Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / 95b183addfb1683583d401e04f2684ceb86f8b96^! / . / system / libraries / Security.php
commit95b183addfb1683583d401e04f2684ceb86f8b96[log] [tgz]
authorDerek Jones <derek.jones@ellislab.com>Tue Aug 31 09:42:39 2010 -0500
committerDerek Jones <derek.jones@ellislab.com>Tue Aug 31 09:42:39 2010 -0500
tree81ece3cfa8f4d3ee3a0d2e77bb305c000055fee8
parent595bfd1484ecc8212d6c3c028210b4d1ae78baba [diff] [blame]
fixed spelling error in Security class property for the CSRF cookie

diff --git a/system/libraries/Security.php b/system/libraries/Security.php
index 29ac261..9a1590b 100644
--- a/system/libraries/Security.php
+++ b/system/libraries/Security.php

@@ -29,7 +29,7 @@
 	var $csrf_hash 			= '';
 	var $csrf_expire		= 7200;  // Two hours (in seconds)
 	var $csrf_token_name	= 'ci_csrf_token';
-	var $csfr_cookie_name	= 'ci_csrf_token';
+	var $csrf_cookie_name	= 'ci_csrf_token';
 	
 	/* never allowed, string replacement */
 	var $never_allowed_str = array(
@@ -54,7 +54,7 @@
 	function CI_Security()
 	{
 		// Append application specific cookie prefix to token name
-		$this->csfr_cookie_name = (config_item('cookie_prefix')) ? config_item('cookie_prefix').$this->csrf_token_name : $this->csrf_token_name;
+		$this->csrf_cookie_name = (config_item('cookie_prefix')) ? config_item('cookie_prefix').$this->csrf_token_name : $this->csrf_token_name;
 
 		// Set the CSRF hash
 		$this->_csrf_set_hash();
@@ -79,13 +79,13 @@
 		}
 
 		// Do the tokens exist in both the _POST and _COOKIE arrays?
-		if ( ! isset($_POST[$this->csrf_token_name]) OR ! isset($_COOKIE[$this->csfr_cookie_name]))
+		if ( ! isset($_POST[$this->csrf_token_name]) OR ! isset($_COOKIE[$this->csrf_cookie_name]))
 		{
 			$this->csrf_show_error();
 		}
 
 		// Do the tokens match?
-		if ($_POST[$this->csrf_token_name] != $_COOKIE[$this->csfr_cookie_name])
+		if ($_POST[$this->csrf_token_name] != $_COOKIE[$this->csrf_cookie_name])
 		{
 			$this->csrf_show_error();
 		}
@@ -94,7 +94,7 @@
 		unset($_POST[$this->csrf_token_name]);
 		
 		// Nothing should last forever
-		unset($_COOKIE[$this->csfr_cookie_name]);
+		unset($_COOKIE[$this->csrf_cookie_name]);
 		$this->_csrf_set_hash();
 		$this->csrf_set_cookie();
 
@@ -113,7 +113,7 @@
 	{
 		$expire = time() + $this->csrf_expire;
 
-		setcookie($this->csfr_cookie_name, $this->csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), 0);
+		setcookie($this->csrf_cookie_name, $this->csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), 0);
 		
 		log_message('debug', "CRSF cookie Set");		
 	}
@@ -132,9 +132,9 @@
 		{
 			// If the cookie exists we will use it's value.  We don't necessarily want to regenerate it with
 			// each page load since a page could contain embedded sub-pages causing this feature to fail
-			if (isset($_COOKIE[$this->csfr_cookie_name]) AND $_COOKIE[$this->csfr_cookie_name] != '')
+			if (isset($_COOKIE[$this->csrf_cookie_name]) AND $_COOKIE[$this->csrf_cookie_name] != '')
 			{
-				$this->csrf_hash = $_COOKIE[$this->csfr_cookie_name];
+				$this->csrf_hash = $_COOKIE[$this->csrf_cookie_name];
 			}
 			else
 			{