Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / a381d175691a5fa58b4ef4d0aab1a0b7bc9a87fb / . / system / helpers / security_helper.php
blob: 99fda561a895c4b48abf272cf8098a427bcf30ef [file] [log] [blame]
Andrey Andreeva381d172012-01-06 19:19:37 +0200[diff] [blame^]1<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]2/**
3 * CodeIgniter
4 *
Greg Aker741de1c2010-11-10 14:52:57 -0600[diff] [blame]5 * An open source application development framework for PHP 5.1.6 or newer
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]6 *
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]7 * NOTICE OF LICENSE
Andrey Andreeva381d172012-01-06 19:19:37 +0200[diff] [blame^]8 *
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]9 * Licensed under the Open Software License version 3.0
Andrey Andreeva381d172012-01-06 19:19:37 +0200[diff] [blame^]10 *
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]11 * This source file is subject to the Open Software License (OSL 3.0) that is
12 * bundled with this package in the files license.txt / license.rst. It is
13 * also available through the world wide web at this URL:
14 * http://opensource.org/licenses/OSL-3.0
15 * If you did not receive a copy of the license and are unable to obtain it
16 * through the world wide web, please send an email to
17 * licensing@ellislab.com so we can send you a copy immediately.
18 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]19 * @package CodeIgniter
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]20 * @author EllisLab Dev Team
Greg Aker0defe5d2012-01-01 18:46:41 -0600[diff] [blame]21 * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]22 * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]23 * @link http://codeigniter.com
24 * @since Version 1.0
25 * @filesource
26 */
27
28// ------------------------------------------------------------------------
29
30/**
31 * CodeIgniter Security Helpers
32 *
33 * @package CodeIgniter
34 * @subpackage Helpers
35 * @category Helpers
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]36 * @author EllisLab Dev Team
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]37 * @link http://codeigniter.com/user_guide/helpers/security_helper.html
38 */
39
40// ------------------------------------------------------------------------
41
42/**
43 * XSS Filtering
44 *
45 * @access public
46 * @param string
Derek Jonesf0bcb3c2009-02-10 18:40:21 +0000[diff] [blame]47 * @param bool whether or not the content is an image file
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]48 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]49 */
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]50if ( ! function_exists('xss_clean'))
51{
Derek Jonesf0bcb3c2009-02-10 18:40:21 +0000[diff] [blame]52 function xss_clean($str, $is_image = FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]53 {
54 $CI =& get_instance();
Derek Jones11b1e512010-03-05 10:22:44 -0600[diff] [blame]55 return $CI->security->xss_clean($str, $is_image);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]56 }
57}
58
Derek Allard4433f422010-07-23 08:47:34 -0400[diff] [blame]59// ------------------------------------------------------------------------
60
61/**
62 * Sanitize Filename
63 *
64 * @access public
65 * @param string
66 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]67 */
Derek Allard4433f422010-07-23 08:47:34 -0400[diff] [blame]68if ( ! function_exists('sanitize_filename'))
69{
70 function sanitize_filename($filename)
71 {
72 $CI =& get_instance();
73 return $CI->security->sanitize_filename($filename);
74 }
75}
76
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]77// --------------------------------------------------------------------
78
79/**
80 * Hash encode a string
81 *
82 * @access public
83 * @param string
84 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]85 */
Derek Allard8719a5c2009-10-08 16:42:59 +0000[diff] [blame]86if ( ! function_exists('do_hash'))
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]87{
Derek Allard8719a5c2009-10-08 16:42:59 +0000[diff] [blame]88 function do_hash($str, $type = 'sha1')
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]89 {
Andrey Andreeva381d172012-01-06 19:19:37 +0200[diff] [blame^]90 return ($type === 'sha1') ? sha1($str) : md5($str);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]91 }
92}
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]93
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]94// ------------------------------------------------------------------------
95
96/**
97 * Strip Image Tags
98 *
99 * @access public
100 * @param string
101 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]102 */
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]103if ( ! function_exists('strip_image_tags'))
104{
105 function strip_image_tags($str)
106 {
Andrey Andreeva381d172012-01-06 19:19:37 +0200[diff] [blame^]107 return preg_replace(array("#<img\s+.*?src\s*=\s*[\"'](.+?)[\"'].*?\>#", "#<img\s+.*?src\s*=\s*(.+?).*?\>#"), "\\1", $str);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]108 }
109}
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]110
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]111// ------------------------------------------------------------------------
112
113/**
114 * Convert PHP tags to entities
115 *
116 * @access public
117 * @param string
118 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]119 */
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]120if ( ! function_exists('encode_php_tags'))
121{
122 function encode_php_tags($str)
123 {
Derek Jones37f4b9c2011-07-01 17:56:50 -0500[diff] [blame]124 return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('&lt;?php', '&lt;?PHP', '&lt;?', '?&gt;'), $str);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]125 }
126}
127
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]128/* End of file security_helper.php */
Andrey Andreeva381d172012-01-06 19:19:37 +0200[diff] [blame^]129/* Location: ./system/helpers/security_helper.php */