From 4433f424d7a0dd7e5863ddd5393c13be377ed6ce Mon Sep 17 00:00:00 2001
From: Derek Allard
Date: Fri, 23 Jul 2010 08:47:34 -0400
Subject: adding sanitize_filename() into the security helper
---
system/helpers/security_helper.php | 18 ++++++++++++++++++
user_guide/changelog.html | 1 +
user_guide/helpers/security_helper.html | 6 ++++++
3 files changed, 25 insertions(+)
diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php
index 654cfd100..63f0e9cdb 100644
--- a/system/helpers/security_helper.php
+++ b/system/helpers/security_helper.php
@@ -44,6 +44,24 @@ if ( ! function_exists('xss_clean'))
}
}
+// ------------------------------------------------------------------------
+
+/**
+ * Sanitize Filename
+ *
+ * @access public
+ * @param string
+ * @return string
+ */
+if ( ! function_exists('sanitize_filename'))
+{
+ function sanitize_filename($filename)
+ {
+ $CI =& get_instance();
+ return $CI->security->sanitize_filename($filename);
+ }
+}
+
// --------------------------------------------------------------------
/**
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index fb39d6060..714e9e86e 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -127,6 +127,7 @@ Hg Tag:
Modified smiley_js() to add optional third parameter to return only the javascript with no script tags.
The img() function of the HTML helper will now generate an empty string as an alt attribute if one is not provided.
If CSRF is enabled in the application config file, form_open() will automatically insert it as a hidden field.
+ Added sanitize_filename() into the Security helper.
Other Changes
diff --git a/user_guide/helpers/security_helper.html b/user_guide/helpers/security_helper.html
index 97be674ad..f74a7766c 100644
--- a/user_guide/helpers/security_helper.html
+++ b/user_guide/helpers/security_helper.html
@@ -75,6 +75,12 @@ Security Helper
Input class. More info can be found there.
+sanitize_filename()
+
+Provides protection against directory traversal. This function is an alias to the one in the
+Security class. More info can be found there.
+
+
do_hash()
Permits you to create SHA1 or MD5 one way hashes suitable for encrypting passwords. Will create SHA1 by default. Examples:
--
cgit v1.2.3-24-g4f1b