From 120956761383f8365e95e669a11b344af4764c74 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 30 Jan 2019 13:39:41 +0100
Subject: [inc/Dictionary] Teh evil unvalidated redirects must die!

---
 inc/dictionary.inc.php | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/inc/dictionary.inc.php b/inc/dictionary.inc.php
index fcbfdfb8..935d1f4e 100644
--- a/inc/dictionary.inc.php
+++ b/inc/dictionary.inc.php
@@ -30,10 +30,15 @@ class Dictionary
 		if ($lang !== false && in_array($lang, self::$languages)) {
 			setcookie('lang', $lang, time() + 60 * 60 * 24 * 30 * 12);
 			$url = Request::get('url');
-			if ($url === false && isset($_SERVER['HTTP_REFERER']))
+			if ($url === false && isset($_SERVER['HTTP_REFERER'])) {
 				$url = $_SERVER['HTTP_REFERER'];
-			if ($url === false)
-				$url = '?do=Main';
+			}
+			$parts = parse_url($url);
+			if ($url === false || $parts === false || empty($parts['query'])) {
+				$url = '?do=main';
+			} else {
+				$url = '?' . $parts['query'];
+			}
 			Util::redirect($url);
 		}
 
-- 
cgit v1.2.3-55-g7522