When the admin controller redirects to the reauthenticate controller, the value of request::is_ajax() from the original request is lost. This patch stores its value in the session so the reauthenticate controller knows whether its in a dialog/panel or not.

2 files changed, 9 insertions, 3 deletions

diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php
index 7ea15d3d..8fc5432d 100644
--- a/modules/gallery/controllers/admin.php
+++ b/modules/gallery/controllers/admin.php
@@ -86,7 +86,8 @@ class Admin_Controller extends Controller {
       // Avoid anti-phishing protection by passing the url as session variable.
       Session::instance()->set("continue_url", url::abs_current(true));
     }
-
+    // Save the is_ajax value as we lose it, if set, when we redirect
+    Session::instance()->set("is_ajax_request", request::is_ajax());
     url::redirect("reauthenticate");
   }
 }
diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php
index 2b1f6d14..5ea2f229 100644
--- a/modules/gallery/controllers/reauthenticate.php
+++ b/modules/gallery/controllers/reauthenticate.php
@@ -22,8 +22,13 @@ class Reauthenticate_Controller extends Controller {
     if (!identity::active_user()->admin) {
       access::forbidden();
     }
-    if (request::is_ajax()) {
-      json::reply(array("form" => (string) self::_form()));
+    // On redirects from the admin controller, the ajax request indicator is lost,
+    // so we store it in the session.
+    $is_ajax = Session::instance()->get_once("is_ajax_request", request::is_ajax());
+    if ($is_ajax) {
+      $v = new View("reauthenticate.html");
+      $v->form = self::_form();
+      json::reply(array("form" => (string) $v));
     } else {
       self::_show_form(self::_form());
     }