From dd28a888e8d9934260b14d0b7601da375fe75b8d Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Mon, 7 Sep 2015 16:03:05 +0300
Subject: Move csrf_verify() call out of _sanitize_globals()

It doesn't belong in there.
---
 system/core/Input.php | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'system')

diff --git a/system/core/Input.php b/system/core/Input.php
index d896495e9..67a495e74 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -153,6 +153,12 @@ class CI_Input {
 		// Sanitize global arrays
 		$this->_sanitize_globals();
 
+		// CSRF Protection check
+		if ($this->_enable_csrf === TRUE && ! is_cli())
+		{
+			$this->security->csrf_verify();
+		}
+
 		log_message('info', 'Input Class Initialized');
 	}
 
@@ -647,12 +653,6 @@ class CI_Input {
 		// Sanitize PHP_SELF
 		$_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']);
 
-		// CSRF Protection check
-		if ($this->_enable_csrf === TRUE && ! is_cli())
-		{
-			$this->security->csrf_verify();
-		}
-
 		log_message('debug', 'Global POST, GET and COOKIE data sanitized');
 	}
 
-- 
cgit v1.2.3-24-g4f1b