diff options
| author | Phil Sturgeon <email@philsturgeon.co.uk> | 2012-05-17 15:46:28 +0200 |
|---|---|---|
| committer | Phil Sturgeon <email@philsturgeon.co.uk> | 2012-05-17 15:46:28 +0200 |
| commit | 918eaef728eaf49387083b39add7106e029fcfb4 (patch) | |
| tree | bd7ae7ad33977cf04cd44a735ccc1465ab7b4ffc /system/helpers/form_helper.php | |
| parent | 0199f68db46d375af2d4cb831c679d3040601f25 (diff) | |
| parent | 324ef078dda5a3596444152ba49dd591a61adba6 (diff) | |
Merge branch 'release/2.1.1'
Diffstat (limited to 'system/helpers/form_helper.php')
| -rw-r--r-- | system/helpers/form_helper.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index d9305c00b..8733ae053 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -65,7 +65,7 @@ if ( ! function_exists('form_open')) $form .= '>'; // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites - if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->site_url()) === FALSE OR strpos($form, 'method="get"'))) + if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->base_url()) === FALSE OR strpos($form, 'method="get"'))) { $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash(); } |