summaryrefslogtreecommitdiffstats
path: root/system/core/Security.php
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2012-10-24 20:28:25 +0200
committerAndrey Andreev <narf@bofh.bg>2012-10-24 20:31:40 +0200
commitf795ab52dadaef20afd3a97ad4c8ed408e211dc2 (patch)
tree1f5eb143a0fd980832590b4f950fd2a260998ac3 /system/core/Security.php
parent2dce1ffda218456e19f28edce8b0d74122f4d55c (diff)
[ci skip] Document get_csrf_token_name(), get_csrf_hash() (issue #715)
Diffstat (limited to 'system/core/Security.php')
-rw-r--r--system/core/Security.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/system/core/Security.php b/system/core/Security.php
index 2fbc5b34c..d7c82712d 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -161,7 +161,7 @@ class CI_Security {
}
// Do the tokens exist in both the _POST and _COOKIE arrays?
- if ( ! isset($_POST[$this->_csrf_token_name]) OR ! isset($_COOKIE[$this->_csrf_cookie_name])
+ if ( ! isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name])
OR $_POST[$this->_csrf_token_name] !== $_COOKIE[$this->_csrf_cookie_name]) // Do the tokens match?
{
$this->csrf_show_error();