summaryrefslogtreecommitdiffstats
path: root/system/helpers/security_helper.php
diff options
context:
space:
mode:
Diffstat (limited to 'system/helpers/security_helper.php')
-rw-r--r--system/helpers/security_helper.php86
1 files changed, 44 insertions, 42 deletions
diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php
index 99fda561a..3e6e91435 100644
--- a/system/helpers/security_helper.php
+++ b/system/helpers/security_helper.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* CodeIgniter Security Helpers
*
@@ -39,16 +37,15 @@
// ------------------------------------------------------------------------
-/**
- * XSS Filtering
- *
- * @access public
- * @param string
- * @param bool whether or not the content is an image file
- * @return string
- */
if ( ! function_exists('xss_clean'))
{
+ /**
+ * XSS Filtering
+ *
+ * @param string
+ * @param bool whether or not the content is an image file
+ * @return string
+ */
function xss_clean($str, $is_image = FALSE)
{
$CI =& get_instance();
@@ -58,15 +55,14 @@ if ( ! function_exists('xss_clean'))
// ------------------------------------------------------------------------
-/**
- * Sanitize Filename
- *
- * @access public
- * @param string
- * @return string
- */
if ( ! function_exists('sanitize_filename'))
{
+ /**
+ * Sanitize Filename
+ *
+ * @param string
+ * @return string
+ */
function sanitize_filename($filename)
{
$CI =& get_instance();
@@ -76,49 +72,55 @@ if ( ! function_exists('sanitize_filename'))
// --------------------------------------------------------------------
-/**
- * Hash encode a string
- *
- * @access public
- * @param string
- * @return string
- */
if ( ! function_exists('do_hash'))
{
+ /**
+ * Hash encode a string
+ *
+ * This function is DEPRECATED and should be removed in
+ * CodeIgniter 3.1+. Use hash() instead.
+ *
+ * @param string
+ * @param string
+ * @return string
+ */
function do_hash($str, $type = 'sha1')
{
- return ($type === 'sha1') ? sha1($str) : md5($str);
+ if ( ! in_array(strtolower($type), hash_algos()))
+ {
+ $type = 'md5';
+ }
+
+ return hash($type, $str);
}
}
// ------------------------------------------------------------------------
-/**
- * Strip Image Tags
- *
- * @access public
- * @param string
- * @return string
- */
if ( ! function_exists('strip_image_tags'))
{
+ /**
+ * Strip Image Tags
+ *
+ * @param string
+ * @return string
+ */
function strip_image_tags($str)
{
- return preg_replace(array("#<img\s+.*?src\s*=\s*[\"'](.+?)[\"'].*?\>#", "#<img\s+.*?src\s*=\s*(.+?).*?\>#"), "\\1", $str);
+ return preg_replace(array('#<img\s+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img\s+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str);
}
}
// ------------------------------------------------------------------------
-/**
- * Convert PHP tags to entities
- *
- * @access public
- * @param string
- * @return string
- */
if ( ! function_exists('encode_php_tags'))
{
+ /**
+ * Convert PHP tags to entities
+ *
+ * @param string
+ * @return string
+ */
function encode_php_tags($str)
{
return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('&lt;?php', '&lt;?PHP', '&lt;?', '?&gt;'), $str);
@@ -126,4 +128,4 @@ if ( ! function_exists('encode_php_tags'))
}
/* End of file security_helper.php */
-/* Location: ./system/helpers/security_helper.php */
+/* Location: ./system/helpers/security_helper.php */ \ No newline at end of file