Merge branch 'master' of github.com:gallery/gallery3

author: Bharat Mediratta <bharat@menalto.com> 2010-02-08 15:38:59 -0800
committer: Bharat Mediratta <bharat@menalto.com> 2010-02-08 15:38:59 -0800
commit: 9ca521c71021b43f13950d246a15f6f0da0b7989 (patch)
tree: b2435238db3231761efc9245c4627214c9c595db /modules/gallery/controllers/admin.php
parent: 6dfab72922bf20104d6032eb292d59c6bd6578ba (diff)
parent: 008174859dc25dade593abdf4ce670bc6c7ef332 (diff)
1 files changed, 11 insertions, 1 deletions
diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php
index b5f3db39..5467e88a 100644
--- a/modules/gallery/controllers/admin.php
+++ b/modules/gallery/controllers/admin.php
@@ -30,7 +30,7 @@ class Admin_Controller extends Controller {
 
   public function __call($controller_name, $args) {
     if (auth::must_reauth_for_admin_area()) {
-      return url::redirect("reauthenticate");
+      return self::_prompt_for_reauth($controller_name, $args);
     }
 
     if (request::method() == "post") {
@@ -53,5 +53,15 @@ class Admin_Controller extends Controller {
 
     call_user_func_array(array(new $controller_name, $method), $args);
   }
+
+  private static function _prompt_for_reauth($controller_name, $args) {
+    if (request::method() == "get" && !request::is_ajax()) {
+      $url_args = array("admin", $controller_name) + $args;
+      $continue_url = join("/", $url_args);
+      // Avoid anti-phishing protection by passing the url as session variable.
+      Session::instance()->set("continue_url", $continue_url);
+    }
+    url::redirect("reauthenticate");
+  }
 }
author	Bharat Mediratta <bharat@menalto.com>	2010-02-08 15:38:59 -0800
committer	Bharat Mediratta <bharat@menalto.com>	2010-02-08 15:38:59 -0800
commit	9ca521c71021b43f13950d246a15f6f0da0b7989 (patch)
tree	b2435238db3231761efc9245c4627214c9c595db /modules/gallery/controllers/admin.php
parent	6dfab72922bf20104d6032eb292d59c6bd6578ba (diff)
parent	008174859dc25dade593abdf4ce670bc6c7ef332 (diff)