Update system/core/Security.php

commit: 2be25a6fdb9aa197debca28d1cfe0e0e542296b0 [log] [tgz]
author: RS71 <mr.toaster@gmail.com> Sat Dec 31 16:02:04 2011 -0200
committer: RS71 <mr.toaster@gmail.com> Sat Dec 31 16:02:04 2011 -0200
tree: b72f77ca88c1b2a756de0acfac90b59ca186c101
parent: d268eda6c2b502cc7fa352072482d1924e36127e [diff] [blame]
diff --git a/system/core/Security.php b/system/core/Security.php
index 60a64f3..510f3d1 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php

@@ -180,9 +180,14 @@
 		// polute the _POST array
 		unset($_POST[$this->_csrf_token_name]);
 
-		// Nothing should last forever
-		unset($_COOKIE[$this->_csrf_cookie_name]);
-		$this->_csrf_hash = '';
+		// Regenerate on every submission?
+		if (config_item('csrf_regenerate'))
+		{
+			// Nothing should last forever
+			unset($_COOKIE[$this->_csrf_cookie_name]);
+			$this->_csrf_hash = '';
+		}
+		
 		$this->_csrf_set_hash();
 		$this->csrf_set_cookie();
commit	2be25a6fdb9aa197debca28d1cfe0e0e542296b0	[log] [tgz]
author	RS71 <mr.toaster@gmail.com>	Sat Dec 31 16:02:04 2011 -0200
committer	RS71 <mr.toaster@gmail.com>	Sat Dec 31 16:02:04 2011 -0200
tree	b72f77ca88c1b2a756de0acfac90b59ca186c101
parent	d268eda6c2b502cc7fa352072482d1924e36127e [diff] [blame]