From 5caf3d9b094bd3bc2c8d3ce59dbb3a16fd114b3f Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@users.sourceforge.net>
Date: Wed, 1 Dec 2010 21:28:08 +0000
Subject: [PATCH] Restore work lost by savannah backup

---
 htdocs/index.php     |  4 +++-
 htdocs/main.inc.php  |  2 +-
 htdocs/viewimage.php | 18 ++++++++++++++----
 3 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/htdocs/index.php b/htdocs/index.php
index 6b07cb13ab6..962209d55b6 100644
--- a/htdocs/index.php
+++ b/htdocs/index.php
@@ -118,6 +118,8 @@ print "</table>\n";
  */
 $langs->load("commercial");
 $langs->load("bills");
+$langs->load("orders");
+
 if ($user->societe_id == 0)
 {
 	print '<br>';
@@ -260,7 +262,7 @@ print '</td><td width="65%" valign="top" class="notopnoleftnoright">';
 /*
  * Dolibarr Working Board with weather
  */
-$showweather=1;
+$showweather=empty($conf->global->MAIN_DISABLE_METEO)?1:0;
 $rowspan=0;
 $dashboardlines=array();
 
diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index d6b97d0a079..2e2cafbc6c7 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -349,7 +349,7 @@ if (! defined('NOLOGIN'))
 		// If error, we will put error message in session under the name dol_loginmesg
 		$goontestloop=false;
 		if (isset($_SERVER["REMOTE_USER"]) && in_array('http',$authmode)) $goontestloop=true;
-		if (isset($_POST["username"])) $goontestloop=true;
+		if (isset($_POST["username"]) || GETPOST('openid_mode','alpha',1)) $goontestloop=true;
 
 		if ($test && $goontestloop)
 		{
diff --git a/htdocs/viewimage.php b/htdocs/viewimage.php
index a1dc00185d1..48020bacf47 100644
--- a/htdocs/viewimage.php
+++ b/htdocs/viewimage.php
@@ -280,8 +280,8 @@ if ($modulepart)
     // GENERIC Wrapping
 	// If modulepart=module_user_temp	Allows any module to open a file if file is in directory called DOL_DATA_ROOT/modulepart/temp/iduser
 	// If modulepart=module_temp		Allows any module to open a file if file is in directory called DOL_DATA_ROOT/modulepart/temp
-	// If modulepart=module				Allows any module to open a file if file is in directory called DOL_DATA_ROOT/modulepart/iduser
-	// If modulepart=module_user		Allows any module to open a file if file is in directory called DOL_DATA_ROOT/modulepart
+	// If modulepart=module_user		Allows any module to open a file if file is in directory called DOL_DATA_ROOT/modulepart/iduser
+	// If modulepart=module				Allows any module to open a file if file is in directory called DOL_DATA_ROOT/modulepart
 	else
 	{
 		if (preg_match('/^([a-z]+)_user_temp$/i',$modulepart,$reg))
@@ -301,8 +301,18 @@ if ($modulepart)
     	}
     	else
 		{
-			if ($user->rights->$reg[1]->lire || $user->rights->$reg[1]->read) $accessallowed=1;
-			$original_file=$conf->$modulepart->dir_output.'/'.$original_file;
+			$perm=GETPOST('perm');
+			$subperm=GETPOST('subperm');
+			if ($perm || $subperm)
+			{
+				if (($perm && $user->rights->$modulepart->$perm) || ($perm && $subperm && $user->rights->$modulepart->$perm->$subperm)) $accessallowed=1;
+				$original_file=$conf->$modulepart->dir_output.'/'.$original_file;
+			}
+			else
+			{
+				if ($user->rights->$modulepart->lire || $user->rights->$modulepart->read) $accessallowed=1;
+				$original_file=$conf->$modulepart->dir_output.'/'.$original_file;
+			}
 		}
 	}
 }
-- 
GitLab