summaryrefslogtreecommitdiffstats
path: root/system/helpers/security_helper.php
diff options
context:
space:
mode:
authorEric Roberts <eric@cryode.com>2012-12-12 14:02:11 +0100
committerEric Roberts <eric@cryode.com>2012-12-12 14:02:11 +0100
commitb9e35f21e1c70b6aa67c47e9244ed83195abc00a (patch)
tree64f82db362deeac48cc20d1d1afd80651f36f5a5 /system/helpers/security_helper.php
parent0b05705c52c3bca7f9b3aee657c888e8ad1ff422 (diff)
parent545a7c86701875e1412bcde316e9bcc76d9a23a0 (diff)
Merge branch 'refs/heads/develop' into feature/form_error_msgs
Conflicts: system/language/english/form_validation_lang.php user_guide_src/source/libraries/form_validation.rst Signed-off-by: Eric Roberts <eric@cryode.com>
Diffstat (limited to 'system/helpers/security_helper.php')
-rw-r--r--system/helpers/security_helper.php73
1 files changed, 39 insertions, 34 deletions
diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php
index d6f134c9f..898a49c80 100644
--- a/system/helpers/security_helper.php
+++ b/system/helpers/security_helper.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* CodeIgniter Security Helpers
@@ -37,15 +38,15 @@
// ------------------------------------------------------------------------
-/**
- * XSS Filtering
- *
- * @param string
- * @param bool whether or not the content is an image file
- * @return string
- */
if ( ! function_exists('xss_clean'))
{
+ /**
+ * XSS Filtering
+ *
+ * @param string
+ * @param bool whether or not the content is an image file
+ * @return string
+ */
function xss_clean($str, $is_image = FALSE)
{
$CI =& get_instance();
@@ -55,14 +56,14 @@ if ( ! function_exists('xss_clean'))
// ------------------------------------------------------------------------
-/**
- * Sanitize Filename
- *
- * @param string
- * @return string
- */
if ( ! function_exists('sanitize_filename'))
{
+ /**
+ * Sanitize Filename
+ *
+ * @param string
+ * @return string
+ */
function sanitize_filename($filename)
{
$CI =& get_instance();
@@ -72,14 +73,17 @@ if ( ! function_exists('sanitize_filename'))
// --------------------------------------------------------------------
-/**
- * Hash encode a string
- *
- * @param string
- * @return string
- */
if ( ! function_exists('do_hash'))
{
+ /**
+ * Hash encode a string
+ *
+ * @todo Remove in version 3.1+.
+ * @deprecated 3.0.0 Use PHP's native hash() instead.
+ * @param string $str
+ * @param string $type = 'sha1'
+ * @return string
+ */
function do_hash($str, $type = 'sha1')
{
if ( ! in_array(strtolower($type), hash_algos()))
@@ -93,33 +97,34 @@ if ( ! function_exists('do_hash'))
// ------------------------------------------------------------------------
-/**
- * Strip Image Tags
- *
- * @param string
- * @return string
- */
if ( ! function_exists('strip_image_tags'))
{
+ /**
+ * Strip Image Tags
+ *
+ * @param string
+ * @return string
+ */
function strip_image_tags($str)
{
- return preg_replace(array('#<img\s+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img\s+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str);
+ $CI =& get_instance();
+ return $CI->security->strip_image_tags($str);
}
}
// ------------------------------------------------------------------------
-/**
- * Convert PHP tags to entities
- *
- * @param string
- * @return string
- */
if ( ! function_exists('encode_php_tags'))
{
+ /**
+ * Convert PHP tags to entities
+ *
+ * @param string
+ * @return string
+ */
function encode_php_tags($str)
{
- return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('&lt;?php', '&lt;?PHP', '&lt;?', '?&gt;'), $str);
+ return str_replace(array('<?', '?>'), array('&lt;?', '?&gt;'), $str);
}
}