From ffd7f608300617bebe7b0832fa6a63cccac8cc22 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Thu, 9 Sep 2021 19:21:32 +0200
Subject: [PATCH] FIX #18589 #18617

---
 htdocs/core/lib/files.lib.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php
index 9db9379523e..43ad95157dc 100644
--- a/htdocs/core/lib/files.lib.php
+++ b/htdocs/core/lib/files.lib.php
@@ -2291,9 +2291,13 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
 	$sqlprotectagainstexternals = '';
 	$ret = array();
 
-	// Find the subdirectory name as the reference. For exemple original_file='10/myfile.pdf' -> refname='10'
+	// Find the subdirectory name as the reference. For example original_file='10/myfile.pdf' -> refname='10'
 	if (empty($refname)) {
 		$refname = basename(dirname($original_file)."/");
+		if ($refname == 'thumbs') {
+			// If we get the thumbns directory, we must go one step higher. For example original_file='10/thumbs/myfile_small.jpg' -> refname='10'
+			$refname = basename(dirname(dirname($original_file))."/");
+		}
 	}
 
 	// Define possible keys to use for permission check