diff --git a/include/class.csrf.php b/include/class.csrf.php
index a1c3aed21392d5932b6b1edb31108cc6d3bedf8a..283aef53b361b6669d7e88503052530dd6fddef8 100644
--- a/include/class.csrf.php
+++ b/include/class.csrf.php
@@ -71,7 +71,11 @@ Class CSRF {
     }
 
     function validateToken($token) {
-        return ($token && trim($token)==$this->getToken() && !$this->isExpired());
+        $rv = $token && trim($token)==$this->getToken() && !$this->isExpired();
+        // Prevent the token from being reused
+        if ($rv && !defined('AJAX_REQUEST'))
+            $this->rotate();
+        return $rv;
     }
 
     function getFormInput($name='') {
diff --git a/include/class.osticket.php b/include/class.osticket.php
index 23e363739dc895882f1ef2f98ced8f6db1f32838..782dcfd3c9c276cb85845f2d6c65b852a1deddaa 100644
--- a/include/class.osticket.php
+++ b/include/class.osticket.php
@@ -111,8 +111,8 @@ class osTicket {
         return ($token && $this->getCSRF()->validateToken($token));
     }
 
-    function checkCSRFToken($name='') {
-        $name = $name?$name:$this->getCSRF()->getTokenName();
+    function checkCSRFToken($name=false) {
+        $name = $name ?: $this->getCSRF()->getTokenName();
         if(isset($_POST[$name]) && $this->validateCSRFToken($_POST[$name]))
             return true;