diff options
| author | Tim Almdal <tnalmdal@shaw.ca> | 2010-09-12 10:57:41 -0700 |
|---|---|---|
| committer | Tim Almdal <tnalmdal@shaw.ca> | 2010-09-12 10:57:41 -0700 |
| commit | bd532f6c88ef54bd47c9b1af46bc8d2c80d4407b (patch) | |
| tree | 7522d38320d6466ac400a97ace5ba3b2d37048fd /modules/gallery/controllers/reauthenticate.php | |
| parent | ac64614d4da7174c085f257f3b8e39aa7afa9eb5 (diff) | |
| parent | f84c4a6192ea0e47ca5b2006baa0bfd7e09a682c (diff) | |
Merge branch 'master' of git@github.com:gallery/gallery3
Diffstat (limited to 'modules/gallery/controllers/reauthenticate.php')
| -rw-r--r-- | modules/gallery/controllers/reauthenticate.php | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php index 0486c0fe..53a96374 100644 --- a/modules/gallery/controllers/reauthenticate.php +++ b/modules/gallery/controllers/reauthenticate.php @@ -19,12 +19,19 @@ */ class Reauthenticate_Controller extends Controller { public function index() { + $is_ajax = Session::instance()->get_once("is_ajax_request", request::is_ajax()); if (!identity::active_user()->admin) { - access::forbidden(); + if ($is_ajax) { + // We should never be able to get here since Admin_Controller::_reauth_check() won't work + // for non-admins. + access::forbidden(); + } else { + url::redirect(item::root()->abs_url()); + } } + // On redirects from the admin controller, the ajax request indicator is lost, // so we store it in the session. - $is_ajax = Session::instance()->get_once("is_ajax_request", request::is_ajax()); if ($is_ajax) { $v = new View("reauthenticate.html"); $v->form = self::_form(); |