security_helper.php 3.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137
  1. <?php
  2. /**
  3. * CodeIgniter
  4. *
  5. * An open source application development framework for PHP
  6. *
  7. * This content is released under the MIT License (MIT)
  8. *
  9. * Copyright (c) 2014 - 2019, British Columbia Institute of Technology
  10. *
  11. * Permission is hereby granted, free of charge, to any person obtaining a copy
  12. * of this software and associated documentation files (the "Software"), to deal
  13. * in the Software without restriction, including without limitation the rights
  14. * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  15. * copies of the Software, and to permit persons to whom the Software is
  16. * furnished to do so, subject to the following conditions:
  17. *
  18. * The above copyright notice and this permission notice shall be included in
  19. * all copies or substantial portions of the Software.
  20. *
  21. * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  22. * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  23. * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
  24. * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  25. * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  26. * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  27. * THE SOFTWARE.
  28. *
  29. * @package CodeIgniter
  30. * @author EllisLab Dev Team
  31. * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
  32. * @copyright Copyright (c) 2014 - 2019, British Columbia Institute of Technology (https://bcit.ca/)
  33. * @license https://opensource.org/licenses/MIT MIT License
  34. * @link https://codeigniter.com
  35. * @since Version 1.0.0
  36. * @filesource
  37. */
  38. defined('BASEPATH') OR exit('No direct script access allowed');
  39. /**
  40. * CodeIgniter Security Helpers
  41. *
  42. * @package CodeIgniter
  43. * @subpackage Helpers
  44. * @category Helpers
  45. * @author EllisLab Dev Team
  46. * @link https://codeigniter.com/user_guide/helpers/security_helper.html
  47. */
  48. // ------------------------------------------------------------------------
  49. if ( ! function_exists('xss_clean'))
  50. {
  51. /**
  52. * XSS Filtering
  53. *
  54. * @param string
  55. * @param bool whether or not the content is an image file
  56. * @return string
  57. */
  58. function xss_clean($str, $is_image = FALSE)
  59. {
  60. return get_instance()->security->xss_clean($str, $is_image);
  61. }
  62. }
  63. // ------------------------------------------------------------------------
  64. if ( ! function_exists('sanitize_filename'))
  65. {
  66. /**
  67. * Sanitize Filename
  68. *
  69. * @param string
  70. * @return string
  71. */
  72. function sanitize_filename($filename)
  73. {
  74. return get_instance()->security->sanitize_filename($filename);
  75. }
  76. }
  77. // --------------------------------------------------------------------
  78. if ( ! function_exists('do_hash'))
  79. {
  80. /**
  81. * Hash encode a string
  82. *
  83. * @todo Remove in version 3.1+.
  84. * @deprecated 3.0.0 Use PHP's native hash() instead.
  85. * @param string $str
  86. * @param string $type = 'sha1'
  87. * @return string
  88. */
  89. function do_hash($str, $type = 'sha1')
  90. {
  91. if ( ! in_array(strtolower($type), hash_algos()))
  92. {
  93. $type = 'md5';
  94. }
  95. return hash($type, $str);
  96. }
  97. }
  98. // ------------------------------------------------------------------------
  99. if ( ! function_exists('strip_image_tags'))
  100. {
  101. /**
  102. * Strip Image Tags
  103. *
  104. * @param string
  105. * @return string
  106. */
  107. function strip_image_tags($str)
  108. {
  109. return get_instance()->security->strip_image_tags($str);
  110. }
  111. }
  112. // ------------------------------------------------------------------------
  113. if ( ! function_exists('encode_php_tags'))
  114. {
  115. /**
  116. * Convert PHP tags to entities
  117. *
  118. * @param string
  119. * @return string
  120. */
  121. function encode_php_tags($str)
  122. {
  123. return str_replace(array('<?', '?>'), array('&lt;?', '?&gt;'), $str);
  124. }
  125. }