summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2015-09-07 15:03:05 +0200
committerAndrey Andreev <narf@devilix.net>2015-09-07 15:03:05 +0200
commitdd28a888e8d9934260b14d0b7601da375fe75b8d (patch)
treec1b67b0a8211d7414bf65239770436d42db1cfe3
parent0d0c53c50ccf34a216b19e90d2dc6adc51436f44 (diff)
Move csrf_verify() call out of _sanitize_globals()
It doesn't belong in there.
-rw-r--r--system/core/Input.php12
1 files changed, 6 insertions, 6 deletions
diff --git a/system/core/Input.php b/system/core/Input.php
index d896495e9..67a495e74 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -153,6 +153,12 @@ class CI_Input {
// Sanitize global arrays
$this->_sanitize_globals();
+ // CSRF Protection check
+ if ($this->_enable_csrf === TRUE && ! is_cli())
+ {
+ $this->security->csrf_verify();
+ }
+
log_message('info', 'Input Class Initialized');
}
@@ -647,12 +653,6 @@ class CI_Input {
// Sanitize PHP_SELF
$_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']);
- // CSRF Protection check
- if ($this->_enable_csrf === TRUE && ! is_cli())
- {
- $this->security->csrf_verify();
- }
-
log_message('debug', 'Global POST, GET and COOKIE data sanitized');
}