diff options
-rw-r--r-- | application/core/MY_Controller.php | 6 | ||||
-rw-r--r-- | application/helpers/filebin_helper.php | 14 |
2 files changed, 10 insertions, 10 deletions
diff --git a/application/core/MY_Controller.php b/application/core/MY_Controller.php index 078a4faa1..68ee302a9 100644 --- a/application/core/MY_Controller.php +++ b/application/core/MY_Controller.php @@ -45,10 +45,10 @@ class MY_Controller extends CI_Controller { $this->load->helper(array('form', 'filebin')); if ($this->uri->segment(1) == "api") { - is_cli_client(true); + is_api_client(true); } - if ($this->input->post("apikey") !== false || is_cli_client()) { + if ($this->input->post("apikey") !== false || is_api_client()) { /* This relies on the authentication code always verifying the supplied * apikey. If the key is not verified/logged in an attacker could simply * add an empty "apikey" field to the CSRF form to circumvent the @@ -83,7 +83,7 @@ class MY_Controller extends CI_Controller { $csrf_protection = false; } - if (is_cli_client() && in_array($uri_start, $csrf_whitelisted_handlers["cli_client"])) { + if (is_api_client() && in_array($uri_start, $csrf_whitelisted_handlers["cli_client"])) { $csrf_protection = false; } diff --git a/application/helpers/filebin_helper.php b/application/helpers/filebin_helper.php index 81f330f68..093f7a8bd 100644 --- a/application/helpers/filebin_helper.php +++ b/application/helpers/filebin_helper.php @@ -84,18 +84,18 @@ function mb_str_pad($ps_input, $pn_pad_length, $ps_pad_string = " ", $pn_pad_typ return $ret; } -function is_cli_client($override = null) +function is_api_client($override = null) { - static $is_cli = null; + static $is_api = null; if ($override !== null) { - $is_cli = $override; + $is_api = $override; } - if ($is_cli === null) { - $is_cli = false; + if ($is_api === null) { + $is_api = false; } - return $is_cli; + return $is_api; } function random_alphanum($min_length, $max_length = null) @@ -268,7 +268,7 @@ function stateful_client() return false; } - if (is_cli_client()) { + if (is_api_client()) { return false; } |