From 5de6da03abb1982d3e4716fa7dbeb5f9680cea89 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@users.sourceforge.net>
Date: Tue, 11 Aug 2009 12:56:42 +0000
Subject: [PATCH] Sec: Fix security test

---
 htdocs/compta/clients.php | 31 ++++++++++++++++---------------
 1 file changed, 16 insertions(+), 15 deletions(-)

diff --git a/htdocs/compta/clients.php b/htdocs/compta/clients.php
index 69acccc52eb..4bdc94a05df 100644
--- a/htdocs/compta/clients.php
+++ b/htdocs/compta/clients.php
@@ -19,20 +19,27 @@
  */
 
 /**
- \file       htdocs/compta/clients.php
- \ingroup    compta
- \brief      Page accueil des clients
- \version    $Id$
+ *	\file       htdocs/compta/clients.php
+ *	\ingroup    compta
+ *	\brief      Show list of customers to add an new invoice
+ *	\version    $Id$
  */
 
 require_once("./pre.inc.php");
-
-if (! $user->rights->societe->lire)
-accessforbidden();
-
 require_once(DOL_DOCUMENT_ROOT."/contact.class.php");
 require_once(DOL_DOCUMENT_ROOT."/actioncomm.class.php");
 
+// Secrutiy check
+if ($user->societe_id > 0)
+{
+	$action = '';
+	$socid = $user->societe_id;
+}
+
+if (! $user->rights->facture->lire)
+accessforbidden();
+
+
 $langs->load("companies");
 
 $page=$_GET["page"];
@@ -46,19 +53,13 @@ $offset = $conf->liste_limit * $page ;
 $pageprev = $page - 1;
 $pagenext = $page + 1;
 
+
 /*
  * View
  */
 
 llxHeader();
 
-// Sécurité accés client
-if ($user->societe_id > 0)
-{
-	$action = '';
-	$socid = $user->societe_id;
-}
-
 if ($action == 'attribute_prefix')
 {
 	$societe = new Societe($db, $socid);