From 6617cd5d8fd8d1a5df5aafc8bccc4788c670d377 Mon Sep 17 00:00:00 2001
From: Cameron <e107inc@gmail.com>
Date: Mon, 2 Feb 2015 16:57:39 -0800
Subject: [PATCH] Tweak of last commit.

---
 e107_handlers/e107_class.php | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/e107_handlers/e107_class.php b/e107_handlers/e107_class.php
index c51c83fa3..f0a443235 100644
--- a/e107_handlers/e107_class.php
+++ b/e107_handlers/e107_class.php
@@ -3263,9 +3263,17 @@ class e107
 			if(defset('e_QUERY')) parse_str(e_QUERY,$_GET);
 		}
 
-		// the last anti-XSS measure, XHTML compliant URL to be used in forms instead e_SELF
 		define('e_REQUEST_URL', str_replace(array("'", '"'), array('%27', '%22'), $requestUrl)); // full request url string (including domain)
-		define('e_REQUEST_SELF', rtrim(array_shift(explode('?', e_REQUEST_URL)),'/').'/'); // full URL without the QUERY string
+		
+		$requestSelf =  array_shift(explode('?', e_REQUEST_URL)); 
+		
+		if(substr($requestSelf,-4) !== '.php' && substr($requestSelf,-1) !== '/')
+		{
+			$requestSelf .= '/'; // Always include a trailing slash on SEF Urls so that e_REQUEST_SELF."?".e_QUERY doesn't break. 	
+		}
+
+		// the last anti-XSS measure, XHTML compliant URL to be used in forms instead e_SELF
+		define('e_REQUEST_SELF', $requestSelf); // full URL without the QUERY string
 		define('e_REQUEST_URI', str_replace(array("'", '"'), array('%27', '%22'), $requestUri)); // absolute http path + query string
 		define('e_REQUEST_HTTP', array_shift(explode('?', e_REQUEST_URI))); // SELF URL without the QUERY string and leading domain part
 		unset($requestUrl, $requestUri);