Security helper in codeigniter

Security Helper

The Security Helper file contains security related functions.

Loading this Helper

This helper is loaded using the following code:

Available Functions

The following functions are available:

xss_clean($str[, $is_image = FALSE])

Parameters:
  • $str (string) – Input data
  • $is_image (bool) – Whether we’re dealing with an image
  • Returns:XSS-clean string
    Return type:string

    Provides Cross Site Script Hack filtering.

    This function is an alias for CI_Input::xss_clean().

    sanitize_filename($filename)

    Parameters:
  • $filename (string) – Filename
  • Returns:Sanitized file name
    Return type:string

    Provides protection against directory traversal.

    This function is an alias for CI_Security::sanitize_filename().

    do_hash($str[, $type = ‘sha1’])

    Parameters:
  • $str (string) – Input
  • $type (string) – Algorithm
  • Returns:Hex-formatted hash
    Return type:string

    Permits you to create one way hashes suitable for encrypting passwords. Will use SHA1 by default.

    Examples:

    Note
    This function was formerly named dohash(), which has been removed in favor of do_hash().

    Note
    This function is DEPRECATED. Use the native hash() instead.

    do_hash($str[, $type = ‘sha1’])

    Parameters:
  • $str (string) – Input string
  • Returns:The input string with no image tags
    Return type:string

    This is a security function that will strip image tags from a string. It leaves the image URL as plain text.

    Example:

    This function is an alias for CI_Security::strip_image_tags()

    encode_php_tags($str)

    Parameters:
  • $str (string) – Input string
  • Returns:Safely formatted string
    Return type:string

    This is a security function that converts PHP tags to entities.

    Note
    xss_clean() does this automatically, if you use it.

    Example: