diff --git a/public/index.php b/public/index.php
index 23d7ae1e..120b11ec 100644
--- a/public/index.php
+++ b/public/index.php
@@ -84,6 +84,8 @@ $action = (isset($_REQUEST['action']) && !is_array($_REQUEST['action'])) && isse
 // Check csrf token validity if necessary
 if ($config['csrf']['enabled'] && isset($_POST['ctoken']) && !empty($_POST['ctoken']) && !is_array($_POST['ctoken'])) {
   $csrftoken->valid = ($csrftoken->checkBasic($user->getCurrentIP(), $arrPages[$page], $_POST['ctoken'])) ? 1 : 0;
+} else if ($config['csrf']['enabled'] && (!@$_POST['ctoken'] || empty($_POST['ctoken']) || is_array($_POST['ctoken']))) {
+  $csrftoken->valid = 0;
 }
 if ($config['csrf']['enabled']) $smarty->assign('CTOKEN', $csrftoken->getBasic($user->getCurrentIP(), $arrPages[$page]));