From 9ebb6a54cad012c24689e8bd3f700889d73e0546 Mon Sep 17 00:00:00 2001
From: Ralf Becker <ralfbecker@outdoor-training.de>
Date: Thu, 23 Sep 2010 17:47:55 +0000
Subject: [PATCH] explicit redirect target for NTLM auth and reverted
 unnecessary commit r32251

---
 phpgwapi/ntlm/index.php | 23 +++++++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/phpgwapi/ntlm/index.php b/phpgwapi/ntlm/index.php
index 27370a4aa6..8049a373a2 100644
--- a/phpgwapi/ntlm/index.php
+++ b/phpgwapi/ntlm/index.php
@@ -36,7 +36,14 @@ function check_access(&$account)
 	}
 	if (!$sessionid)
 	{
-		header('Location: ../../login.php'.(isset($_REQUEST['phpgw_forward']) ? '?'.$_REQUEST['phpgw_forward'] : ''));
+		if (isset($_GET['forward']))
+		{
+			header('Location: '.$_GET['forward']);
+		}
+		else
+		{
+			header('Location: ../../login.php'.(isset($_REQUEST['phpgw_forward']) ? '?phpgw_forward='.$_REQUEST['phpgw_forward'] : ''));
+		}
 		exit;
 	}
 	return $sessionid;
@@ -50,12 +57,20 @@ $GLOBALS['egw_info']['flags'] = array(
 // if you move this file somewhere else, you need to adapt the path to the header!
 include(dirname(__FILE__).'/../../header.inc.php');
 
-if ($_REQUEST['phpgw_forward'])
+if (isset($_GET['forward']))
 {
-	$forward = '../../'.(isset($_GET['phpgw_forward']) ? urldecode($_GET['phpgw_forward']) : @$_POST['phpgw_forward']);
+	$forward = $_GET['forward'];
+	$GLOBALS['egw']->session->appsession('referer', 'login', $forward);
+error_log('stored login-referer='.$forward);
+}
+elseif ($_REQUEST['phpgw_forward'])
+{
+	$forward = '../..'.(isset($_GET['phpgw_forward']) ? urldecode($_GET['phpgw_forward']) : @$_POST['phpgw_forward']);
 }
 else
 {
 	$forward = '../../index.php';
 }
-header('Location: '.$forward);
\ No newline at end of file
+// commiting the session, before redirecting might fix racecondition in session creation
+$GLOBALS['egw']->session->commit_session();
+header('Location: '.$forward);