9 files changed, 10 insertions, 4 deletions
diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index de6a6fcadd..cd9c9877ee 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -117,6 +117,7 @@
 		<li>[Fix] Use correct options to parse BBCodes in signatures when previewing PMs.</li>
 		<li>[Fix] Correct rendering of prosilver quick reply under IE6. (Bug #54115 - Patch by Raimon)</li>
 		<li>[Fix] Handle export of private messages where all recipients were deleted. (Bug #50985)</li>
+		<li>[Change] Move redirect into a hidden field to avoid issues with mod_security. (Bug #54145)</li>
 		<li>[Change] Log activation through inactive users ACP. (Bug #30145)</li>
 		<li>[Change] Send time of last item instead of current time in ATOM Feeds. (Bug #53305)</li>
 		<li>[Change] Use em dash instead of hyphen/minus as separator in ATOM Feeds item statistics. (Bug #53565)</li>
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 690fed83e8..55b7a07a0b 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -4135,7 +4135,8 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0
 		'S_FORUM_ID'			=> $forum_id,
 		'S_TOPIC_ID'			=> $topic_id,
 
-		'S_LOGIN_ACTION'		=> (!defined('ADMIN_START')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') . '&amp;redirect=' . urlencode(str_replace('&amp;', '&', build_url())) : append_sid("index.$phpEx", false, true, $user->session_id) . '&amp;redirect=' . urlencode(str_replace('&amp;', '&', build_url())),
+		'S_LOGIN_ACTION'		=> ((!defined('ADMIN_START')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("index.$phpEx", false, true, $user->session_id)),
+		'S_LOGIN_REDIRECT'		=> build_hidden_fields(array('redirect' => str_replace('&amp;', '&', build_url()))),                                                                                                                    
 
 		'S_ENABLE_FEEDS'			=> ($config['feed_enable']) ? true : false,
 		'S_ENABLE_FEEDS_FORUMS'		=> ($config['feed_overall_forums']) ? true : false,
diff --git a/phpBB/styles/prosilver/template/index_body.html b/phpBB/styles/prosilver/template/index_body.html
index 3ed8724361..17790eb78a 100644
--- a/phpBB/styles/prosilver/template/index_body.html
+++ b/phpBB/styles/prosilver/template/index_body.html
@@ -24,6 +24,7 @@
 				| <label for="autologin">{L_LOG_ME_IN} <input type="checkbox" name="autologin" id="autologin" /></label>
 			<!-- ENDIF -->
 			<input type="submit" name="login" value="{L_LOGIN}" class="button2" />
+			{S_LOGIN_REDIRECT}
 		</fieldset>
 	</form>
 <!-- ENDIF -->
diff --git a/phpBB/styles/prosilver/template/login_body.html b/phpBB/styles/prosilver/template/login_body.html
index 495e8661b9..fe111aaa45 100644
--- a/phpBB/styles/prosilver/template/login_body.html
+++ b/phpBB/styles/prosilver/template/login_body.html
@@ -36,7 +36,7 @@
 			<dt>&nbsp;</dt>
 			<dd>{S_HIDDEN_FIELDS}<input type="submit" name="login" tabindex="6" value="{L_LOGIN}" class="button1" /></dd>
 		</dl>
-
+		{S_LOGIN_REDIRECT}
 		</fieldset>
 	</div>
 	<span class="corners-bottom"><span></span></span></div>
diff --git a/phpBB/styles/prosilver/template/viewforum_body.html b/phpBB/styles/prosilver/template/viewforum_body.html
index 70fd5c8496..3f8921c6d3 100644
--- a/phpBB/styles/prosilver/template/viewforum_body.html
+++ b/phpBB/styles/prosilver/template/viewforum_body.html
@@ -100,6 +100,7 @@
 					<dt>&nbsp;</dt>
 					<dd><input type="submit" name="login" tabindex="5" value="{L_LOGIN}" class="button1" /></dd>
 				</dl>
+				{S_LOGIN_REDIRECT}
 				</fieldset>
 			</div>
 
diff --git a/phpBB/styles/subsilver2/template/index_body.html b/phpBB/styles/subsilver2/template/index_body.html
index 8b6c1167b3..863e4f7bee 100644
--- a/phpBB/styles/subsilver2/template/index_body.html
+++ b/phpBB/styles/subsilver2/template/index_body.html
@@ -80,6 +80,7 @@
 		<td class="row1" align="center"><span class="genmed">{L_USERNAME}:</span> <input class="post" type="text" name="username" size="10" />&nbsp; <span class="genmed">{L_PASSWORD}:</span> <input class="post" type="password" name="password" size="10" />&nbsp; <!-- IF S_AUTOLOGIN_ENABLED --> <span class="gensmall">{L_LOG_ME_IN}</span> <input type="checkbox" class="radio" name="autologin" /><!-- ENDIF -->&nbsp; <input type="submit" class="btnmain" name="login" value="{L_LOGIN}" /></td>
 	</tr>
 	</table>
+	{S_LOGIN_REDIRECT}
 	{S_FORM_TOKEN}
 	</form>
 <!-- ENDIF -->
diff --git a/phpBB/styles/subsilver2/template/login_body.html b/phpBB/styles/subsilver2/template/login_body.html
index 810a7376f2..51f7068b5f 100644
--- a/phpBB/styles/subsilver2/template/login_body.html
+++ b/phpBB/styles/subsilver2/template/login_body.html
@@ -77,7 +77,7 @@
 </tr>
 </table>
 {S_FORM_TOKEN}
-
+{S_LOGIN_REDIRECT}
 </form>
 
 <br clear="all" />
diff --git a/phpBB/styles/subsilver2/template/login_forum.html b/phpBB/styles/subsilver2/template/login_forum.html
index c3d57085df..96b025a2f9 100644
--- a/phpBB/styles/subsilver2/template/login_forum.html
+++ b/phpBB/styles/subsilver2/template/login_forum.html
@@ -32,6 +32,7 @@
 	</tr>
 	</table>
 	{S_FORM_TOKEN}
+	{S_LOGIN_REDIRECT}
 	</form>
 
 </div>
diff --git a/phpBB/styles/subsilver2/template/viewforum_body.html b/phpBB/styles/subsilver2/template/viewforum_body.html
index f0b2699471..387a749e24 100644
--- a/phpBB/styles/subsilver2/template/viewforum_body.html
+++ b/phpBB/styles/subsilver2/template/viewforum_body.html
@@ -125,7 +125,7 @@
 			<td class="row1" align="center"><span class="genmed">{L_USERNAME}:</span> <input class="post" type="text" name="username" size="10" />&nbsp; <span class="genmed">{L_PASSWORD}:</span> <input class="post" type="password" name="password" size="10" /><!-- IF S_AUTOLOGIN_ENABLED -->&nbsp; <span class="gensmall">{L_LOG_ME_IN}</span> <input type="checkbox" class="radio" name="autologin" /><!-- ENDIF -->&nbsp; <input type="submit" class="btnmain" name="login" value="{L_LOGIN}" /></td>
 		</tr>
 		</table>
-
+		{S_LOGIN_REDIRECT}
 		</form>
 
 	<!-- ENDIF -->