diff options
author | RS71 <mr.toaster@gmail.com> | 2011-12-31 19:02:04 +0100 |
---|---|---|
committer | RS71 <mr.toaster@gmail.com> | 2011-12-31 19:02:04 +0100 |
commit | 2be25a6fdb9aa197debca28d1cfe0e0e542296b0 (patch) | |
tree | b72f77ca88c1b2a756de0acfac90b59ca186c101 | |
parent | d268eda6c2b502cc7fa352072482d1924e36127e (diff) |
Update system/core/Security.php
-rwxr-xr-x | system/core/Security.php | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/system/core/Security.php b/system/core/Security.php index 60a64f358..510f3d1ae 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -180,9 +180,14 @@ class CI_Security { // polute the _POST array unset($_POST[$this->_csrf_token_name]); - // Nothing should last forever - unset($_COOKIE[$this->_csrf_cookie_name]); - $this->_csrf_hash = ''; + // Regenerate on every submission? + if (config_item('csrf_regenerate')) + { + // Nothing should last forever + unset($_COOKIE[$this->_csrf_cookie_name]); + $this->_csrf_hash = ''; + } + $this->_csrf_set_hash(); $this->csrf_set_cookie(); |