Redirect to originally-requested page on login

Instead of always showing the tickets page

include/client/login.inc.php

@@ -12,7 +12,7 @@ $content = Page::lookup(Page::getIdByType('registration-policy'));
 <form action="login.php" method="post" id="clientLogin">
     <?php csrf_token(); ?>
 <div style="display:table-row">
-    <div style="width:40%;display:table-cell">
+    <div style="width:40%;display:table-cell;box-shadow: 12px 0 15px -15px rgba(0,0,0,0.4);padding-left: 2em;">
     <strong><?php echo Format::htmlchars($errors['login']); ?></strong>
     <br>
     <div>
@@ -27,11 +27,11 @@ $content = Page::lookup(Page::getIdByType('registration-policy'));
         <input class="btn" type="submit" value="Sign In">
     </p>
     </div>
+    <div style="display:table-cell;padding-left: 2em;">
 <?php if ($cfg && $cfg->isClientRegistrationEnabled()) { ?>
-    <div style="display:table-cell;box-shadow: -9px 0 15px -12px rgba(0,0,0,0.3);padding-left: 2em;">
         Not yet registered? <a href="account.php?do=create">Create an account</a>
-    </div>
 <?php } ?>
+    </div>
 </div>
 </form>
 <br>

login.php

@@ -30,15 +30,16 @@ if ($_POST) {
         $errors['err'] = 'Valid username or email address is required';
     elseif (($user = UserAuthenticationBackend::process($_POST['luser'],
             $_POST['lpasswd'], $errors))) {
-        Http::redirect('tickets.php');
-        $_POST = null;
+        Http::redirect($_SESSION['_client']['auth']['dest'] ?: 'tickets.php');
     } elseif(!$errors['err']) {
         $errors['err'] = 'Invalid email or ticket number - try again!';
     }
 }
 
-$nav = new UserNav();
-$nav->setActiveNav('status');
+if (!$nav) {
+    $nav = new UserNav();
+    $nav->setActiveNav('status');
+}
 require CLIENTINC_DIR.'header.inc.php';
 require CLIENTINC_DIR.$inc;
 require CLIENTINC_DIR.'footer.inc.php';

open.php

@@ -17,7 +17,7 @@ require('client.inc.php');
 define('SOURCE','Web'); //Ticket source.
 $ticket = null;
 $errors=array();
-if($_POST):
+if ($_POST) {
     $vars = $_POST;
     $vars['deptId']=$vars['emailId']=0; //Just Making sure we don't accept crap...only topicId is expected.
     if ($thisclient) {
@@ -60,10 +60,14 @@ if($_POST):
     }else{
         $errors['err']=$errors['err']?$errors['err']:'Unable to create a ticket. Please correct errors below and try again!';
     }
-endif;
+}
 
 //page
 $nav->setActiveNav('new');
+if ($cfg->isClientLoginRequired() && !$thisclient) {
+    require_once 'secure.inc.php';
+}
+
 require(CLIENTINC_DIR.'header.inc.php');
 if($ticket
         && (
@@ -76,9 +80,8 @@ if($ticket
                     array_fill(0, 3, 'XXXXXX'),
                     $page->getBody()
                     )));
-} elseif ($cfg->isClientLoginRequired() && !$thisclient) {
-    require(CLIENTINC_DIR.'login.inc.php');
-} else {
+}
+else {
     require(CLIENTINC_DIR.'open.inc.php');
 }
 require(CLIENTINC_DIR.'footer.inc.php');

secure.inc.php

@@ -20,7 +20,9 @@ require_once('client.inc.php');
 //Client Login page: Ajax interface can pre-declare the function to trap logins.
 if(!function_exists('clientLoginPage')) {
     function clientLoginPage($msg ='') {
-        global $ost;
+        global $ost, $cfg, $nav;
+        $_SESSION['_client']['auth']['dest'] =
+            '/' . ltrim($_SERVER['REQUEST_URI'], '/');
         require('./login.php');
         exit;
     }

view.php

@@ -23,6 +23,9 @@ $user =  UserAuthenticationBackend::processSignOn($errors);
 if ($user && $user->getTicketId())
     Http::redirect('tickets.php?id='.$user->getTicketId());
 
+$nav = new UserNav();
+$nav->setActiveNav('status');
+
 //Simply redirecting to tickets.php until multiview is implemented.
 require('tickets.php');
 ?>