encrypt referer to prevent malicious manipulation

op/op.SetLanguage.php

@@ -31,5 +31,4 @@ include("../inc/inc.Authentication.php");
 
 $session->setLanguage($_GET['lang']);
 
-header("Location: http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$_GET['referer']);
-?>
+header("Location: http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].decryptData($settings->_encryptionKey, $_GET['referer']));

views/bootstrap/class.Bootstrap.php

@@ -390,7 +390,7 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
 						echo "<li class=\"active\">";
 					else
 						echo "<li>";
-					echo "<a href=\"".$this->params['settings']->_httpRoot."op/op.SetLanguage.php?lang=".$currLang."&referer=".$_SERVER["REQUEST_URI"]."\">";
+					echo "<a href=\"".$this->params['settings']->_httpRoot."op/op.SetLanguage.php?lang=".$currLang."&referer=".urlencode(encryptData($this->params['settings']->_encryptionKey, $_SERVER["REQUEST_URI"]))."\">";
 					echo getMLText($currLang)."</a></li>\n";
 				}
 				echo "     </ul>\n";

views/bootstrap4/class.Bootstrap4.php

@@ -460,7 +460,7 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
 						echo "      <a class=\"dropdown-item active\"";
 					else
 						echo "      <a class=\"dropdown-item\"";
-					echo " href=\"".$this->params['settings']->_httpRoot."op/op.SetLanguage.php?lang=".$currLang."&referer=".$_SERVER["REQUEST_URI"]."\">";
+					echo " href=\"".$this->params['settings']->_httpRoot."op/op.SetLanguage.php?lang=".$currLang."&referer=".urlencode(encryptData($this->params['settings']->_encryptionKey, $_SERVER["REQUEST_URI"]))."\">";
 					echo getMLText($currLang)."</a>\n";
 				}
 				echo "     </div>\n";