blob: ad4e29a87baed75fa14fb5dededdc97fa919c2f3 [file] [log] [blame]
Derek Jones37f4b9c2011-07-01 17:56:50 -05001<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
Derek Allard2067d1a2008-11-13 22:59:24 +00002/**
3 * CodeIgniter
4 *
Greg Aker741de1c2010-11-10 14:52:57 -06005 * An open source application development framework for PHP 5.1.6 or newer
Derek Allard2067d1a2008-11-13 22:59:24 +00006 *
Derek Jonesf4a4bd82011-10-20 12:18:42 -05007 * NOTICE OF LICENSE
8 *
9 * Licensed under the Open Software License version 3.0
10 *
11 * This source file is subject to the Open Software License (OSL 3.0) that is
12 * bundled with this package in the files license.txt / license.rst. It is
13 * also available through the world wide web at this URL:
14 * http://opensource.org/licenses/OSL-3.0
15 * If you did not receive a copy of the license and are unable to obtain it
16 * through the world wide web, please send an email to
17 * licensing@ellislab.com so we can send you a copy immediately.
18 *
Derek Allard2067d1a2008-11-13 22:59:24 +000019 * @package CodeIgniter
Derek Jonesf4a4bd82011-10-20 12:18:42 -050020 * @author EllisLab Dev Team
21 * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/)
22 * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
Derek Allard2067d1a2008-11-13 22:59:24 +000023 * @link http://codeigniter.com
24 * @since Version 1.0
25 * @filesource
26 */
27
28// ------------------------------------------------------------------------
29
30/**
31 * CodeIgniter Security Helpers
32 *
33 * @package CodeIgniter
34 * @subpackage Helpers
35 * @category Helpers
Derek Jonesf4a4bd82011-10-20 12:18:42 -050036 * @author EllisLab Dev Team
Derek Allard2067d1a2008-11-13 22:59:24 +000037 * @link http://codeigniter.com/user_guide/helpers/security_helper.html
38 */
39
40// ------------------------------------------------------------------------
41
42/**
43 * XSS Filtering
44 *
45 * @access public
46 * @param string
Derek Jonesf0bcb3c2009-02-10 18:40:21 +000047 * @param bool whether or not the content is an image file
Derek Allard2067d1a2008-11-13 22:59:24 +000048 * @return string
Barry Mienydd671972010-10-04 16:33:58 +020049 */
Derek Allard2067d1a2008-11-13 22:59:24 +000050if ( ! function_exists('xss_clean'))
51{
Derek Jonesf0bcb3c2009-02-10 18:40:21 +000052 function xss_clean($str, $is_image = FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +000053 {
54 $CI =& get_instance();
Derek Jones11b1e512010-03-05 10:22:44 -060055 return $CI->security->xss_clean($str, $is_image);
Derek Allard2067d1a2008-11-13 22:59:24 +000056 }
57}
58
Derek Allard4433f422010-07-23 08:47:34 -040059// ------------------------------------------------------------------------
60
61/**
62 * Sanitize Filename
63 *
64 * @access public
65 * @param string
66 * @return string
Barry Mienydd671972010-10-04 16:33:58 +020067 */
Derek Allard4433f422010-07-23 08:47:34 -040068if ( ! function_exists('sanitize_filename'))
69{
70 function sanitize_filename($filename)
71 {
72 $CI =& get_instance();
73 return $CI->security->sanitize_filename($filename);
74 }
75}
76
Derek Allard2067d1a2008-11-13 22:59:24 +000077// --------------------------------------------------------------------
78
79/**
80 * Hash encode a string
81 *
82 * @access public
83 * @param string
84 * @return string
Barry Mienydd671972010-10-04 16:33:58 +020085 */
Derek Allard8719a5c2009-10-08 16:42:59 +000086if ( ! function_exists('do_hash'))
Barry Mienydd671972010-10-04 16:33:58 +020087{
Derek Allard8719a5c2009-10-08 16:42:59 +000088 function do_hash($str, $type = 'sha1')
Derek Allard2067d1a2008-11-13 22:59:24 +000089 {
90 if ($type == 'sha1')
91 {
Pascal Kriete6b488672011-04-05 15:02:15 -040092 return sha1($str);
Derek Allard2067d1a2008-11-13 22:59:24 +000093 }
94 else
95 {
96 return md5($str);
97 }
98 }
99}
Barry Mienydd671972010-10-04 16:33:58 +0200100
Derek Allard2067d1a2008-11-13 22:59:24 +0000101// ------------------------------------------------------------------------
102
103/**
104 * Strip Image Tags
105 *
106 * @access public
107 * @param string
108 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200109 */
Derek Allard2067d1a2008-11-13 22:59:24 +0000110if ( ! function_exists('strip_image_tags'))
111{
112 function strip_image_tags($str)
113 {
114 $str = preg_replace("#<img\s+.*?src\s*=\s*[\"'](.+?)[\"'].*?\>#", "\\1", $str);
115 $str = preg_replace("#<img\s+.*?src\s*=\s*(.+?).*?\>#", "\\1", $str);
Barry Mienydd671972010-10-04 16:33:58 +0200116
Derek Allard2067d1a2008-11-13 22:59:24 +0000117 return $str;
118 }
119}
Barry Mienydd671972010-10-04 16:33:58 +0200120
Derek Allard2067d1a2008-11-13 22:59:24 +0000121// ------------------------------------------------------------------------
122
123/**
124 * Convert PHP tags to entities
125 *
126 * @access public
127 * @param string
128 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200129 */
Derek Allard2067d1a2008-11-13 22:59:24 +0000130if ( ! function_exists('encode_php_tags'))
131{
132 function encode_php_tags($str)
133 {
Derek Jones37f4b9c2011-07-01 17:56:50 -0500134 return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('&lt;?php', '&lt;?PHP', '&lt;?', '?&gt;'), $str);
Derek Allard2067d1a2008-11-13 22:59:24 +0000135 }
136}
137
138
139/* End of file security_helper.php */
Derek Jonesa3ffbbb2008-05-11 18:18:29 +0000140/* Location: ./system/helpers/security_helper.php */