Security Issue

[exmex]

In loginprocess is a massive security issue. You can "post" EVERY url to return.

https://github.com/warhawk3407/bgpanel/blob/master/admin/loginprocess.php#L111

header( "Location: ".urldecode($return));

https://github.com/warhawk3407/bgpanel/blob/master/admin/loginprocess.php#L109

My fix for it:

if (!empty($return) && parse_url($_SERVER['HTTP_HOST'], PHP_URL_HOST) == parse_url($return, PHP_URL_HOST))

It compares the host from the return argument & the http host host :)
(parse_url for $_SERVER because it contains ports if not running on default 80 / 443)

[superg2]

Is this "issue" a security hole ? I mean that if you post a fancy return url, what is the breach you open ?