diff --git a/public_html/admin/sectest.php b/public_html/admin/sectest.php
index b2ebc2433..919ffcdff 100644
--- a/public_html/admin/sectest.php
+++ b/public_html/admin/sectest.php
@@ -204,23 +204,11 @@ function doTest($baseUrl, $urlToCheck, $what)
  */
 function checkInstallDir()
 {
-    global $_CONF, $LANG_SECTEST, $failed_tests;
+    global $LANG_SECTEST, $failed_tests;
 
-    // we don't have the path to the admin directory, so try to figure it out
-    // from $_CONF['site_admin_url']
-    $adminUrl = $_CONF['site_admin_url'];
-    if (strrpos($adminUrl, '/') === strlen($adminUrl)) {
-        $adminUrl = substr($adminUrl, 0, -1);
-    }
-    $pos = strrpos($adminUrl, '/');
-    if ($pos === false) {
-        // only guessing ...
-        $installDir = $_CONF['path_html'] . 'admin/install';
-    } else {
-        $installDir = $_CONF['path_html'] . substr($adminUrl, $pos + 1) . '/install';
-    }
+    $installDir = COM_getInstallDir();
 
-    if (is_dir($installDir)) {
+    if (!empty($installDir)) {
         $retval = '<li>' . sprintf($LANG_SECTEST['remove_inst'],
                 '<strong>' . $installDir . '</strong>') . ' '
             . $LANG_SECTEST['remove_inst2'] . '</li>';
diff --git a/public_html/index.php b/public_html/index.php
index 1230e9e71..432f15555 100644
--- a/public_html/index.php
+++ b/public_html/index.php
@@ -8,7 +8,7 @@
 // |                                                                           |
 // | Geeklog homepage.                                                         |
 // +---------------------------------------------------------------------------+
-// | Copyright (C) 2000-2017 by the following authors:                         |
+// | Copyright (C) 2000-2018 by the following authors:                         |
 // |                                                                           |
 // | Authors: Tony Bibbs        - tony@tonybibbs.com                           |
 // |          Mark Limburg      - mlimburg@users.sourceforge.net               |
@@ -163,31 +163,12 @@ function fixTopic(&$A, $tid_list)
 
 if (SEC_inGroup('Root') && ($page === 1)) {
     $done = DB_getItem($_TABLES['vars'], 'value', "name = 'security_check'");
-    if ($done != 1) {
-        /**
-         * we don't have the path to the admin directory, so try to figure it
-         * out from $_CONF['site_admin_url']
-         *
-         * @todo FIXME: this duplicates some code from admin/sectest.php
-         */
-        $adminurl = $_CONF['site_admin_url'];
-        if (strrpos($adminurl, '/') == strlen($adminurl)) {
-            $adminurl = substr($adminurl, 0, -1);
-        }
-        $pos = strrpos($adminurl, '/');
-        if ($pos === false) {
-            // only guessing ...
-            $installdir = $_CONF['path_html'] . 'admin/install';
-        } else {
-            $installdir = $_CONF['path_html'] . substr($adminurl, $pos + 1)
-                . '/install';
-        }
 
-        if (is_dir($installdir)) {
-            // deliberatly NOT print the actual path to the install dir
-            $secmsg = sprintf($LANG_SECTEST['remove_inst'], '')
-                . ' ' . $MESSAGE[92];
-            $display .= COM_showMessageText($secmsg);
+    if ($done != 1) {
+        if (COM_getInstallDir() !== '') {
+            // deliberately NOT print the actual path to the install dir
+            $secMsg = sprintf($LANG_SECTEST['remove_inst'], '') . ' ' . $MESSAGE[92];
+            $display .= COM_showMessageText($secMsg);
         }
     }
 }
diff --git a/public_html/lib-common.php b/public_html/lib-common.php
index 6d170896e..793ee5f1a 100644
--- a/public_html/lib-common.php
+++ b/public_html/lib-common.php
@@ -8595,6 +8595,33 @@ function COM_isEnableDeveloperModeLog($type)
     require_once $_CONF['path'] . 'plugins/' . $pi_name . '/functions.inc';
 }
 
+/**
+ * Return the actual admin/install directory
+ *
+ * @return string
+ * @since  Geeklog 2.2.1
+ */
+function COM_getInstallDir()
+{
+    global $_CONF;
+
+    $adminUrl = $_CONF['site_admin_url'];
+    if (strrpos($adminUrl, '/') == strlen($adminUrl)) {
+        $adminUrl = substr($adminUrl, 0, -1);
+    }
+
+    $pos = strrpos($adminUrl, '/');
+    if ($pos === false) {
+        // only guessing ...
+        $installDir = $_CONF['path_html'] . 'admin/install';
+    } else {
+        $installDir = $_CONF['path_html'] . substr($adminUrl, $pos + 1) . '/install';
+    }
+    $installDir = str_replace('\\', '/', $installDir);
+
+    return is_dir($installDir) ? $installDir : '';
+}
+
 // Check and see if any plugins (or custom functions)
 // have scheduled tasks to perform
 if (!isset($_VARS['last_scheduled_run']) || !is_numeric($_VARS['last_scheduled_run'])) {
diff --git a/system/classes/Session.php b/system/classes/Session.php
new file mode 100644
index 000000000..d4c296ca9
--- /dev/null
+++ b/system/classes/Session.php
@@ -0,0 +1,98 @@
+<?php
+
+namespace Geeklog;
+
+/**
+ * Class Session
+ *
+ * @package Geeklog
+ */
+abstract class Session
+{
+    // Index of $_SESSION value
+    const GL_NAMESPACE = '__gl';
+    const VAR_NAMESPACE = '__v';
+    const FLASH_NAMESPACE = '__f';
+
+    /**
+     * @var array
+     */
+    private static $flashVars = [];
+
+    /**
+     * @var bool
+     */
+    private static $isInitialized = false;
+
+    /**
+     * Init the Session class
+     *
+     * @param array $options
+     */
+    public static function init(array $options = [])
+    {
+        if (self::$isInitialized) {
+            return;
+        }
+
+        if (!session_start()) {
+            die('Cannot start session.');
+        }
+
+
+
+        if (isset($_SESSION[self::GL_NAMESPACE][self::FLASH_NAMESPACE])) {
+            self::$flashVars = $_SESSION[self::GL_NAMESPACE][self::FLASH_NAMESPACE];
+        }
+
+        self::$isInitialized = true;
+    }
+
+    /**
+     * Set a session value
+     *
+     * @param  string $name
+     * @param  mixed  $value
+     */
+    public static function set($name, $value)
+    {
+        $_SESSION[self::GL_NAMESPACE][self::VAR_NAMESPACE][$name] = $value;
+    }
+
+    /**
+     * Set a "flash" session value
+     *
+     * @param  string $name
+     * @param  mixed  $value
+     */
+    public static function setFlash($name, $value)
+    {
+        $_SESSION[self::GL_NAMESPACE][self::FLASH_NAMESPACE][$name] = $value;
+    }
+
+    /**
+     * Get a session value
+     *
+     * @param  string $name
+     * @param  mixed  $defaultValue
+     * @return mixed
+     */
+    public static function get($name, $defaultValue = null)
+    {
+        return isset($_SESSION[self::GL_NAMESPACE][self::VAR_NAMESPACE][$name])
+            ? $_SESSION[self::GL_NAMESPACE][self::VAR_NAMESPACE][$name]
+            : $defaultValue;
+    }
+
+    /**
+     * Get a "flash" session value
+     *
+     * @param  string $name
+     * @param  mixed  $defaultValue
+     * @return mixed
+     */
+    public static function getFlash($name, $defaultValue = null)
+    {
+        return isset(self::$flashVars[$name]) ? self::$flashVars[$name] : $defaultValue;
+    }
+}