Index: openacs-4/packages/acs-subsite/lib/login.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/lib/login.tcl,v
diff -u -r1.36.2.6 -r1.36.2.7
--- openacs-4/packages/acs-subsite/lib/login.tcl	31 May 2017 09:48:45 -0000	1.36.2.6
+++ openacs-4/packages/acs-subsite/lib/login.tcl	31 May 2017 11:48:36 -0000	1.36.2.7
@@ -75,12 +75,7 @@
 set subsite_url [subsite::get_element -element url]
 set system_name [ad_system_name]
 
-if { $return_url ne "" } {
-    if { [util::external_url_p $return_url] } {
-      ad_returnredirect -message "only urls without a host name are permitted" "."
-      ad_script_abort
-    }
-} else {
+if { $return_url eq "" } {
     set return_url [ad_pvt_home]
 }
 
@@ -94,7 +89,7 @@
                            -username $username \
                            -email $email]
 
-set register_url [export_vars -no_empty -base "[subsite::get_url]register/user-new" { return_url host_node_id }]
+set register_url [export_vars -no_empty -base "[subsite::get_url]register/user-new" { return_url }]
 if { $authority_id eq [auth::get_register_authority] || [auth::UseEmailForLoginP] } {
     set register_url [export_vars -no_empty -base $register_url { username email}]
 }
@@ -108,14 +103,15 @@
     -action "[subsite::get_url]register/" -form {
 	{return_url:text(hidden)}
 	{time:text(hidden)}
+        {host_node_id:text(hidden)}
 	{token_id:integer(hidden)}
 	{hash:text(hidden)}
     } -validate {
         { token_id {$token_id < 2**31} "invalid token id"}
     }
 
 set username_widget text
-if { [parameter::get -parameter UsePasswordWidgetForUsername -package_id [ad_acs_kernel_id]] } {
+if { [parameter::get -parameter UsePasswordWidgetForUsername -package_id $::acs::kernel_id] } {
     set username_widget password
 }
 
@@ -192,15 +188,19 @@
     set token [sec_get_token $token_id]
     set computed_hash [ns_sha1 "$time$token_id$token"]
     
-    set expiration_time [parameter::get -parameter LoginPageExpirationTime -package_id [ad_acs_kernel_id] -default 600]
+    set expiration_time [parameter::get \
+                             -parameter LoginPageExpirationTime \
+                             -package_id $::acs::kernel_id \
+                             -default 600]
     if { $expiration_time < 30 } { 
         # If expiration_time is less than 30 seconds, it's practically impossible to login
         # and you will have completely hosed login on your entire site
         set expiration_time 30
     }
 
-    if { $hash ne $computed_hash  || 
-             $time < [ns_time] - $expiration_time } {
+    if { $hash ne $computed_hash
+         || $time < [ns_time] - $expiration_time
+     } {
         ad_returnredirect -message [_ acs-subsite.Login_has_expired] -- [export_vars -base [ad_conn url] { return_url }]
         ad_script_abort
     }
@@ -222,6 +222,7 @@
                              -last_name $last_name \
                              -username [string trim $username] \
                              -password $password \
+                             -host_node_id $host_node_id \
                              -persistent=[expr {$allow_persistent_login_p && [template::util::is_true $persistent_p]}]]
     
     # Handle authentication problems