diff options
-rw-r--r-- | system/helpers/security_helper.php | 18 | ||||
-rw-r--r-- | user_guide/changelog.html | 1 | ||||
-rw-r--r-- | user_guide/helpers/security_helper.html | 6 |
3 files changed, 25 insertions, 0 deletions
diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php index 654cfd100..63f0e9cdb 100644 --- a/system/helpers/security_helper.php +++ b/system/helpers/security_helper.php @@ -44,6 +44,24 @@ if ( ! function_exists('xss_clean')) } } +// ------------------------------------------------------------------------ + +/** + * Sanitize Filename + * + * @access public + * @param string + * @return string + */ +if ( ! function_exists('sanitize_filename')) +{ + function sanitize_filename($filename) + { + $CI =& get_instance(); + return $CI->security->sanitize_filename($filename); + } +} + // -------------------------------------------------------------------- /** diff --git a/user_guide/changelog.html b/user_guide/changelog.html index fb39d6060..714e9e86e 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -127,6 +127,7 @@ Hg Tag: </p> <li>Modified <kbd>smiley_js()</kbd> to add optional third parameter to return only the javascript with no script tags.</li> <li>The <kbd>img()</kbd> function of the <a href="./helpers/html_helper.html">HTML helper</a> will now generate an empty string as an alt attribute if one is not provided.</li> <li>If CSRF is enabled in the application config file, <kbd>form_open()</kbd> will automatically insert it as a hidden field.</li> + <li>Added <kbd>sanitize_filename()</kbd> into the <a href="./helpers/security_helper.html">Security helper</a>.</li> </ul> </li> <li>Other Changes diff --git a/user_guide/helpers/security_helper.html b/user_guide/helpers/security_helper.html index 97be674ad..f74a7766c 100644 --- a/user_guide/helpers/security_helper.html +++ b/user_guide/helpers/security_helper.html @@ -75,6 +75,12 @@ Security Helper <a href="../libraries/input.html">Input class</a>. More info can be found there.</p> +<h2>sanitize_filename()</h2> + +<p>Provides protection against directory traversal. This function is an alias to the one in the +<a href="../libraries/security.html">Security class</a>. More info can be found there.</p> + + <h2>do_hash()</h2> <p>Permits you to create SHA1 or MD5 one way hashes suitable for encrypting passwords. Will create SHA1 by default. Examples:</p> |