summaryrefslogtreecommitdiffstats
path: root/system/core/Security.php
diff options
context:
space:
mode:
authorTimothy Warren <tim@timshomepage.net>2012-05-21 14:38:39 +0200
committerTimothy Warren <tim@timshomepage.net>2012-05-21 14:38:39 +0200
commit249204b67d9d437898198ad355d452f467f70dc3 (patch)
treec3bf439a52da138db6cc2eabba1c8bc954dcce62 /system/core/Security.php
parent97aefa5cd41475d5b404ced56052008beebf8f40 (diff)
parent1d79efea47d26e0e567f919c648adf5b554f3ff0 (diff)
Merge branch 'develop' of git://github.com/EllisLab/CodeIgniter into errors
Diffstat (limited to 'system/core/Security.php')
-rwxr-xr-xsystem/core/Security.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/system/core/Security.php b/system/core/Security.php
index 81b6602ae..f953011eb 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -831,7 +831,7 @@ class CI_Security {
// each page load since a page could contain embedded
// sub-pages causing this feature to fail
if (isset($_COOKIE[$this->_csrf_cookie_name]) &&
- $_COOKIE[$this->_csrf_cookie_name] != '')
+ preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1)
{
return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name];
}
@@ -846,4 +846,4 @@ class CI_Security {
}
/* End of file Security.php */
-/* Location: ./system/core/Security.php */ \ No newline at end of file
+/* Location: ./system/core/Security.php */