diff options
author | Eric Roberts <eric@cryode.com> | 2012-12-12 14:02:11 +0100 |
---|---|---|
committer | Eric Roberts <eric@cryode.com> | 2012-12-12 14:02:11 +0100 |
commit | b9e35f21e1c70b6aa67c47e9244ed83195abc00a (patch) | |
tree | 64f82db362deeac48cc20d1d1afd80651f36f5a5 /system/helpers/security_helper.php | |
parent | 0b05705c52c3bca7f9b3aee657c888e8ad1ff422 (diff) | |
parent | 545a7c86701875e1412bcde316e9bcc76d9a23a0 (diff) |
Merge branch 'refs/heads/develop' into feature/form_error_msgs
Conflicts:
system/language/english/form_validation_lang.php
user_guide_src/source/libraries/form_validation.rst
Signed-off-by: Eric Roberts <eric@cryode.com>
Diffstat (limited to 'system/helpers/security_helper.php')
-rw-r--r-- | system/helpers/security_helper.php | 73 |
1 files changed, 39 insertions, 34 deletions
diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php index d6f134c9f..898a49c80 100644 --- a/system/helpers/security_helper.php +++ b/system/helpers/security_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Security Helpers @@ -37,15 +38,15 @@ // ------------------------------------------------------------------------ -/** - * XSS Filtering - * - * @param string - * @param bool whether or not the content is an image file - * @return string - */ if ( ! function_exists('xss_clean')) { + /** + * XSS Filtering + * + * @param string + * @param bool whether or not the content is an image file + * @return string + */ function xss_clean($str, $is_image = FALSE) { $CI =& get_instance(); @@ -55,14 +56,14 @@ if ( ! function_exists('xss_clean')) // ------------------------------------------------------------------------ -/** - * Sanitize Filename - * - * @param string - * @return string - */ if ( ! function_exists('sanitize_filename')) { + /** + * Sanitize Filename + * + * @param string + * @return string + */ function sanitize_filename($filename) { $CI =& get_instance(); @@ -72,14 +73,17 @@ if ( ! function_exists('sanitize_filename')) // -------------------------------------------------------------------- -/** - * Hash encode a string - * - * @param string - * @return string - */ if ( ! function_exists('do_hash')) { + /** + * Hash encode a string + * + * @todo Remove in version 3.1+. + * @deprecated 3.0.0 Use PHP's native hash() instead. + * @param string $str + * @param string $type = 'sha1' + * @return string + */ function do_hash($str, $type = 'sha1') { if ( ! in_array(strtolower($type), hash_algos())) @@ -93,33 +97,34 @@ if ( ! function_exists('do_hash')) // ------------------------------------------------------------------------ -/** - * Strip Image Tags - * - * @param string - * @return string - */ if ( ! function_exists('strip_image_tags')) { + /** + * Strip Image Tags + * + * @param string + * @return string + */ function strip_image_tags($str) { - return preg_replace(array('#<img\s+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img\s+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str); + $CI =& get_instance(); + return $CI->security->strip_image_tags($str); } } // ------------------------------------------------------------------------ -/** - * Convert PHP tags to entities - * - * @param string - * @return string - */ if ( ! function_exists('encode_php_tags')) { + /** + * Convert PHP tags to entities + * + * @param string + * @return string + */ function encode_php_tags($str) { - return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('<?php', '<?PHP', '<?', '?>'), $str); + return str_replace(array('<?', '?>'), array('<?', '?>'), $str); } } |