diff options
author | Florian Pritz <bluewind@xssn.at> | 2010-02-06 23:14:56 +0100 |
---|---|---|
committer | Florian Pritz <bluewind@xssn.at> | 2010-02-06 23:31:27 +0100 |
commit | 9e9d77b4072de4f8c73e8bbade07a8f27734e4bd (patch) | |
tree | a5d709254968fed8f3acdb9eec68fde2faa14b94 /system/helpers/security_helper.php |
Initial commit
Signed-off-by: Florian Pritz <bluewind@xssn.at>
Diffstat (limited to 'system/helpers/security_helper.php')
-rw-r--r-- | system/helpers/security_helper.php | 126 |
1 files changed, 126 insertions, 0 deletions
diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php new file mode 100644 index 000000000..9cc70aaff --- /dev/null +++ b/system/helpers/security_helper.php @@ -0,0 +1,126 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * CodeIgniter Security Helpers + * + * @package CodeIgniter + * @subpackage Helpers + * @category Helpers + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/helpers/security_helper.html + */ + +// ------------------------------------------------------------------------ + +/** + * XSS Filtering + * + * @access public + * @param string + * @param bool whether or not the content is an image file + * @return string + */ +if ( ! function_exists('xss_clean')) +{ + function xss_clean($str, $is_image = FALSE) + { + $CI =& get_instance(); + return $CI->input->xss_clean($str, $is_image); + } +} + +// -------------------------------------------------------------------- + +/** + * Hash encode a string + * + * @access public + * @param string + * @return string + */ +if ( ! function_exists('dohash')) +{ + function dohash($str, $type = 'sha1') + { + if ($type == 'sha1') + { + if ( ! function_exists('sha1')) + { + if ( ! function_exists('mhash')) + { + require_once(BASEPATH.'libraries/Sha1'.EXT); + $SH = new CI_SHA; + return $SH->generate($str); + } + else + { + return bin2hex(mhash(MHASH_SHA1, $str)); + } + } + else + { + return sha1($str); + } + } + else + { + return md5($str); + } + } +} + +// ------------------------------------------------------------------------ + +/** + * Strip Image Tags + * + * @access public + * @param string + * @return string + */ +if ( ! function_exists('strip_image_tags')) +{ + function strip_image_tags($str) + { + $str = preg_replace("#<img\s+.*?src\s*=\s*[\"'](.+?)[\"'].*?\>#", "\\1", $str); + $str = preg_replace("#<img\s+.*?src\s*=\s*(.+?).*?\>#", "\\1", $str); + + return $str; + } +} + +// ------------------------------------------------------------------------ + +/** + * Convert PHP tags to entities + * + * @access public + * @param string + * @return string + */ +if ( ! function_exists('encode_php_tags')) +{ + function encode_php_tags($str) + { + return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('<?php', '<?PHP', '<?', '?>'), $str); + } +} + + +/* End of file security_helper.php */ +/* Location: ./system/helpers/security_helper.php */
\ No newline at end of file |