Fixed #5102

Till Brehm · Till Brehm · commit 6e094613712e · 2018-08-17T17:33:41.000+02:00
diff --git a/interface/lib/classes/functions.inc.php b/interface/lib/classes/functions.inc.php
@@ -477,6 +477,28 @@ public function htmlentities($value) {
 		
 		return $out;
 	}
+	
+	// Function to check paths before we use it as include. Use with absolute paths only.
+	public function check_include_path($path) {
+		if(strpos($path,'//')) die('Include path seems to be an URL: '.$this->htmlentities($path));
+		if(strpos($path,'..')) die('Two dots are not allowed in include path: '.$this->htmlentities($path));
+		if(!preg_match("/^[a-zA-Z0-9_\/\.\-]{1,}$/", $path)) die('Wrong chars in include path: '.$this->htmlentities($path));
+		$path = realpath($path);
+		if($path == '') die('Include path does not exist.');
+		if(substr($path,0,strlen(ISPC_ROOT_PATH)) != ISPC_ROOT_PATH) die('Path '.$this->htmlentities($path).' is outside of ISPConfig installation directory.');
+		return $path;
+	}
+	
+	// Function to check language strings
+	public function check_language($language) {
+		global $app;
+		if(preg_match('/^[a-z]{2}$/',$language)) {
+			 return $language;
+		} else {
+			die('Invalid language string: '.$this->htmlentities($language));	
+		}
+	}
+	
 }
 
 ?>
diff --git a/interface/lib/classes/listform.inc.php b/interface/lib/classes/listform.inc.php
@@ -60,7 +60,7 @@ public function loadListDef($file, $module = '')
 		}
 
 		//* Set local Language File
-		$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_'.$this->listDef['name'].'_list.lng';
+		$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_'.$this->listDef['name'].'_list.lng';
 		if(!file_exists($lng_file)) $lng_file = 'lib/lang/en_'.$this->listDef['name'].'_list.lng';
 		include $lng_file;
 
diff --git a/interface/lib/classes/listform_actions.inc.php b/interface/lib/classes/listform_actions.inc.php
@@ -249,7 +249,7 @@ public function onShow()
 		global $app;
 
 		//* Set global Language File
-		$lng_file = ISPC_LIB_PATH.'/lang/'.$_SESSION['s']['language'].'.lng';
+		$lng_file = ISPC_LIB_PATH.'/lang/'.$app->functions->check_language($_SESSION['s']['language']).'.lng';
 		if(!file_exists($lng_file))
 			$lng_file = ISPC_LIB_PATH.'/lang/en.lng';
 		include $lng_file;
diff --git a/interface/lib/classes/listform_tpl_generator.inc.php b/interface/lib/classes/listform_tpl_generator.inc.php
@@ -153,10 +153,10 @@ function buildHTML($listDef, $module = '') {
 	}
 
 	function lng_add($lang, $listDef, $module = '') {
-		global $go_api, $go_info, $conf;
+		global $app, $conf;
 
 		if($module == '') {
-			$lng_file = "lib/lang/".$conf["language"]."_".$listDef['name']."_list.lng";
+			$lng_file = "lib/lang/".$app->functions->check_language($conf["language"])."_".$listDef['name']."_list.lng";
 		} else {
 			$lng_file = '../'.$module."/lib/lang/en_".$listDef['name']."_list.lng";
 		}
diff --git a/interface/lib/classes/plugin_backuplist.inc.php b/interface/lib/classes/plugin_backuplist.inc.php
@@ -45,7 +45,7 @@ function onShow() {
 		$listTpl->newTemplate('templates/web_backup_list.htm');
 
 		//* Loading language file
-		$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_web_backup_list.lng";
+		$lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_web_backup_list.lng";
 		include $lng_file;
 		$listTpl->setVar($wb);
 
diff --git a/interface/lib/classes/plugin_backuplist_mail.inc.php b/interface/lib/classes/plugin_backuplist_mail.inc.php
@@ -46,7 +46,7 @@ function onShow() {
 		$listTpl->newTemplate('templates/mail_user_backup_list.htm');
 				
 		//* Loading language file
-		$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_mail_backup_list.lng";
+		$lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_mail_backup_list.lng";
 		include($lng_file);
 		$listTpl->setVar($wb);
 
diff --git a/interface/lib/classes/plugin_directive_snippets.inc.php b/interface/lib/classes/plugin_directive_snippets.inc.php
@@ -18,7 +18,7 @@ public function onShow()
 		$listTpl->newTemplate('templates/web_directive_snippets.htm');
 
 		//* Loading language file
-		$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_web_directive_snippets.lng";
+		$lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_web_directive_snippets.lng";
 
 		include $lng_file;
 		$listTpl->setVar($wb);
diff --git a/interface/lib/classes/plugin_listview.inc.php b/interface/lib/classes/plugin_listview.inc.php
@@ -120,7 +120,7 @@ function onShow() {
 		}
 
 		// Loading language field
-		$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_".$app->listform->listDef['name']."_list.lng";
+		$lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_".$app->listform->listDef['name']."_list.lng";
 		include $lng_file;
 		$listTpl->setVar($wb);
 
diff --git a/interface/lib/classes/searchform_actions.inc.php b/interface/lib/classes/searchform_actions.inc.php
@@ -151,10 +151,10 @@ function onShow() {
 		global $app;
 
 		// Language File setzen
-		$lng_file = ISPC_WEB_PATH.'/lang/lib/lang/'.$_SESSION['s']['language'].'_list.lng';
+		$lng_file = ISPC_WEB_PATH.'/lang/lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_list.lng';
 		if(!file_exists($lng_file)) $lng_file = ISPC_WEB_PATH.'/lang/lib/lang/en_'.'_list.lng';
 		include $lng_file;
-		$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_".$app->searchform->listDef['name']."_search.lng";
+		$lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_".$app->searchform->listDef['name']."_search.lng";
 		if(!file_exists($lng_file)) $lng_file = 'lib/lang/en_'.$app->searchform->listDef['name']."_search.lng";
 		include $lng_file;
 		$app->tpl->setVar($wb);
diff --git a/interface/lib/classes/tform_base.inc.php b/interface/lib/classes/tform_base.inc.php
@@ -134,7 +134,7 @@ function loadFormDef($file, $module = '') {
 		$this->module = $module;
 		$wb = array();
 
-		include_once ISPC_ROOT_PATH.'/lib/lang/'.$_SESSION['s']['language'].'.lng';
+		include_once ISPC_ROOT_PATH.'/lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'.lng';
 
 		if(is_array($wb)) $wb_global = $wb;
 
@@ -143,7 +143,7 @@ function loadFormDef($file, $module = '') {
 			if(!file_exists($lng_file)) $lng_file = "lib/lang/en_".$this->formDef["name"].".lng";
 			include $lng_file;
 		} else {
-			$lng_file = "../$module/lib/lang/".$_SESSION["s"]["language"]."_".$this->formDef["name"].".lng";
+			$lng_file = "../$module/lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_".$this->formDef["name"].".lng";
 			if(!file_exists($lng_file)) $lng_file = "../$module/lib/lang/en_".$this->formDef["name"].".lng";
 			include $lng_file;
 		}
diff --git a/interface/lib/classes/tform_tpl_generator.inc.php b/interface/lib/classes/tform_tpl_generator.inc.php
@@ -298,7 +298,7 @@ function buildHTML($formDef, $tab) {
 	function lng_add($lang, $formDef) {
 		global $go_api, $go_info, $conf;
 
-		$lng_file = "lib/lang/".$conf["language"]."_".$formDef['name'].".lng";
+		$lng_file = "lib/lang/".$app->functions->check_language($conf["language"])."_".$formDef['name'].".lng";
 		if(is_file($lng_file)) {
 			include $lng_file;
 		} else {
diff --git a/interface/web/admin/language_add.php b/interface/web/admin/language_add.php
@@ -104,7 +104,7 @@
 $app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
 
 //* load language file
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_add.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_add.lng';
 include $lng_file;
 $app->tpl->setVar($wb);
 
diff --git a/interface/web/admin/language_complete.php b/interface/web/admin/language_complete.php
@@ -166,7 +166,7 @@ function merge_langfile($langfile, $masterfile) {
 $app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
 
 //* load language file
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_complete.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_complete.lng';
 include $lng_file;
 $app->tpl->setVar($wb);
 
diff --git a/interface/web/admin/language_edit.php b/interface/web/admin/language_edit.php
@@ -104,7 +104,7 @@
 
 
 //* load language file
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_edit.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_edit.lng';
 include $lng_file;
 $app->tpl->setVar($wb);
 
diff --git a/interface/web/admin/language_export.php b/interface/web/admin/language_export.php
@@ -111,7 +111,7 @@
 $app->tpl->setVar('msg', $msg);
 
 //* load language file
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_export.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_export.lng';
 include $lng_file;
 $app->tpl->setVar($wb);
 
diff --git a/interface/web/admin/language_import.php b/interface/web/admin/language_import.php
@@ -194,7 +194,7 @@ function validate_line($line) {
 $app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
 
 //* load language file
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_import.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_import.lng';
 include $lng_file;
 $app->tpl->setVar($wb);
 
diff --git a/interface/web/admin/language_list.php b/interface/web/admin/language_list.php
@@ -97,7 +97,7 @@
 
 
 //* load language file
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_list.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_list.lng';
 include $lng_file;
 $app->tpl->setVar($wb);
 
diff --git a/interface/web/admin/remote_action_ispcupdate.php b/interface/web/admin/remote_action_ispcupdate.php
@@ -44,7 +44,7 @@
 $app->tpl->setInclude('content_tpl', 'templates/remote_action_ispcupdate.htm');
 
 //* load language file
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_remote_action.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_remote_action.lng';
 include $lng_file;
 
 /*
diff --git a/interface/web/admin/remote_action_osupdate.php b/interface/web/admin/remote_action_osupdate.php
@@ -43,7 +43,7 @@
 $app->tpl->setInclude('content_tpl', 'templates/remote_action_osupdate.htm');
 
 //* load language file
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_remote_action.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_remote_action.lng';
 include $lng_file;
 
 /*
diff --git a/interface/web/admin/software_package_list.php b/interface/web/admin/software_package_list.php
@@ -184,7 +184,7 @@
 $app->tpl->setLoop('records', $packages);
 
 $language = (isset($_SESSION['s']['language']))?$_SESSION['s']['language']:$conf['language'];
-include_once 'lib/lang/'.$language.'_software_package_list.lng';
+include_once 'lib/lang/'.$app->functions->check_language($language).'_software_package_list.lng';
 $app->tpl->setVar($wb);
 
 
diff --git a/interface/web/admin/software_update_list.php b/interface/web/admin/software_update_list.php
@@ -193,7 +193,7 @@
 $app->tpl->setLoop('records', $records_out);
 
 $language = (isset($_SESSION['s']['language']))?$_SESSION['s']['language']:$conf['language'];
-include_once 'lib/lang/'.$language.'_software_update_list.lng';
+include_once 'lib/lang/'.$app->functions->check_language($language).'_software_update_list.lng';
 $app->tpl->setVar($wb);
 
 
diff --git a/interface/web/client/client_del.php b/interface/web/client/client_del.php
@@ -97,7 +97,7 @@ function onDelete() {
 			$app->tpl->setLoop('records', $table_list);
 
 			//* load language file
-			$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_client_del.lng';
+			$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_client_del.lng';
 			include $lng_file;
 			$app->tpl->setVar($wb);
 
diff --git a/interface/web/client/client_message.php b/interface/web/client/client_message.php
@@ -42,7 +42,7 @@
 $app->tpl->setInclude('content_tpl', 'templates/client_message.htm');
 
 //* load language file
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_client_message.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_client_message.lng';
 include $lng_file;
 $app->tpl->setVar($wb);
 
diff --git a/interface/web/client/domain_del.php b/interface/web/client/domain_del.php
@@ -54,7 +54,7 @@ function onBeforeDelete() {
 		global $app; $conf;
 
 		//* load language file
-		$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'.lng';
+		$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'.lng';
 		include $lng_file;
 
 		/*
diff --git a/interface/web/client/domain_edit.php b/interface/web/client/domain_edit.php
@@ -49,7 +49,7 @@
 $app->load('tform_actions');
 
 //* load language file
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'.lng';
 include $lng_file;
 
 
diff --git a/interface/web/dashboard/dashboard.php b/interface/web/dashboard/dashboard.php
@@ -51,7 +51,7 @@
 $app->tpl->newTemplate("templates/dashboard.htm");
 
 //* load language file
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'.lng';
 include $lng_file;
 $app->tpl->setVar($wb);
 
diff --git a/interface/web/dns/dns_import.php b/interface/web/dns/dns_import.php
@@ -204,7 +204,7 @@
 	}
 }
 
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_dns_import.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_dns_import.lng';
 include $lng_file;
 $app->tpl->setVar($wb);
 
diff --git a/interface/web/dns/dns_wizard.php b/interface/web/dns/dns_wizard.php
@@ -465,7 +465,7 @@
 $app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
 $app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
 
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_dns_wizard.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_dns_wizard.lng';
 include $lng_file;
 $app->tpl->setVar($wb);
 
diff --git a/interface/web/js/scrigo.js.php b/interface/web/js/scrigo.js.php
@@ -3,6 +3,7 @@
 header('Content-Type: text/javascript; charset=utf-8'); // the config file sets the content type header so we have to override it here!
 require_once '../../lib/app.inc.php';
 $lang = (isset($_SESSION['s']['language']) && $_SESSION['s']['language'] != '')?$_SESSION['s']['language']:'en';
+$lang = $app->functions->check_language($lang);
 include_once ISPC_ROOT_PATH.'/web/strengthmeter/lib/lang/'.$lang.'_strengthmeter.lng';
 
 $app->uses('ini_parser,getconf');
diff --git a/interface/web/login/index.php b/interface/web/login/index.php
@@ -229,12 +229,12 @@
 						if ($loginAs) $_SESSION['s_old'] = $oldSession; // keep the way back!
 						$_SESSION['s']['user'] = $user;
 						$_SESSION['s']['user']['theme'] = isset($user['app_theme']) ? $user['app_theme'] : 'default';
-						$_SESSION['s']['language'] = $user['language'];
+						$_SESSION['s']['language'] = $app->functions->check_language($user['language']);
 						$_SESSION["s"]['theme'] = $_SESSION['s']['user']['theme'];
 						if ($loginAs) $_SESSION['s']['plugin_cache'] = $_SESSION['s_old']['plugin_cache'];
 						
 						if(is_file(ISPC_WEB_PATH . '/' . $_SESSION['s']['user']['startmodule'].'/lib/module.conf.php')) {
-							include_once ISPC_WEB_PATH . '/' . $_SESSION['s']['user']['startmodule'].'/lib/module.conf.php';
+							include_once $app->functions->check_include_path(ISPC_WEB_PATH . '/' . $_SESSION['s']['user']['startmodule'].'/lib/module.conf.php');
 							$menu_dir = ISPC_WEB_PATH.'/' . $_SESSION['s']['user']['startmodule'] . '/lib/menu.d';
 								if (is_dir($menu_dir)) {
 								if ($dh = opendir($menu_dir)) {
diff --git a/interface/web/login/login_as.php b/interface/web/login/login_as.php
@@ -83,7 +83,7 @@
  * TODO: move the login_as form to a template file -> themeability
  */
 
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_login_as.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_login_as.lng';
 include $lng_file;
 
 echo '
diff --git a/interface/web/login/logout.php b/interface/web/login/logout.php
@@ -43,7 +43,7 @@
 if ((isset($_SESSION['s_old']) && ($_SESSION['s_old']['user']['typ'] == 'admin' || $app->auth->has_clients($_SESSION['s_old']['user']['userid']))) &&
 	(!$forceLogout)){
 	$utype = ($_SESSION['s_old']['user']['typ'] == 'admin' ? 'admin' : 'reseller');
-	$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_login_as.lng';
+	$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_login_as.lng';
 	include $lng_file;
 	echo '
 		<br /> <br />	<br /> <br />
diff --git a/interface/web/login/password_reset.php b/interface/web/login/password_reset.php
@@ -43,7 +43,7 @@
 
 $app->tpl_defaults();
 
-include ISPC_ROOT_PATH.'/web/login/lib/lang/'.$_SESSION['s']['language'].'.lng';
+include ISPC_ROOT_PATH.'/web/login/lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'.lng';
 $app->tpl->setVar($wb);
 $continue = true;
 
diff --git a/interface/web/mailuser/index.php b/interface/web/mailuser/index.php
@@ -13,7 +13,7 @@
 $error = '';
 
 //* load language file
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_index.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_index.lng';
 include $lng_file;
 $app->tpl->setVar($wb);
 
diff --git a/interface/web/nav.php b/interface/web/nav.php
@@ -75,7 +75,7 @@
 					}
 
 					include_once $mt.'/lib/module.conf.php';
-					$language = (isset($_SESSION['s']['user']['language']))?$_SESSION['s']['user']['language']:$conf['language'];
+					$language = $app->functions->check_language((isset($_SESSION['s']['user']['language']))?$_SESSION['s']['user']['language']:$conf['language']);
 					$app->load_language_file('web/'.$mt.'/lib/'.$language.'.lng');
 					$active = ($module['name'] == $_SESSION['s']['module']['name']) ? 1 : 0;
 					$topnav[$module['order'].'-'.$module['name']] = array( 'title'  => $app->lng($module['title']),
diff --git a/interface/web/sites/aps_install_package.php b/interface/web/sites/aps_install_package.php
@@ -42,7 +42,7 @@
 $app->tpl->setInclude('content_tpl', 'templates/aps_install_package.htm');
 
 // Load the language file
-$lngfile = 'lib/lang/'.$_SESSION['s']['language'].'_aps.lng';
+$lngfile = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_aps.lng';
 require_once $lngfile;
 $app->tpl->setVar($wb);
 $app->load_language_file('web/sites/'.$lngfile);
diff --git a/interface/web/sites/aps_packagedetails_show.php b/interface/web/sites/aps_packagedetails_show.php
@@ -42,7 +42,7 @@
 $app->tpl->setInclude('content_tpl', 'templates/aps_packagedetails_show.htm');
 
 // Load the language file
-$lngfile = 'lib/lang/'.$_SESSION['s']['language'].'_aps.lng';
+$lngfile = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_aps.lng';
 require_once $lngfile;
 $app->tpl->setVar($wb);
 
diff --git a/interface/web/sites/aps_update_packagelist.php b/interface/web/sites/aps_update_packagelist.php
@@ -41,7 +41,7 @@
 $error = '';
 
 //* load language file
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_aps_update_packagelist.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_aps_update_packagelist.lng';
 include $lng_file;
 $app->tpl->setVar($wb);
 
diff --git a/interface/web/tools/import_ispconfig.php b/interface/web/tools/import_ispconfig.php
@@ -44,7 +44,7 @@
 $error = '';
 
 //* load language file
-$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_import_ispconfig.lng';
+$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_import_ispconfig.lng';
 include $lng_file;
 $app->tpl->setVar($wb);
 
diff --git a/interface/web/tools/import_vpopmail.php b/interface/web/tools/import_vpopmail.php
diff --git a/interface/web/tools/index.php b/interface/web/tools/index.php
diff --git a/interface/web/tools/tpl_default.php b/interface/web/tools/tpl_default.php
diff --git a/interface/web/tools/user_settings.php b/interface/web/tools/user_settings.php
diff --git a/interface/web/vm/openvz_action.php b/interface/web/vm/openvz_action.php

Original file line number	Diff line number	Diff line change
`@@ -60,7 +60,7 @@ public function loadListDef($file, $module = '')`
`60`	`60`	`}`
`61`	`61`
`62`	`62`	`//* Set local Language File`
`63`		`- $lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_'.$this->listDef['name'].'_list.lng';`
	`63`	`+ $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_'.$this->listDef['name'].'_list.lng';`
`64`	`64`	`if(!file_exists($lng_file)) $lng_file = 'lib/lang/en_'.$this->listDef['name'].'_list.lng';`
`65`	`65`	`include $lng_file;`
`66`	`66`
Original file line number	Diff line number	Diff line change
`@@ -153,10 +153,10 @@ function buildHTML($listDef, $module = '') {`
`153`	`153`	`}`
`154`	`154`
`155`	`155`	`function lng_add($lang, $listDef, $module = '') {`
`156`		`- global $go_api, $go_info, $conf;`
	`156`	`+ global $app, $conf;`
`157`	`157`
`158`	`158`	`if($module == '') {`
`159`		`- $lng_file = "lib/lang/".$conf["language"]."_".$listDef['name']."_list.lng";`
	`159`	`+ $lng_file = "lib/lang/".$app->functions->check_language($conf["language"])."_".$listDef['name']."_list.lng";`
`160`	`160`	`} else {`
`161`	`161`	`$lng_file = '../'.$module."/lib/lang/en_".$listDef['name']."_list.lng";`
`162`	`162`	`}`
Original file line number	Diff line number	Diff line change
`@@ -120,7 +120,7 @@ function onShow() {`
`120`	`120`	`}`
`121`	`121`
`122`	`122`	`// Loading language field`
`123`		`- $lng_file = "lib/lang/".$_SESSION["s"]["language"]."_".$app->listform->listDef['name']."_list.lng";`
	`123`	`+ $lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_".$app->listform->listDef['name']."_list.lng";`
`124`	`124`	`include $lng_file;`
`125`	`125`	`$listTpl->setVar($wb);`
`126`	`126`