diff --git a/interface/web/admin/language_edit.php b/interface/web/admin/language_edit.php
index 39baec55e3421b1b8639b4f2ce6c180a9fd3217c..681f39acf7881367e652420c9945c5cb464764ea 100644
--- a/interface/web/admin/language_edit.php
+++ b/interface/web/admin/language_edit.php
@@ -64,6 +64,7 @@ if(isset($_POST['records']) && is_array($_POST['records'])) {
 		$val = stripslashes($val);
 		$val = preg_replace('/(^|[^\\\\])((\\\\\\\\)*)"/', '$1$2\\"', $val);
 		$val = str_replace('$', '', $val);
+		if(!preg_match("/^[a-z0-9_]+$/", $key)) die('Invalid language file key.');
 		$file_content .= '$wb['."'$key'".'] = "'.$val.'";'."\n";
 		$msg = 'File saved.';
 	}