1 files changed, 23 insertions, 24 deletions

diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php
index 678dac821..d6f134c9f 100644
--- a/system/helpers/security_helper.php
+++ b/system/helpers/security_helper.php
@@ -1,27 +1,37 @@
-<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
+ *
+ * NOTICE OF LICENSE
+ *
+ * Licensed under the Open Software License version 3.0
+ *
+ * This source file is subject to the Open Software License (OSL 3.0) that is
+ * bundled with this package in the files license.txt / license.rst.  It is
+ * also available through the world wide web at this URL:
+ * http://opensource.org/licenses/OSL-3.0
+ * If you did not receive a copy of the license and are unable to obtain it
+ * through the world wide web, please send an email to
+ * licensing@ellislab.com so we can send you a copy immediately.
  *
  * @package		CodeIgniter
- * @author		ExpressionEngine Dev Team
- * @copyright	Copyright (c) 2008 - 2011, EllisLab, Inc.
- * @license		http://codeigniter.com/user_guide/license.html
+ * @author		EllisLab Dev Team
+ * @copyright	Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
+ * @license		http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
  * @link		http://codeigniter.com
  * @since		Version 1.0
  * @filesource
  */
 
-// ------------------------------------------------------------------------
-
 /**
  * CodeIgniter Security Helpers
  *
  * @package		CodeIgniter
  * @subpackage	Helpers
  * @category	Helpers
- * @author		ExpressionEngine Dev Team
+ * @author		EllisLab Dev Team
  * @link		http://codeigniter.com/user_guide/helpers/security_helper.html
  */
 
@@ -30,7 +40,6 @@
 /**
  * XSS Filtering
  *
- * @access	public
  * @param	string
  * @param	bool	whether or not the content is an image file
  * @return	string
@@ -49,7 +58,6 @@ if ( ! function_exists('xss_clean'))
 /**
  * Sanitize Filename
  *
- * @access	public
  * @param	string
  * @return	string
  */
@@ -67,7 +75,6 @@ if ( ! function_exists('sanitize_filename'))
 /**
  * Hash encode a string
  *
- * @access	public
  * @param	string
  * @return	string
  */
@@ -75,14 +82,12 @@ if ( ! function_exists('do_hash'))
 {
 	function do_hash($str, $type = 'sha1')
 	{
-		if ($type == 'sha1')
+		if ( ! in_array(strtolower($type), hash_algos()))
 		{
-			return sha1($str);
-		}
-		else
-		{
-			return md5($str);
+			$type = 'md5';
 		}
+
+		return hash($type, $str);
 	}
 }
 
@@ -91,7 +96,6 @@ if ( ! function_exists('do_hash'))
 /**
  * Strip Image Tags
  *
- * @access	public
  * @param	string
  * @return	string
  */
@@ -99,10 +103,7 @@ if ( ! function_exists('strip_image_tags'))
 {
 	function strip_image_tags($str)
 	{
-		$str = preg_replace("#<img\s+.*?src\s*=\s*[\"'](.+?)[\"'].*?\>#", "\\1", $str);
-		$str = preg_replace("#<img\s+.*?src\s*=\s*(.+?).*?\>#", "\\1", $str);
-
-		return $str;
+		return preg_replace(array('#<img\s+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img\s+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str);
 	}
 }
 
@@ -111,7 +112,6 @@ if ( ! function_exists('strip_image_tags'))
 /**
  * Convert PHP tags to entities
  *
- * @access	public
  * @param	string
  * @return	string
  */
@@ -123,6 +123,5 @@ if ( ! function_exists('encode_php_tags'))
 	}
 }
 
-
 /* End of file security_helper.php */
 /* Location: ./system/helpers/security_helper.php */
\ No newline at end of file