Commit 6e094613 authored by Till Brehm's avatar Till Brehm

Fixed #5102

parent e41a487d
...@@ -477,6 +477,28 @@ class functions { ...@@ -477,6 +477,28 @@ class functions {
return $out; return $out;
} }
// Function to check paths before we use it as include. Use with absolute paths only.
public function check_include_path($path) {
if(strpos($path,'//')) die('Include path seems to be an URL: '.$this->htmlentities($path));
if(strpos($path,'..')) die('Two dots are not allowed in include path: '.$this->htmlentities($path));
if(!preg_match("/^[a-zA-Z0-9_\/\.\-]{1,}$/", $path)) die('Wrong chars in include path: '.$this->htmlentities($path));
$path = realpath($path);
if($path == '') die('Include path does not exist.');
if(substr($path,0,strlen(ISPC_ROOT_PATH)) != ISPC_ROOT_PATH) die('Path '.$this->htmlentities($path).' is outside of ISPConfig installation directory.');
return $path;
}
// Function to check language strings
public function check_language($language) {
global $app;
if(preg_match('/^[a-z]{2}$/',$language)) {
return $language;
} else {
die('Invalid language string: '.$this->htmlentities($language));
}
}
} }
?> ?>
...@@ -60,7 +60,7 @@ class listform { ...@@ -60,7 +60,7 @@ class listform {
} }
//* Set local Language File //* Set local Language File
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_'.$this->listDef['name'].'_list.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_'.$this->listDef['name'].'_list.lng';
if(!file_exists($lng_file)) $lng_file = 'lib/lang/en_'.$this->listDef['name'].'_list.lng'; if(!file_exists($lng_file)) $lng_file = 'lib/lang/en_'.$this->listDef['name'].'_list.lng';
include $lng_file; include $lng_file;
......
...@@ -249,7 +249,7 @@ class listform_actions { ...@@ -249,7 +249,7 @@ class listform_actions {
global $app; global $app;
//* Set global Language File //* Set global Language File
$lng_file = ISPC_LIB_PATH.'/lang/'.$_SESSION['s']['language'].'.lng'; $lng_file = ISPC_LIB_PATH.'/lang/'.$app->functions->check_language($_SESSION['s']['language']).'.lng';
if(!file_exists($lng_file)) if(!file_exists($lng_file))
$lng_file = ISPC_LIB_PATH.'/lang/en.lng'; $lng_file = ISPC_LIB_PATH.'/lang/en.lng';
include $lng_file; include $lng_file;
......
...@@ -153,10 +153,10 @@ class listform_tpl_generator { ...@@ -153,10 +153,10 @@ class listform_tpl_generator {
} }
function lng_add($lang, $listDef, $module = '') { function lng_add($lang, $listDef, $module = '') {
global $go_api, $go_info, $conf; global $app, $conf;
if($module == '') { if($module == '') {
$lng_file = "lib/lang/".$conf["language"]."_".$listDef['name']."_list.lng"; $lng_file = "lib/lang/".$app->functions->check_language($conf["language"])."_".$listDef['name']."_list.lng";
} else { } else {
$lng_file = '../'.$module."/lib/lang/en_".$listDef['name']."_list.lng"; $lng_file = '../'.$module."/lib/lang/en_".$listDef['name']."_list.lng";
} }
......
...@@ -45,7 +45,7 @@ class plugin_backuplist extends plugin_base { ...@@ -45,7 +45,7 @@ class plugin_backuplist extends plugin_base {
$listTpl->newTemplate('templates/web_backup_list.htm'); $listTpl->newTemplate('templates/web_backup_list.htm');
//* Loading language file //* Loading language file
$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_web_backup_list.lng"; $lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_web_backup_list.lng";
include $lng_file; include $lng_file;
$listTpl->setVar($wb); $listTpl->setVar($wb);
......
...@@ -46,7 +46,7 @@ class plugin_backuplist_mail extends plugin_base { ...@@ -46,7 +46,7 @@ class plugin_backuplist_mail extends plugin_base {
$listTpl->newTemplate('templates/mail_user_backup_list.htm'); $listTpl->newTemplate('templates/mail_user_backup_list.htm');
//* Loading language file //* Loading language file
$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_mail_backup_list.lng"; $lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_mail_backup_list.lng";
include($lng_file); include($lng_file);
$listTpl->setVar($wb); $listTpl->setVar($wb);
......
...@@ -18,7 +18,7 @@ class plugin_directive_snippets extends plugin_base ...@@ -18,7 +18,7 @@ class plugin_directive_snippets extends plugin_base
$listTpl->newTemplate('templates/web_directive_snippets.htm'); $listTpl->newTemplate('templates/web_directive_snippets.htm');
//* Loading language file //* Loading language file
$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_web_directive_snippets.lng"; $lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_web_directive_snippets.lng";
include $lng_file; include $lng_file;
$listTpl->setVar($wb); $listTpl->setVar($wb);
......
...@@ -120,7 +120,7 @@ class plugin_listview extends plugin_base { ...@@ -120,7 +120,7 @@ class plugin_listview extends plugin_base {
} }
// Loading language field // Loading language field
$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_".$app->listform->listDef['name']."_list.lng"; $lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_".$app->listform->listDef['name']."_list.lng";
include $lng_file; include $lng_file;
$listTpl->setVar($wb); $listTpl->setVar($wb);
......
...@@ -151,10 +151,10 @@ class searchform_actions { ...@@ -151,10 +151,10 @@ class searchform_actions {
global $app; global $app;
// Language File setzen // Language File setzen
$lng_file = ISPC_WEB_PATH.'/lang/lib/lang/'.$_SESSION['s']['language'].'_list.lng'; $lng_file = ISPC_WEB_PATH.'/lang/lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_list.lng';
if(!file_exists($lng_file)) $lng_file = ISPC_WEB_PATH.'/lang/lib/lang/en_'.'_list.lng'; if(!file_exists($lng_file)) $lng_file = ISPC_WEB_PATH.'/lang/lib/lang/en_'.'_list.lng';
include $lng_file; include $lng_file;
$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_".$app->searchform->listDef['name']."_search.lng"; $lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_".$app->searchform->listDef['name']."_search.lng";
if(!file_exists($lng_file)) $lng_file = 'lib/lang/en_'.$app->searchform->listDef['name']."_search.lng"; if(!file_exists($lng_file)) $lng_file = 'lib/lang/en_'.$app->searchform->listDef['name']."_search.lng";
include $lng_file; include $lng_file;
$app->tpl->setVar($wb); $app->tpl->setVar($wb);
......
...@@ -134,7 +134,7 @@ class tform_base { ...@@ -134,7 +134,7 @@ class tform_base {
$this->module = $module; $this->module = $module;
$wb = array(); $wb = array();
include_once ISPC_ROOT_PATH.'/lib/lang/'.$_SESSION['s']['language'].'.lng'; include_once ISPC_ROOT_PATH.'/lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'.lng';
if(is_array($wb)) $wb_global = $wb; if(is_array($wb)) $wb_global = $wb;
...@@ -143,7 +143,7 @@ class tform_base { ...@@ -143,7 +143,7 @@ class tform_base {
if(!file_exists($lng_file)) $lng_file = "lib/lang/en_".$this->formDef["name"].".lng"; if(!file_exists($lng_file)) $lng_file = "lib/lang/en_".$this->formDef["name"].".lng";
include $lng_file; include $lng_file;
} else { } else {
$lng_file = "../$module/lib/lang/".$_SESSION["s"]["language"]."_".$this->formDef["name"].".lng"; $lng_file = "../$module/lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_".$this->formDef["name"].".lng";
if(!file_exists($lng_file)) $lng_file = "../$module/lib/lang/en_".$this->formDef["name"].".lng"; if(!file_exists($lng_file)) $lng_file = "../$module/lib/lang/en_".$this->formDef["name"].".lng";
include $lng_file; include $lng_file;
} }
......
...@@ -298,7 +298,7 @@ class tform_tpl_generator { ...@@ -298,7 +298,7 @@ class tform_tpl_generator {
function lng_add($lang, $formDef) { function lng_add($lang, $formDef) {
global $go_api, $go_info, $conf; global $go_api, $go_info, $conf;
$lng_file = "lib/lang/".$conf["language"]."_".$formDef['name'].".lng"; $lng_file = "lib/lang/".$app->functions->check_language($conf["language"])."_".$formDef['name'].".lng";
if(is_file($lng_file)) { if(is_file($lng_file)) {
include $lng_file; include $lng_file;
} else { } else {
......
...@@ -104,7 +104,7 @@ $app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']); ...@@ -104,7 +104,7 @@ $app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']); $app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
//* load language file //* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_add.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_add.lng';
include $lng_file; include $lng_file;
$app->tpl->setVar($wb); $app->tpl->setVar($wb);
......
...@@ -166,7 +166,7 @@ $app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']); ...@@ -166,7 +166,7 @@ $app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']); $app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
//* load language file //* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_complete.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_complete.lng';
include $lng_file; include $lng_file;
$app->tpl->setVar($wb); $app->tpl->setVar($wb);
......
...@@ -104,7 +104,7 @@ $app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']); ...@@ -104,7 +104,7 @@ $app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
//* load language file //* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_edit.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_edit.lng';
include $lng_file; include $lng_file;
$app->tpl->setVar($wb); $app->tpl->setVar($wb);
......
...@@ -111,7 +111,7 @@ if(isset($_POST['lng_select']) && $error == '') { ...@@ -111,7 +111,7 @@ if(isset($_POST['lng_select']) && $error == '') {
$app->tpl->setVar('msg', $msg); $app->tpl->setVar('msg', $msg);
//* load language file //* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_export.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_export.lng';
include $lng_file; include $lng_file;
$app->tpl->setVar($wb); $app->tpl->setVar($wb);
......
...@@ -194,7 +194,7 @@ $app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']); ...@@ -194,7 +194,7 @@ $app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']); $app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
//* load language file //* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_import.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_import.lng';
include $lng_file; include $lng_file;
$app->tpl->setVar($wb); $app->tpl->setVar($wb);
......
...@@ -97,7 +97,7 @@ $app->tpl->setLoop('records', $language_files_list); ...@@ -97,7 +97,7 @@ $app->tpl->setLoop('records', $language_files_list);
//* load language file //* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_list.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_list.lng';
include $lng_file; include $lng_file;
$app->tpl->setVar($wb); $app->tpl->setVar($wb);
......
...@@ -44,7 +44,7 @@ $app->tpl->newTemplate('form.tpl.htm'); ...@@ -44,7 +44,7 @@ $app->tpl->newTemplate('form.tpl.htm');
$app->tpl->setInclude('content_tpl', 'templates/remote_action_ispcupdate.htm'); $app->tpl->setInclude('content_tpl', 'templates/remote_action_ispcupdate.htm');
//* load language file //* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_remote_action.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_remote_action.lng';
include $lng_file; include $lng_file;
/* /*
......
...@@ -43,7 +43,7 @@ $app->tpl->newTemplate('form.tpl.htm'); ...@@ -43,7 +43,7 @@ $app->tpl->newTemplate('form.tpl.htm');
$app->tpl->setInclude('content_tpl', 'templates/remote_action_osupdate.htm'); $app->tpl->setInclude('content_tpl', 'templates/remote_action_osupdate.htm');
//* load language file //* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_remote_action.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_remote_action.lng';
include $lng_file; include $lng_file;
/* /*
......
...@@ -184,7 +184,7 @@ if(is_array($packages) && count($packages) > 0) { ...@@ -184,7 +184,7 @@ if(is_array($packages) && count($packages) > 0) {
$app->tpl->setLoop('records', $packages); $app->tpl->setLoop('records', $packages);
$language = (isset($_SESSION['s']['language']))?$_SESSION['s']['language']:$conf['language']; $language = (isset($_SESSION['s']['language']))?$_SESSION['s']['language']:$conf['language'];
include_once 'lib/lang/'.$language.'_software_package_list.lng'; include_once 'lib/lang/'.$app->functions->check_language($language).'_software_package_list.lng';
$app->tpl->setVar($wb); $app->tpl->setVar($wb);
......
...@@ -193,7 +193,7 @@ if(is_array($installed_packages)) { ...@@ -193,7 +193,7 @@ if(is_array($installed_packages)) {
$app->tpl->setLoop('records', $records_out); $app->tpl->setLoop('records', $records_out);
$language = (isset($_SESSION['s']['language']))?$_SESSION['s']['language']:$conf['language']; $language = (isset($_SESSION['s']['language']))?$_SESSION['s']['language']:$conf['language'];
include_once 'lib/lang/'.$language.'_software_update_list.lng'; include_once 'lib/lang/'.$app->functions->check_language($language).'_software_update_list.lng';
$app->tpl->setVar($wb); $app->tpl->setVar($wb);
......
...@@ -97,7 +97,7 @@ class page_action extends tform_actions { ...@@ -97,7 +97,7 @@ class page_action extends tform_actions {
$app->tpl->setLoop('records', $table_list); $app->tpl->setLoop('records', $table_list);
//* load language file //* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_client_del.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_client_del.lng';
include $lng_file; include $lng_file;
$app->tpl->setVar($wb); $app->tpl->setVar($wb);
......
...@@ -42,7 +42,7 @@ $app->tpl->newTemplate('form.tpl.htm'); ...@@ -42,7 +42,7 @@ $app->tpl->newTemplate('form.tpl.htm');
$app->tpl->setInclude('content_tpl', 'templates/client_message.htm'); $app->tpl->setInclude('content_tpl', 'templates/client_message.htm');
//* load language file //* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_client_message.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_client_message.lng';
include $lng_file; include $lng_file;
$app->tpl->setVar($wb); $app->tpl->setVar($wb);
......
...@@ -54,7 +54,7 @@ class page_action extends tform_actions { ...@@ -54,7 +54,7 @@ class page_action extends tform_actions {
global $app; $conf; global $app; $conf;
//* load language file //* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'.lng';
include $lng_file; include $lng_file;
/* /*
......
...@@ -49,7 +49,7 @@ $app->uses('tpl,tform,tform_actions'); ...@@ -49,7 +49,7 @@ $app->uses('tpl,tform,tform_actions');
$app->load('tform_actions'); $app->load('tform_actions');
//* load language file //* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'.lng';
include $lng_file; include $lng_file;
......
...@@ -51,7 +51,7 @@ $app->uses('tpl'); ...@@ -51,7 +51,7 @@ $app->uses('tpl');
$app->tpl->newTemplate("templates/dashboard.htm"); $app->tpl->newTemplate("templates/dashboard.htm");
//* load language file //* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'.lng';
include $lng_file; include $lng_file;
$app->tpl->setVar($wb); $app->tpl->setVar($wb);
......
...@@ -204,7 +204,7 @@ if ($settings['use_domain_module'] == 'y') { ...@@ -204,7 +204,7 @@ if ($settings['use_domain_module'] == 'y') {
} }
} }
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_dns_import.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_dns_import.lng';
include $lng_file; include $lng_file;
$app->tpl->setVar($wb); $app->tpl->setVar($wb);
......
...@@ -465,7 +465,7 @@ $csrf_token = $app->auth->csrf_token_get('dns_wizard'); ...@@ -465,7 +465,7 @@ $csrf_token = $app->auth->csrf_token_get('dns_wizard');
$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']); $app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']); $app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_dns_wizard.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_dns_wizard.lng';
include $lng_file; include $lng_file;
$app->tpl->setVar($wb); $app->tpl->setVar($wb);
......
...@@ -3,6 +3,7 @@ include '../../lib/config.inc.php'; ...@@ -3,6 +3,7 @@ include '../../lib/config.inc.php';
header('Content-Type: text/javascript; charset=utf-8'); // the config file sets the content type header so we have to override it here! header('Content-Type: text/javascript; charset=utf-8'); // the config file sets the content type header so we have to override it here!
require_once '../../lib/app.inc.php'; require_once '../../lib/app.inc.php';
$lang = (isset($_SESSION['s']['language']) && $_SESSION['s']['language'] != '')?$_SESSION['s']['language']:'en'; $lang = (isset($_SESSION['s']['language']) && $_SESSION['s']['language'] != '')?$_SESSION['s']['language']:'en';
$lang = $app->functions->check_language($lang);
include_once ISPC_ROOT_PATH.'/web/strengthmeter/lib/lang/'.$lang.'_strengthmeter.lng'; include_once ISPC_ROOT_PATH.'/web/strengthmeter/lib/lang/'.$lang.'_strengthmeter.lng';
$app->uses('ini_parser,getconf'); $app->uses('ini_parser,getconf');
......
...@@ -229,12 +229,12 @@ if(count($_POST) > 0) { ...@@ -229,12 +229,12 @@ if(count($_POST) > 0) {
if ($loginAs) $_SESSION['s_old'] = $oldSession; // keep the way back! if ($loginAs) $_SESSION['s_old'] = $oldSession; // keep the way back!
$_SESSION['s']['user'] = $user; $_SESSION['s']['user'] = $user;
$_SESSION['s']['user']['theme'] = isset($user['app_theme']) ? $user['app_theme'] : 'default'; $_SESSION['s']['user']['theme'] = isset($user['app_theme']) ? $user['app_theme'] : 'default';
$_SESSION['s']['language'] = $user['language']; $_SESSION['s']['language'] = $app->functions->check_language($user['language']);
$_SESSION["s"]['theme'] = $_SESSION['s']['user']['theme']; $_SESSION["s"]['theme'] = $_SESSION['s']['user']['theme'];
if ($loginAs) $_SESSION['s']['plugin_cache'] = $_SESSION['s_old']['plugin_cache']; if ($loginAs) $_SESSION['s']['plugin_cache'] = $_SESSION['s_old']['plugin_cache'];
if(is_file(ISPC_WEB_PATH . '/' . $_SESSION['s']['user']['startmodule'].'/lib/module.conf.php')) { if(is_file(ISPC_WEB_PATH . '/' . $_SESSION['s']['user']['startmodule'].'/lib/module.conf.php')) {
include_once ISPC_WEB_PATH . '/' . $_SESSION['s']['user']['startmodule'].'/lib/module.conf.php'; include_once $app->functions->check_include_path(ISPC_WEB_PATH . '/' . $_SESSION['s']['user']['startmodule'].'/lib/module.conf.php');
$menu_dir = ISPC_WEB_PATH.'/' . $_SESSION['s']['user']['startmodule'] . '/lib/menu.d'; $menu_dir = ISPC_WEB_PATH.'/' . $_SESSION['s']['user']['startmodule'] . '/lib/menu.d';
if (is_dir($menu_dir)) { if (is_dir($menu_dir)) {
if ($dh = opendir($menu_dir)) { if ($dh = opendir($menu_dir)) {
......
...@@ -83,7 +83,7 @@ $dbData = $app->db->queryOneRecord( ...@@ -83,7 +83,7 @@ $dbData = $app->db->queryOneRecord(
* TODO: move the login_as form to a template file -> themeability * TODO: move the login_as form to a template file -> themeability
*/ */
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_login_as.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_login_as.lng';
include $lng_file; include $lng_file;
echo ' echo '
......
...@@ -43,7 +43,7 @@ if (isset($_GET['l']) && ($_GET['l']== 1)) $forceLogout = true; ...@@ -43,7 +43,7 @@ if (isset($_GET['l']) && ($_GET['l']== 1)) $forceLogout = true;
if ((isset($_SESSION['s_old']) && ($_SESSION['s_old']['user']['typ'] == 'admin' || $app->auth->has_clients($_SESSION['s_old']['user']['userid']))) && if ((isset($_SESSION['s_old']) && ($_SESSION['s_old']['user']['typ'] == 'admin' || $app->auth->has_clients($_SESSION['s_old']['user']['userid']))) &&
(!$forceLogout)){ (!$forceLogout)){
$utype = ($_SESSION['s_old']['user']['typ'] == 'admin' ? 'admin' : 'reseller'); $utype = ($_SESSION['s_old']['user']['typ'] == 'admin' ? 'admin' : 'reseller');
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_login_as.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_login_as.lng';
include $lng_file; include $lng_file;
echo ' echo '
<br /> <br /> <br /> <br /> <br /> <br /> <br /> <br />
......
...@@ -43,7 +43,7 @@ $app->tpl->setInclude('content_tpl', 'templates/password_reset.htm'); ...@@ -43,7 +43,7 @@ $app->tpl->setInclude('content_tpl', 'templates/password_reset.htm');
$app->tpl_defaults(); $app->tpl_defaults();
include ISPC_ROOT_PATH.'/web/login/lib/lang/'.$_SESSION['s']['language'].'.lng'; include ISPC_ROOT_PATH.'/web/login/lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'.lng';
$app->tpl->setVar($wb); $app->tpl->setVar($wb);
$continue = true; $continue = true;
......
...@@ -13,7 +13,7 @@ $msg = ''; ...@@ -13,7 +13,7 @@ $msg = '';
$error = ''; $error = '';
//* load language file //* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_index.lng'; $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_index.lng';
include $lng_file; include $lng_file;
$app->tpl->setVar($wb); $app->tpl->setVar($wb);
......
...@@ -75,7 +75,7 @@ if(isset($_GET['nav']) && $_GET['nav'] == 'top') { ...@@ -75,7 +75,7 @@ if(isset($_GET['nav']) && $_GET['nav'] == 'top') {
} }
include_once $mt.'/lib/module.conf.php'; include_once $mt.'/lib/module.conf.php';
$language = (isset($_SESSION['s']['user']['language']))?$_SESSION['s']['user']['language']:$conf['language']; $language = $app->functions->check_language((isset($_SESSION['s']['user']['language']))?$_SESSION['s']['user']['language']:$conf['language']);