Index: trunk/kernel/startup.php
===================================================================
diff -u -N -r259 -r268
--- trunk/kernel/startup.php	(.../startup.php)	(revision 259)
+++ trunk/kernel/startup.php	(.../startup.php)	(revision 268)
@@ -132,15 +132,10 @@
 	
 	if (!admin_login())
 	{
-	    if(!headers_sent())
-	      setcookie("sid"," ",time()-3600);
+	    if( !headers_sent() ) setcookie("sid"," ",time()-3600);
 	    $objSession->Logout();
-	    if ($_GET['expired']) {
-	    	header("Location: ".$adminURL."/login.php?expired=1");
-	    }
-	    else {
-	    	header("Location: ".$adminURL."/login.php");
-	    }
+	    $url_add = isset($_GET['expired']) && $_GET['expired'] ? '?expired=1' : '';
+	    header("Location: ".$adminURL.'/login.php'.$url_add);
 	    die();
 		//require_once($pathtoroot."admin/login.php");
 	}	
Index: trunk/admin/include/tabs.js
===================================================================
diff -u -N -r259 -r268
--- trunk/admin/include/tabs.js	(.../tabs.js)	(revision 259)
+++ trunk/admin/include/tabs.js	(.../tabs.js)	(revision 268)
@@ -136,17 +136,15 @@
 //Used to submit the form when a tab is clicked on	
 function edit_submit(formname, status_field, targetURL, save_value, env_str, new_target)
 {    
-      var full_env = env;
-      if( HasParam(env_str) ) full_env += env_str;
+	var full_env = env;
+	if( HasParam(env_str) ) full_env += env_str;
 
-      if(full_env.substr(0,3)!="env")
-        full_env = 'env='+full_env;
-	 
-      f = document.getElementById(formname);
+	if(full_env.substr(0,3) != "env") full_env = 'env=' + full_env;
+	f = document.getElementById(formname);
      
-      if(f)
-      { 
-        var valid = false;	
+	if(f)
+	{ 
+		var valid = false;	
       	if(save_value != 2 && save_value !=-1)
       	{
           valid = DataIsValid(f);
@@ -161,23 +159,23 @@
       	}
         if(valid || save_value==2 || save_value==-1)
         {      
-          f.action = rootURL + targetURL + '?' + full_env;   
-      	  if(status_field.length>0)
-      	  {                 
-          	f.elements[status_field].value = save_value; //0= stay in temp, 1=save to perm, 2 = purge no save          
-      	  }	      
-	      alert('action: '+f.action);
-      	  if(new_target != null && typeof(new_target) != 'undefined') f.target = new_target;
+          	var URLPrefix = '';
+          	if( targetURL.substring(0, rootURL.length) != rootURL ) URLPrefix = rootURL;
+          
+          	f.action = URLPrefix + targetURL + '?' + full_env;   
+      	  	if(status_field.length > 0)
+      	  	{                 
+          		f.elements[status_field].value = save_value; //0= stay in temp, 1=save to perm, 2 = purge no save          
+      	  	}	      
 	      
-	      f.submit();
+      	  	if(new_target != null && typeof(new_target) != 'undefined') f.target = new_target;
+	      	f.submit();
         }
         else
-          if(!valid)
-              alert(ErrorMsg);
-
-      }
-      else
-        alert('Form '+formname+' was not found.');
+          if(!valid) alert(ErrorMsg);
+	}
+	else
+		alert('Form '+formname+' was not found.');
 }
 
 //Used when the save or cancel buttin is hit	
Index: trunk/admin/listview/listview.js
===================================================================
diff -u -N -r203 -r268
--- trunk/admin/listview/listview.js	(.../listview.js)	(revision 203)
+++ trunk/admin/listview/listview.js	(.../listview.js)	(revision 268)
@@ -196,13 +196,12 @@
 //This overrides the function in tabs.js for use in lists
 function edit_submit(formname, status_field, targetURL, save_value,env_str)
 {
-	var full_env = env
-	if( !((env_str == null) && typeof(env_str) == 'undefined') ) full_env += env_str;
-	
-	if(full_env.substr(0,3)!="env")
-        full_env = 'env='+full_env;		
-    
-    var loc = rootURL + targetURL + '?' + full_env;
+	var full_env = env;
+	if( HasParam(env_str) ) full_env += env_str;
+	if(full_env.substr(0,3) != "env") full_env = 'env='+full_env;		
+    var URLPrefix = '';
+    if( targetURL.substring(0, rootURL.length) != rootURL ) URLPrefix = rootURL;
+    var loc = URLPrefix + targetURL + '?' + full_env;
     document.location = loc;
 }
 
Index: trunk/kernel/include/modules.php
===================================================================
diff -u -N -r267 -r268
--- trunk/kernel/include/modules.php	(.../modules.php)	(revision 267)
+++ trunk/kernel/include/modules.php	(.../modules.php)	(revision 268)
@@ -312,10 +312,11 @@
 	
     $env_arr = explode('-', $_GET['env']);
     $get_session_key = $env_arr[0];
-    if(!$objSession->ValidSession() || ($objSession->GetSessionKey() != $get_session_key && $_POST['adminlogin'] != 1)) {
-      	if ($_GET['expired'] == 1) {
+    $admin_login = isset($_POST['adminlogin']) && $_POST['adminlogin']; // $_POST['adminlogin'] != 1
+    if(!$objSession->ValidSession() || ($objSession->GetSessionKey() != $get_session_key && !$admin_login)) {
+      	if( isset($_GET['expired']) && ($_GET['expired'] == 1) ) 
     		$login_error = admin_language("la_text_sess_expired");
-      	}
+      	
     	return FALSE;
     	//echo "Expired<br>";
     }