Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / f0bcb3c9c41ba4a7236908e2997eb56109ad9592 / . / system / helpers / security_helper.php
blob: 4dbbf728ac701032d3c6013c8358a58f6f650eaa [file] [log] [blame]
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]1<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
2/**
3 * CodeIgniter
4 *
5 * An open source application development framework for PHP 4.3.2 or newer
6 *
7 * @package CodeIgniter
8 * @author ExpressionEngine Dev Team
9 * @copyright Copyright (c) 2008, EllisLab, Inc.
10 * @license http://codeigniter.com/user_guide/license.html
11 * @link http://codeigniter.com
12 * @since Version 1.0
13 * @filesource
14 */
15
16// ------------------------------------------------------------------------
17
18/**
19 * CodeIgniter Security Helpers
20 *
21 * @package CodeIgniter
22 * @subpackage Helpers
23 * @category Helpers
24 * @author ExpressionEngine Dev Team
25 * @link http://codeigniter.com/user_guide/helpers/security_helper.html
26 */
27
28// ------------------------------------------------------------------------
29
30/**
31 * XSS Filtering
32 *
33 * @access public
34 * @param string
Derek Jonesf0bcb3c2009-02-10 18:40:21 +0000[diff] [blame^]35 * @param bool whether or not the content is an image file
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]36 * @return string
37 */
38if ( ! function_exists('xss_clean'))
39{
Derek Jonesf0bcb3c2009-02-10 18:40:21 +0000[diff] [blame^]40 function xss_clean($str, $is_image = FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]41 {
42 $CI =& get_instance();
Derek Jonesf0bcb3c2009-02-10 18:40:21 +0000[diff] [blame^]43 return $CI->input->xss_clean($str, $is_image);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]44 }
45}
46
47// --------------------------------------------------------------------
48
49/**
50 * Hash encode a string
51 *
52 * @access public
53 * @param string
54 * @return string
55 */
56if ( ! function_exists('dohash'))
57{
58 function dohash($str, $type = 'sha1')
59 {
60 if ($type == 'sha1')
61 {
62 if ( ! function_exists('sha1'))
63 {
64 if ( ! function_exists('mhash'))
65 {
66 require_once(BASEPATH.'libraries/Sha1'.EXT);
67 $SH = new CI_SHA;
68 return $SH->generate($str);
69 }
70 else
71 {
72 return bin2hex(mhash(MHASH_SHA1, $str));
73 }
74 }
75 else
76 {
77 return sha1($str);
78 }
79 }
80 else
81 {
82 return md5($str);
83 }
84 }
85}
86
87// ------------------------------------------------------------------------
88
89/**
90 * Strip Image Tags
91 *
92 * @access public
93 * @param string
94 * @return string
95 */
96if ( ! function_exists('strip_image_tags'))
97{
98 function strip_image_tags($str)
99 {
100 $str = preg_replace("#<img\s+.*?src\s*=\s*[\"'](.+?)[\"'].*?\>#", "\\1", $str);
101 $str = preg_replace("#<img\s+.*?src\s*=\s*(.+?).*?\>#", "\\1", $str);
102
103 return $str;
104 }
105}
106
107// ------------------------------------------------------------------------
108
109/**
110 * Convert PHP tags to entities
111 *
112 * @access public
113 * @param string
114 * @return string
115 */
116if ( ! function_exists('encode_php_tags'))
117{
118 function encode_php_tags($str)
119 {
120 return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('&lt;?php', '&lt;?PHP', '&lt;?', '?&gt;'), $str);
121 }
122}
123
124
125/* End of file security_helper.php */
Derek Jonesa3ffbbb2008-05-11 18:18:29 +0000[diff] [blame]126/* Location: ./system/helpers/security_helper.php */