summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2012-06-26 23:52:47 +0200
committerAndrey Andreev <narf@bofh.bg>2012-06-26 23:52:47 +0200
commit1a24a9da3cfbacf8802ffd0b79f5494d30278007 (patch)
tree4162c6176a54085aa9d9f63417707975e611937d /system
parentffe7938b8d6dfdbdac8a34008dbbb15d31de6080 (diff)
Fix issue #427
Diffstat (limited to 'system')
-rw-r--r--system/core/Security.php13
-rw-r--r--system/helpers/security_helper.php3
-rw-r--r--system/libraries/Form_validation.php2
3 files changed, 16 insertions, 2 deletions
diff --git a/system/core/Security.php b/system/core/Security.php
index 4593a1090..227217e75 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -561,6 +561,19 @@ class CI_Security {
// ----------------------------------------------------------------
/**
+ * Strip Image Tags
+ *
+ * @param string
+ * @return string
+ */
+ public function strip_image_tags($str)
+ {
+ return preg_replace(array('#<img\s+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img\s+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str);
+ }
+
+ // ----------------------------------------------------------------
+
+ /**
* Compact Exploded Words
*
* Callback function for xss_clean() to remove whitespace from
diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php
index 7968f9e9f..0e8e9f93d 100644
--- a/system/helpers/security_helper.php
+++ b/system/helpers/security_helper.php
@@ -108,7 +108,8 @@ if ( ! function_exists('strip_image_tags'))
*/
function strip_image_tags($str)
{
- return preg_replace(array('#<img\s+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img\s+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str);
+ $CI =& get_instance();
+ return $CI->security->strip_image_tags($str);
}
}
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
index 484e306b9..0d9c65f6f 100644
--- a/system/libraries/Form_validation.php
+++ b/system/libraries/Form_validation.php
@@ -1360,7 +1360,7 @@ class CI_Form_validation {
*/
public function strip_image_tags($str)
{
- return $this->CI->input->strip_image_tags($str);
+ return $this->CI->security->strip_image_tags($str);
}
// --------------------------------------------------------------------