From c31e113d95731f476010539549826eb3977a57dc Mon Sep 17 00:00:00 2001
From: Qiang Xue <qiang.xue@gmail.com>
Date: Sat, 28 Dec 2013 08:59:29 -0500
Subject: [PATCH] Fixes #1671

---
 framework/yii/web/Request.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/framework/yii/web/Request.php b/framework/yii/web/Request.php
index ee232f4..ef005be 100644
--- a/framework/yii/web/Request.php
+++ b/framework/yii/web/Request.php
@@ -1121,7 +1121,7 @@ class Request extends \yii\base\Request
 
 	private function validateCsrfTokenInternal($token, $trueToken)
 	{
-		$token = str_replace('.', '+', base64_decode($token));
+		$token = base64_decode(str_replace('.', '+', $token));
 		$n = StringHelper::byteLength($token);
 		if ($n <= self::CSRF_MASK_LENGTH) {
 			return false;