Index: branches/5.1.x/core/kernel/application.php
===================================================================
diff -u -N -r13488 -r13545
--- branches/5.1.x/core/kernel/application.php	(.../application.php)	(revision 13488)
+++ branches/5.1.x/core/kernel/application.php	(.../application.php)	(revision 13545)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: application.php 13488 2010-05-05 07:12:29Z alex $
+* @version	$Id: application.php 13545 2010-05-11 19:19:58Z alex $
 * @package	In-Portal
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license      GNU/GPL
@@ -997,11 +997,11 @@
 				// user can edit cms blocks
 				$editing_mode = $this->GetVar('editing_mode');
 				define('EDITING_MODE', $editing_mode ? $editing_mode : EDITING_MODE_BROWSE);
-				$this->Phrases->setPhraseEditing();
 			}
 		}
 
 		safeDefine('EDITING_MODE', ''); // user can't edit anything
+		$this->Phrases->setPhraseEditing();
 
 		if (!$this->RequestProcessed) $this->ProcessRequest();
 
@@ -1071,6 +1071,9 @@
 			$this->HTML = ob_get_clean() . $this->HTML . $this->Debugger->printReport(true);
 		}
 		else {
+			// send "Set-Cookie" header before any output is made
+			$this->Session->SetSession();
+
 			$this->HTML = ob_get_clean() . $this->HTML;
 		}
 
@@ -1590,8 +1593,15 @@
 		}
 
 		$pass = isset($params['pass']) ? $params['pass'] : '';
-		$pass_events = isset($params['pass_events']) ? $params['pass_events'] : false; // pass events with url
 
+		// pass events with url
+		$pass_events = false;
+		if( isset($params['pass_events']) )
+		{
+			$pass_events = $params['pass_events'];
+			unset($params['pass_events']);
+		}
+
 		$map_link = '';
 		if( isset($params['anchor']) )
 		{
@@ -1723,11 +1733,11 @@
 		sort($pass_info, SORT_STRING); // to be prefix1,prefix1.special1,prefix1.special2,prefix3.specialX
 
 		foreach ($pass_info as $prefix) {
-			list($prefix_only) = explode('.', $prefix, 1);
+			list ($prefix_only, ) = explode('.', $prefix, 2);
 			$sorted[$prefix] = $this->getUnitOption($prefix_only, 'RewritePriority', 0);
 		}
 
-		arsort($sorted);
+		asort($sorted, SORT_NUMERIC);
 		$pass_info = array_keys($sorted);
 
 		// ensure that "m" prefix is at the beginning
@@ -1741,10 +1751,13 @@
 
 	function BuildEnv_NEW($t, $params, $pass='all', $pass_events = false)
 	{
-//		$session =& $this->recallObject('Session');
-		$force_admin = getArrayValue($params,'admin') || $this->GetVar('admin');
+		if ($this->GetVar('admin') || (array_key_exists('admin', $params) && $params['admin'])) {
+			$params['admin'] = 1;
 
-//		if($force_admin) $sid = $this->GetSID();
+			if (!array_key_exists('editing_mode', $params)) {
+				$params['editing_mode'] = EDITING_MODE;
+			}
+		}
 
 		$ret = '';
 		$env = '';
@@ -1852,9 +1865,6 @@
 		}
 
 		unset($params['pass'], $params['opener'], $params['m_event']);
-		if ($force_admin) {
-			$params['admin'] = 1;
-		}
 
 		if (array_key_exists('escape', $params) && $params['escape']) {
 			$ret = addslashes($ret);
@@ -1937,6 +1947,14 @@
 
 	function BuildEnv($t, $params, $pass='all', $pass_events = false, $env_var = true)
 	{
+		if ($this->GetVar('admin') || (array_key_exists('admin', $params) && $params['admin'])) {
+			$params['admin'] = 1;
+
+			if (!array_key_exists('editing_mode', $params)) {
+				$params['editing_mode'] = EDITING_MODE;
+			}
+		}
+
 		$session =& $this->recallObject('Session');
 		$ssl = isset($params['__SSL__']) ? $params['__SSL__'] : 0;
 		$sid = $session->NeedQueryString() && !$this->RewriteURLs($ssl) ? $this->GetSID() : '';
@@ -1996,14 +2014,6 @@
 
 		unset($params['pass'], $params['opener'], $params['m_event']);
 
-		if ($this->GetVar('admin') && !isset($params['admin'])) {
-			$params['admin'] = 1;
-
-			if (!array_key_exists('editing_mode', $params)) {
-				$params['editing_mode'] = EDITING_MODE;
-			}
-		}
-
 		if (array_key_exists('escape', $params) && $params['escape']) {
 			$ret = addslashes($ret);
 			unset($params['escape']);
@@ -2077,34 +2087,39 @@
 		$params['__URLENCODE__'] = 1;
 		$location = $this->HREF($t, $prefix, $params, $index_file);
 
-		$a_location = $location;
-		$location = "Location: $location";
-
 		if ($this->isDebugMode() && (constOn('DBG_REDIRECT') || (constOn('DBG_RAISE_ON_WARNINGS') && $this->Application->Debugger->WarningCount))) {
 			$this->Debugger->appendTrace();
-			echo "<b>Debug output above!!!</b> Proceed to redirect: <a href=\"$a_location\">$a_location</a><br>";
+			echo "<b>Debug output above!!!</b> Proceed to redirect: <a href=\"$location\">$location</a><br>";
 		}
 		else {
 			if ($js_redirect) {
+				// show "redirect" template instead of redirecting,
+				// because "Set-Cookie" header won't work, when "Location"
+				// header is used later
 				$this->SetVar('t', 'redirect');
-				$this->SetVar('redirect_to_js', addslashes($a_location) );
-				$this->SetVar('redirect_to', $a_location);
+				$this->SetVar('redirect_to', $location);
+
+				// make all additional parameters available on "redirect" template too
+				foreach ($params as $name => $value) {
+					$this->SetVar($name, $value);
+				}
+
 				return true;
 			}
 			else {
 				if ($this->GetVar('ajax') == 'yes' && $t != $this->GetVar('t')) {
 					// redirection to other then current template during ajax request
-					echo '#redirect#'.$a_location;
+					echo '#redirect#' . $location;
 				}
 				elseif (headers_sent() != '') {
 					// some output occured -> redirect using javascript
-					echo '<script type="text/javascript">window.location.href = \''.$a_location.'\';</script>';
+					echo '<script type="text/javascript">window.location.href = \'' . $location . '\';</script>';
 				}
 				else {
 					// no output before -> redirect using HTTP header
 
 //					header('HTTP/1.1 302 Found');
-					header("$location", true, $response_code);
+					header('Location: ' . $location, true, $response_code);
 				}
 			}
 		}