diff options
author | Timothy Warren <tim@timshomepage.net> | 2012-05-21 14:38:57 +0200 |
---|---|---|
committer | Timothy Warren <tim@timshomepage.net> | 2012-05-21 14:38:57 +0200 |
commit | 4b5616d5dc6ce118a472333b59f23e6eaf735144 (patch) | |
tree | 45e8c1115e6eedd30575db77dfdd9c8864272c2b /system/core/Security.php | |
parent | 0ab28ced4d4f20d5857fae9ec0e20452d4ac181b (diff) | |
parent | 1d79efea47d26e0e567f919c648adf5b554f3ff0 (diff) |
Merge branch 'develop' of git://github.com/EllisLab/CodeIgniter into email
Diffstat (limited to 'system/core/Security.php')
-rwxr-xr-x | system/core/Security.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/system/core/Security.php b/system/core/Security.php index 81b6602ae..f953011eb 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -831,7 +831,7 @@ class CI_Security { // each page load since a page could contain embedded // sub-pages causing this feature to fail if (isset($_COOKIE[$this->_csrf_cookie_name]) && - $_COOKIE[$this->_csrf_cookie_name] != '') + preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1) { return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name]; } @@ -846,4 +846,4 @@ class CI_Security { } /* End of file Security.php */ -/* Location: ./system/core/Security.php */
\ No newline at end of file +/* Location: ./system/core/Security.php */ |