diff --git a/ChangeLog b/ChangeLog
index 32926dc55..e736b4e2b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -31,6 +31,8 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
   set focus to the textarea
 - bug #1814463 [display] Wrong database size
 - bug #1811527 [display] Problem with links to the MySQL manual
+- patch #1817529 [auth] Incorrect login via URL when AllowArbitraryServer
+  is true, thanks to Juergen Wind
 
 2.11.1.2 (2007-10-17)
 - fixed XSS in server_status.php, thanks to Omer Singer, The DigiTrust Group
diff --git a/libraries/auth/cookie.auth.lib.php b/libraries/auth/cookie.auth.lib.php
index f158ea64f..aa80737b4 100644
--- a/libraries/auth/cookie.auth.lib.php
+++ b/libraries/auth/cookie.auth.lib.php
@@ -377,7 +377,7 @@ function PMA_auth_check()
         // The user just logged in
         $GLOBALS['PHP_AUTH_USER'] = $_REQUEST['pma_username'];
         $GLOBALS['PHP_AUTH_PW']   = empty($_REQUEST['pma_password']) ? '' : $_REQUEST['pma_password'];
-        if ($GLOBALS['cfg']['AllowArbitraryServer']) {
+        if ($GLOBALS['cfg']['AllowArbitraryServer'] && isset($_REQUEST['pma_servername'])) {
             $GLOBALS['pma_auth_server'] = $_REQUEST['pma_servername'];
         }
         return true;