From bef1a4ac424b4e986589e4cfc9f4d134f1b16f15 Mon Sep 17 00:00:00 2001 From: plegall Date: Sun, 3 May 2026 15:44:12 +0200 Subject: [PATCH] fixes #2541 (again) same problem, be less punitive --- identification.php | 7 +------ password.php | 7 +------ profile.php | 7 +------ register.php | 7 +------ 4 files changed, 4 insertions(+), 24 deletions(-) diff --git a/identification.php b/identification.php index 13f5c42e9..d3b1d019e 100644 --- a/identification.php +++ b/identification.php @@ -126,13 +126,8 @@ if (!$conf['gallery_locked'] && (!isset($themeconf['hide_menu_on']) OR !in_array } //Load language if cookie is set from login/register/password pages -if (isset($_COOKIE['lang']) and $user['language'] != $_COOKIE['lang']) +if (isset($_COOKIE['lang']) and $user['language'] != $_COOKIE['lang'] and array_key_exists($_COOKIE['lang'], get_languages())) { - if (!array_key_exists($_COOKIE['lang'], get_languages())) - { - fatal_error('[Hacking attempt] the input parameter "'.htmlspecialchars($_COOKIE['lang']).'" is not valid'); - } - $user['language'] = $_COOKIE['lang']; load_language('common.lang', '', array('language'=>$user['language'])); } diff --git a/password.php b/password.php index 59691753c..8975befd1 100644 --- a/password.php +++ b/password.php @@ -490,13 +490,8 @@ if (!isset($themeconf['hide_menu_on']) OR !in_array('thePasswordPage', $themecon } //Load language if cookie is set from login/register/password pages -if (isset($_COOKIE['lang']) and $user['language'] != $_COOKIE['lang']) +if (isset($_COOKIE['lang']) and $user['language'] != $_COOKIE['lang'] and array_key_exists($_COOKIE['lang'], get_languages())) { - if (!array_key_exists($_COOKIE['lang'], get_languages())) - { - fatal_error('[Hacking attempt] the input parameter "'.htmlspecialchars($_COOKIE['lang']).'" is not valid'); - } - $user['language'] = $_COOKIE['lang']; load_language('common.lang', '', array('language'=>$user['language'])); } diff --git a/profile.php b/profile.php index 9ceb32b0f..1b649132a 100644 --- a/profile.php +++ b/profile.php @@ -79,13 +79,8 @@ SELECT '.implode(',', $fields).' include(PHPWG_ROOT_PATH.'include/page_header.php'); //Load language if cookie is set from login/register/password pages - if (isset($_COOKIE['lang']) and $user['language'] != $_COOKIE['lang']) + if (isset($_COOKIE['lang']) and $user['language'] != $_COOKIE['lang'] and array_key_exists($_COOKIE['lang'], get_languages())) { - if (!array_key_exists($_COOKIE['lang'], get_languages())) - { - fatal_error('[Hacking attempt] the input parameter "'.htmlspecialchars($_COOKIE['lang']).'" is not valid'); - } - $user['language'] = $_COOKIE['lang']; single_update( USER_INFOS_TABLE, diff --git a/register.php b/register.php index aa76a5ee3..7f3766298 100644 --- a/register.php +++ b/register.php @@ -102,13 +102,8 @@ if (!isset($themeconf['hide_menu_on']) OR !in_array('theRegisterPage', $themecon } //Load language if cookie is set from login/register/password pages -if (isset($_COOKIE['lang']) and $user['language'] != $_COOKIE['lang']) +if (isset($_COOKIE['lang']) and $user['language'] != $_COOKIE['lang'] and array_key_exists($_COOKIE['lang'], get_languages())) { - if (!array_key_exists($_COOKIE['lang'], get_languages())) - { - fatal_error('[Hacking attempt] the input parameter "'.htmlspecialchars($_COOKIE['lang']).'" is not valid'); - } - $user['language'] = $_COOKIE['lang']; load_language('common.lang', '', array('language'=>$user['language'])); }