summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPhil Sturgeon <email@philsturgeon.co.uk>2012-05-17 15:54:18 +0200
committerPhil Sturgeon <email@philsturgeon.co.uk>2012-05-17 15:54:18 +0200
commit714252bf88306839484579059e3a447dd93d55c1 (patch)
tree11b863dbd7f2cbb9484d462e52f6075dbab703b8
parentfff6c2a3caa1ce14e58fcb3ee0d937d17985eea1 (diff)
parent324ef078dda5a3596444152ba49dd591a61adba6 (diff)
Fixed conflicts from merging in 2.1.1.
-rwxr-xr-xsystem/core/Security.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/system/core/Security.php b/system/core/Security.php
index c82b69ff9..1cb0a1136 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -829,7 +829,7 @@ class CI_Security {
// each page load since a page could contain embedded
// sub-pages causing this feature to fail
if (isset($_COOKIE[$this->_csrf_cookie_name]) &&
- $_COOKIE[$this->_csrf_cookie_name] != '')
+ preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1)
{
return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name];
}