Fix for ticket #1176. Have the gallery.dialog code add a g-in-dialog parameter to the url to let the controller know its in a dialog. The reauthenticate controller will format the password prompt as a page or a form content. If authentication is successful, then the original controller is called instead of being redirected to.

1 files changed, 6 insertions, 2 deletions

diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php
index 40dd260b..7d2a0c43 100644
--- a/modules/gallery/controllers/admin.php
+++ b/modules/gallery/controllers/admin.php
@@ -82,10 +82,14 @@ class Admin_Controller extends Controller {
   }
 
   private static function _prompt_for_reauth($controller_name, $args) {
-    if (request::method() == "get" && !request::is_ajax()) {
+    if (request::method() == "get") {
       // Avoid anti-phishing protection by passing the url as session variable.
-      Session::instance()->set("continue_url", url::abs_current(true));
+      $reauthenticate = array("continue_url" => url::abs_current(true),
+                              "in_dialog" => strpos(Router::$query_string, "g-in-dialog") !== false,
+                              "controller" => $controller_name, "args" => $args);
+      Session::instance()->set("reauthenticate", $reauthenticate);
     }
+
     url::redirect("reauthenticate");
   }
 }