diff --git a/r4032login.module b/r4032login.module
index eabd913..ae0213e 100644
--- a/r4032login.module
+++ b/r4032login.module
@@ -110,6 +110,8 @@ function r4032login_theme() {
 /**
  * MENU_CALLBACK for /r4032login
  *
+ * TODO: update docs describing what this does.
+ * TODO: remove a bunch of settings/variables that are no longer relevant if the login form is shown inside the page.
  * Redirect anonymous users from 403 Access Denied pages to the /user/login page
  * with a message explaining that they must log in to view the requested page
  * and a query string parameter appended to the url to return after login.
@@ -118,36 +120,11 @@ function r4032login_redirect() {
   global $user, $language;
   if (user_is_anonymous()) {
     if (variable_get('r4032login_display_denied_message', TRUE)) {
+      // TODO: figure out why this is
       $message = variable_get('r4032login_access_denied_message', t('Access denied. You must log in to view this page.'));
-      drupal_set_message($message, 'error');
+      drupal_set_message($message, 'error', FALSE);
     }
-    // using drupal_goto() with destination set causes a recursive redirect loop
-    $login_path = variable_get('r4032login_user_login_path', 'user/login');
-    $page_match = FALSE;
-    $pages = variable_get('r4032login_match_redirect_pages', '');
-    if ($pages) {
-      // When on an access denied page, Drupal stores the original path in
-      // $_GET['destination'] in drupal_deliver_html_page().
-      // Convert the Drupal path to lowercase.
-      $path = drupal_strtolower(drupal_get_path_alias($_GET['destination']));
-      // Compare the lowercase internal and lowercase path alias (if any).
-      $page_match = drupal_match_path($path, $pages);
-      if ($path != $_GET['destination']) {
-        $page_match = $page_match || drupal_match_path($_GET['destination'], $pages);
-      }
-
-    }
-    $code = $page_match ? variable_get('r4032login_match_redirect_code', 301) : variable_get('r4032login_default_redirect_code', 302);
-    // The code in drupal_get_destination() doesn't preserve any query string
-    // on 403 pages, so reproduce the part we want here.
-    $path = $_GET['destination'];
-    $query = drupal_http_build_query(drupal_get_query_parameters(NULL, array('q', 'destination')));
-    if ($query != '') {
-      $path .= '?' . $query;
-    }
-    $destination = array('destination' => $path);
-    header('Location: ' . url($login_path, array('query' => $destination, 'absolute' => TRUE)), TRUE, $code);
-    drupal_exit();
+    return drupal_get_form('user_login');
   }
   else {
     // Check to see if we are to redirect the user.