diff --git a/html/user/login_form.php b/html/user/login_form.php
index e8eb0c50f0..6d8f342754 100644
--- a/html/user/login_form.php
+++ b/html/user/login_form.php
@@ -23,7 +23,8 @@ check_get_args(array("next_url"));
 
 $next_url = sanitize_local_url(get_str('next_url', true));
 
-redirect_to_secure_url("login_form.php?next_url=$next_url");
+$u = "login_form.php?next_url=".urlencode($next_url);
+redirect_to_secure_url($u);
 
 $user = get_logged_in_user(false);