diff --git a/libraries/messages.inc.php b/libraries/messages.inc.php
index 89185577a..99b22ca69 100644
--- a/libraries/messages.inc.php
+++ b/libraries/messages.inc.php
@@ -8,6 +8,10 @@
  * file.
  */
 
+if (!function_exists('__')) {
+    die('Bad invocation!');
+}
+
 /* We use only utf-8 */
 $charset = 'utf-8';
 
diff --git a/setup/lib/common.inc.php b/setup/lib/common.inc.php
index 0cf20bd99..2d1f1f691 100644
--- a/setup/lib/common.inc.php
+++ b/setup/lib/common.inc.php
@@ -15,6 +15,10 @@ define('PMA_MINIMUM_COMMON', TRUE);
 define('PMA_SETUP', TRUE);
 chdir('..');
 
+if (!file_exists('./libraries/common.inc.php')) {
+    die('Bad invocation!');
+}
+
 require_once './libraries/common.inc.php';
 require_once './libraries/url_generating.lib.php';
 require_once './setup/lib/messages.inc.php';
diff --git a/setup/lib/messages.inc.php b/setup/lib/messages.inc.php
index c5b51687f..9cd1884a7 100644
--- a/setup/lib/messages.inc.php
+++ b/setup/lib/messages.inc.php
@@ -8,6 +8,11 @@
  * file.
  */
 
+if (!function_exists('__')) {
+    die('Bad invocation!');
+}
+
+
 $strSetupAllowAnywhereRecoding_name = __('Allow character set conversion');
 $strSetupAllowArbitraryServer_desc = __('If enabled user can enter any MySQL server in login form for cookie auth');
 $strSetupAllowArbitraryServerMsg = __('This [a@?page=form&formset=features#tab_Security]option[/a] should be disabled as it allows attackers to bruteforce login to any MySQL server. If you feel this is necessary, use [a@?page=form&formset=features#tab_Security]trusted proxies list[/a]. However, IP-based protection may not be reliable if your IP belongs to an ISP where thousands of users, including you, are connected to.');