diff --git a/include/functions.php b/include/functions.php
index 298a77033..565a8fd41 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -679,7 +679,7 @@
 	}
 
 	function validate_csrf($csrf_token) {
-		return hash_equals($_SESSION['csrf_token'], $csrf_token);
+		return isset($csrf_token) && hash_equals($_SESSION['csrf_token'], $csrf_token);
 	}
 
 	function load_user_plugins($owner_uid, $pluginhost = false) {