diff --git a/includes/loggedin.php b/includes/loggedin.php
index 70c9674..c14f8c2 100644
--- a/includes/loggedin.php
+++ b/includes/loggedin.php
@@ -19,6 +19,7 @@
 	include_once("../includes/lib/general.php");
 	require_once("../includes/lib/l10n.php");
 	include_once("../includes/mysql.php");
+	require_once('../includes/notary.inc.php');
 
 	if(!isset($_SESSION['profile']) || !is_array($_SESSION['profile'])) {
 		$_SESSION['profile'] = array( 'id' => 0, 'loggedin' => 0 );
@@ -87,27 +88,15 @@
 				//session_unregister($key);
 			}
 
-			$_SESSION['_config']['oldlocation'] = '';
-
-			foreach($_GET as $key => $val)
-			{
-				if($_SESSION['_config']['oldlocation'])
-					$_SESSION['_config']['oldlocation'] .= "&";
-
-				$key = str_replace(array("\n", "\r"), '', $key);
-				$val = str_replace(array("\n", "\r"), '', $val);
-				$_SESSION['_config']['oldlocation'] .= "$key=$val";
- 			}
-			$_SESSION['_config']['oldlocation'] = substr($_SERVER['SCRIPT_NAME'], 1)."?".$_SESSION['_config']['oldlocation'];
-
-			header("location: https://".$_SESSION['_config']['securehostname']."/index.php?id=4");
+			$_SESSION['_config']['oldlocation'] = $_SERVER['REQUEST_URI'];
+			header("Location: https://{$_SESSION['_config']['securehostname']}/index.php?id=4");
 			exit;
 		}
 	}
 
 	if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] <= 0 || $_SESSION['profile']['loggedin'] == 0))
 	{
-		header("location: https://".$_SESSION['_config']['normalhostname']);
+		header("Location: https://{$_SESSION['_config']['normalhostname']}");
 		exit;
 	}
 
@@ -141,27 +130,23 @@
 			//session_unregister($key);
 		}
 
-		header("location: https://".$normalhost."/index.php");
+		header("Location: https://{$normalhost}/index.php");
 		exit;
 	}
 
 	if($_SESSION['profile']['loggedin'] < 1)
 	{
-		$_SESSION['_config']['oldlocation'] = '';
-
-		foreach($_REQUEST as $key => $val)
-		{
-			if('' != $_SESSION['_config']['oldlocation'])
-				$_SESSION['_config']['oldlocation'] .= "&";
+		$_SESSION['_config']['oldlocation'] = $_SERVER['REQUEST_URI'];
+		header("Location: https://{$_SERVER['HTTP_HOST']}/index.php?id=4");
+		exit;
+	}
 
-			$key = str_replace(array("\n", "\r"), '', $key);
-			$val = str_replace(array("\n", "\r"), '', $val);
-			$_SESSION['_config']['oldlocation'] .= "$key=$val";
+	if (!isset($_SESSION['profile']['ccaagreement']) || !$_SESSION['profile']['ccaagreement']) {
+		$_SESSION['profile']['ccaagreement']=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
+		if (!$_SESSION['profile']['ccaagreement']) {
+			$_SESSION['_config']['oldlocation'] = $_SERVER['REQUEST_URI'];
+			header("Location: https://{$_SERVER['HTTP_HOST']}/index.php?id=52");
+			exit;
 		}
-		$_SESSION['_config']['oldlocation'] = substr($_SERVER['SCRIPT_NAME'], 1)."?".$_SESSION['_config']['oldlocation'];
-		$hostname=$_SERVER['HTTP_HOST'];
-		$hostname = str_replace(array("\n", "\r"), '', $hostname);
-		header("location: https://".$hostname."/index.php?id=4");
-		exit;
 	}
 ?>
diff --git a/pages/index/52.php b/pages/index/52.php
new file mode 100644
index 0000000..0926780
--- /dev/null
+++ b/pages/index/52.php
@@ -0,0 +1,33 @@
+<?/*
+	LibreSSL - CAcert web application
+	Copyright (C) 2004-2008  CAcert Inc.
+
+	This program is free software; you can redistribute it and/or modify
+	it under the terms of the GNU General Public License as published by
+	the Free Software Foundation; version 2 of the License.
+
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU General Public License for more details.
+
+	You should have received a copy of the GNU General Public License
+	along with this program; if not, write to the Free Software
+	Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+
+?>
+
+<div style="text-align: center;">
+	<h1><?=_('CAcert Community Agreement Acceptance')?></h1>
+	<p><?=sprintf(_('To get access to your account your agreement to the %s CAcert Community Agreement %s (CCA) is required.'),'<a href="/policy/CAcertCommunityAgreement.php">', '</a>')?></p>
+	<p><?=_('Every member, who has agreed to the CCA, should be able to rely on the fact that every other user of CAcert has also agreed to the CCA and that the same rules apply to everybody. Moreover it is a basic requirement for the audit to be able to tell who has accepted our rules.')?></p>
+	<p><?=_('Originally the acceptance was not recorded. Up until now, we do not have your agreement on record. Once you have accepted the CCA (again) your agreement is recorded and you will not need to do this step again.')?></p>
+	<p><?=sprintf(_('If you do not wish to accept the CCA you should consider to ask for the closing of your account as you will not be able to access our system. In this case please send an email to support (%s).'),'<a href="mailto:support@cacert.org">support@cacert.org</a>')?></p>
+	<p><?=_('If you do not want to decide about the acceptance of the CCA now, you can come back at any time.')?></p>
+	<form method="post" action="index.php">
+		<input type="submit" name="agree" value="<?=_('I agree to the CCA')?>">
+		<input type="submit" name="disagree" value="<?=_('I do not want to accept the CCA')?>">
+		<input type="hidden" name="oldid" value="<?=$id?>">
+	</form>
+</div>
diff --git a/www/index.php b/www/index.php
index 5a744fc..e6fc06a 100644
--- a/www/index.php
+++ b/www/index.php
@@ -17,7 +17,7 @@
 */
 
 require_once('../includes/lib/l10n.php');
-
+require_once('../includes/notary.inc.php');
 
         $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
         $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
@@ -148,6 +148,7 @@ require_once('../includes/lib/l10n.php');
 		}
 	}
 
+	//client login
 	if($id == 4 && $_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'])
 	{
 		include_once("../includes/lib/general.php");
@@ -171,6 +172,7 @@ require_once('../includes/lib/l10n.php');
 		}
 	}
 
+
 	if($id == 4 && array_key_exists('profile',$_SESSION) && array_key_exists('loggedin',array($_SESSION['profile'])) && $_SESSION['profile']['loggedin'] == 1)
 	{
 		header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
@@ -218,12 +220,16 @@ require_once('../includes/lib/l10n.php');
 				$_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
 				$_SESSION['_config']['oldlocation'] = "account.php?id=13";
 			}
+			if (!isset($_SESSION['_config']['oldlocation'])){
+				$_SESSION['_config']['oldlocation']='';
+			}
 			if (checkpwlight($pword) < 3)
 				$_SESSION['_config']['oldlocation'] = "account.php?id=14&force=1";
-			if($_SESSION['_config']['oldlocation'] != "")
+			if($_SESSION['_config']['oldlocation'] != ""){
 				header("location: https://".$_SERVER['HTTP_HOST']."/".$_SESSION['_config']['oldlocation']);
-			else
+			}else{
 				header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
+			}
 			exit;
 		}
 
@@ -238,6 +244,40 @@ require_once('../includes/lib/l10n.php');
 		}
 	}
 
+// check for CCA acceptance prior to login
+if ($oldid == 52 )
+{
+	// Check if the user is already authenticated
+	if (!array_key_exists('profile',$_SESSION)
+			|| !array_key_exists('loggedin',$_SESSION['profile'])
+			|| $_SESSION['profile']['loggedin'] != 1)
+	{
+		header("Location: https://{$_SERVER['HTTP_HOST']}/index.php?id=4");
+		exit;
+	}
+
+	if (array_key_exists('agree',$_REQUEST) && $_REQUEST['agree'] != "")
+	{
+		write_user_agreement($_SESSION['profile']['id'], "CCA", "Login acception", "", 1);
+		$_SESSION['profile']['ccaagreement']=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
+
+		if (array_key_exists("oldlocation",$_SESSION['_config'])
+				&& $_SESSION['_config']['oldlocation']!="")
+		{
+			header("Location: https://{$_SERVER['HTTP_HOST']}/{$_SESSION['_config']['oldlocation']}");
+			exit;
+		} else {
+			header("Location: https://{$_SERVER['HTTP_HOST']}/account.php");
+			exit;
+		}
+	}
+
+	// User didn't agree
+	header("Location: https://{$_SERVER['HTTP_HOST']}/index.php?id=4");
+	exit;
+}
+
+
 	if($process && $oldid == 1)
 	{
 		$id = 2;
@@ -432,7 +472,6 @@ require_once('../includes/lib/l10n.php');
 						`regional`='".$_SESSION['signup']['regional']."',
 						`radius`='".$_SESSION['signup']['radius']."'";
 			mysql_query($query);
-			include_once("../includes/notary.inc.php");
 			write_user_agreement($memid, "CCA", "account creation", "", 1);
 
 			$body = _("Thanks for signing up with CAcert.org, below is the link you need to open to verify your account. Once your account is verified you will be able to start issuing certificates till your hearts' content!")."\n\n";