diff --git a/common/framework/security.php b/common/framework/security.php
index 63b3756fd..bfa90fffc 100644
--- a/common/framework/security.php
+++ b/common/framework/security.php
@@ -330,11 +330,11 @@ class Security
 	 */
 	public static function checkCSRF($referer = null)
 	{
-		if ($token = $_SERVER['HTTP_X_CSRF_TOKEN'])
+		if ($token = isset($_SERVER['HTTP_X_CSRF_TOKEN']) ? $_SERVER['HTTP_X_CSRF_TOKEN'] : null)
 		{
 			return Session::verifyToken($token);
 		}
-		elseif ($token = $_REQUEST['_rx_csrf_token'])
+		elseif ($token = isset($_REQUEST['_rx_csrf_token']) ? $_REQUEST['_rx_csrf_token'] : null)
 		{
 			return Session::verifyToken($token);
 		}