1 files changed, 8 insertions, 2 deletions

diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php
index 787a2138..40dd260b 100644
--- a/modules/gallery/controllers/admin.php
+++ b/modules/gallery/controllers/admin.php
@@ -22,7 +22,12 @@ class Admin_Controller extends Controller {
 
   public function __construct($theme=null) {
     if (!identity::active_user()->admin) {
-      access::forbidden();
+      if (identity::active_user()->guest) {
+        Session::instance()->set("continue_url", url::abs_current(true));
+        url::redirect("login");
+      } else {
+        access::forbidden();
+      }
     }
 
     parent::__construct();
@@ -69,6 +74,7 @@ class Admin_Controller extends Controller {
     $result = new stdClass();
     $result->result = "success";
     if ($time_remaining < 30) {
+      message::success(t("Automatically logged out of the admin area for your security"));
       $result->location = url::abs_site("");
     }
 
@@ -78,7 +84,7 @@ class Admin_Controller extends Controller {
   private static function _prompt_for_reauth($controller_name, $args) {
     if (request::method() == "get" && !request::is_ajax()) {
       // Avoid anti-phishing protection by passing the url as session variable.
-      Session::instance()->set("continue_url", url::current(true));
+      Session::instance()->set("continue_url", url::abs_current(true));
     }
     url::redirect("reauthenticate");
   }