Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / 871754af60251993d640981e107d2def5f2db396 / . / system / helpers / security_helper.php
blob: 848cf4623d8d64975a30507341ca967b75b09c5d [file] [log] [blame]
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame]1<?php
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]2/**
3 * CodeIgniter
4 *
Phil Sturgeon07c1ac82012-03-09 17:03:37 +0000[diff] [blame]5 * An open source application development framework for PHP 5.2.4 or newer
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]6 *
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]7 * NOTICE OF LICENSE
Andrey Andreeva381d172012-01-06 19:19:37 +0200[diff] [blame]8 *
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]9 * Licensed under the Open Software License version 3.0
Andrey Andreeva381d172012-01-06 19:19:37 +0200[diff] [blame]10 *
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]11 * This source file is subject to the Open Software License (OSL 3.0) that is
12 * bundled with this package in the files license.txt / license.rst. It is
13 * also available through the world wide web at this URL:
14 * http://opensource.org/licenses/OSL-3.0
15 * If you did not receive a copy of the license and are unable to obtain it
16 * through the world wide web, please send an email to
17 * licensing@ellislab.com so we can send you a copy immediately.
18 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]19 * @package CodeIgniter
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]20 * @author EllisLab Dev Team
darwinel871754a2014-02-11 17:34:57 +0100[diff] [blame^]21 * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]22 * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]23 * @link http://codeigniter.com
24 * @since Version 1.0
25 * @filesource
26 */
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame]27defined('BASEPATH') OR exit('No direct script access allowed');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]28
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]29/**
30 * CodeIgniter Security Helpers
31 *
32 * @package CodeIgniter
33 * @subpackage Helpers
34 * @category Helpers
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]35 * @author EllisLab Dev Team
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]36 * @link http://codeigniter.com/user_guide/helpers/security_helper.html
37 */
38
39// ------------------------------------------------------------------------
40
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]41if ( ! function_exists('xss_clean'))
42{
Timothy Warrenb75faa12012-04-27 12:03:32 -0400[diff] [blame]43 /**
44 * XSS Filtering
45 *
46 * @param string
47 * @param bool whether or not the content is an image file
48 * @return string
49 */
Derek Jonesf0bcb3c2009-02-10 18:40:21 +0000[diff] [blame]50 function xss_clean($str, $is_image = FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]51 {
Andrey Andreev119d8a72014-01-08 15:27:53 +0200[diff] [blame]52 return get_instance()->security->xss_clean($str, $is_image);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]53 }
54}
55
Derek Allard4433f422010-07-23 08:47:34 -0400[diff] [blame]56// ------------------------------------------------------------------------
57
Derek Allard4433f422010-07-23 08:47:34 -0400[diff] [blame]58if ( ! function_exists('sanitize_filename'))
59{
Timothy Warrenb75faa12012-04-27 12:03:32 -0400[diff] [blame]60 /**
61 * Sanitize Filename
62 *
63 * @param string
64 * @return string
65 */
Derek Allard4433f422010-07-23 08:47:34 -0400[diff] [blame]66 function sanitize_filename($filename)
67 {
Andrey Andreev119d8a72014-01-08 15:27:53 +0200[diff] [blame]68 return get_instance()->security->sanitize_filename($filename);
Derek Allard4433f422010-07-23 08:47:34 -0400[diff] [blame]69 }
70}
71
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]72// --------------------------------------------------------------------
73
Derek Allard8719a5c2009-10-08 16:42:59 +0000[diff] [blame]74if ( ! function_exists('do_hash'))
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]75{
Timothy Warrenb75faa12012-04-27 12:03:32 -0400[diff] [blame]76 /**
77 * Hash encode a string
78 *
Andrey Andreev29d909d2012-10-27 01:05:09 +0300[diff] [blame]79 * @todo Remove in version 3.1+.
80 * @deprecated 3.0.0 Use PHP's native hash() instead.
81 * @param string $str
82 * @param string $type = 'sha1'
Timothy Warrenb75faa12012-04-27 12:03:32 -0400[diff] [blame]83 * @return string
84 */
Derek Allard8719a5c2009-10-08 16:42:59 +0000[diff] [blame]85 function do_hash($str, $type = 'sha1')
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]86 {
Andrey Andreev7eea3062012-03-19 12:58:45 +0200[diff] [blame]87 if ( ! in_array(strtolower($type), hash_algos()))
Andrey Andreev50bff7c2012-03-19 12:16:38 +0200[diff] [blame]88 {
89 $type = 'md5';
90 }
91
freewil8840c962012-03-18 15:23:09 -0400[diff] [blame]92 return hash($type, $str);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]93 }
94}
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]95
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]96// ------------------------------------------------------------------------
97
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]98if ( ! function_exists('strip_image_tags'))
99{
Timothy Warrenb75faa12012-04-27 12:03:32 -0400[diff] [blame]100 /**
101 * Strip Image Tags
102 *
103 * @param string
104 * @return string
105 */
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]106 function strip_image_tags($str)
107 {
Andrey Andreev119d8a72014-01-08 15:27:53 +0200[diff] [blame]108 return get_instance()->security->strip_image_tags($str);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]109 }
110}
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]111
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]112// ------------------------------------------------------------------------
113
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]114if ( ! function_exists('encode_php_tags'))
115{
Timothy Warrenb75faa12012-04-27 12:03:32 -0400[diff] [blame]116 /**
117 * Convert PHP tags to entities
118 *
119 * @param string
120 * @return string
121 */
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]122 function encode_php_tags($str)
123 {
vkeranov3c298dc2012-07-12 11:04:02 +0300[diff] [blame]124 return str_replace(array('<?', '?>'), array('&lt;?', '?&gt;'), $str);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]125 }
126}
127
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]128/* End of file security_helper.php */
Andrey Andreeve92df332012-03-26 22:44:20 +0300[diff] [blame]129/* Location: ./system/helpers/security_helper.php */