Encode the sReturnTo argument to the login page, otherwise we may have problems with some urls

account.php

@@ -209,7 +209,7 @@ function cmd_do_login()
 
     if($iResult == SUCCESS)
     {
-        $sReturnUrl = $aClean['sReturnTo'];
+        $sReturnUrl = urldecode($aClean['sReturnTo']);
         if(!$sReturnUrl)
             $sReturnUrl = apidb_fullurl("index.php");
         addmsg("You are successfully logged in as '$oUser->sRealname'.", "green");

include/util.php

@@ -907,7 +907,7 @@ function util_trim_description($sDescription)
    to the current page once he has logged in */
 function login_url()
 {
-    $sCurrentUrl = $_SERVER['REQUEST_URI'];
+    $sCurrentUrl = urlencode($_SERVER['REQUEST_URI']);
     $sLoginUrl = BASE."account.php?sCmd=login";
 
     /* If we are on the login page that means the URL already contains an sReturnTo value,