<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * * An open source application development framework for PHP 4.3.2 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 * @filesource */ // ------------------------------------------------------------------------ /** * CodeIgniter Security Helpers * * @package CodeIgniter * @subpackage Helpers * @category Helpers * @author ExpressionEngine Dev Team * @link http://codeigniter.com/user_guide/helpers/security_helper.html */ // ------------------------------------------------------------------------ /** * XSS Filtering * * @access public * @param string * @param bool whether or not the content is an image file * @return string */ if ( ! function_exists('xss_clean')) { function xss_clean($str, $is_image = FALSE) { $CI =& get_instance(); return $CI->input->xss_clean($str, $is_image); } } // -------------------------------------------------------------------- /** * Hash encode a string * * @access public * @param string * @return string */ if ( ! function_exists('dohash')) { function dohash($str, $type = 'sha1') { if ($type == 'sha1') { if ( ! function_exists('sha1')) { if ( ! function_exists('mhash')) { require_once(BASEPATH.'libraries/Sha1'.EXT); $SH = new CI_SHA; return $SH->generate($str); } else { return bin2hex(mhash(MHASH_SHA1, $str)); } } else { return sha1($str); } } else { return md5($str); } } } // ------------------------------------------------------------------------ /** * Strip Image Tags * * @access public * @param string * @return string */ if ( ! function_exists('strip_image_tags')) { function strip_image_tags($str) { $str = preg_replace("#<img\s+.*?src\s*=\s*[\"'](.+?)[\"'].*?\>#", "\\1", $str); $str = preg_replace("#<img\s+.*?src\s*=\s*(.+?).*?\>#", "\\1", $str); return $str; } } // ------------------------------------------------------------------------ /** * Convert PHP tags to entities * * @access public * @param string * @return string */ if ( ! function_exists('encode_php_tags')) { function encode_php_tags($str) { return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('<?php', '<?PHP', '<?', '?>'), $str); } } /* End of file security_helper.php */ /* Location: ./system/helpers/security_helper.php */