From e91ffa00eb9add3b7d2c3ea8a5fd0ffb205cc22e Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Mon, 19 Mar 2018 11:56:04 +0100
Subject: [PATCH] NEW Can crop image files attached in "document" tabs of a
 member

---
 htdocs/core/class/html.formfile.class.php |  2 +-
 htdocs/core/photos_resize.php             | 34 +++++++++++++++++------
 2 files changed, 27 insertions(+), 9 deletions(-)

diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php
index 251a03399d7..df6f389180f 100644
--- a/htdocs/core/class/html.formfile.class.php
+++ b/htdocs/core/class/html.formfile.class.php
@@ -1226,7 +1226,7 @@ class FormFile
 							if (in_array($modulepart, array('product','produit','service'))) $newmodulepart='produit|service';
 
 							$disablecrop=1;
-							if (in_array($modulepart, array('societe','product','produit','service','expensereport','holiday','project','ticketsup','user'))) $disablecrop=0;
+							if (in_array($modulepart, array('societe','product','produit','service','expensereport','holiday','member','project','ticketsup','user'))) $disablecrop=0;
 
 							if (! $disablecrop && image_format_supported($file['name']) > 0)
 							{
diff --git a/htdocs/core/photos_resize.php b/htdocs/core/photos_resize.php
index c40a9b26c66..e51e7ee660b 100644
--- a/htdocs/core/photos_resize.php
+++ b/htdocs/core/photos_resize.php
@@ -53,16 +53,22 @@ elseif ($modulepart == 'project')
 	if (! $user->rights->projet->lire) accessforbidden();
 	$accessallowed=1;
 }
+elseif ($modulepart == 'expensereport')
+{
+	$result=restrictedArea($user,'expensereport',$id,'expensereport');
+	if (! $user->rights->expensereport->lire) accessforbidden();
+	$accessallowed=1;
+}
 elseif ($modulepart == 'holiday')
 {
 	$result=restrictedArea($user,'holiday',$id,'holiday');
 	if (! $user->rights->holiday->read) accessforbidden();
 	$accessallowed=1;
 }
-elseif ($modulepart == 'expensereport')
+elseif ($modulepart == 'member')
 {
-	$result=restrictedArea($user,'expensereport',$id,'expensereport');
-	if (! $user->rights->expensereport->lire) accessforbidden();
+	$result=restrictedArea($user, 'adherent', $id, '', '', 'fk_soc', 'rowid');
+	if (! $user->rights->adherent->lire) accessforbidden();
 	$accessallowed=1;
 }
 elseif ($modulepart == 'user')
@@ -127,6 +133,17 @@ elseif ($modulepart == 'holiday')
 		$dir=$conf->holiday->dir_output;	// By default
 	}
 }
+elseif ($modulepart == 'member')
+{
+	require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php';
+	$object = new Adherent($db);
+	if ($id > 0)
+	{
+		$result = $object->fetch($id);
+		if ($result <= 0) dol_print_error($db,'Failed to load object');
+		$dir=$conf->adherent->dir_output;	// By default
+	}
+}
 elseif ($modulepart == 'societe')
 {
     require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php';
@@ -179,11 +196,12 @@ if (empty($backtourl))
 {
     if (in_array($modulepart, array('product','produit','service','produit|service'))) $backtourl=DOL_URL_ROOT."/product/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
     else if (in_array($modulepart, array('expensereport'))) $backtourl=DOL_URL_ROOT."/expensereport/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
-    else if (in_array($modulepart, array('holiday'))) $backtourl=DOL_URL_ROOT."/holiday/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
-    else if (in_array($modulepart, array('project'))) $backtourl=DOL_URL_ROOT."/projet/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
-    else if (in_array($modulepart, array('societe'))) $backtourl=DOL_URL_ROOT."/societe/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
-    else if (in_array($modulepart, array('ticketsup'))) $backtourl=DOL_URL_ROOT."/ticketsup/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
-    else if (in_array($modulepart, array('user'))) $backtourl=DOL_URL_ROOT."/user/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
+    else if (in_array($modulepart, array('holiday')))       $backtourl=DOL_URL_ROOT."/holiday/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
+    else if (in_array($modulepart, array('member')))        $backtourl=DOL_URL_ROOT."/adherents/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
+    else if (in_array($modulepart, array('project')))       $backtourl=DOL_URL_ROOT."/projet/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
+    else if (in_array($modulepart, array('societe')))       $backtourl=DOL_URL_ROOT."/societe/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
+    else if (in_array($modulepart, array('ticketsup')))     $backtourl=DOL_URL_ROOT."/ticketsup/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
+    else if (in_array($modulepart, array('user')))          $backtourl=DOL_URL_ROOT."/user/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
 }