6 files changed, 21 insertions, 23 deletions

diff --git a/application/controllers/user.php b/application/controllers/user.php
index b432cba5e..eca0b7da3 100644
--- a/application/controllers/user.php
+++ b/application/controllers/user.php
@@ -44,8 +44,18 @@ class User extends MY_Controller {
 
 	function login()
 	{
+		$redirect_uri = $this->input->get("redirect_uri");
 		$this->muser->require_session();
-		$this->session->keep_flashdata("uri");
+
+		if (!preg_match('/^[0-9a-zA-Z\/_]*$/', $redirect_uri)) {
+			$redirect_uri = '/';
+		}
+
+		if ($this->muser->logged_in()) {
+			redirect($redirect_uri);
+		}
+
+		$this->data['redirect_uri'] = $redirect_uri;
 
 		if ($this->input->post('process') !== false) {
 			$username = $this->input->post('username');
@@ -59,12 +69,7 @@ class User extends MY_Controller {
 				$this->load->view($this->var->view_dir.'login', $this->data);
 				$this->load->view('footer', $this->data);
 			} else {
-				$uri = $this->session->flashdata("uri");
-				if ($uri) {
-					redirect($uri);
-				} else {
-					redirect("/");
-				}
+				redirect($redirect_uri);
 			}
 		} else {
 			$this->load->view('header', $this->data);
diff --git a/application/models/muser.php b/application/models/muser.php
index 4d183c5a6..200390358 100644
--- a/application/models/muser.php
+++ b/application/models/muser.php
@@ -18,10 +18,6 @@ class Muser extends CI_Model {
 	{
 		parent::__construct();
 
-		if ($this->has_session() && !$this->logged_in()) {
-			$this->session->keep_flashdata("uri");
-		}
-
 		$this->load->helper("filebin");
 		$this->load->driver("duser");
 	}
@@ -184,14 +180,6 @@ class Muser extends CI_Model {
 			return $this->check_access_level($wanted_level);
 		}
 
-		if (stateful_client()) {
-			// desktop clients get redirected to the login form
-			$this->require_session();
-			if (!$this->session->userdata("flash:new:uri")) {
-				$this->session->set_flashdata("uri", $this->uri->uri_string());
-			}
-		}
-
 		throw new \exceptions\NotAuthenticatedException("api/not-authenticated", "Not authenticated. FileBin requires you to have an account, please go to the homepage for more information.");
 	}
 
diff --git a/application/views/header.php b/application/views/header.php
index 081f91820..6332382b2 100644
--- a/application/views/header.php
+++ b/application/views/header.php
@@ -77,7 +77,7 @@ if (is_cli_client() && !isset($force_full_html)) {
 										<?php if(auth_driver_function_implemented("can_reset_password")) { ?>
 											<p><?php echo anchor("user/reset_password", "Forgot your password?"); ?></p>
 										<?php } ?>
-										<?php echo form_open("user/login", array("class" => "form-signin")); ?>
+										<?php echo form_open("user/login?redirect_uri=".get_instance()->uri->uri_string(), array("class" => "form-signin")); ?>
 											<input type="text" name="username" placeholder="Username" class="form-control">
 											<input type="password" name="password" placeholder="Password" class="form-control">
 											<button type="submit" name="process" class="btn btn-default btn-block">Login</button>
diff --git a/application/views/user/login.php b/application/views/user/login.php
index 3e30d53bd..5b2067bb0 100644
--- a/application/views/user/login.php
+++ b/application/views/user/login.php
@@ -3,7 +3,7 @@ if (isset($login_error)) { ?>
 	<div class="alert alert-danger">The entered credentials are invalid.</div>
 <?php } ?>
 
-<?php echo form_open('user/login', array("class" => "form-horizontal login-page")); ?>
+<?php echo form_open("user/login?redirect_uri=$redirect_uri", array("class" => "form-horizontal login-page")); ?>
 	<div class="form-group">
 		<label class="control-label" for="inputUsername">Username</label>
 		<div class="controls">
diff --git a/public_html/index.php b/public_html/index.php
index f0c099478..de9d2a16c 100644
--- a/public_html/index.php
+++ b/public_html/index.php
@@ -221,7 +221,12 @@ try {
 	if (is_cli_client()) {
 		show_error(nl2br(htmlspecialchars($e->__toString())), $e->get_http_error_code());
 	} else {
-		redirect("user/login");
+		$CI =& get_instance();
+		$redirect_uri = $CI->uri->uri_string();
+		if (isset($CI->data["redirect_uri"])) {
+			$redirect_uri = $CI->data["redirect_uri"];
+		}
+		redirect("user/login?redirect_uri=".$redirect_uri);
 	}
 } catch (\exceptions\PublicApiException $e) {
 	show_error(nl2br(htmlspecialchars($e->__toString())), $e->get_http_error_code());
diff --git a/system/core/Config.php b/system/core/Config.php
index 46ed9365c..caa8b945a 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -299,7 +299,7 @@ class CI_Config {
 			{
 				$uri = implode('/', $uri);
 			}
-			$uri = trim($uri, '/');
+			$uri = ltrim($uri, '/');
 		}
 		else
 		{