summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--system/helpers/security_helper.php18
-rw-r--r--user_guide/changelog.html1
-rw-r--r--user_guide/helpers/security_helper.html6
3 files changed, 25 insertions, 0 deletions
diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php
index 654cfd100..63f0e9cdb 100644
--- a/system/helpers/security_helper.php
+++ b/system/helpers/security_helper.php
@@ -44,6 +44,24 @@ if ( ! function_exists('xss_clean'))
}
}
+// ------------------------------------------------------------------------
+
+/**
+ * Sanitize Filename
+ *
+ * @access public
+ * @param string
+ * @return string
+ */
+if ( ! function_exists('sanitize_filename'))
+{
+ function sanitize_filename($filename)
+ {
+ $CI =& get_instance();
+ return $CI->security->sanitize_filename($filename);
+ }
+}
+
// --------------------------------------------------------------------
/**
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index fb39d6060..714e9e86e 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -127,6 +127,7 @@ Hg Tag: </p>
<li>Modified <kbd>smiley_js()</kbd> to add optional third parameter to return only the javascript with no script tags.</li>
<li>The <kbd>img()</kbd> function of the <a href="./helpers/html_helper.html">HTML helper</a> will now generate an empty string as an alt attribute if one is not provided.</li>
<li>If CSRF is enabled in the application config file, <kbd>form_open()</kbd> will automatically insert it as a hidden field.</li>
+ <li>Added <kbd>sanitize_filename()</kbd> into the <a href="./helpers/security_helper.html">Security helper</a>.</li>
</ul>
</li>
<li>Other Changes
diff --git a/user_guide/helpers/security_helper.html b/user_guide/helpers/security_helper.html
index 97be674ad..f74a7766c 100644
--- a/user_guide/helpers/security_helper.html
+++ b/user_guide/helpers/security_helper.html
@@ -75,6 +75,12 @@ Security Helper
<a href="../libraries/input.html">Input class</a>. More info can be found there.</p>
+<h2>sanitize_filename()</h2>
+
+<p>Provides protection against directory traversal. This function is an alias to the one in the
+<a href="../libraries/security.html">Security class</a>. More info can be found there.</p>
+
+
<h2>do_hash()</h2>
<p>Permits you to create SHA1 or MD5 one way hashes suitable for encrypting passwords. Will create SHA1 by default. Examples:</p>