From 1396fabe1ffe4221ac31433f699edda5c43aeec5 Mon Sep 17 00:00:00 2001
From: Gregory Perry <lotyrin@gmail.com>
Date: Tue, 20 Sep 2011 00:34:58 +0000
Subject: [PATCH] Patch 943924 by mike503, eojthebrave, Merco, lotyrin: Allow preview of private image on node add form

---
 modules/file/file.module |   12 ++++++++----
 1 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/modules/file/file.module b/modules/file/file.module
index 4fc9985..2e564af 100644
--- a/modules/file/file.module
+++ b/modules/file/file.module
@@ -142,10 +142,14 @@ function file_file_download($uri, $field_type = 'file') {
   // Find out which (if any) fields of this type contain the file.
   $references = file_get_file_references($file, NULL, FIELD_LOAD_CURRENT, $field_type);
 
-  // If there are no references, stop processing, to avoid returning headers
-  // for files controlled by other modules.
-  if (empty($references)) {
-    return;
+  // Stop processing if there are no references, to avoid returning headers for
+  // files controlled by other modules. The exception is a temporary file where
+  // the host entity has not yet been saved (for example, an image field on a
+  // node add form), in which case, we allow download by the file's owner.
+
+  if(empty($references)
+    && ($file->status == FILE_STATUS_PERMANENT || $file->uid != $user->uid)) {
+      return;
   }
 
   // Default to allow access.
-- 
1.7.4.1