blob: 0dc1429dd69e302a91b15b5eadf4f3b51e6dba0b [file] [log] [blame]
Derek Allardd2df9bc2007-04-15 17:41:17 +00001<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
2/**
3 * CodeIgniter
4 *
5 * An open source application development framework for PHP 4.3.2 or newer
6 *
7 * @package CodeIgniter
Derek Allard3d879d52008-01-18 19:41:32 +00008 * @author ExpressionEngine Dev Team
Derek Allardd2df9bc2007-04-15 17:41:17 +00009 * @copyright Copyright (c) 2006, EllisLab, Inc.
Derek Jones7a9193a2008-01-21 18:39:20 +000010 * @license http://codeigniter.com/user_guide/license.html
11 * @link http://codeigniter.com
Derek Allardd2df9bc2007-04-15 17:41:17 +000012 * @since Version 1.0
13 * @filesource
14 */
15
16// ------------------------------------------------------------------------
17
18/**
19 * CodeIgniter Security Helpers
20 *
21 * @package CodeIgniter
22 * @subpackage Helpers
23 * @category Helpers
Derek Allard3d879d52008-01-18 19:41:32 +000024 * @author ExpressionEngine Dev Team
Derek Jones7a9193a2008-01-21 18:39:20 +000025 * @link http://codeigniter.com/user_guide/helpers/security_helper.html
Derek Allardd2df9bc2007-04-15 17:41:17 +000026 */
27
28// ------------------------------------------------------------------------
29
30/**
31 * XSS Filtering
32 *
33 * @access public
34 * @param string
35 * @param string the character set of your data
36 * @return string
37 */
Derek Jones269b9422008-01-28 21:00:20 +000038if (! function_exists('xss_clean'))
Derek Allardd2df9bc2007-04-15 17:41:17 +000039{
Derek Jones269b9422008-01-28 21:00:20 +000040 function xss_clean($str, $charset = 'ISO-8859-1')
41 {
42 $CI =& get_instance();
43 return $CI->input->xss_clean($str, $charset);
44 }
Derek Allardd2df9bc2007-04-15 17:41:17 +000045}
46
47// --------------------------------------------------------------------
48
49/**
50 * Hash encode a string
51 *
52 * @access public
53 * @param string
54 * @return string
Derek Jones269b9422008-01-28 21:00:20 +000055 */
56if (! function_exists('dohash'))
57{
58 function dohash($str, $type = 'sha1')
Derek Allardd2df9bc2007-04-15 17:41:17 +000059 {
Derek Jones269b9422008-01-28 21:00:20 +000060 if ($type == 'sha1')
Derek Allardd2df9bc2007-04-15 17:41:17 +000061 {
Derek Allard73274992008-05-05 16:39:18 +000062 if (! function_exists('sha1'))
Derek Jones269b9422008-01-28 21:00:20 +000063 {
Derek Allard73274992008-05-05 16:39:18 +000064 if (! function_exists('mhash'))
Derek Jones269b9422008-01-28 21:00:20 +000065 {
66 require_once(BASEPATH.'libraries/Sha1'.EXT);
67 $SH = new CI_SHA;
68 return $SH->generate($str);
69 }
70 else
71 {
72 return bin2hex(mhash(MHASH_SHA1, $str));
73 }
Derek Allardd2df9bc2007-04-15 17:41:17 +000074 }
75 else
76 {
Derek Jones269b9422008-01-28 21:00:20 +000077 return sha1($str);
78 }
Derek Allardd2df9bc2007-04-15 17:41:17 +000079 }
80 else
81 {
Derek Jones269b9422008-01-28 21:00:20 +000082 return md5($str);
83 }
Derek Allardd2df9bc2007-04-15 17:41:17 +000084 }
85}
86
87// ------------------------------------------------------------------------
88
89/**
90 * Strip Image Tags
91 *
92 * @access public
93 * @param string
94 * @return string
95 */
Derek Jones269b9422008-01-28 21:00:20 +000096if (! function_exists('strip_image_tags'))
Derek Allardd2df9bc2007-04-15 17:41:17 +000097{
Derek Jones269b9422008-01-28 21:00:20 +000098 function strip_image_tags($str)
99 {
100 $str = preg_replace("#<img\s+.*?src\s*=\s*[\"'](.+?)[\"'].*?\>#", "\\1", $str);
101 $str = preg_replace("#<img\s+.*?src\s*=\s*(.+?).*?\>#", "\\1", $str);
Derek Allardd2df9bc2007-04-15 17:41:17 +0000102
Derek Jones269b9422008-01-28 21:00:20 +0000103 return $str;
104 }
Derek Allardd2df9bc2007-04-15 17:41:17 +0000105}
106
107// ------------------------------------------------------------------------
108
109/**
110 * Convert PHP tags to entities
111 *
112 * @access public
113 * @param string
114 * @return string
115 */
Derek Jones269b9422008-01-28 21:00:20 +0000116if (! function_exists('encode_php_tags'))
Derek Allardd2df9bc2007-04-15 17:41:17 +0000117{
Derek Jones269b9422008-01-28 21:00:20 +0000118 function encode_php_tags($str)
119 {
120 return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('&lt;?php', '&lt;?PHP', '&lt;?', '?&gt;'), $str);
121 }
Derek Allardd2df9bc2007-04-15 17:41:17 +0000122}
123
Derek Jonesa3ffbbb2008-05-11 18:18:29 +0000124
125/* End of file security_helper.php */
126/* Location: ./system/helpers/security_helper.php */