diff options
-rw-r--r-- | system/helpers/security_helper.php | 24 | ||||
-rw-r--r-- | tests/codeigniter/helpers/security_helper_test.php | 26 | ||||
-rw-r--r-- | user_guide_src/source/changelog.rst | 9 | ||||
-rw-r--r-- | user_guide_src/source/helpers/security_helper.rst | 27 | ||||
-rw-r--r-- | user_guide_src/source/installation/upgrade_320.rst | 1 |
5 files changed, 8 insertions, 79 deletions
diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php index 4eb63883d..048f06b68 100644 --- a/system/helpers/security_helper.php +++ b/system/helpers/security_helper.php @@ -80,30 +80,6 @@ if ( ! function_exists('sanitize_filename')) } } -// -------------------------------------------------------------------- - -if ( ! function_exists('do_hash')) -{ - /** - * Hash encode a string - * - * @todo Remove in version 3.1+. - * @deprecated 3.0.0 Use PHP's native hash() instead. - * @param string $str - * @param string $type = 'sha1' - * @return string - */ - function do_hash($str, $type = 'sha1') - { - if ( ! in_array(strtolower($type), hash_algos())) - { - $type = 'md5'; - } - - return hash($type, $str); - } -} - // ------------------------------------------------------------------------ if ( ! function_exists('strip_image_tags')) diff --git a/tests/codeigniter/helpers/security_helper_test.php b/tests/codeigniter/helpers/security_helper_test.php index effd3ec02..ab05d57ba 100644 --- a/tests/codeigniter/helpers/security_helper_test.php +++ b/tests/codeigniter/helpers/security_helper_test.php @@ -25,30 +25,6 @@ class Security_helper_tests extends CI_TestCase { $this->assertEquals('foo', sanitize_filename($filename)); } - function test_do_hash() - { - $md5 = md5('foo'); - $sha1 = sha1('foo'); - - $algos = hash_algos(); - $algo_results = array(); - foreach ($algos as $k => $v) - { - $algo_results[$v] = hash($v, 'foo'); - } - - $this->assertEquals($sha1, do_hash('foo')); - $this->assertEquals($sha1, do_hash('foo', 'sha1')); - $this->assertEquals($md5, do_hash('foo', 'md5')); - $this->assertEquals($md5, do_hash('foo', 'foobar')); - - // Test each algorithm available to PHP - foreach ($algo_results as $algo => $result) - { - $this->assertEquals($result, do_hash('foo', $algo)); - } - } - function test_strip_image_tags() { $this->assertEquals('http://example.com/spacer.gif', strip_image_tags('http://example.com/spacer.gif')); @@ -61,4 +37,4 @@ class Security_helper_tests extends CI_TestCase { $this->assertEquals('<? echo $foo; ?>', encode_php_tags('<? echo $foo; ?>')); } -}
\ No newline at end of file +} diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 62c1ef0e1..ba11fe1c8 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -14,6 +14,7 @@ Release Date: Not Released - Removed previously deprecated :doc:`Routing Class <general/routing>` methods ``fetch_directory()``, ``fetch_class()`` and ``fetch_method()`` (use the respective class properties instead). - Removed previously deprecated :doc:`Config Library <libraries/config>` method ``system_url()`` (encourages insecure practices). - Removed previously deprecated :doc:`Date Helper <helpers/date_helper>` function ``standard_date()`` (use PHP's native ``date()`` instead). + - Removed previously deprecated :doc:`Security Helper <helpers/security_helper>` function ``do_hash()`` (use PHP's native ``hash()`` instead). - Removed previously deprecated *Email Helper* (had only two functions, aliases for PHP's native ``filter_var()`` and ``mail()``). - Libraries @@ -551,7 +552,7 @@ Release Date: March 30, 2015 - :doc:`Security Helper <helpers/security_helper>` changes include: - - :php:func:`do_hash()` now uses PHP's native ``hash()`` function (supporting more algorithms) and is deprecated. + - ``do_hash()`` now uses PHP's native ``hash()`` function (supporting more algorithms) and is deprecated. - :php:func:`strip_image_tags()` is now an alias for the same method in the :doc:`Security Library <libraries/security>`. - :doc:`Smiley Helper <helpers/smiley_helper>` changes include: @@ -1580,8 +1581,8 @@ Hg Tag: v2.0.2 - Helpers - - Removed the previously deprecated dohash() from the :doc:`Security - helper <./helpers/security_helper>`; use do_hash() instead. + - Removed the previously deprecated ``dohash()`` from the :doc:`Security + helper <./helpers/security_helper>`; use ``do_hash()`` instead. - Changed the 'plural' function so that it doesn't ruin the captalization of your string. It also take into consideration acronyms which are all caps. @@ -1823,7 +1824,7 @@ Hg Tag: v2.0.0 helper <./helpers/text_helper>`. - Added accept-charset to the list of inserted attributes of form_open() in the :doc:`Form Helper <helpers/form_helper>`. - - Deprecated the dohash() function in favour of do_hash() for + - Deprecated the ``dohash()`` function in favour of ``do_hash()`` for naming consistency. - Non-backwards compatible change made to get_dir_file_info() in the :doc:`File Helper <helpers/file_helper>`. No longer recurses diff --git a/user_guide_src/source/helpers/security_helper.rst b/user_guide_src/source/helpers/security_helper.rst index 103880cf9..e981bc6b6 100644 --- a/user_guide_src/source/helpers/security_helper.rst +++ b/user_guide_src/source/helpers/security_helper.rst @@ -48,31 +48,6 @@ The following functions are available: For more info, please see the :doc:`Security Library <../libraries/security>` documentation. - -.. php:function:: do_hash($str[, $type = 'sha1']) - - :param string $str: Input - :param string $type: Algorithm - :returns: Hex-formatted hash - :rtype: string - - Permits you to create one way hashes suitable for encrypting - passwords. Will use SHA1 by default. - - See `hash_algos() <http://php.net/function.hash_algos>`_ - for a full list of supported algorithms. - - Examples:: - - $str = do_hash($str); // SHA1 - $str = do_hash($str, 'md5'); // MD5 - - .. note:: This function was formerly named ``dohash()``, which has been - removed in favor of ``do_hash()``. - - .. note:: This function is DEPRECATED. Use the native ``hash()`` instead. - - .. php:function:: strip_image_tags($str) :param string $str: Input string @@ -103,4 +78,4 @@ The following functions are available: Example:: - $string = encode_php_tags($string);
\ No newline at end of file + $string = encode_php_tags($string); diff --git a/user_guide_src/source/installation/upgrade_320.rst b/user_guide_src/source/installation/upgrade_320.rst index d6602e825..080a02895 100644 --- a/user_guide_src/source/installation/upgrade_320.rst +++ b/user_guide_src/source/installation/upgrade_320.rst @@ -138,6 +138,7 @@ version 3.0.0, that have been removed in 3.2.0: - ``CI_Config::system_url()`` (encourages insecure practices) - ``standard_date()`` :doc:`Date Helper <../helpers/date_helper>` function (use ``date()`` instead) +- ``do_hash()`` :doc:`Security Helper <../helpers/security_helper>` function (use ``hash()`` instead) - The entire *Email Helper*, which only had two functions: |