diff options
| author | Andrey Andreev <narf@devilix.net> | 2014-12-08 09:59:51 +0100 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2014-12-08 09:59:51 +0100 |
| commit | 162b1a9824deba1369d756eccc9535544452b479 (patch) | |
| tree | 788fbd9c59843d52131eb7f275a3f7645fa83180 /system/core/Security.php | |
| parent | 3c0427e7dd11380692f9898d7cc04ba1b5a8491b (diff) | |
Fix 'Array to string conversion' notice in CSRF validation
Rel: #3398
Diffstat (limited to 'system/core/Security.php')
| -rwxr-xr-x | system/core/Security.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/system/core/Security.php b/system/core/Security.php index 6ed0f8d4f..8adc35676 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -977,8 +977,8 @@ class CI_Security { // We don't necessarily want to regenerate it with // each page load since a page could contain embedded // sub-pages causing this feature to fail - if (isset($_COOKIE[$this->_csrf_cookie_name]) && - preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1) + if (isset($_COOKIE[$this->_csrf_cookie_name]) && is_string($_COOKIE[$this->_csrf_cookie_name]) + && preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1) { return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name]; } |