Bounce the user to the login page if they try to get to part of the

admin site as a guest.  Also, theme the login/html page.

2 files changed, 12 insertions, 4 deletions

diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php
index 0aeaa876..c460f58c 100644
--- a/modules/gallery/controllers/admin.php
+++ b/modules/gallery/controllers/admin.php
@@ -22,7 +22,12 @@ class Admin_Controller extends Controller {
 
   public function __construct($theme=null) {
     if (!identity::active_user()->admin) {
-      access::forbidden();
+      if (identity::active_user()->guest) {
+        Session::instance()->set("continue_url", url::abs_current(true));
+        url::redirect("login");
+      } else {
+        access::forbidden();
+      }
     }
 
     parent::__construct();
diff --git a/modules/gallery/controllers/login.php b/modules/gallery/controllers/login.php
index 19335d88..2b60316b 100644
--- a/modules/gallery/controllers/login.php
+++ b/modules/gallery/controllers/login.php
@@ -38,7 +38,10 @@ class Login_Controller extends Controller {
   }
 
   public function html() {
-    print auth::get_login_form("login/auth_html");
+    $view = new Theme_View("page.html", "other", "login");
+    $view->page_title = t("Login");
+    $view->content = auth::get_login_form("login/auth_html");
+    print $view;
   }
 
   public function auth_html() {
@@ -46,8 +49,8 @@ class Login_Controller extends Controller {
 
     list ($valid, $form) = $this->_auth("login/auth_html");
     if ($valid) {
-      url::redirect($form->continue_url->value ? $form->continue_url_value :
-                    item::root()->abs_url());
+      $continue_url = $form->continue_url->value;
+      url::redirect($continue_url ? $continue_url : item::root()->abs_url());
     } else {
       $view = new Theme_View("page.html", "other", "login");
       $view->page_title = t("Log in to Gallery");