summaryrefslogtreecommitdiffstats
path: root/system/core
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2019-09-19 18:54:50 +0200
committerAndrey Andreev <narf@devilix.net>2019-09-19 18:54:50 +0200
commit85817aa7abc1a877cc9e0e39dcda2a6811ecc1fd (patch)
treeca736243cb68029d7ebf95dfcc11ffb3f2bcae83 /system/core
parentfdb85f52096460b2488a036cb6145861cc577da1 (diff)
parentf4502e4ad6d8a595e472b85a5e0bc3f552b63306 (diff)
Merge branch '3.1-stable' into develop
Conflicts resolved: system/core/CodeIgniter.php system/libraries/Cache/drivers/Cache_redis.php system/libraries/Session/drivers/Session_redis_driver.php user_guide_src/source/changelog.rst user_guide_src/source/conf.py user_guide_src/source/installation/downloads.rst user_guide_src/source/installation/upgrading.rst
Diffstat (limited to 'system/core')
-rw-r--r--system/core/Controller.php7
-rw-r--r--system/core/Security.php1
2 files changed, 8 insertions, 0 deletions
diff --git a/system/core/Controller.php b/system/core/Controller.php
index 2bb157802..e25b8472c 100644
--- a/system/core/Controller.php
+++ b/system/core/Controller.php
@@ -59,6 +59,13 @@ class CI_Controller {
private static $instance;
/**
+ * CI_Loader
+ *
+ * @var CI_Loader
+ */
+ public $load;
+
+ /**
* Class constructor
*
* @return void
diff --git a/system/core/Security.php b/system/core/Security.php
index 27b4db69d..5edb67f4e 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -229,6 +229,7 @@ class CI_Security {
// Check CSRF token validity, but don't error on mismatch just yet - we'll want to regenerate
$valid = isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name])
+ && is_string($_POST[$this->_csrf_token_name]) && is_string($_COOKIE[$this->_csrf_cookie_name])
&& hash_equals($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]);
// We kill this since we're done and we don't want to pollute the _POST array