diff options
Diffstat (limited to 'system/helpers/security_helper.php')
| -rw-r--r-- | system/helpers/security_helper.php | 117 |
1 files changed, 61 insertions, 56 deletions
diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php index 678dac821..5ecc960bc 100644 --- a/system/helpers/security_helper.php +++ b/system/helpers/security_helper.php @@ -1,42 +1,51 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer + * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource */ -// ------------------------------------------------------------------------ - /** * CodeIgniter Security Helpers * * @package CodeIgniter * @subpackage Helpers * @category Helpers - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/helpers/security_helper.html */ // ------------------------------------------------------------------------ -/** - * XSS Filtering - * - * @access public - * @param string - * @param bool whether or not the content is an image file - * @return string - */ if ( ! function_exists('xss_clean')) { + /** + * XSS Filtering + * + * @param string + * @param bool whether or not the content is an image file + * @return string + */ function xss_clean($str, $is_image = FALSE) { $CI =& get_instance(); @@ -46,15 +55,14 @@ if ( ! function_exists('xss_clean')) // ------------------------------------------------------------------------ -/** - * Sanitize Filename - * - * @access public - * @param string - * @return string - */ if ( ! function_exists('sanitize_filename')) { + /** + * Sanitize Filename + * + * @param string + * @return string + */ function sanitize_filename($filename) { $CI =& get_instance(); @@ -64,65 +72,62 @@ if ( ! function_exists('sanitize_filename')) // -------------------------------------------------------------------- -/** - * Hash encode a string - * - * @access public - * @param string - * @return string - */ if ( ! function_exists('do_hash')) { + /** + * Hash encode a string + * + * This function is DEPRECATED and should be removed in + * CodeIgniter 3.1+. Use hash() instead. + * + * @deprecated + * @param string + * @param string + * @return string + */ function do_hash($str, $type = 'sha1') { - if ($type == 'sha1') - { - return sha1($str); - } - else + if ( ! in_array(strtolower($type), hash_algos())) { - return md5($str); + $type = 'md5'; } + + return hash($type, $str); } } // ------------------------------------------------------------------------ -/** - * Strip Image Tags - * - * @access public - * @param string - * @return string - */ if ( ! function_exists('strip_image_tags')) { + /** + * Strip Image Tags + * + * @param string + * @return string + */ function strip_image_tags($str) { - $str = preg_replace("#<img\s+.*?src\s*=\s*[\"'](.+?)[\"'].*?\>#", "\\1", $str); - $str = preg_replace("#<img\s+.*?src\s*=\s*(.+?).*?\>#", "\\1", $str); - - return $str; + $CI =& get_instance(); + return $CI->security->strip_image_tags($str); } } // ------------------------------------------------------------------------ -/** - * Convert PHP tags to entities - * - * @access public - * @param string - * @return string - */ if ( ! function_exists('encode_php_tags')) { + /** + * Convert PHP tags to entities + * + * @param string + * @return string + */ function encode_php_tags($str) { - return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('<?php', '<?PHP', '<?', '?>'), $str); + return str_replace(array('<?', '?>'), array('<?', '?>'), $str); } } - /* End of file security_helper.php */ /* Location: ./system/helpers/security_helper.php */
\ No newline at end of file |