summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
Diffstat (limited to 'system')
-rwxr-xr-xsystem/core/Security.php4
-rw-r--r--system/database/DB_result.php13
2 files changed, 15 insertions, 2 deletions
diff --git a/system/core/Security.php b/system/core/Security.php
index 81b6602ae..f953011eb 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -831,7 +831,7 @@ class CI_Security {
// each page load since a page could contain embedded
// sub-pages causing this feature to fail
if (isset($_COOKIE[$this->_csrf_cookie_name]) &&
- $_COOKIE[$this->_csrf_cookie_name] != '')
+ preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1)
{
return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name];
}
@@ -846,4 +846,4 @@ class CI_Security {
}
/* End of file Security.php */
-/* Location: ./system/core/Security.php */ \ No newline at end of file
+/* Location: ./system/core/Security.php */
diff --git a/system/database/DB_result.php b/system/database/DB_result.php
index 196febe2c..25b4fb911 100644
--- a/system/database/DB_result.php
+++ b/system/database/DB_result.php
@@ -371,6 +371,19 @@ class CI_DB_result {
// --------------------------------------------------------------------
/**
+ * Returns an unbuffered row and move pointer to next row
+ *
+ * @return mixed either a result object or array
+ */
+ public function unbuffered_row($type = 'object')
+ {
+ return ($type !== 'array') ? $this->_fetch_object() : $this->_fetch_assoc();
+
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* The following functions are normally overloaded by the identically named
* methods in the platform-specific driver -- except when query caching
* is used. When caching is enabled we do not load the other driver.