From 4388f9080ded6d4e4db9a333e94a005ba072a8cd Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Mon, 18 Sep 2017 12:45:31 +0200 Subject: Migrate return code checks for CI3 Signed-off-by: Florian Pritz --- application/core/MY_Controller.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/core') diff --git a/application/core/MY_Controller.php b/application/core/MY_Controller.php index 47dd6a899..63db6c8a5 100644 --- a/application/core/MY_Controller.php +++ b/application/core/MY_Controller.php @@ -79,7 +79,7 @@ class MY_Controller extends CI_Controller { private function _check_csrf_protection_required() { - if ($this->input->post("apikey") !== false || is_api_client()) { + if ($this->input->post("apikey") !== null || is_api_client()) { /* This relies on the authentication code always verifying the supplied * apikey. If the key is not verified/logged in an attacker could simply * add an empty "apikey" field to the CSRF form to circumvent the -- cgit v1.2.3-24-g4f1b