From 4433f424d7a0dd7e5863ddd5393c13be377ed6ce Mon Sep 17 00:00:00 2001
From: Derek Allard <derek.allard@ellislab.com>
Date: Fri, 23 Jul 2010 08:47:34 -0400
Subject: adding sanitize_filename() into the security helper

---
 system/helpers/security_helper.php      | 18 ++++++++++++++++++
 user_guide/changelog.html               |  1 +
 user_guide/helpers/security_helper.html |  6 ++++++
 3 files changed, 25 insertions(+)

diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php
index 654cfd100..63f0e9cdb 100644
--- a/system/helpers/security_helper.php
+++ b/system/helpers/security_helper.php
@@ -44,6 +44,24 @@ if ( ! function_exists('xss_clean'))
 	}
 }
 
+// ------------------------------------------------------------------------
+
+/**
+ * Sanitize Filename
+ *
+ * @access	public
+ * @param	string
+ * @return	string
+ */	
+if ( ! function_exists('sanitize_filename'))
+{
+	function sanitize_filename($filename)
+	{
+		$CI =& get_instance();
+		return $CI->security->sanitize_filename($filename);
+	}
+}
+
 // --------------------------------------------------------------------
 
 /**
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index fb39d6060..714e9e86e 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -127,6 +127,7 @@ Hg Tag: </p>
 			<li>Modified <kbd>smiley_js()</kbd> to add optional third parameter to return only the javascript with no script tags.</li>
 			<li>The <kbd>img()</kbd> function of the <a href="./helpers/html_helper.html">HTML helper</a> will now generate an empty string as an alt attribute if one is not provided.</li>
 			<li>If CSRF is enabled in the application config file, <kbd>form_open()</kbd> will automatically insert it as a hidden field.</li>
+			<li>Added <kbd>sanitize_filename()</kbd> into the <a href="./helpers/security_helper.html">Security helper</a>.</li>
 		</ul>
 	</li>
 	<li>Other Changes
diff --git a/user_guide/helpers/security_helper.html b/user_guide/helpers/security_helper.html
index 97be674ad..f74a7766c 100644
--- a/user_guide/helpers/security_helper.html
+++ b/user_guide/helpers/security_helper.html
@@ -75,6 +75,12 @@ Security Helper
 <a href="../libraries/input.html">Input class</a>.  More info can be found there.</p>
 
 
+<h2>sanitize_filename()</h2>
+
+<p>Provides protection against directory traversal.  This function is an alias to the one in the
+<a href="../libraries/security.html">Security class</a>.  More info can be found there.</p>
+
+
 <h2>do_hash()</h2>
 
 <p>Permits you to create SHA1 or MD5 one way hashes suitable for encrypting passwords.  Will create SHA1 by default. Examples:</p>
-- 
cgit v1.2.3-24-g4f1b