From 5736b404694da2b4bbdaf78ec05b0e5352f73e31 Mon Sep 17 00:00:00 2001
From: Ulrich Block <ulblock@gmx.de>
Date: Sat, 4 Nov 2017 13:02:44 +0100
Subject: [PATCH] FIX #1020

---
 login.php                   |  7 +++++--
 stuff/methods/functions.php | 12 ++++--------
 2 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/login.php b/login.php
index dd9c5885..433517cc 100644
--- a/login.php
+++ b/login.php
@@ -79,7 +79,7 @@ if ($ui->st('w', 'get') == 'lo') {
 
     if (isset($ui->server['HTTP_REFERER'])) {
         $refstring = explode('/', substr(str_replace(array('http://' . $ui->domain('HTTP_HOST', 'server'), 'https://' . $ui->domain('HTTP_HOST', 'server'), '//'), array('', '', '/'), strtolower($ui->server['HTTP_REFERER'])), strlen($ewInstallPath)));
-        $referrer = (isset($refstring[1])) ? explode('?',$refstring[1]) : '';
+        $referrer = (isset($refstring[1])) ? explode('?', $refstring[1]) : '';
     } else {
         $referrer[0] = 'login.php';
     }
@@ -101,9 +101,12 @@ if ($ui->st('w', 'get') == 'lo') {
         redirect('admin.php');
 
     } else {
+        $target = (isset($pageurl)) ? $pageurl . '/' . $ewInstallPath : $ewInstallPath;
+        $target .= (empty($target)) ? 'login.php' : '/login.php';
+
         session_unset();
         session_destroy();
-        redirect((isset($pageurl)) ? $pageurl . '/' . $ewInstallPath : $ewInstallPath);
+        redirect($target);
     }
 
 } else if ($ui->st('w', 'get') == 'ba') {
diff --git a/stuff/methods/functions.php b/stuff/methods/functions.php
index b45b27ff..bf455852 100644
--- a/stuff/methods/functions.php
+++ b/stuff/methods/functions.php
@@ -165,21 +165,17 @@ if (!function_exists('passwordgenerate')) {
 
     function redirect($value, $sendHTTP301 = false) {
 
-        $value = removeDoubleSlashes($value);
+        $target = removeDoubleSlashes($value);
 
-        if ($value == 'login.php') {
+        if (substr($target, -9) == 'login.php') {
             if (session_status() === PHP_SESSION_ACTIVE) {
                 session_unset();
                 session_destroy();
             }
         }
 
-        if ($sendHTTP301 == true) {
-            header('HTTP/1.1 301 Moved Permanently');
-        }
-
-        header ('Location: ' . $value);
-        die('Please allow redirection settings');
+        header ('Location: ' . $target, true, ($sendHTTP301 == true) ? 301 : 302);
+        die('Please allow redirection or manually navigate to ' . $value);
     }
 
     function listDirs ($dir) {