From 8ede1a2ecbb62577afd32996956c5feaf7ddf9b6 Mon Sep 17 00:00:00 2001
From: Derek Jones <derek.jones@ellislab.com>
Date: Wed, 5 Oct 2011 13:34:52 -0500
Subject: replacing the old HTML user guide with a Sphinx-managed user guide

---
 user_guide_src/source/helpers/security_helper.rst | 67 +++++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100644 user_guide_src/source/helpers/security_helper.rst

(limited to 'user_guide_src/source/helpers/security_helper.rst')

diff --git a/user_guide_src/source/helpers/security_helper.rst b/user_guide_src/source/helpers/security_helper.rst
new file mode 100644
index 000000000..01018c61a
--- /dev/null
+++ b/user_guide_src/source/helpers/security_helper.rst
@@ -0,0 +1,67 @@
+###############
+Security Helper
+###############
+
+The Security Helper file contains security related functions.
+
+.. contents:: Page Contents
+
+Loading this Helper
+===================
+
+This helper is loaded using the following code
+
+::
+
+	$this->load->helper('security');
+
+The following functions are available:
+
+xss_clean()
+===========
+
+Provides Cross Site Script Hack filtering. This function is an alias to
+the one in the :doc:`Input class <../libraries/input>`. More info can
+be found there.
+
+sanitize_filename()
+===================
+
+Provides protection against directory traversal. This function is an
+alias to the one in the :doc:`Security class <../libraries/security>`.
+More info can be found there.
+
+do_hash()
+=========
+
+Permits you to create SHA1 or MD5 one way hashes suitable for encrypting
+passwords. Will create SHA1 by default. Examples
+
+::
+
+	$str = do_hash($str); // SHA1
+	$str = do_hash($str, 'md5'); // MD5
+
+.. note:: This function was formerly named dohash(), which has been
+	deprecated in favor of `do_hash()`.
+
+strip_image_tags()
+==================
+
+This is a security function that will strip image tags from a string. It
+leaves the image URL as plain text.
+
+::
+
+	$string = strip_image_tags($string);
+
+encode_php_tags()
+=================
+
+This is a security function that converts PHP tags to entities. Note: If
+you use the XSS filtering function it does this automatically.
+
+::
+
+	$string = encode_php_tags($string);
+
-- 
cgit v1.2.3-24-g4f1b