Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / 7f3719faf120dc15f3d7b45e132ab3192f60ad62 / . / system / helpers / security_helper.php
blob: 1f0a62906ff19d114036f782b6f727bcdfef0c5a [file] [log] [blame]
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]1<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
2/**
3 * CodeIgniter
4 *
5 * An open source application development framework for PHP 4.3.2 or newer
6 *
7 * @package CodeIgniter
8 * @author ExpressionEngine Dev Team
Derek Jones7f3719f2010-01-05 13:35:37 +0000[diff] [blame^]9 * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc.
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]10 * @license http://codeigniter.com/user_guide/license.html
11 * @link http://codeigniter.com
12 * @since Version 1.0
13 * @filesource
14 */
15
16// ------------------------------------------------------------------------
17
18/**
19 * CodeIgniter Security Helpers
20 *
21 * @package CodeIgniter
22 * @subpackage Helpers
23 * @category Helpers
24 * @author ExpressionEngine Dev Team
25 * @link http://codeigniter.com/user_guide/helpers/security_helper.html
26 */
27
28// ------------------------------------------------------------------------
29
30/**
31 * XSS Filtering
32 *
33 * @access public
34 * @param string
Derek Jonesf0bcb3c2009-02-10 18:40:21 +0000[diff] [blame]35 * @param bool whether or not the content is an image file
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]36 * @return string
37 */
38if ( ! function_exists('xss_clean'))
39{
Derek Jonesf0bcb3c2009-02-10 18:40:21 +0000[diff] [blame]40 function xss_clean($str, $is_image = FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]41 {
42 $CI =& get_instance();
Derek Jonesf0bcb3c2009-02-10 18:40:21 +0000[diff] [blame]43 return $CI->input->xss_clean($str, $is_image);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]44 }
45}
46
47// --------------------------------------------------------------------
48
49/**
50 * Hash encode a string
51 *
Derek Allard8719a5c2009-10-08 16:42:59 +0000[diff] [blame]52 * This is simply an alias for do_hash()
53 * dohash() is now deprecated
54 */
55if ( ! function_exists('dohash'))
56{
57 function dohash($str, $type = 'sha1')
58 {
59 return $this->do_hash($str, $type);
60 }
61}
62
63// --------------------------------------------------------------------
64
65/**
66 * Hash encode a string
67 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]68 * @access public
69 * @param string
70 * @return string
71 */
Derek Allard8719a5c2009-10-08 16:42:59 +0000[diff] [blame]72if ( ! function_exists('do_hash'))
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]73{
Derek Allard8719a5c2009-10-08 16:42:59 +0000[diff] [blame]74 function do_hash($str, $type = 'sha1')
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]75 {
76 if ($type == 'sha1')
77 {
78 if ( ! function_exists('sha1'))
79 {
80 if ( ! function_exists('mhash'))
81 {
82 require_once(BASEPATH.'libraries/Sha1'.EXT);
83 $SH = new CI_SHA;
84 return $SH->generate($str);
85 }
86 else
87 {
88 return bin2hex(mhash(MHASH_SHA1, $str));
89 }
90 }
91 else
92 {
93 return sha1($str);
94 }
95 }
96 else
97 {
98 return md5($str);
99 }
100 }
101}
102
103// ------------------------------------------------------------------------
104
105/**
106 * Strip Image Tags
107 *
108 * @access public
109 * @param string
110 * @return string
111 */
112if ( ! function_exists('strip_image_tags'))
113{
114 function strip_image_tags($str)
115 {
116 $str = preg_replace("#<img\s+.*?src\s*=\s*[\"'](.+?)[\"'].*?\>#", "\\1", $str);
117 $str = preg_replace("#<img\s+.*?src\s*=\s*(.+?).*?\>#", "\\1", $str);
118
119 return $str;
120 }
121}
122
123// ------------------------------------------------------------------------
124
125/**
126 * Convert PHP tags to entities
127 *
128 * @access public
129 * @param string
130 * @return string
131 */
132if ( ! function_exists('encode_php_tags'))
133{
134 function encode_php_tags($str)
135 {
136 return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('&lt;?php', '&lt;?PHP', '&lt;?', '?&gt;'), $str);
137 }
138}
139
140
141/* End of file security_helper.php */
Derek Jonesa3ffbbb2008-05-11 18:18:29 +0000[diff] [blame]142/* Location: ./system/helpers/security_helper.php */