Index: logintoboggan.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/logintoboggan/logintoboggan.module,v
retrieving revision 1.83.2.31
diff -u -F^f -u -F^f -r1.83.2.31 logintoboggan.module
--- logintoboggan.module	29 Dec 2007 15:16:41 -0000	1.83.2.31
+++ logintoboggan.module	16 Feb 2008 15:55:52 -0000
@@ -169,7 +169,7 @@ function logintoboggan_form_alter($form_
         $form['pass']['#description'] = theme('lt_password_description', $form_id);
       }
       if($GLOBALS['logintoboggan_denied'] == TRUE){
-        $form['#redirect'] = logintoboggan_destination();
+        logintoboggan_destination();
       }
 
       if (($form_id == 'user_login_block')) {
@@ -700,21 +700,31 @@ function logintoboggan_denied() {
 // Slight rewrite of drupal_get_destination()
 // with custom 403, drupal_get_destination() would return toboggan/denied
 // which would show 'Access Denied' after login... what good is that!?
+// Because drupal_access_denied() sets $_REQUEST['destination'], and that
+// overrides any other setting in drupal_goto(), we manipulate that
+// directly here instead of returning values to the form code.
 function logintoboggan_destination() {
-  // Drupal has reset $_GET[q], so we need a workaround. Start with home page,
-  // then try to determine the correct destination.
-  $destination = variable_get('site_frontpage', 'node');
+  // Drupal has reset $_GET[q], so we need a workaround.
   if ($internal_path = substr(request_uri(), strlen(base_path()))) {
-
-    $uriarray = explode('/', $internal_path);
-    if (!variable_get('clean_url', 0)) {
-      $uriarray[0] = str_replace('?q=', '', $uriarray[0]);
+    // Clean URLs enabled, just pass destination through.
+    if (variable_get('clean_url', 0)) {
+      $_REQUEST['destination'] = $internal_path;
+    }
+    // Clean URLs disabled, so break apart the query string and
+    // pull out the path.
+    else {
+      $internal_path = parse_url($internal_path);
+      $queryarray = explode('&', $internal_path['query']);
+      $path = str_replace('q=', '', $queryarray[0]);
+      unset($queryarray[0]);
+      $query = !empty($queryarray) ? '?'. implode('&', $queryarray) : '';
+      $_REQUEST['destination'] = $path . $query;
     }
-    $destination = implode('/', $uriarray);
-
   }
-
-  return $destination;
+  // Fall back to homepage.
+  else {
+    $_REQUEST['destination'] = variable_get('site_frontpage', 'node');
+  }
 }
 
 /**