login: optionally redirect to ?goto

Upcoming feature to continue from forbidden requests.

diff --git a/login.php b/login.php
index 490422f1e11ca6dc5b6b07cf51ebdd52aae3ad62..db276d191b04ff1dbc0f59ab30d9e7fd050f4d8e 100644 (file)
--- a/login.php
+++ b/login.php
@@ -8,7 +8,8 @@ if (isset($_POST['login'])) {
        if ($user = login($_POST['login'], $_POST['pass'])) {
                setcookie('login', $user['auth'], 0, '/');
 
-               header("Location: /"); //TODO: goto
+               $target = ltrim(@$_GET['goto'], '/');
+               header("Location: /$target");
                http_response_code(302);
                exit;
        }