From 8ede1a2ecbb62577afd32996956c5feaf7ddf9b6 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Wed, 5 Oct 2011 13:34:52 -0500 Subject: replacing the old HTML user guide with a Sphinx-managed user guide --- user_guide_src/source/helpers/security_helper.rst | 67 +++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 user_guide_src/source/helpers/security_helper.rst (limited to 'user_guide_src/source/helpers/security_helper.rst') diff --git a/user_guide_src/source/helpers/security_helper.rst b/user_guide_src/source/helpers/security_helper.rst new file mode 100644 index 000000000..01018c61a --- /dev/null +++ b/user_guide_src/source/helpers/security_helper.rst @@ -0,0 +1,67 @@ +############### +Security Helper +############### + +The Security Helper file contains security related functions. + +.. contents:: Page Contents + +Loading this Helper +=================== + +This helper is loaded using the following code + +:: + + $this->load->helper('security'); + +The following functions are available: + +xss_clean() +=========== + +Provides Cross Site Script Hack filtering. This function is an alias to +the one in the :doc:`Input class <../libraries/input>`. More info can +be found there. + +sanitize_filename() +=================== + +Provides protection against directory traversal. This function is an +alias to the one in the :doc:`Security class <../libraries/security>`. +More info can be found there. + +do_hash() +========= + +Permits you to create SHA1 or MD5 one way hashes suitable for encrypting +passwords. Will create SHA1 by default. Examples + +:: + + $str = do_hash($str); // SHA1 + $str = do_hash($str, 'md5'); // MD5 + +.. note:: This function was formerly named dohash(), which has been + deprecated in favor of `do_hash()`. + +strip_image_tags() +================== + +This is a security function that will strip image tags from a string. It +leaves the image URL as plain text. + +:: + + $string = strip_image_tags($string); + +encode_php_tags() +================= + +This is a security function that converts PHP tags to entities. Note: If +you use the XSS filtering function it does this automatically. + +:: + + $string = encode_php_tags($string); + -- cgit v1.2.3-24-g4f1b From 8840c96cc0608859ad4b5341c31db9bb1f833792 Mon Sep 17 00:00:00 2001 From: freewil Date: Sun, 18 Mar 2012 15:23:09 -0400 Subject: use php's hash() function for do_hash() helper --- user_guide_src/source/helpers/security_helper.rst | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'user_guide_src/source/helpers/security_helper.rst') diff --git a/user_guide_src/source/helpers/security_helper.rst b/user_guide_src/source/helpers/security_helper.rst index 01018c61a..b1bcf2b4a 100644 --- a/user_guide_src/source/helpers/security_helper.rst +++ b/user_guide_src/source/helpers/security_helper.rst @@ -34,8 +34,9 @@ More info can be found there. do_hash() ========= -Permits you to create SHA1 or MD5 one way hashes suitable for encrypting -passwords. Will create SHA1 by default. Examples +Permits you to create one way hashes suitable for encrypting +passwords. Will create SHA1 by default. See `hash_algos() `_ +for a full list of supported algorithms. :: @@ -43,7 +44,7 @@ passwords. Will create SHA1 by default. Examples $str = do_hash($str, 'md5'); // MD5 .. note:: This function was formerly named dohash(), which has been - deprecated in favor of `do_hash()`. + removed in favor of `do_hash()`. strip_image_tags() ================== -- cgit v1.2.3-24-g4f1b From 0f0b76980cb07f39b20c8591882aeae3854f016c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 7 Jun 2012 14:57:04 +0300 Subject: Deprecated do_hash() and read_file() in favor of hash() and file_get_contents() respectively --- user_guide_src/source/helpers/security_helper.rst | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'user_guide_src/source/helpers/security_helper.rst') diff --git a/user_guide_src/source/helpers/security_helper.rst b/user_guide_src/source/helpers/security_helper.rst index b1bcf2b4a..ec0be28b3 100644 --- a/user_guide_src/source/helpers/security_helper.rst +++ b/user_guide_src/source/helpers/security_helper.rst @@ -43,8 +43,10 @@ for a full list of supported algorithms. $str = do_hash($str); // SHA1 $str = do_hash($str, 'md5'); // MD5 -.. note:: This function was formerly named dohash(), which has been - removed in favor of `do_hash()`. +.. note:: This function was formerly named ``dohash()``, which has been + removed in favor of ``do_hash()``. + +.. note:: This function is DEPRECATED. Use the native ``hash()`` instead. strip_image_tags() ================== -- cgit v1.2.3-24-g4f1b