Fixing a bug in the form_helper where csrf_token_name and csrf_hash were referencing class properties in the Security class that were moved.
diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php
index 8aa788c..acd75c2 100644
--- a/system/helpers/form_helper.php
+++ b/system/helpers/form_helper.php
@@ -67,7 +67,7 @@
// CSRF
if ($CI->config->item('csrf_protection') === TRUE)
{
- $hidden[$CI->security->csrf_token_name] = $CI->security->csrf_hash;
+ $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash();
}
if (is_array($hidden) AND count($hidden) > 0)
diff --git a/user_guide/installation/upgrade_202.html b/user_guide/installation/upgrade_202.html
index e6273f5..d457d8b 100644
--- a/user_guide/installation/upgrade_202.html
+++ b/user_guide/installation/upgrade_202.html
@@ -76,6 +76,8 @@
<p>If you are overriding or extending the Security library, you will need to move it to <kbd>application/core</kbd>.</p>
+<p><samp>csrf_token_name</samp> and <samp>csrf_hash</samp> have changed to protected class properties. Please use <samp>security->get_csrf_hash()</samp> and <samp>security->get_csrf_token_name()</samp> to access those values.</p>
+
</div>
<!-- END CONTENT -->