<?php
-if ($User->admin('user') and $username = @$_REQUEST['login']) {
+if (!$User) {
+ http_response_code(303);
+ $target = urlencode($_SERVER['REQUEST_URI']);
+ header("Location: /login?goto=$target");
+ exit;
+}
+elseif ($User->admin('user') and $username = @$_REQUEST['login']) {
try {
$user = new User("profile/$username");
}