) define("NOCSRFCHECK", 1); // We accept to go on this page from external web site.
@@ -195,6 +203,12 @@ if (!empty($hashp))
$accessallowed = 1; // When using hashp, link is public so we force $accessallowed
$sqlprotectagainstexternals = '';
}
+elseif (isset($_GET["publictakepos"]))
+{
+ if (! empty($conf->global->TAKEPOS_AUTO_ORDER)) {
+ $accessallowed = 1; // Only if TakePOS Public Auto Order is enabled and received publictakepos variable
+ }
+}
else
{
// Basic protection (against external users only)