diff options
Diffstat (limited to 'system/libraries')
-rw-r--r-- | system/libraries/Security.php | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/system/libraries/Security.php b/system/libraries/Security.php index 29ac2612b..9a1590b5c 100644 --- a/system/libraries/Security.php +++ b/system/libraries/Security.php @@ -29,7 +29,7 @@ class CI_Security { var $csrf_hash = ''; var $csrf_expire = 7200; // Two hours (in seconds) var $csrf_token_name = 'ci_csrf_token'; - var $csfr_cookie_name = 'ci_csrf_token'; + var $csrf_cookie_name = 'ci_csrf_token'; /* never allowed, string replacement */ var $never_allowed_str = array( @@ -54,7 +54,7 @@ class CI_Security { function CI_Security() { // Append application specific cookie prefix to token name - $this->csfr_cookie_name = (config_item('cookie_prefix')) ? config_item('cookie_prefix').$this->csrf_token_name : $this->csrf_token_name; + $this->csrf_cookie_name = (config_item('cookie_prefix')) ? config_item('cookie_prefix').$this->csrf_token_name : $this->csrf_token_name; // Set the CSRF hash $this->_csrf_set_hash(); @@ -79,13 +79,13 @@ class CI_Security { } // Do the tokens exist in both the _POST and _COOKIE arrays? - if ( ! isset($_POST[$this->csrf_token_name]) OR ! isset($_COOKIE[$this->csfr_cookie_name])) + if ( ! isset($_POST[$this->csrf_token_name]) OR ! isset($_COOKIE[$this->csrf_cookie_name])) { $this->csrf_show_error(); } // Do the tokens match? - if ($_POST[$this->csrf_token_name] != $_COOKIE[$this->csfr_cookie_name]) + if ($_POST[$this->csrf_token_name] != $_COOKIE[$this->csrf_cookie_name]) { $this->csrf_show_error(); } @@ -94,7 +94,7 @@ class CI_Security { unset($_POST[$this->csrf_token_name]); // Nothing should last forever - unset($_COOKIE[$this->csfr_cookie_name]); + unset($_COOKIE[$this->csrf_cookie_name]); $this->_csrf_set_hash(); $this->csrf_set_cookie(); @@ -113,7 +113,7 @@ class CI_Security { { $expire = time() + $this->csrf_expire; - setcookie($this->csfr_cookie_name, $this->csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), 0); + setcookie($this->csrf_cookie_name, $this->csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), 0); log_message('debug', "CRSF cookie Set"); } @@ -132,9 +132,9 @@ class CI_Security { { // If the cookie exists we will use it's value. We don't necessarily want to regenerate it with // each page load since a page could contain embedded sub-pages causing this feature to fail - if (isset($_COOKIE[$this->csfr_cookie_name]) AND $_COOKIE[$this->csfr_cookie_name] != '') + if (isset($_COOKIE[$this->csrf_cookie_name]) AND $_COOKIE[$this->csrf_cookie_name] != '') { - $this->csrf_hash = $_COOKIE[$this->csfr_cookie_name]; + $this->csrf_hash = $_COOKIE[$this->csrf_cookie_name]; } else { |