lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update viewimage.php

Browse Source
This commit is contained in:
Laurent Destailleur 2020-05-15 14:34:24 +02:00 committed by GitHub
parent f35a618699
commit b8d7a4373c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
htdocs/viewimage.php
View File

@ -52,7 +52,7 @@ if (isset($_GET["hashp"]) && !defined("NOLOGIN"))
if (!defined("NOIPCHECK")) define("NOIPCHECK", 1); // Do not check IP defined into conf $dolibarr_main_restrict_ip if (!defined("NOIPCHECK")) define("NOIPCHECK", 1); // Do not check IP defined into conf $dolibarr_main_restrict_ip
} }
// Some value of modulepart can be used to get resources that are public so no login are required. // Some value of modulepart can be used to get resources that are public so no login are required.
if ((isset($_GET["modulepart"]) && $_GET["modulepart"] == 'medias')) if (isset($_GET["modulepart"]) && $_GET["modulepart"] == 'medias')
{ {
if (!defined("NOLOGIN")) define("NOLOGIN", 1); if (!defined("NOLOGIN")) define("NOLOGIN", 1);
if (!defined("NOCSRFCHECK")) define("NOCSRFCHECK", 1); // We accept to go on this page from external web site. if (!defined("NOCSRFCHECK")) define("NOCSRFCHECK", 1); // We accept to go on this page from external web site.
@ -60,7 +60,7 @@ if ((isset($_GET["modulepart"]) && $_GET["modulepart"] == 'medias'))
} }
// Used by TakePOS Auto Order // Used by TakePOS Auto Order
if (isset($_GET["publictakepos"])) if (isset($_GET["modulepart"]) && $_GET["modulepart"] == 'product' && isset($_GET["publictakepos"]))
{ {
if (!defined("NOLOGIN")) define("NOLOGIN", 1); if (!defined("NOLOGIN")) define("NOLOGIN", 1);
if (!defined("NOCSRFCHECK")) define("NOCSRFCHECK", 1); // We accept to go on this page from external web site. if (!defined("NOCSRFCHECK")) define("NOCSRFCHECK", 1); // We accept to go on this page from external web site.
@ -203,9 +203,11 @@ if (!empty($hashp))
$accessallowed = 1; // When using hashp, link is public so we force $accessallowed $accessallowed = 1; // When using hashp, link is public so we force $accessallowed
$sqlprotectagainstexternals = ''; $sqlprotectagainstexternals = '';
} }
elseif (! empty($conf->global->TAKEPOS_AUTO_ORDER) && isset($_GET["publictakepos"])) elseif (isset($_GET["publictakepos"]))
{ {
$accessallowed = 1; // Only if TakePOS Public Auto Order is enabled and received publictakepos variable if (! empty($conf->global->TAKEPOS_AUTO_ORDER)) {
$accessallowed = 1; // Only if TakePOS Public Auto Order is enabled and received publictakepos variable
}
} }
else else
{ {