diff --git a/app/controllers/invitations_controller.rb b/app/controllers/invitations_controller.rb
index 4757edd17df4923c1781c96b797d745dc456b1a1..be93a12caac60f8aceee30e406f45691a9901d2e 100644
--- a/app/controllers/invitations_controller.rb
+++ b/app/controllers/invitations_controller.rb
@@ -26,27 +26,37 @@ class InvitationsController < ApplicationController
   end
 
   def email
-    if params[:invitation_token]
-      # this is  for legacy invites.
-      user = User.find_by_invitation_token(params[:invitation_token])
-      @invitation_code = user.ugly_accept_invitation_code
+    @invitation_code =
+      if params[:invitation_token]
+        # this is  for legacy invites.
+        user = User.find_by_invitation_token(params[:invitation_token])
+
+        user.ugly_accept_invitation_code if user
+      else
+        params[:invitation_code]
+      end
+
+    if @invitation_code.present?
+      render 'notifier/invite', :layout => false
     else
-      @invitation_code = params[:invitation_code]
+      flash[:error] = t('invitations.check_token.not_found')
+
+      redirect_to root_url
     end
-    render 'notifier/invite', :layout => false
   end
 
   def create
     inviter = EmailInviter.new(params[:email_inviter][:emails], current_user, params[:email_inviter])
     inviter.send!
+
     redirect_to :back, :notice => "Great! Invites were sent off to #{inviter.emails.join(', ')}" 
   end
 
   def check_if_invites_open
     unless AppConfig[:open_invitations]
       flash[:error] = I18n.t 'invitations.create.no_more'
+
       redirect_to :back
-      return
     end
   end
 end
\ No newline at end of file
diff --git a/spec/controllers/invitations_controller_spec.rb b/spec/controllers/invitations_controller_spec.rb
index 3a79fe379781983f005d2114944cc0c880e5e15b..db24455e34ffabcafa0e38db6f12d45c99a1d66d 100644
--- a/spec/controllers/invitations_controller_spec.rb
+++ b/spec/controllers/invitations_controller_spec.rb
@@ -42,10 +42,34 @@ describe InvitationsController do
   end
 
   describe '#email' do
+
     it 'succeeds' do
       get :email, :invitation_code => "anycode"
       response.should be_success
     end
+
+    context 'legacy invite tokens' do
+      def get_email
+        get :email, :invitation_token => @invitation_token
+      end
+
+      context 'invalid token' do
+        @invitation_token = "invalidtoken"
+
+        it 'redirects and flashes if the invitation token is invalid' do
+          get_email
+
+          response.should be_redirect
+          response.should redirect_to root_url
+        end
+
+        it 'flashes an error if the invitation token is invalid' do
+          get_email
+
+          flash[:error].should == I18n.t("invitations.check_token.not_found")
+        end
+      end
+    end
   end
 
   describe '#new' do