Migrate return code checks for CI3

Signed-off-by: Florian Pritz <bluewind@xinu.at>
author: Florian Pritz <bluewind@xinu.at> 2017-09-18 12:45:31 +0200
committer: Florian Pritz <bluewind@xinu.at> 2017-09-18 12:45:31 +0200
commit: 4388f9080ded6d4e4db9a333e94a005ba072a8cd (patch)
tree: 90426ff39ad7c25a237cbc301d2030019d46a14c /application/core
parent: 950dc1b7f992f2128b652bf2af4bb05c8a74bc4a (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/application/core/MY_Controller.php b/application/core/MY_Controller.php
index 47dd6a899..63db6c8a5 100644
--- a/application/core/MY_Controller.php
+++ b/application/core/MY_Controller.php
@@ -79,7 +79,7 @@ class MY_Controller extends CI_Controller {
 
 	private function _check_csrf_protection_required()
 	{
-		if ($this->input->post("apikey") !== false || is_api_client()) {
+		if ($this->input->post("apikey") !== null || is_api_client()) {
 			/* This relies on the authentication code always verifying the supplied
 			 * apikey. If the key is not verified/logged in an attacker could simply
 			 * add an empty "apikey" field to the CSRF form to circumvent the
author	Florian Pritz <bluewind@xinu.at>	2017-09-18 12:45:31 +0200
committer	Florian Pritz <bluewind@xinu.at>	2017-09-18 12:45:31 +0200
commit	4388f9080ded6d4e4db9a333e94a005ba072a8cd (patch)
tree	90426ff39ad7c25a237cbc301d2030019d46a14c /application/core
parent	950dc1b7f992f2128b652bf2af4bb05c8a74bc4a (diff)