summaryrefslogtreecommitdiffstats
path: root/application/core/MY_Controller.php
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2017-09-18 12:45:31 +0200
committerFlorian Pritz <bluewind@xinu.at>2017-09-18 12:45:31 +0200
commit4388f9080ded6d4e4db9a333e94a005ba072a8cd (patch)
tree90426ff39ad7c25a237cbc301d2030019d46a14c /application/core/MY_Controller.php
parent950dc1b7f992f2128b652bf2af4bb05c8a74bc4a (diff)
Migrate return code checks for CI3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application/core/MY_Controller.php')
-rw-r--r--application/core/MY_Controller.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/application/core/MY_Controller.php b/application/core/MY_Controller.php
index 47dd6a899..63db6c8a5 100644
--- a/application/core/MY_Controller.php
+++ b/application/core/MY_Controller.php
@@ -79,7 +79,7 @@ class MY_Controller extends CI_Controller {
private function _check_csrf_protection_required()
{
- if ($this->input->post("apikey") !== false || is_api_client()) {
+ if ($this->input->post("apikey") !== null || is_api_client()) {
/* This relies on the authentication code always verifying the supplied
* apikey. If the key is not verified/logged in an attacker could simply
* add an empty "apikey" field to the CSRF form to circumvent the