This is documentation for Kohana v2.3.x. For v3.x documentation, see .

Table of Contents
TodoProof read

Security Helper

The security helper offers various methods that assist with input filtering.



'xss_clean' behaves the same as xss_clean in the Input library.


'strip_image_tags()' strips the image tags out of a string and returns the string trimmed without the image tags.

$string = '<b>Check this image:</b> <img src="" />';
print Kohana::debug(security::strip_image_tags($string));

It will result in HTML as:

<b>Check this image:</b>


'encode_php_tags' replaces PHP tags in a string with their corresponding HTML entities.

$string = '<?php echo "<b>Hello World!</b>" ?>';
print Kohana::debug(security::encode_php_tags($string));

It will result in HTML as:

&lt;?php echo "<b>Hello World!</b>" ?&gt;
helpers/security.txt · Last modified: 2009/03/04 11:37 by neovive