Security Helper
***************

The Security Helper file contains security related functions.

* Loading this Helper

* Available Functions


Loading this Helper
===================

This helper is loaded using the following code:

   $this->load->helper('security');


Available Functions
===================

The following functions are available:

xss_clean($str[, $is_image = FALSE])

   Parameters:
      * **$str** ("string") – Input data

      * **$is_image** ("bool") – Whether we’re dealing with an image

   Returns:
      XSS-clean string

   Return type:
      "string"

   Provides Cross Site Script Hack filtering.

   This function is an alias for "CI_Input::xss_clean()". For more
   info, please see the Input Library documentation.

sanitize_filename($filename)

   Parameters:
      * **$filename** ("string") – Filename

   Returns:
      Sanitized file name

   Return type:
      "string"

   Provides protection against directory traversal.

   This function is an alias for "CI_Security::sanitize_filename()".
   For more info, please see the Security Library documentation.

do_hash($str[, $type = 'sha1'])

   Parameters:
      * **$str** ("string") – Input

      * **$type** ("string") – Algorithm

   Returns:
      Hex-formatted hash

   Return type:
      "string"

   Permits you to create one way hashes suitable for encrypting
   passwords. Will use SHA1 by default.

   See hash_algos() for a full list of supported algorithms.

   Examples:

      $str = do_hash($str); // SHA1
      $str = do_hash($str, 'md5'); // MD5

   Note:

     This function was formerly named "dohash()", which has been
     removed in favor of "do_hash()".

   Note:

     This function is DEPRECATED. Use the native "hash()" instead.

strip_image_tags($str)

   Parameters:
      * **$str** ("string") – Input string

   Returns:
      The input string with no image tags

   Return type:
      "string"

   This is a security function that will strip image tags from a
   string. It leaves the image URL as plain text.

   Example:

      $string = strip_image_tags($string);

   This function is an alias for "CI_Security::strip_image_tags()".
   For more info, please see the Security Library documentation.

encode_php_tags($str)

   Parameters:
      * **$str** ("string") – Input string

   Returns:
      Safely formatted string

   Return type:
      "string"

   This is a security function that converts PHP tags to entities.

   Note:

     "xss_clean()" does this automatically, if you use it.

   Example:

      $string = encode_php_tags($string);
