diff --git a/lib/session.lib.php b/lib/session.lib.php
index 30493fe4087382a9d3ac56f59c0325676fad02ee..dcc3c79de51eeb9efd7c24ee5b7d6d844779be64 100644
--- a/lib/session.lib.php
+++ b/lib/session.lib.php
@@ -17,8 +17,8 @@ if(isset($_POST['checkid'])){
 	if (!isset($_GET['logout'])) $_GET['logout'] = "";
 	if (!isset($_GET['ref'])) $_GET['ref'] = "0";
 }
-
-if ($_SESSION['werber'] == "0") $_SESSION['werber'] = (int)$_GET['ref'];
+if( ( !isset($_SESSION['werber']) || ("0" == $_SESSION['werber']) ) && isset($_GET['ref']) )
+    $_SESSION['werber'] = (int)$_GET['ref'];
 // Seiteneinstellungen laden...
 $pageconfig = mysqli_fetch_array(db_query("SELECT * FROM " . $db_prefix . "_seitenkonfig LIMIT 1"));
 
@@ -33,7 +33,7 @@ if ($pageconfig['wartung'] == 1 && $_SESSION['uid'] != $admin_id) {
     die();
 }
 // Login
-if ($_POST['checkid'] == 'Login' && $_POST['nickname'] && $_POST['passwort']) {
+if (isset($_POST['checkid']) && $_POST['checkid'] == 'Login' && $_POST['nickname'] && $_POST['passwort']) {
     $_POST['nickname'] = addslashes($_POST['nickname']);
 	
 	$pw = pw_erstellen($_POST['passwort']);