After logging in in ldap_login.php (and presumably in many other places), the server sends a 302 with a Location: header. The location is ./index.php. That is incorrect; it should be
http://openaudit.mysite.com/openaudit/index.php (or adjusted for whatever your server is).
According to RFC 2616, the Location: header should always be an absolute URL, not a relative one.
I suspect that a problem I am having (index.php is downloaded instead of executed on the server - other PHP files execute as they should) may be related to the wrong Location: header.