Update security.php

system/security.php

@@ -175,7 +175,7 @@ if(!function_exists("check_empty_requests")) {
 }
 
 if(!function_exists("get_hashed_text")) {
-	function get_hashed_text($text, $algo) {
+	function get_hashed_text($text, $algo="sha1") {
 		$hashed_text = "";
 
 		switch($algo) {
@@ -351,7 +351,13 @@ if(!function_exists("get_fixed_length_id")) {
 
 // https://stackoverflow.com/questions/1996122/how-to-prevent-xss-with-html-php
 if(!function_exists("get_clean_xss")) {
-	function get_clean_xss($data) {
+	function get_clean_xss($data, $notags=0) {
+		if(is_string($data)) {
+			// if no tags (equals to strip_tags)
+			if($notags > 0) {
+				return strip_tags($data);
+			}
+
 			// Fix &entity\n;
 			$data = str_replace(array('&','<','>'), array('&','<','>'), $data);
 			$data = preg_replace('/(&#*\w+)[\x00-\x20]+;/u', '$1;', $data);
@@ -381,12 +387,25 @@ if(!function_exists("get_clean_xss")) {
 				$data = preg_replace('#</*(?:applet|b(?:ase|gsound|link)|embed|frame(?:set)?|i(?:frame|layer)|l(?:ayer|ink)|meta|object|s(?:cript|tyle)|title|xml)[^>]*+>#i', '', $data);
 			}
 			while ($old_data !== $data);
+		}
 
 		// we are done...
 		return $data;
 	}
 }
 
+if(!function_exists("get_clean_newlines")) {
+	function get_clean_newlines($data) {
+		return is_string($data) ? trim(preg_replace('~[\r\n]+~', ' ', $data)) : $data;
+	}
+}
+
+if(!function_exists("get_clean_text")) {
+	function get_clean_text($data) {
+		return is_string($data) ? get_clean_newlines(get_clean_xss($data, 1)) : $data;
+	}
+}
+
 // support curl or jsonp(callback)
 if(!function_exists("get_callable_token")) {
 	function get_callable_token($token, $callback="", $charset="utf-8") {