diff options
author | Andrey Andreev <narf@bofh.bg> | 2012-10-24 20:28:25 +0200 |
---|---|---|
committer | Andrey Andreev <narf@bofh.bg> | 2012-10-24 20:31:40 +0200 |
commit | f795ab52dadaef20afd3a97ad4c8ed408e211dc2 (patch) | |
tree | 1f5eb143a0fd980832590b4f950fd2a260998ac3 /system | |
parent | 2dce1ffda218456e19f28edce8b0d74122f4d55c (diff) |
[ci skip] Document get_csrf_token_name(), get_csrf_hash() (issue #715)
Diffstat (limited to 'system')
-rw-r--r-- | system/core/Security.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/system/core/Security.php b/system/core/Security.php index 2fbc5b34c..d7c82712d 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -161,7 +161,7 @@ class CI_Security { } // Do the tokens exist in both the _POST and _COOKIE arrays? - if ( ! isset($_POST[$this->_csrf_token_name]) OR ! isset($_COOKIE[$this->_csrf_cookie_name]) + if ( ! isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]) OR $_POST[$this->_csrf_token_name] !== $_COOKIE[$this->_csrf_cookie_name]) // Do the tokens match? { $this->csrf_show_error(); |