summaryrefslogtreecommitdiffstats
path: root/system/core
diff options
context:
space:
mode:
authorPhil Sturgeon <email@philsturgeon.co.uk>2012-05-17 15:46:28 +0200
committerPhil Sturgeon <email@philsturgeon.co.uk>2012-05-17 15:46:28 +0200
commit918eaef728eaf49387083b39add7106e029fcfb4 (patch)
treebd7ae7ad33977cf04cd44a735ccc1465ab7b4ffc /system/core
parent0199f68db46d375af2d4cb831c679d3040601f25 (diff)
parent324ef078dda5a3596444152ba49dd591a61adba6 (diff)
Merge branch 'release/2.1.1'
Diffstat (limited to 'system/core')
-rwxr-xr-xsystem/core/CodeIgniter.php2
-rwxr-xr-xsystem/core/Security.php2
2 files changed, 2 insertions, 2 deletions
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index db1aee574..ec7294102 100755
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -33,7 +33,7 @@
* @var string
*
*/
- define('CI_VERSION', '2.1.0');
+ define('CI_VERSION', '2.1.1');
/**
* CodeIgniter Branch (Core = TRUE, Reactor = FALSE)
diff --git a/system/core/Security.php b/system/core/Security.php
index a3e227437..6f5ac1ed8 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -848,7 +848,7 @@ class CI_Security {
// each page load since a page could contain embedded
// sub-pages causing this feature to fail
if (isset($_COOKIE[$this->_csrf_cookie_name]) &&
- $_COOKIE[$this->_csrf_cookie_name] != '')
+ preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1)
{
return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name];
}