diff options
| -rwxr-xr-x | system/core/Security.php | 3 | ||||
| -rw-r--r-- | user_guide/changelog.html | 1 |
2 files changed, 3 insertions, 1 deletions
diff --git a/system/core/Security.php b/system/core/Security.php index 6c4c59057..84ecb06db 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -886,7 +886,8 @@ class CI_Security { return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name]; } - return $this->_csrf_hash = md5(uniqid(rand(), TRUE)); + $this->_csrf_hash = md5(uniqid(rand(), TRUE)); + $this->csrf_set_cookie(); } return $this->_csrf_hash; diff --git a/user_guide/changelog.html b/user_guide/changelog.html index 6b4e83c2f..fc1eb46b3 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -135,6 +135,7 @@ Change Log <li>Fixed a bug (#82) - WHERE clause field names in the DB <samp>update_string()</samp> method were not escaped, resulting in failed queries in some cases.</li> <li>Fixed a bug (#89) - Fix a variable type mismatch in DB <samp>display_error()</samp> where an array is expected, but a string could be set instead.</li> <li>Fixed a bug (#467) - Suppress warnings generated from get_magic_quotes_gpc() (deprecated in PHP 5.4)</li> + <li>Fixed a bug (#484) - First time _csrf_set_hash() is called, hash is never set to the cookie (in Security.php).</li> </ul> <h2>Version 2.0.3</h2> |