The Security Helper file contains security related functions.
This helper is loaded using the following code:
$this->load->helper('security');
The following functions are available:
xss_clean($str[, $is_image = FALSE])
Parameters: |
|
---|---|
Returns: |
XSS-clean string |
Return type: |
string |
Provides Cross Site Script Hack filtering.
This function is an alias for CI_Input::xss_clean()
. For more info, please see the Input Library documentation.
sanitize_filename($filename)
Parameters: |
|
---|---|
Returns: |
Sanitized file name |
Return type: |
string |
Provides protection against directory traversal.
This function is an alias for CI_Security::sanitize_filename()
. For more info, please see the Security Library documentation.
do_hash($str[, $type = 'sha1'])
Parameters: |
|
---|---|
Returns: |
Hex-formatted hash |
Return type: |
string |
Permits you to create one way hashes suitable for encrypting passwords. Will use SHA1 by default.
See hash_algos() for a full list of supported algorithms.
Examples:
$str = do_hash($str); // SHA1 $str = do_hash($str, 'md5'); // MD5
Note
This function was formerly named dohash()
, which has been removed in favor of do_hash()
.
Note
This function is DEPRECATED. Use the native hash()
instead.
Parameters: |
|
---|---|
Returns: |
The input string with no image tags |
Return type: |
string |
This is a security function that will strip image tags from a string. It leaves the image URL as plain text.
Example:
$string = strip_image_tags($string);
This function is an alias for CI_Security::strip_image_tags()
. For more info, please see the Security Library documentation.
Parameters: |
|
---|---|
Returns: |
Safely formatted string |
Return type: |
string |
This is a security function that converts PHP tags to entities.
Note
xss_clean()
does this automatically, if you use it.
Example:
$string = encode_php_tags($string);
© 2014–2017 British Columbia Institute of Technology
Licensed under the MIT License.
https://www.codeigniter.com/user_guide/helpers/security_helper.html