diff options
Diffstat (limited to 'user_guide/libraries/security.html')
-rw-r--r-- | user_guide/libraries/security.html | 739 |
1 files changed, 0 insertions, 739 deletions
diff --git a/user_guide/libraries/security.html b/user_guide/libraries/security.html deleted file mode 100644 index 7177b1ce1..000000000 --- a/user_guide/libraries/security.html +++ /dev/null @@ -1,739 +0,0 @@ - - -<!DOCTYPE html> -<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]--> -<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]--> -<head> - <meta charset="utf-8"> - <meta name="viewport" content="width=device-width, initial-scale=1.0"> - - <title>Security Class — CodeIgniter 3.1.10 documentation</title> - - - - - <link rel="shortcut icon" href="../_static/ci-icon.ico"/> - - - - <link href='https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic|Roboto+Slab:400,700|Inconsolata:400,700&subset=latin,cyrillic' rel='stylesheet' type='text/css'> - - - - - - - - - - <link rel="stylesheet" href="../_static/css/citheme.css" type="text/css" /> - - - - <link rel="index" title="Index" - href="../genindex.html"/> - <link rel="search" title="Search" href="../search.html"/> - <link rel="top" title="CodeIgniter 3.1.10 documentation" href="../index.html"/> - <link rel="up" title="Libraries" href="index.html"/> - <link rel="next" title="Session Library" href="sessions.html"/> - <link rel="prev" title="Template Parser Class" href="parser.html"/> - - - <script src="https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.6.2/modernizr.min.js"></script> - -</head> - -<body class="wy-body-for-nav" role="document"> - - <div id="nav"> - <div id="nav_inner"> - - - - <div id="pulldown-menu" class="ciNav"> - <ul> -<li class="toctree-l1"><a class="reference internal" href="../general/welcome.html">Welcome to CodeIgniter</a></li> -</ul> -<ul> -<li class="toctree-l1"><a class="reference internal" href="../installation/index.html">Installation Instructions</a><ul> -<li class="toctree-l2"><a class="reference internal" href="../installation/downloads.html">Downloading CodeIgniter</a></li> -<li class="toctree-l2"><a class="reference internal" href="../installation/index.html">Installation Instructions</a></li> -<li class="toctree-l2"><a class="reference internal" href="../installation/upgrading.html">Upgrading From a Previous Version</a></li> -<li class="toctree-l2"><a class="reference internal" href="../installation/troubleshooting.html">Troubleshooting</a></li> -</ul> -</li> -</ul> -<ul> -<li class="toctree-l1"><a class="reference internal" href="../overview/index.html">CodeIgniter Overview</a><ul> -<li class="toctree-l2"><a class="reference internal" href="../overview/getting_started.html">Getting Started</a></li> -<li class="toctree-l2"><a class="reference internal" href="../overview/at_a_glance.html">CodeIgniter at a Glance</a></li> -<li class="toctree-l2"><a class="reference internal" href="../overview/features.html">Supported Features</a></li> -<li class="toctree-l2"><a class="reference internal" href="../overview/appflow.html">Application Flow Chart</a></li> -<li class="toctree-l2"><a class="reference internal" href="../overview/mvc.html">Model-View-Controller</a></li> -<li class="toctree-l2"><a class="reference internal" href="../overview/goals.html">Architectural Goals</a></li> -</ul> -</li> -</ul> -<ul> -<li class="toctree-l1"><a class="reference internal" href="../tutorial/index.html">Tutorial</a><ul> -<li class="toctree-l2"><a class="reference internal" href="../tutorial/static_pages.html">Static pages</a></li> -<li class="toctree-l2"><a class="reference internal" href="../tutorial/news_section.html">News section</a></li> -<li class="toctree-l2"><a class="reference internal" href="../tutorial/create_news_items.html">Create news items</a></li> -<li class="toctree-l2"><a class="reference internal" href="../tutorial/conclusion.html">Conclusion</a></li> -</ul> -</li> -</ul> -<ul> -<li class="toctree-l1"><a class="reference internal" href="../contributing/index.html">Contributing to CodeIgniter</a><ul> -<li class="toctree-l2"><a class="reference internal" href="../documentation/index.html">Writing CodeIgniter Documentation</a></li> -<li class="toctree-l2"><a class="reference internal" href="../DCO.html">Developer’s Certificate of Origin 1.1</a></li> -</ul> -</li> -</ul> -<ul> -<li class="toctree-l1"><a class="reference internal" href="../general/index.html">General Topics</a><ul> -<li class="toctree-l2"><a class="reference internal" href="../general/urls.html">CodeIgniter URLs</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/controllers.html">Controllers</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/reserved_names.html">Reserved Names</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/views.html">Views</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/models.html">Models</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/helpers.html">Helpers</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/libraries.html">Using CodeIgniter Libraries</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/creating_libraries.html">Creating Libraries</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/drivers.html">Using CodeIgniter Drivers</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/creating_drivers.html">Creating Drivers</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/core_classes.html">Creating Core System Classes</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/ancillary_classes.html">Creating Ancillary Classes</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/hooks.html">Hooks - Extending the Framework Core</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/autoloader.html">Auto-loading Resources</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/common_functions.html">Common Functions</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/compatibility_functions.html">Compatibility Functions</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/routing.html">URI Routing</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/errors.html">Error Handling</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/caching.html">Caching</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/profiling.html">Profiling Your Application</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/cli.html">Running via the CLI</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/managing_apps.html">Managing your Applications</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/environments.html">Handling Multiple Environments</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/alternative_php.html">Alternate PHP Syntax for View Files</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/security.html">Security</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/styleguide.html">PHP Style Guide</a></li> -</ul> -</li> -</ul> -<ul class="current"> -<li class="toctree-l1 current"><a class="reference internal" href="index.html">Libraries</a><ul class="current"> -<li class="toctree-l2"><a class="reference internal" href="benchmark.html">Benchmarking Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="caching.html">Caching Driver</a></li> -<li class="toctree-l2"><a class="reference internal" href="calendar.html">Calendaring Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="cart.html">Shopping Cart Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="config.html">Config Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="email.html">Email Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="encrypt.html">Encrypt Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="encryption.html">Encryption Library</a></li> -<li class="toctree-l2"><a class="reference internal" href="file_uploading.html">File Uploading Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="form_validation.html">Form Validation</a></li> -<li class="toctree-l2"><a class="reference internal" href="ftp.html">FTP Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="image_lib.html">Image Manipulation Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="input.html">Input Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="javascript.html">Javascript Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="language.html">Language Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="loader.html">Loader Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="migration.html">Migrations Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="output.html">Output Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="pagination.html">Pagination Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="parser.html">Template Parser Class</a></li> -<li class="toctree-l2 current"><a class="current reference internal" href="#">Security Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="sessions.html">Session Library</a></li> -<li class="toctree-l2"><a class="reference internal" href="table.html">HTML Table Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="trackback.html">Trackback Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="typography.html">Typography Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="unit_testing.html">Unit Testing Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="uri.html">URI Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="user_agent.html">User Agent Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="xmlrpc.html">XML-RPC and XML-RPC Server Classes</a></li> -<li class="toctree-l2"><a class="reference internal" href="zip.html">Zip Encoding Class</a></li> -</ul> -</li> -</ul> -<ul> -<li class="toctree-l1"><a class="reference internal" href="../database/index.html">Database Reference</a><ul> -<li class="toctree-l2"><a class="reference internal" href="../database/examples.html">Quick Start: Usage Examples</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/configuration.html">Database Configuration</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/connecting.html">Connecting to a Database</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/queries.html">Running Queries</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/results.html">Generating Query Results</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/helpers.html">Query Helper Functions</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/query_builder.html">Query Builder Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/transactions.html">Transactions</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/metadata.html">Getting MetaData</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/call_function.html">Custom Function Calls</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/caching.html">Query Caching</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/forge.html">Database Manipulation with Database Forge</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/utilities.html">Database Utilities Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/db_driver_reference.html">Database Driver Reference</a></li> -</ul> -</li> -</ul> -<ul> -<li class="toctree-l1"><a class="reference internal" href="../helpers/index.html">Helpers</a><ul> -<li class="toctree-l2"><a class="reference internal" href="../helpers/array_helper.html">Array Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/captcha_helper.html">CAPTCHA Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/cookie_helper.html">Cookie Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/date_helper.html">Date Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/directory_helper.html">Directory Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/download_helper.html">Download Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/email_helper.html">Email Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/file_helper.html">File Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/form_helper.html">Form Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/html_helper.html">HTML Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/inflector_helper.html">Inflector Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/language_helper.html">Language Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/number_helper.html">Number Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/path_helper.html">Path Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/security_helper.html">Security Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/smiley_helper.html">Smiley Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/string_helper.html">String Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/text_helper.html">Text Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/typography_helper.html">Typography Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/url_helper.html">URL Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/xml_helper.html">XML Helper</a></li> -</ul> -</li> -</ul> - - </div> - - - </div> -</div> -<div id="nav2"> - <a href="#" id="openToc"> - <img src="data:image/jpeg;base64,/9j/4AAQSkZJRgABAgAAZABkAAD/7AARRHVja3kAAQAEAAAARgAA/+4ADkFkb2JlAGTAAAAAAf/bAIQABAMDAwMDBAMDBAYEAwQGBwUEBAUHCAYGBwYGCAoICQkJCQgKCgwMDAwMCgwMDQ0MDBERERERFBQUFBQUFBQUFAEEBQUIBwgPCgoPFA4ODhQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU/8AAEQgAKwCaAwERAAIRAQMRAf/EAHsAAQAABwEBAAAAAAAAAAAAAAABAwQFBgcIAgkBAQAAAAAAAAAAAAAAAAAAAAAQAAEDAwICBwYEAgsAAAAAAAIBAwQAEQUSBiEHkROTVNQWGDFBUVIUCHEiMtOUFWGBobHRQlMkZIRVEQEAAAAAAAAAAAAAAAAAAAAA/9oADAMBAAIRAxEAPwDSC+ygkOOaUoKigUCgUCgUCgUCgUCgUCgUCgkuGguIP9FBMFb0Hqg7We+3jlmIqqYFf4ub+/QYlnOR/LqIBKGFUbf8qWv971BytQXXE7Y3Lnm3HsFhp2TaZJAdchRXpIgSpdEJWxJEW3xoKV7F5OMy7JkQn2o7D6w33XGjEAkoiqrJEqIiOIiKuhePCgqp22dyYyS3CyWHnQ5joG61HkRnmnTbaFSMhExRVQRRVJU9iUHjE7ez+fJ0MFipmUNhBV8YUd2SoIV9KkjQla9ltegttBdPLW4/qocL+UTfrMiHW4+P9M71shuyrqaHTcxsl7jegpsji8nh5ZwMvDfgTm0RTjSmjYdFCS6KoOIipdFunCgmNYTMv457MMY6U7iI6oMieDDhRm1VbIhuoOkbqtuK0Hpzb+eZcYZexUxt6UyUqK2cd0SdjtgrhOgijcgERUlJOCIl6CpgbP3blRI8XgMjNARAyKNDfeRBdFDBVUAXgQrqH4pxoJTu2NysY97LP4ac1io5q1InHFeGO24LnVKJuKOkSQ/yKir+rh7aCLG1dzypZQI2FnvTgccYOM3FeN0XWERXAUEFVQgQkUktdLpegm+Td3/Xli/L+S/mYNJIOF9G/wBeLKrZHFb0akG6W1WtQWSg3Dyg5e7V3fipE3O4/wCrktyzYA+ufas2LbZIlmnAT2kvuoN1wft95augilglX/tzP3qCu9O3LL/wV/i5v79BvmTADq14UGu91467Z6U9y0HzH/ncj/U/sT/CgynZG7I2NezpZGUjIycJkYkZSG+uQ81pbBNKLxJfjwoMqZ3/ALYHl35AJ7/cuwHcu5k7r1Q5pHetBjquqVVJWGxj9Zrtcl/Ggy3dHMvauR3HFZj5nHNxSyW5JISYDMoIwx8tFIGHZhPNaykGapr6rUAiicEoMG21lMRj8buPAz8xhJrr7uOeiPTCyAwXUaGR1mgozbTusOsFLEiJ7fbQa/h7gcjy2H3V6xppwDNtUSxCJIqp7valBuWVzJ22xuCROXNNZiJkMtms0DbjUkAZjzoDrTMd9dDRI44ZC2YsrYdKWP2WDT2S3N9dNdlRYrGMYc06IURXSYb0igrpWS485xVNS6nF4rwslkoMwnbpgZLB7bmt5uMweAhDEl4B5uSLzzqTnnyVpW2jaJHRMSIjdDiiotvy3DOE5rYTEbkl5yFn28k7JyG4c7AU2HtLH1uKfaiMPI40CdYbpNtmLdwTSn5rewLNld+7TLdeal4WarWBkbVKBjgdElMJJwAAY5fl4kB3b1fp4XvagsGS3FjJfLzDNtS8aeXx7LzT7TyzByQE5PccRGRC0ZRUDRV6y62vbjagzLmJzS2vuPK43JY6aP1TW6Jz+RIWyFtyC06y3EkiiinAo7YCqfq1AqqnGgsOH3lhZO8d1pmcpB8j5XIm9OYlBJSQ/FSS4427DKO0RC8AlcEMhFdViRR1WDWR5t3WXVuL1d106kG9vdeye2g60+1FDyW0shIcXVpyroXt8I8dfd+NB1vioAdWnD3UF1+gD4UFc6CEKpagxXN43rwJLUHz7yX2c8zokt9uHlsPIhA4aRnnHJTLptIS6CNsY7iASpxUUMkReGpfbQW0vtN5pitvrsN28rwtBD0nc0+/Yft5XhaB6TuaXfsP28rwtA9J3NPv2H7eV4Wgek7mn37D9vK8LQPSdzT79h+3leFoHpO5pd+w/byvC0D0nc0u/Yft5XhaB6TuaXfsP28rwtA9J3NLv2H7eV4Wgek7ml37D9vK8LQPSdzS79h+3leFoHpO5p9+w/byvC0E9r7Reazy2HIYVPxkS/CUHVn26cosxyv2g7h89LYmZSXOenvLEQ1YaQ222RATcQCP8rSGqqA8S02W2pQ6FhMoAIlqCtsnwoCpdKClejI4i3Sgtb+GBxVuNBSFt1pV/RQefLjPyUDy4z8lA8uM/JQPLjPyUDy4z8lA8uM/JQPLjPyUDy4z8lA8uM/JQPLjPyUDy4z8lA8utJ/koJ7WCbBU/LQXOPAFq1koK8B0pag90CggtBBf6qB0UDooHRQOigdFA6KB0UDooHRQOigdFA6KB0UDooI0EaBQf//Z" title="Toggle Table of Contents" alt="Toggle Table of Contents" /> - </a> -</div> - - <div class="wy-grid-for-nav"> - - - <nav data-toggle="wy-nav-shift" class="wy-nav-side"> - <div class="wy-side-nav-search"> - - <a href="../index.html" class="fa fa-home"> CodeIgniter</a> - - -<div role="search"> - <form id="rtd-search-form" class="wy-form" action="../search.html" method="get"> - <input type="text" name="q" placeholder="Search docs" /> - <input type="hidden" name="check_keywords" value="yes" /> - <input type="hidden" name="area" value="default" /> - </form> -</div> - </div> - - <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation"> - - - - <ul> -<li class="toctree-l1"><a class="reference internal" href="../general/welcome.html">Welcome to CodeIgniter</a></li> -</ul> -<ul> -<li class="toctree-l1"><a class="reference internal" href="../installation/index.html">Installation Instructions</a><ul> -<li class="toctree-l2"><a class="reference internal" href="../installation/downloads.html">Downloading CodeIgniter</a></li> -<li class="toctree-l2"><a class="reference internal" href="../installation/index.html">Installation Instructions</a></li> -<li class="toctree-l2"><a class="reference internal" href="../installation/upgrading.html">Upgrading From a Previous Version</a></li> -<li class="toctree-l2"><a class="reference internal" href="../installation/troubleshooting.html">Troubleshooting</a></li> -</ul> -</li> -</ul> -<ul> -<li class="toctree-l1"><a class="reference internal" href="../overview/index.html">CodeIgniter Overview</a><ul> -<li class="toctree-l2"><a class="reference internal" href="../overview/getting_started.html">Getting Started</a></li> -<li class="toctree-l2"><a class="reference internal" href="../overview/at_a_glance.html">CodeIgniter at a Glance</a></li> -<li class="toctree-l2"><a class="reference internal" href="../overview/features.html">Supported Features</a></li> -<li class="toctree-l2"><a class="reference internal" href="../overview/appflow.html">Application Flow Chart</a></li> -<li class="toctree-l2"><a class="reference internal" href="../overview/mvc.html">Model-View-Controller</a></li> -<li class="toctree-l2"><a class="reference internal" href="../overview/goals.html">Architectural Goals</a></li> -</ul> -</li> -</ul> -<ul> -<li class="toctree-l1"><a class="reference internal" href="../tutorial/index.html">Tutorial</a><ul> -<li class="toctree-l2"><a class="reference internal" href="../tutorial/static_pages.html">Static pages</a></li> -<li class="toctree-l2"><a class="reference internal" href="../tutorial/news_section.html">News section</a></li> -<li class="toctree-l2"><a class="reference internal" href="../tutorial/create_news_items.html">Create news items</a></li> -<li class="toctree-l2"><a class="reference internal" href="../tutorial/conclusion.html">Conclusion</a></li> -</ul> -</li> -</ul> -<ul> -<li class="toctree-l1"><a class="reference internal" href="../contributing/index.html">Contributing to CodeIgniter</a><ul> -<li class="toctree-l2"><a class="reference internal" href="../documentation/index.html">Writing CodeIgniter Documentation</a></li> -<li class="toctree-l2"><a class="reference internal" href="../DCO.html">Developer’s Certificate of Origin 1.1</a></li> -</ul> -</li> -</ul> -<ul> -<li class="toctree-l1"><a class="reference internal" href="../general/index.html">General Topics</a><ul> -<li class="toctree-l2"><a class="reference internal" href="../general/urls.html">CodeIgniter URLs</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/controllers.html">Controllers</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/reserved_names.html">Reserved Names</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/views.html">Views</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/models.html">Models</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/helpers.html">Helpers</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/libraries.html">Using CodeIgniter Libraries</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/creating_libraries.html">Creating Libraries</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/drivers.html">Using CodeIgniter Drivers</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/creating_drivers.html">Creating Drivers</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/core_classes.html">Creating Core System Classes</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/ancillary_classes.html">Creating Ancillary Classes</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/hooks.html">Hooks - Extending the Framework Core</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/autoloader.html">Auto-loading Resources</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/common_functions.html">Common Functions</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/compatibility_functions.html">Compatibility Functions</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/routing.html">URI Routing</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/errors.html">Error Handling</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/caching.html">Caching</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/profiling.html">Profiling Your Application</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/cli.html">Running via the CLI</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/managing_apps.html">Managing your Applications</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/environments.html">Handling Multiple Environments</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/alternative_php.html">Alternate PHP Syntax for View Files</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/security.html">Security</a></li> -<li class="toctree-l2"><a class="reference internal" href="../general/styleguide.html">PHP Style Guide</a></li> -</ul> -</li> -</ul> -<ul class="current"> -<li class="toctree-l1 current"><a class="reference internal" href="index.html">Libraries</a><ul class="current"> -<li class="toctree-l2"><a class="reference internal" href="benchmark.html">Benchmarking Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="caching.html">Caching Driver</a></li> -<li class="toctree-l2"><a class="reference internal" href="calendar.html">Calendaring Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="cart.html">Shopping Cart Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="config.html">Config Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="email.html">Email Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="encrypt.html">Encrypt Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="encryption.html">Encryption Library</a></li> -<li class="toctree-l2"><a class="reference internal" href="file_uploading.html">File Uploading Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="form_validation.html">Form Validation</a></li> -<li class="toctree-l2"><a class="reference internal" href="ftp.html">FTP Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="image_lib.html">Image Manipulation Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="input.html">Input Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="javascript.html">Javascript Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="language.html">Language Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="loader.html">Loader Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="migration.html">Migrations Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="output.html">Output Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="pagination.html">Pagination Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="parser.html">Template Parser Class</a></li> -<li class="toctree-l2 current"><a class="current reference internal" href="#">Security Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="sessions.html">Session Library</a></li> -<li class="toctree-l2"><a class="reference internal" href="table.html">HTML Table Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="trackback.html">Trackback Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="typography.html">Typography Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="unit_testing.html">Unit Testing Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="uri.html">URI Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="user_agent.html">User Agent Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="xmlrpc.html">XML-RPC and XML-RPC Server Classes</a></li> -<li class="toctree-l2"><a class="reference internal" href="zip.html">Zip Encoding Class</a></li> -</ul> -</li> -</ul> -<ul> -<li class="toctree-l1"><a class="reference internal" href="../database/index.html">Database Reference</a><ul> -<li class="toctree-l2"><a class="reference internal" href="../database/examples.html">Quick Start: Usage Examples</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/configuration.html">Database Configuration</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/connecting.html">Connecting to a Database</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/queries.html">Running Queries</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/results.html">Generating Query Results</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/helpers.html">Query Helper Functions</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/query_builder.html">Query Builder Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/transactions.html">Transactions</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/metadata.html">Getting MetaData</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/call_function.html">Custom Function Calls</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/caching.html">Query Caching</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/forge.html">Database Manipulation with Database Forge</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/utilities.html">Database Utilities Class</a></li> -<li class="toctree-l2"><a class="reference internal" href="../database/db_driver_reference.html">Database Driver Reference</a></li> -</ul> -</li> -</ul> -<ul> -<li class="toctree-l1"><a class="reference internal" href="../helpers/index.html">Helpers</a><ul> -<li class="toctree-l2"><a class="reference internal" href="../helpers/array_helper.html">Array Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/captcha_helper.html">CAPTCHA Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/cookie_helper.html">Cookie Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/date_helper.html">Date Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/directory_helper.html">Directory Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/download_helper.html">Download Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/email_helper.html">Email Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/file_helper.html">File Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/form_helper.html">Form Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/html_helper.html">HTML Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/inflector_helper.html">Inflector Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/language_helper.html">Language Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/number_helper.html">Number Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/path_helper.html">Path Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/security_helper.html">Security Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/smiley_helper.html">Smiley Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/string_helper.html">String Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/text_helper.html">Text Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/typography_helper.html">Typography Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/url_helper.html">URL Helper</a></li> -<li class="toctree-l2"><a class="reference internal" href="../helpers/xml_helper.html">XML Helper</a></li> -</ul> -</li> -</ul> - - - - </div> - - </nav> - - <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"> - - - <nav class="wy-nav-top" role="navigation" aria-label="top navigation"> - <i data-toggle="wy-nav-top" class="fa fa-bars"></i> - <a href="../index.html">CodeIgniter</a> - </nav> - - - - <div class="wy-nav-content"> - <div class="rst-content"> - <div role="navigation" aria-label="breadcrumbs navigation"> - <ul class="wy-breadcrumbs"> - <li><a href="../index.html">Docs</a> »</li> - - <li><a href="index.html">Libraries</a> »</li> - - <li>Security Class</li> - <li class="wy-breadcrumbs-aside"> - - </li> - <div style="float:right;margin-left:5px;" id="closeMe"> - <img title="Classic Layout" alt="classic layout" src="data:image/gif;base64,R0lGODlhFAAUAJEAAAAAADMzM////wAAACH5BAUUAAIALAAAAAAUABQAAAImlI+py+0PU5gRBRDM3DxbWoXis42X13USOLauUIqnlsaH/eY6UwAAOw==" /> - </div> - </ul> - <hr/> -</div> - <div role="main" class="document"> - - <div class="section" id="security-class"> -<h1>Security Class<a class="headerlink" href="#security-class" title="Permalink to this headline">¶</a></h1> -<p>The Security Class contains methods that help you create a secure -application, processing input data for security.</p> -<div class="contents local topic" id="contents"> -<ul class="simple"> -<li><a class="reference internal" href="#xss-filtering" id="id1">XSS Filtering</a></li> -<li><a class="reference internal" href="#cross-site-request-forgery-csrf" id="id2">Cross-site request forgery (CSRF)</a></li> -<li><a class="reference internal" href="#class-reference" id="id3">Class Reference</a></li> -</ul> -</div> -<div class="custom-index container"></div><div class="section" id="xss-filtering"> -<h2><a class="toc-backref" href="#id1">XSS Filtering</a><a class="headerlink" href="#xss-filtering" title="Permalink to this headline">¶</a></h2> -<p>CodeIgniter comes with a Cross Site Scripting prevention filter, which -looks for commonly used techniques to trigger JavaScript or other types -of code that attempt to hijack cookies or do other malicious things. -If anything disallowed is encountered it is rendered safe by converting -the data to character entities.</p> -<p>To filter data through the XSS filter use the <code class="docutils literal"><span class="pre">xss_clean()</span></code> method:</p> -<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$data</span> <span class="o">=</span> <span class="nv">$this</span><span class="o">-></span><span class="na">security</span><span class="o">-></span><span class="na">xss_clean</span><span class="p">(</span><span class="nv">$data</span><span class="p">);</span> -</pre></div> -</div> -<p>An optional second parameter, <em>is_image</em>, allows this function to be used -to test images for potential XSS attacks, useful for file upload -security. When this second parameter is set to TRUE, instead of -returning an altered string, the function returns TRUE if the image is -safe, and FALSE if it contained potentially malicious information that a -browser may attempt to execute.</p> -<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="k">if</span> <span class="p">(</span><span class="nv">$this</span><span class="o">-></span><span class="na">security</span><span class="o">-></span><span class="na">xss_clean</span><span class="p">(</span><span class="nv">$file</span><span class="p">,</span> <span class="k">TRUE</span><span class="p">)</span> <span class="o">===</span> <span class="k">FALSE</span><span class="p">)</span> -<span class="p">{</span> - <span class="c1">// file failed the XSS test</span> -<span class="p">}</span> -</pre></div> -</div> -<div class="admonition important"> -<p class="first admonition-title">Important</p> -<p class="last">If you want to filter HTML attribute values, use -<a class="reference internal" href="../general/common_functions.html#html_escape" title="html_escape"><code class="xref php php-func docutils literal"><span class="pre">html_escape()</span></code></a> instead!</p> -</div> -</div> -<div class="section" id="cross-site-request-forgery-csrf"> -<h2><a class="toc-backref" href="#id2">Cross-site request forgery (CSRF)</a><a class="headerlink" href="#cross-site-request-forgery-csrf" title="Permalink to this headline">¶</a></h2> -<p>You can enable CSRF protection by altering your <strong>application/config/config.php</strong> -file in the following way:</p> -<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$config</span><span class="p">[</span><span class="s1">'csrf_protection'</span><span class="p">]</span> <span class="o">=</span> <span class="k">TRUE</span><span class="p">;</span> -</pre></div> -</div> -<p>If you use the <a class="reference internal" href="../helpers/form_helper.html"><span class="doc">form helper</span></a>, then -<code class="xref py py-func docutils literal"><span class="pre">form_open()</span></code> will automatically insert a hidden csrf field in -your forms. If not, then you can use <code class="docutils literal"><span class="pre">get_csrf_token_name()</span></code> -and <code class="docutils literal"><span class="pre">get_csrf_hash()</span></code></p> -<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$csrf</span> <span class="o">=</span> <span class="k">array</span><span class="p">(</span> - <span class="s1">'name'</span> <span class="o">=></span> <span class="nv">$this</span><span class="o">-></span><span class="na">security</span><span class="o">-></span><span class="na">get_csrf_token_name</span><span class="p">(),</span> - <span class="s1">'hash'</span> <span class="o">=></span> <span class="nv">$this</span><span class="o">-></span><span class="na">security</span><span class="o">-></span><span class="na">get_csrf_hash</span><span class="p">()</span> -<span class="p">);</span> - -<span class="o">...</span> - -<span class="o"><</span><span class="nx">input</span> <span class="nx">type</span><span class="o">=</span><span class="s2">"hidden"</span> <span class="nx">name</span><span class="o">=</span><span class="s2">"<?=</span><span class="si">$csrf['name']</span><span class="s2">;?>"</span> <span class="nx">value</span><span class="o">=</span><span class="s2">"<?=</span><span class="si">$csrf['hash']</span><span class="s2">;?>"</span> <span class="o">/></span> -</pre></div> -</div> -<p>Tokens may be either regenerated on every submission (default) or -kept the same throughout the life of the CSRF cookie. The default -regeneration of tokens provides stricter security, but may result -in usability concerns as other tokens become invalid (back/forward -navigation, multiple tabs/windows, asynchronous actions, etc). You -may alter this behavior by editing the following config parameter</p> -<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$config</span><span class="p">[</span><span class="s1">'csrf_regenerate'</span><span class="p">]</span> <span class="o">=</span> <span class="k">TRUE</span><span class="p">;</span> -</pre></div> -</div> -<p>Select URIs can be whitelisted from csrf protection (for example API -endpoints expecting externally POSTed content). You can add these URIs -by editing the ‘csrf_exclude_uris’ config parameter:</p> -<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$config</span><span class="p">[</span><span class="s1">'csrf_exclude_uris'</span><span class="p">]</span> <span class="o">=</span> <span class="k">array</span><span class="p">(</span><span class="s1">'api/person/add'</span><span class="p">);</span> -</pre></div> -</div> -<p>Regular expressions are also supported (case-insensitive):</p> -<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$config</span><span class="p">[</span><span class="s1">'csrf_exclude_uris'</span><span class="p">]</span> <span class="o">=</span> <span class="k">array</span><span class="p">(</span> - <span class="s1">'api/record/[0-9]+'</span><span class="p">,</span> - <span class="s1">'api/title/[a-z]+'</span> -<span class="p">);</span> -</pre></div> -</div> -</div> -<div class="section" id="class-reference"> -<h2><a class="toc-backref" href="#id3">Class Reference</a><a class="headerlink" href="#class-reference" title="Permalink to this headline">¶</a></h2> -<dl class="class"> -<dt id="CI_Security"> -<em class="property">class </em><code class="descname">CI_Security</code><a class="headerlink" href="#CI_Security" title="Permalink to this definition">¶</a></dt> -<dd><dl class="method"> -<dt id="CI_Security::xss_clean"> -<code class="descname">xss_clean</code><span class="sig-paren">(</span><em>$str</em><span class="optional">[</span>, <em>$is_image = FALSE</em><span class="optional">]</span><span class="sig-paren">)</span><a class="headerlink" href="#CI_Security::xss_clean" title="Permalink to this definition">¶</a></dt> -<dd><table class="docutils field-list" frame="void" rules="none"> -<col class="field-name" /> -<col class="field-body" /> -<tbody valign="top"> -<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple"> -<li><strong>$str</strong> (<em>mixed</em>) – Input string or an array of strings</li> -</ul> -</td> -</tr> -<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body"><p class="first">XSS-clean data</p> -</td> -</tr> -<tr class="field-odd field"><th class="field-name">Return type:</th><td class="field-body"><p class="first last">mixed</p> -</td> -</tr> -</tbody> -</table> -<p>Tries to remove XSS exploits from the input data and returns the cleaned string. -If the optional second parameter is set to true, it will return boolean TRUE if -the image is safe to use and FALSE if malicious data was detected in it.</p> -<div class="admonition important"> -<p class="first admonition-title">Important</p> -<p class="last">This method is not suitable for filtering HTML attribute values! -Use <a class="reference internal" href="../general/common_functions.html#html_escape" title="html_escape"><code class="xref php php-func docutils literal"><span class="pre">html_escape()</span></code></a> for that instead.</p> -</div> -</dd></dl> - -<dl class="method"> -<dt id="CI_Security::sanitize_filename"> -<code class="descname">sanitize_filename</code><span class="sig-paren">(</span><em>$str</em><span class="optional">[</span>, <em>$relative_path = FALSE</em><span class="optional">]</span><span class="sig-paren">)</span><a class="headerlink" href="#CI_Security::sanitize_filename" title="Permalink to this definition">¶</a></dt> -<dd><table class="docutils field-list" frame="void" rules="none"> -<col class="field-name" /> -<col class="field-body" /> -<tbody valign="top"> -<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple"> -<li><strong>$str</strong> (<em>string</em>) – File name/path</li> -<li><strong>$relative_path</strong> (<em>bool</em>) – Whether to preserve any directories in the file path</li> -</ul> -</td> -</tr> -<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body"><p class="first">Sanitized file name/path</p> -</td> -</tr> -<tr class="field-odd field"><th class="field-name">Return type:</th><td class="field-body"><p class="first last">string</p> -</td> -</tr> -</tbody> -</table> -<p>Tries to sanitize filenames in order to prevent directory traversal attempts -and other security threats, which is particularly useful for files that were supplied via user input.</p> -<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$filename</span> <span class="o">=</span> <span class="nv">$this</span><span class="o">-></span><span class="na">security</span><span class="o">-></span><span class="na">sanitize_filename</span><span class="p">(</span><span class="nv">$this</span><span class="o">-></span><span class="na">input</span><span class="o">-></span><span class="na">post</span><span class="p">(</span><span class="s1">'filename'</span><span class="p">));</span> -</pre></div> -</div> -<p>If it is acceptable for the user input to include relative paths, e.g. -<em>file/in/some/approved/folder.txt</em>, you can set the second optional parameter, <code class="docutils literal"><span class="pre">$relative_path</span></code> to TRUE.</p> -<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$filename</span> <span class="o">=</span> <span class="nv">$this</span><span class="o">-></span><span class="na">security</span><span class="o">-></span><span class="na">sanitize_filename</span><span class="p">(</span><span class="nv">$this</span><span class="o">-></span><span class="na">input</span><span class="o">-></span><span class="na">post</span><span class="p">(</span><span class="s1">'filename'</span><span class="p">),</span> <span class="k">TRUE</span><span class="p">);</span> -</pre></div> -</div> -</dd></dl> - -<dl class="method"> -<dt id="CI_Security::get_csrf_token_name"> -<code class="descname">get_csrf_token_name</code><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="headerlink" href="#CI_Security::get_csrf_token_name" title="Permalink to this definition">¶</a></dt> -<dd><table class="docutils field-list" frame="void" rules="none"> -<col class="field-name" /> -<col class="field-body" /> -<tbody valign="top"> -<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">CSRF token name</td> -</tr> -<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td> -</tr> -</tbody> -</table> -<p>Returns the CSRF token name (the <code class="docutils literal"><span class="pre">$config['csrf_token_name']</span></code> value).</p> -</dd></dl> - -<dl class="method"> -<dt id="CI_Security::get_csrf_hash"> -<code class="descname">get_csrf_hash</code><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="headerlink" href="#CI_Security::get_csrf_hash" title="Permalink to this definition">¶</a></dt> -<dd><table class="docutils field-list" frame="void" rules="none"> -<col class="field-name" /> -<col class="field-body" /> -<tbody valign="top"> -<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">CSRF hash</td> -</tr> -<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td> -</tr> -</tbody> -</table> -<p>Returns the CSRF hash value. Useful in combination with <code class="docutils literal"><span class="pre">get_csrf_token_name()</span></code> -for manually building forms or sending valid AJAX POST requests.</p> -</dd></dl> - -<dl class="method"> -<dt id="CI_Security::entity_decode"> -<code class="descname">entity_decode</code><span class="sig-paren">(</span><em>$str</em><span class="optional">[</span>, <em>$charset = NULL</em><span class="optional">]</span><span class="sig-paren">)</span><a class="headerlink" href="#CI_Security::entity_decode" title="Permalink to this definition">¶</a></dt> -<dd><table class="docutils field-list" frame="void" rules="none"> -<col class="field-name" /> -<col class="field-body" /> -<tbody valign="top"> -<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple"> -<li><strong>$str</strong> (<em>string</em>) – Input string</li> -<li><strong>$charset</strong> (<em>string</em>) – Character set of the input string</li> -</ul> -</td> -</tr> -<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body"><p class="first">Entity-decoded string</p> -</td> -</tr> -<tr class="field-odd field"><th class="field-name">Return type:</th><td class="field-body"><p class="first last">string</p> -</td> -</tr> -</tbody> -</table> -<p>This method acts a lot like PHP’s own native <code class="docutils literal"><span class="pre">html_entity_decode()</span></code> function in ENT_COMPAT mode, only -it tries to detect HTML entities that don’t end in a semicolon because some browsers allow that.</p> -<p>If the <code class="docutils literal"><span class="pre">$charset</span></code> parameter is left empty, then your configured <code class="docutils literal"><span class="pre">$config['charset']</span></code> value will be used.</p> -</dd></dl> - -<dl class="method"> -<dt id="CI_Security::get_random_bytes"> -<code class="descname">get_random_bytes</code><span class="sig-paren">(</span><em>$length</em><span class="sig-paren">)</span><a class="headerlink" href="#CI_Security::get_random_bytes" title="Permalink to this definition">¶</a></dt> -<dd><table class="docutils field-list" frame="void" rules="none"> -<col class="field-name" /> -<col class="field-body" /> -<tbody valign="top"> -<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple"> -<li><strong>$length</strong> (<em>int</em>) – Output length</li> -</ul> -</td> -</tr> -<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body"><p class="first">A binary stream of random bytes or FALSE on failure</p> -</td> -</tr> -<tr class="field-odd field"><th class="field-name">Return type:</th><td class="field-body"><p class="first last">string</p> -</td> -</tr> -</tbody> -</table> -<p>A convenience method for getting proper random bytes via <code class="docutils literal"><span class="pre">mcrypt_create_iv()</span></code>, -<code class="docutils literal"><span class="pre">/dev/urandom</span></code> or <code class="docutils literal"><span class="pre">openssl_random_pseudo_bytes()</span></code> (in that order), if one -of them is available.</p> -<p>Used for generating CSRF and XSS tokens.</p> -<div class="admonition note"> -<p class="first admonition-title">Note</p> -<p class="last">The output is NOT guaranteed to be cryptographically secure, -just the best attempt at that.</p> -</div> -</dd></dl> - -</dd></dl> - -</div> -</div> - - - </div> - <footer> - - <div class="rst-footer-buttons" role="navigation" aria-label="footer navigation"> - - <a href="sessions.html" class="btn btn-neutral float-right" title="Session Library">Next <span class="fa fa-arrow-circle-right"></span></a> - - - <a href="parser.html" class="btn btn-neutral" title="Template Parser Class"><span class="fa fa-arrow-circle-left"></span> Previous</a> - - </div> - - - <hr/> - - <div role="contentinfo"> - <p> - © Copyright 2014 - 2019, British Columbia Institute of Technology. - Last updated on Jan 16, 2019. - </p> - </div> - - Built with <a href="http://sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>. - -</footer> - </div> - </div> - - </section> - - </div> - - - - - - <script type="text/javascript"> - var DOCUMENTATION_OPTIONS = { - URL_ROOT:'../', - VERSION:'3.1.10', - COLLAPSE_INDEX:false, - FILE_SUFFIX:'.html', - HAS_SOURCE: false - }; - </script> - <script type="text/javascript" src="../_static/jquery.js"></script> - <script type="text/javascript" src="../_static/underscore.js"></script> - <script type="text/javascript" src="../_static/doctools.js"></script> - - - - - - <script type="text/javascript" src="../_static/js/theme.js"></script> - - - - - <script type="text/javascript"> - jQuery(function () { - SphinxRtdTheme.StickyNav.enable(); - }); - </script> - - -</body> -</html>
\ No newline at end of file |