From 23a9d75fd2ad45b56b05d69d91855557ebb8c7ec Mon Sep 17 00:00:00 2001
From: plegall <plg@piwigo.org>
Date: Sun, 3 May 2026 15:12:14 +0200
Subject: [PATCH] fixes #2541 cookie.lang may have an invalid value, we need to
 be less punitive

---
 include/functions_user.inc.php | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index 48bbf35ef..c1df8cade 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -1050,16 +1050,8 @@ function log_user($user_id, $remember_me)
 
   //New default login and register pages, if users changes languages and succesfully logs in
   //we want to update the userpref language stored in a cookie
-
-  //TODO check value of cookie
-
-  if (isset($_COOKIE['lang']) and $user['language'] != $_COOKIE['lang'])
+  if (isset($_COOKIE['lang']) and array_key_exists($_COOKIE['lang'], get_languages()))
   {
-    if (!array_key_exists($_COOKIE['lang'], get_languages()))
-    {
-      fatal_error('[Hacking attempt] the input parameter "'.htmlspecialchars($_COOKIE['lang']).'" is not valid');
-    }
-
     single_update(
       USER_INFOS_TABLE,
       array('language' => $_COOKIE['lang']),