summaryrefslogtreecommitdiffstats
path: root/system/helpers/security_helper.php
diff options
context:
space:
mode:
authordchill42 <dchill42@gmail.com>2012-07-23 16:53:47 +0200
committerdchill42 <dchill42@gmail.com>2012-07-23 16:53:47 +0200
commitc5079de78e5141330c07e990811ef15e998e95aa (patch)
tree0f39d8c4fc7614246fc185810bfeaa7fad88a33a /system/helpers/security_helper.php
parent00fcb545109d4e61bc14e403ec828749c34a54b3 (diff)
parentede49ba66b127535f3430e20aac72ceed2c4611a (diff)
Merge branch develop of github.com:/EllisLab/CodeIgniter into session
Diffstat (limited to 'system/helpers/security_helper.php')
-rw-r--r--system/helpers/security_helper.php117
1 files changed, 61 insertions, 56 deletions
diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php
index 678dac821..5ecc960bc 100644
--- a/system/helpers/security_helper.php
+++ b/system/helpers/security_helper.php
@@ -1,42 +1,51 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
+ *
+ * NOTICE OF LICENSE
+ *
+ * Licensed under the Open Software License version 3.0
+ *
+ * This source file is subject to the Open Software License (OSL 3.0) that is
+ * bundled with this package in the files license.txt / license.rst. It is
+ * also available through the world wide web at this URL:
+ * http://opensource.org/licenses/OSL-3.0
+ * If you did not receive a copy of the license and are unable to obtain it
+ * through the world wide web, please send an email to
+ * licensing@ellislab.com so we can send you a copy immediately.
*
* @package CodeIgniter
- * @author ExpressionEngine Dev Team
- * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc.
- * @license http://codeigniter.com/user_guide/license.html
+ * @author EllisLab Dev Team
+ * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
+ * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
* @link http://codeigniter.com
* @since Version 1.0
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* CodeIgniter Security Helpers
*
* @package CodeIgniter
* @subpackage Helpers
* @category Helpers
- * @author ExpressionEngine Dev Team
+ * @author EllisLab Dev Team
* @link http://codeigniter.com/user_guide/helpers/security_helper.html
*/
// ------------------------------------------------------------------------
-/**
- * XSS Filtering
- *
- * @access public
- * @param string
- * @param bool whether or not the content is an image file
- * @return string
- */
if ( ! function_exists('xss_clean'))
{
+ /**
+ * XSS Filtering
+ *
+ * @param string
+ * @param bool whether or not the content is an image file
+ * @return string
+ */
function xss_clean($str, $is_image = FALSE)
{
$CI =& get_instance();
@@ -46,15 +55,14 @@ if ( ! function_exists('xss_clean'))
// ------------------------------------------------------------------------
-/**
- * Sanitize Filename
- *
- * @access public
- * @param string
- * @return string
- */
if ( ! function_exists('sanitize_filename'))
{
+ /**
+ * Sanitize Filename
+ *
+ * @param string
+ * @return string
+ */
function sanitize_filename($filename)
{
$CI =& get_instance();
@@ -64,65 +72,62 @@ if ( ! function_exists('sanitize_filename'))
// --------------------------------------------------------------------
-/**
- * Hash encode a string
- *
- * @access public
- * @param string
- * @return string
- */
if ( ! function_exists('do_hash'))
{
+ /**
+ * Hash encode a string
+ *
+ * This function is DEPRECATED and should be removed in
+ * CodeIgniter 3.1+. Use hash() instead.
+ *
+ * @deprecated
+ * @param string
+ * @param string
+ * @return string
+ */
function do_hash($str, $type = 'sha1')
{
- if ($type == 'sha1')
- {
- return sha1($str);
- }
- else
+ if ( ! in_array(strtolower($type), hash_algos()))
{
- return md5($str);
+ $type = 'md5';
}
+
+ return hash($type, $str);
}
}
// ------------------------------------------------------------------------
-/**
- * Strip Image Tags
- *
- * @access public
- * @param string
- * @return string
- */
if ( ! function_exists('strip_image_tags'))
{
+ /**
+ * Strip Image Tags
+ *
+ * @param string
+ * @return string
+ */
function strip_image_tags($str)
{
- $str = preg_replace("#<img\s+.*?src\s*=\s*[\"'](.+?)[\"'].*?\>#", "\\1", $str);
- $str = preg_replace("#<img\s+.*?src\s*=\s*(.+?).*?\>#", "\\1", $str);
-
- return $str;
+ $CI =& get_instance();
+ return $CI->security->strip_image_tags($str);
}
}
// ------------------------------------------------------------------------
-/**
- * Convert PHP tags to entities
- *
- * @access public
- * @param string
- * @return string
- */
if ( ! function_exists('encode_php_tags'))
{
+ /**
+ * Convert PHP tags to entities
+ *
+ * @param string
+ * @return string
+ */
function encode_php_tags($str)
{
- return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('&lt;?php', '&lt;?PHP', '&lt;?', '?&gt;'), $str);
+ return str_replace(array('<?', '?>'), array('&lt;?', '?&gt;'), $str);
}
}
-
/* End of file security_helper.php */
/* Location: ./system/helpers/security_helper.php */ \ No newline at end of file