]>
Commit | Line | Data |
---|---|---|
59c06b17 CS |
1 | <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); |
2 | /** | |
3 | * CodeIgniter | |
4 | * | |
5 | * An open source application development framework for PHP 5.1.6 or newer | |
6 | * | |
7 | * @package CodeIgniter | |
8 | * @author ExpressionEngine Dev Team | |
9 | * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. | |
10 | * @license http://codeigniter.com/user_guide/license.html | |
11 | * @link http://codeigniter.com | |
12 | * @since Version 1.0 | |
13 | * @filesource | |
14 | */ | |
15 | ||
16 | // ------------------------------------------------------------------------ | |
17 | ||
18 | /** | |
19 | * CodeIgniter Security Helpers | |
20 | * | |
21 | * @package CodeIgniter | |
22 | * @subpackage Helpers | |
23 | * @category Helpers | |
24 | * @author ExpressionEngine Dev Team | |
25 | * @link http://codeigniter.com/user_guide/helpers/security_helper.html | |
26 | */ | |
27 | ||
28 | // ------------------------------------------------------------------------ | |
29 | ||
30 | /** | |
31 | * XSS Filtering | |
32 | * | |
33 | * @access public | |
34 | * @param string | |
35 | * @param bool whether or not the content is an image file | |
36 | * @return string | |
37 | */ | |
38 | if ( ! function_exists('xss_clean')) | |
39 | { | |
40 | function xss_clean($str, $is_image = FALSE) | |
41 | { | |
42 | $CI =& get_instance(); | |
43 | return $CI->security->xss_clean($str, $is_image); | |
44 | } | |
45 | } | |
46 | ||
47 | // ------------------------------------------------------------------------ | |
48 | ||
49 | /** | |
50 | * Sanitize Filename | |
51 | * | |
52 | * @access public | |
53 | * @param string | |
54 | * @return string | |
55 | */ | |
56 | if ( ! function_exists('sanitize_filename')) | |
57 | { | |
58 | function sanitize_filename($filename) | |
59 | { | |
60 | $CI =& get_instance(); | |
61 | return $CI->security->sanitize_filename($filename); | |
62 | } | |
63 | } | |
64 | ||
65 | // -------------------------------------------------------------------- | |
66 | ||
67 | /** | |
68 | * Hash encode a string | |
69 | * | |
70 | * @access public | |
71 | * @param string | |
72 | * @return string | |
73 | */ | |
74 | if ( ! function_exists('do_hash')) | |
75 | { | |
76 | function do_hash($str, $type = 'sha1') | |
77 | { | |
78 | if ($type == 'sha1') | |
79 | { | |
80 | return sha1($str); | |
81 | } | |
82 | else | |
83 | { | |
84 | return md5($str); | |
85 | } | |
86 | } | |
87 | } | |
88 | ||
89 | // ------------------------------------------------------------------------ | |
90 | ||
91 | /** | |
92 | * Strip Image Tags | |
93 | * | |
94 | * @access public | |
95 | * @param string | |
96 | * @return string | |
97 | */ | |
98 | if ( ! function_exists('strip_image_tags')) | |
99 | { | |
100 | function strip_image_tags($str) | |
101 | { | |
102 | $str = preg_replace("#<img\s+.*?src\s*=\s*[\"'](.+?)[\"'].*?\>#", "\\1", $str); | |
103 | $str = preg_replace("#<img\s+.*?src\s*=\s*(.+?).*?\>#", "\\1", $str); | |
104 | ||
105 | return $str; | |
106 | } | |
107 | } | |
108 | ||
109 | // ------------------------------------------------------------------------ | |
110 | ||
111 | /** | |
112 | * Convert PHP tags to entities | |
113 | * | |
114 | * @access public | |
115 | * @param string | |
116 | * @return string | |
117 | */ | |
118 | if ( ! function_exists('encode_php_tags')) | |
119 | { | |
120 | function encode_php_tags($str) | |
121 | { | |
122 | return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('<?php', '<?PHP', '<?', '?>'), $str); | |
123 | } | |
124 | } | |
125 | ||
126 | ||
127 | /* End of file security_helper.php */ | |
128 | /* Location: ./system/helpers/security_helper.php */ |