fixes #2541 (again) same problem, be less punitive

This commit is contained in:
plegall
2026-05-03 15:44:12 +02:00
parent 23a9d75fd2
commit bef1a4ac42
4 changed files with 4 additions and 24 deletions
+1 -6
View File
@@ -79,13 +79,8 @@ SELECT '.implode(',', $fields).'
include(PHPWG_ROOT_PATH.'include/page_header.php');
//Load language if cookie is set from login/register/password pages
if (isset($_COOKIE['lang']) and $user['language'] != $_COOKIE['lang'])
if (isset($_COOKIE['lang']) and $user['language'] != $_COOKIE['lang'] and array_key_exists($_COOKIE['lang'], get_languages()))
{
if (!array_key_exists($_COOKIE['lang'], get_languages()))
{
fatal_error('[Hacking attempt] the input parameter "'.htmlspecialchars($_COOKIE['lang']).'" is not valid');
}
$user['language'] = $_COOKIE['lang'];
single_update(
USER_INFOS_TABLE,