summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--application/core/MY_Controller.php6
-rw-r--r--application/helpers/filebin_helper.php14
2 files changed, 10 insertions, 10 deletions
diff --git a/application/core/MY_Controller.php b/application/core/MY_Controller.php
index 078a4faa1..68ee302a9 100644
--- a/application/core/MY_Controller.php
+++ b/application/core/MY_Controller.php
@@ -45,10 +45,10 @@ class MY_Controller extends CI_Controller {
$this->load->helper(array('form', 'filebin'));
if ($this->uri->segment(1) == "api") {
- is_cli_client(true);
+ is_api_client(true);
}
- if ($this->input->post("apikey") !== false || is_cli_client()) {
+ if ($this->input->post("apikey") !== false || is_api_client()) {
/* This relies on the authentication code always verifying the supplied
* apikey. If the key is not verified/logged in an attacker could simply
* add an empty "apikey" field to the CSRF form to circumvent the
@@ -83,7 +83,7 @@ class MY_Controller extends CI_Controller {
$csrf_protection = false;
}
- if (is_cli_client() && in_array($uri_start, $csrf_whitelisted_handlers["cli_client"])) {
+ if (is_api_client() && in_array($uri_start, $csrf_whitelisted_handlers["cli_client"])) {
$csrf_protection = false;
}
diff --git a/application/helpers/filebin_helper.php b/application/helpers/filebin_helper.php
index 81f330f68..093f7a8bd 100644
--- a/application/helpers/filebin_helper.php
+++ b/application/helpers/filebin_helper.php
@@ -84,18 +84,18 @@ function mb_str_pad($ps_input, $pn_pad_length, $ps_pad_string = " ", $pn_pad_typ
return $ret;
}
-function is_cli_client($override = null)
+function is_api_client($override = null)
{
- static $is_cli = null;
+ static $is_api = null;
if ($override !== null) {
- $is_cli = $override;
+ $is_api = $override;
}
- if ($is_cli === null) {
- $is_cli = false;
+ if ($is_api === null) {
+ $is_api = false;
}
- return $is_cli;
+ return $is_api;
}
function random_alphanum($min_length, $max_length = null)
@@ -268,7 +268,7 @@ function stateful_client()
return false;
}
- if (is_cli_client()) {
+ if (is_api_client()) {
return false;
}