diff options
Diffstat (limited to 'system/helpers/security_helper.php')
| -rw-r--r-- | system/helpers/security_helper.php | 83 |
1 files changed, 41 insertions, 42 deletions
diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php index 99fda561a..6187a4a7a 100644 --- a/system/helpers/security_helper.php +++ b/system/helpers/security_helper.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * CodeIgniter Security Helpers * @@ -39,16 +37,15 @@ // ------------------------------------------------------------------------ -/** - * XSS Filtering - * - * @access public - * @param string - * @param bool whether or not the content is an image file - * @return string - */ if ( ! function_exists('xss_clean')) { + /** + * XSS Filtering + * + * @param string + * @param bool whether or not the content is an image file + * @return string + */ function xss_clean($str, $is_image = FALSE) { $CI =& get_instance(); @@ -58,15 +55,14 @@ if ( ! function_exists('xss_clean')) // ------------------------------------------------------------------------ -/** - * Sanitize Filename - * - * @access public - * @param string - * @return string - */ if ( ! function_exists('sanitize_filename')) { + /** + * Sanitize Filename + * + * @param string + * @return string + */ function sanitize_filename($filename) { $CI =& get_instance(); @@ -76,49 +72,52 @@ if ( ! function_exists('sanitize_filename')) // -------------------------------------------------------------------- -/** - * Hash encode a string - * - * @access public - * @param string - * @return string - */ if ( ! function_exists('do_hash')) { + /** + * Hash encode a string + * + * @param string + * @param string + * @return string + */ function do_hash($str, $type = 'sha1') { - return ($type === 'sha1') ? sha1($str) : md5($str); + if ( ! in_array(strtolower($type), hash_algos())) + { + $type = 'md5'; + } + + return hash($type, $str); } } // ------------------------------------------------------------------------ -/** - * Strip Image Tags - * - * @access public - * @param string - * @return string - */ if ( ! function_exists('strip_image_tags')) { + /** + * Strip Image Tags + * + * @param string + * @return string + */ function strip_image_tags($str) { - return preg_replace(array("#<img\s+.*?src\s*=\s*[\"'](.+?)[\"'].*?\>#", "#<img\s+.*?src\s*=\s*(.+?).*?\>#"), "\\1", $str); + return preg_replace(array('#<img\s+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img\s+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str); } } // ------------------------------------------------------------------------ -/** - * Convert PHP tags to entities - * - * @access public - * @param string - * @return string - */ if ( ! function_exists('encode_php_tags')) { + /** + * Convert PHP tags to entities + * + * @param string + * @return string + */ function encode_php_tags($str) { return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('<?php', '<?PHP', '<?', '?>'), $str); @@ -126,4 +125,4 @@ if ( ! function_exists('encode_php_tags')) } /* End of file security_helper.php */ -/* Location: ./system/helpers/security_helper.php */ +/* Location: ./system/helpers/security_helper.php */
\ No newline at end of file |