diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php
index eb9c5d235..ab01c2a0c 100755
--- a/app/Controller/AppController.php
+++ b/app/Controller/AppController.php
@@ -61,6 +61,12 @@ class AppController extends Controller {
 	}
 
 	public function beforeFilter() {
+
+		// user must accept terms
+		if (!$this->Auth->user('termsaccepted') && ($this->request->here != '/users/terms') && ($this->request->here != '/users/logout') && ($this->request->here != '/users/login')) {
+			$this->redirect(array('controller' => 'users', 'action' => 'terms'));
+		}
+
 		// REST things
 		if ($this->_isRest()) {
 			// disable CSRF for REST access