This issue affects any forum (i.e. https://myforum/phpBB3/) where:
- the forum is located in a directory underneath the web root (i.e., NOT https://myforum/)
- a user accesses the forum with a URI pointing to a directory rather than a script (i.e., NOT https://myforum/phpBB3/index.php)
- the URI used ends in a slash (i.e., NOT https://myforum/phpBB3)
If these conditions are met, after successful login the user is redirected to an invalid URI (i.e., https://myforum/phpBB3/phpBB3?sid=).
To fix this behavior, extract_current_page() in includes/session.php needs to handle the case correctly where the URI of the current page ends in a slash and is not the web root.