2 files changed, 28 insertions, 2 deletions

diff --git a/src/application/views/view_post.php b/src/application/views/view_post.php
index 26eec62..a7624ae 100644
--- a/src/application/views/view_post.php
+++ b/src/application/views/view_post.php
@@ -101,7 +101,7 @@ $your_are_the_author = $GLOBALS["currentUser"]?->id === $postAuthor?->id;
                                 <img class="image-attachment-image" src="?_action=thumb&amp;attachment=<?= htmlentities(urlencode($attachment->id)) ?>" alt="" width="100">
                             </span>
                         <?php else: ?>
-                            <a class="image-attachment" href="?_action=attachment&amp;attachment=<?= htmlentities(urlencode($attachment->id)) ?>" title="<?= htmlentities($attachment->name) ?>">
+                            <a class="image-attachment attachment" href="?_action=attachment&amp;attachment=<?= htmlentities(urlencode($attachment->id)) ?>" title="<?= htmlentities($attachment->name) ?>">
                                 <img class="image-attachment-image" src="?_action=thumb&amp;attachment=<?= htmlentities(urlencode($attachment->id)) ?>" alt="" width="100">
                             </a>
                         <?php endif; ?>
@@ -116,7 +116,7 @@ $your_are_the_author = $GLOBALS["currentUser"]?->id === $postAuthor?->id;
                             <?php if ($hide_actions): ?>
                                 <button class="btn btn-default"><?= htmlentities($attachment->name) ?></button>
                             <?php else: ?>
-                                <a class="btn btn-default" href="?_action=attachment&amp;attachment=<?= htmlentities(urlencode($attachment->id)) ?>"><?= htmlentities($attachment->name) ?></a>
+                                <a class="btn btn-default attachment" href="?_action=attachment&amp;attachment=<?= htmlentities(urlencode($attachment->id)) ?>"><?= htmlentities($attachment->name) ?></a>
                             <?php endif; ?>
                         <?php endforeach; ?>
                     </div>
diff --git a/src/application/views/view_topic_start.php b/src/application/views/view_topic_start.php
index 37e8cf8..fc54623 100644
--- a/src/application/views/view_topic_start.php
+++ b/src/application/views/view_topic_start.php
@@ -32,6 +32,32 @@ $canDelete = ($GLOBALS["currentUser"]?->id === $topicAuthor->id && $topicAuthor-
         </form>
     </div>
 <?php endif; ?>
+<?php if ($GLOBALS["currentUser"] === null): ?>
+    <div class="modal fade" tabindex="-1" role="dialog" id="diag-cant-view-attachment">
+        <div class="modal-dialog modal-danger" role="document">
+            <div class="modal-content panel-danger">
+                <div class="modal-header panel-heading">
+                    <h4 class="modal-title"><span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span> Permission denied</h4>
+                </div>
+                <div class="modal-body">
+                    You must be logged in to view attachments
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-default" data-dismiss="modal"><span class="glyphicon glyphicon-remove" aria-hidden="true"></span> Close</button>
+                    <a href="?_action=auth&amp;next=<?= htmlentities(urlencode($_SERVER["REQUEST_URI"])) ?>" class="btn btn-success"><span class="glyphicon glyphicon-user" aria-hidden="true"></span> Log in</a>
+                </div>
+            </div>
+        </div>
+    </div>
+    <script>
+        $(function() {
+            $(".attachment").click(function(e) {
+                e.preventDefault();
+                $("#diag-cant-view-attachment").modal();
+            });
+        });
+    </script>
+<?php endif; ?>
 
 <div class="page-header margin-top-0 clearfix">
     <div id="displayHeading">