CI_Security::csrf_verify PHP Method

    public function csrf_verify()
    {
        // If it's not a POST request we will set the CSRF cookie
        if (strtoupper($_SERVER['REQUEST_METHOD']) !== 'POST') {
            return $this->csrf_set_cookie();
        }
        // Check if URI has been whitelisted from CSRF checks
        if ($exclude_uris = config_item('csrf_exclude_uris')) {
            $uri = load_class('URI', 'core');
            foreach ($exclude_uris as $excluded) {
                if (preg_match('#^' . $excluded . '$#i' . (UTF8_ENABLED ? 'u' : ''), $uri->uri_string())) {
                    return $this;
                }
            }
        }
        // Do the tokens exist in both the _POST and _COOKIE arrays?
        if (!isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]) or $_POST[$this->_csrf_token_name] !== $_COOKIE[$this->_csrf_cookie_name]) {
            $this->csrf_show_error();
        }
        // We kill this since we're done and we don't want to polute the _POST array
        unset($_POST[$this->_csrf_token_name]);
        // Regenerate on every submission?
        if (config_item('csrf_regenerate')) {
            // Nothing should last forever
            unset($_COOKIE[$this->_csrf_cookie_name]);
            $this->_csrf_hash = NULL;
        }
        $this->_csrf_set_hash();
        $this->csrf_set_cookie();
        log_message('info', 'CSRF token verified');
        return $this;
    }

 /**
  * Override the csrf_verify method to allow us to set controllers
  * and modules to override.
  *
  */
 public function csrf_verify()
 {
     global $RTR;
     $module = $RTR->fetch_module();
     $controller = $RTR->fetch_class();
     $bypass = FALSE;
     if (in_array($module . '/' . $controller, $this->ignored_controllers)) {
         $bypass = TRUE;
     }
     if (!$bypass) {
         parent::csrf_verify();
     }
 }