summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2014-12-08 09:59:51 +0100
committerAndrey Andreev <narf@devilix.net>2014-12-08 09:59:51 +0100
commit162b1a9824deba1369d756eccc9535544452b479 (patch)
tree788fbd9c59843d52131eb7f275a3f7645fa83180 /system
parent3c0427e7dd11380692f9898d7cc04ba1b5a8491b (diff)
Fix 'Array to string conversion' notice in CSRF validation
Rel: #3398
Diffstat (limited to 'system')
-rwxr-xr-xsystem/core/Security.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/system/core/Security.php b/system/core/Security.php
index 6ed0f8d4f..8adc35676 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -977,8 +977,8 @@ class CI_Security {
// We don't necessarily want to regenerate it with
// each page load since a page could contain embedded
// sub-pages causing this feature to fail
- if (isset($_COOKIE[$this->_csrf_cookie_name]) &&
- preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1)
+ if (isset($_COOKIE[$this->_csrf_cookie_name]) && is_string($_COOKIE[$this->_csrf_cookie_name])
+ && preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1)
{
return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name];
}