mirror of
https://github.com/wavelog/wavelog.git
synced 2026-03-22 10:24:14 +00:00
Codeignitor 3.1.6 and corresponding changes
- fixes missing () from num_rows in authenticate user function - removes passwordhash library in favor of built in PHP password_hash and password_verify functions - uppercase all class filenames - add new CLI error templates, move HTML error templates - update mimes file to latest version - update routes to latest version
This commit is contained in:
Warren Volz
@@ -1,19 +1,41 @@
|
||||
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
|
||||
<?php
|
||||
/**
|
||||
* CodeIgniter
|
||||
*
|
||||
* An open source application development framework for PHP 5.1.6 or newer
|
||||
* An open source application development framework for PHP
|
||||
*
|
||||
* @package CodeIgniter
|
||||
* @author ExpressionEngine Dev Team
|
||||
* @copyright Copyright (c) 2008 - 2011, EllisLab, Inc.
|
||||
* @license http://codeigniter.com/user_guide/license.html
|
||||
* @link http://codeigniter.com
|
||||
* @since Version 1.0
|
||||
* This content is released under the MIT License (MIT)
|
||||
*
|
||||
* Copyright (c) 2014 - 2017, British Columbia Institute of Technology
|
||||
*
|
||||
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* @package CodeIgniter
|
||||
* @author EllisLab Dev Team
|
||||
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
|
||||
* @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/)
|
||||
* @license http://opensource.org/licenses/MIT MIT License
|
||||
* @link https://codeigniter.com
|
||||
* @since Version 1.0.0
|
||||
* @filesource
|
||||
*/
|
||||
|
||||
// ------------------------------------------------------------------------
|
||||
defined('BASEPATH') OR exit('No direct script access allowed');
|
||||
|
||||
/**
|
||||
* CodeIgniter Security Helpers
|
||||
@@ -21,140 +43,95 @@
|
||||
* @package CodeIgniter
|
||||
* @subpackage Helpers
|
||||
* @category Helpers
|
||||
* @author ExpressionEngine Dev Team
|
||||
* @link http://codeigniter.com/user_guide/helpers/security_helper.html
|
||||
* @author EllisLab Dev Team
|
||||
* @link https://codeigniter.com/user_guide/helpers/security_helper.html
|
||||
*/
|
||||
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* XSS Filtering
|
||||
*
|
||||
* @access public
|
||||
* @param string
|
||||
* @param bool whether or not the content is an image file
|
||||
* @return string
|
||||
*/
|
||||
if ( ! function_exists('xss_clean'))
|
||||
{
|
||||
/**
|
||||
* XSS Filtering
|
||||
*
|
||||
* @param string
|
||||
* @param bool whether or not the content is an image file
|
||||
* @return string
|
||||
*/
|
||||
function xss_clean($str, $is_image = FALSE)
|
||||
{
|
||||
$CI =& get_instance();
|
||||
return $CI->security->xss_clean($str, $is_image);
|
||||
return get_instance()->security->xss_clean($str, $is_image);
|
||||
}
|
||||
}
|
||||
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Sanitize Filename
|
||||
*
|
||||
* @access public
|
||||
* @param string
|
||||
* @return string
|
||||
*/
|
||||
if ( ! function_exists('sanitize_filename'))
|
||||
{
|
||||
/**
|
||||
* Sanitize Filename
|
||||
*
|
||||
* @param string
|
||||
* @return string
|
||||
*/
|
||||
function sanitize_filename($filename)
|
||||
{
|
||||
$CI =& get_instance();
|
||||
return $CI->security->sanitize_filename($filename);
|
||||
return get_instance()->security->sanitize_filename($filename);
|
||||
}
|
||||
}
|
||||
|
||||
// --------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Hash encode a string
|
||||
*
|
||||
* This is simply an alias for do_hash()
|
||||
* dohash() is now deprecated
|
||||
*/
|
||||
if ( ! function_exists('dohash'))
|
||||
{
|
||||
function dohash($str, $type = 'sha1')
|
||||
{
|
||||
return do_hash($str, $type);
|
||||
}
|
||||
}
|
||||
|
||||
// --------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Hash encode a string
|
||||
*
|
||||
* @access public
|
||||
* @param string
|
||||
* @return string
|
||||
*/
|
||||
if ( ! function_exists('do_hash'))
|
||||
{
|
||||
/**
|
||||
* Hash encode a string
|
||||
*
|
||||
* @todo Remove in version 3.1+.
|
||||
* @deprecated 3.0.0 Use PHP's native hash() instead.
|
||||
* @param string $str
|
||||
* @param string $type = 'sha1'
|
||||
* @return string
|
||||
*/
|
||||
function do_hash($str, $type = 'sha1')
|
||||
{
|
||||
if ($type == 'sha1')
|
||||
if ( ! in_array(strtolower($type), hash_algos()))
|
||||
{
|
||||
if ( ! function_exists('sha1'))
|
||||
{
|
||||
if ( ! function_exists('mhash'))
|
||||
{
|
||||
require_once(BASEPATH.'libraries/Sha1'.EXT);
|
||||
$SH = new CI_SHA;
|
||||
return $SH->generate($str);
|
||||
}
|
||||
else
|
||||
{
|
||||
return bin2hex(mhash(MHASH_SHA1, $str));
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
return sha1($str);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
return md5($str);
|
||||
$type = 'md5';
|
||||
}
|
||||
|
||||
return hash($type, $str);
|
||||
}
|
||||
}
|
||||
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Strip Image Tags
|
||||
*
|
||||
* @access public
|
||||
* @param string
|
||||
* @return string
|
||||
*/
|
||||
if ( ! function_exists('strip_image_tags'))
|
||||
{
|
||||
/**
|
||||
* Strip Image Tags
|
||||
*
|
||||
* @param string
|
||||
* @return string
|
||||
*/
|
||||
function strip_image_tags($str)
|
||||
{
|
||||
$str = preg_replace("#<img\s+.*?src\s*=\s*[\"'](.+?)[\"'].*?\>#", "\\1", $str);
|
||||
$str = preg_replace("#<img\s+.*?src\s*=\s*(.+?).*?\>#", "\\1", $str);
|
||||
|
||||
return $str;
|
||||
return get_instance()->security->strip_image_tags($str);
|
||||
}
|
||||
}
|
||||
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Convert PHP tags to entities
|
||||
*
|
||||
* @access public
|
||||
* @param string
|
||||
* @return string
|
||||
*/
|
||||
if ( ! function_exists('encode_php_tags'))
|
||||
{
|
||||
/**
|
||||
* Convert PHP tags to entities
|
||||
*
|
||||
* @param string
|
||||
* @return string
|
||||
*/
|
||||
function encode_php_tags($str)
|
||||
{
|
||||
return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('<?php', '<?PHP', '<?', '?>'), $str);
|
||||
return str_replace(array('<?', '?>'), array('<?', '?>'), $str);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/* End of file security_helper.php */
|
||||
/* Location: ./system/helpers/security_helper.php */
|
||||
Reference in New Issue
Block a user