Index: index.php
===================================================================
--- index.php	(revision 250)
+++ index.php	(revision 251)
@@ -14,6 +14,7 @@
 
     //initialize variables
     $errormsg = '';
+    $errorcode = 0;  // 1.9 back port
 
 /// Check for timed out sessions
     if (!empty($SESSION->has_timed_out)) {
@@ -80,7 +81,7 @@
 
     $loginsite = get_string("loginsite");
 
-    $loginurl = (!empty($CFG->alternateloginurl)) ? $CFG->alternateloginurl : '';
 
 
     if ($user !== false or $frm !== false) {
@@ -101,11 +102,13 @@
         if ($user) {
             $frm->username = $user->username;
         } else {
-            $frm = data_submitted($loginurl);
+            $frm = data_submitted();
         }
 
     } else {
-        $frm = data_submitted($loginurl);
+        $frm = data_submitted();
     }
 
 /// Check if the user has actually submitted login data to us
@@ -113,6 +116,7 @@
     if (empty($CFG->usesid) and $testcookies and (get_moodle_cookie() == '')) {    // Login without cookie when test requested
 
         $errormsg = get_string("cookiesnotenabled");
+        $errorcode = 1;
 
     } else if ($frm) {                             // Login WITH cookies
 
@@ -122,6 +126,8 @@
             $string = eregi_replace("[^(-\.[:alnum:])]", "", $frm->username);
             if (strcmp($frm->username, $string)) {
                 $errormsg = get_string('username').': '.get_string("alphanumerical");
+                $errorcode = 2;
+                
                 $user = null;
             }
         }
@@ -195,7 +201,7 @@
                 if ($passwordchangeurl != '') {
                     redirect($passwordchangeurl);
                 } else {
-                    error(get_strin('nopasswordchangeforced', 'auth'));
+                    error(get_string('nopasswordchangeforced', 'auth'));
                 }
             }
 
@@ -249,6 +255,7 @@
         } else {
             if (empty($errormsg)) {
                 $errormsg = get_string("invalidlogin");
+                $errorcode = 3;
             }
 
             // TODO: if the user failed to authenticate, check if the username corresponds to a remote mnet user
@@ -260,7 +267,12 @@
         }
     }
 
-    
+/// Detect problems with timedout sessions
+    if ($session_has_timed_out and !data_submitted()) {
+        $errormsg = get_string('sessionerroruser', 'error');
+        $errorcode = 4;
+    }
+        
 /// We need to show a login form
 
 /// First, let's remember where the user was trying to get to before they got here
@@ -274,7 +286,24 @@
             ? $_SERVER["HTTP_REFERER"] : NULL;
     }
 
-    if (!empty($loginurl)) {   // We don't want the standard forms, go elsewhere
+   // Redirect to alternative login URL if needed 1.9 Back Port HSU
+    if (!empty($CFG->alternateloginurl)) {
+        $loginurl = $CFG->alternateloginurl;
+
+        if (strpos($SESSION->wantsurl, $loginurl) === 0) {
+            //we do not want to return to alternate url
+            $SESSION->wantsurl = NULL;
+        }
+
+        if ($errorcode) {
+            if (strpos($loginurl, '?') === false) {
+                $loginurl .= '?';
+            } else {
+                $loginurl .= '&';
+            }
+            $loginurl .= 'errorcode='.$errorcode; 
+        }
         redirect($loginurl);
     }