diff options
Diffstat (limited to 'system/core')
| -rw-r--r-- | system/core/Security.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/system/core/Security.php b/system/core/Security.php index 2fbc5b34c..d7c82712d 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -161,7 +161,7 @@ class CI_Security { } // Do the tokens exist in both the _POST and _COOKIE arrays? - if ( ! isset($_POST[$this->_csrf_token_name]) OR ! isset($_COOKIE[$this->_csrf_cookie_name]) + if ( ! isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]) OR $_POST[$this->_csrf_token_name] !== $_COOKIE[$this->_csrf_cookie_name]) // Do the tokens match? { $this->csrf_show_error(); |