There are basically two types of filters, which are listed below:
- Validation:is used to validate or verify if the data meets a certain qualification or not. For example, passing to FILTER_VALIDATE_URL will determine if the data is valid URLs, but will not alter the existing data itself.
- Sanitization: As opposed to validation , sanitization will sanitize the data to ensure no unwanted characters when deleting or changing data. For example, passing FILTER_SANITIZE_EMAIL will remove any characters that are inappropriate for an email address. However, this does not validate the data.
Example 1:PHP program to validate URLs using the FILTER_VALIDATE_URL filter.
// PHP URL checker
// Declare a variable and initialize it by URL $url = " https://www.engineerforengineer.org " ;
// Use the filter function to validate the URL if (filter_var ( $url , FILTER_VALIDATE_URL)) { echo ( "valid URL" ); } else { echo ( "Invalid URL" ); }
?> Example 2:PHP- program for checking email using the FILTER_VALIDATE_EMAIL filter.
// PHP email checker
// Declare a variable and initialize it by email $email = "xyz @ gmail.com " ;
// Use the filter function to check email if (filter_var ( $email , FILTER_VALIDATE_EMAIL)) { echo "Valid Email" ; } else { echo " Invalid Email " ; }
?> Filter functions:filter function used to filter data coming from an insecure source. - filter_var(): filtersa specific variable
- filter_var_array(): filters multiple variables, i.e. array of variables
- filter_has_var():check if a variable of a certain input type exists or not
- filter_id():helps to get the identifier filter of the specified filter name
- filter_list():returns a list of supported filter names as an array.
- filter_input():gets external variable and filters it if it is set.
- filter_input_array(): thenis the same as filter_input(), but gets multiple variables here, i.e. an array of variables, and filters them if set.
Predefined filter constants:There are many predefined filter constants, which are listed below: - Check filter constants:
- FILTER_VALIDATE_BOOLEAN: checksboolean
- FILTER_VALIDATE_INT: checksinteger
- FILTER_VALIDATE_FLOAT: validates a floating point
- FILTER_VALIDATE_REGEXP: validatesregexp
- FILTER_VALIDATE_IP: checksIP address
- FILTER_VALIDATE_EMAIL: checksemail address
- FILTER_VALIDATE_URL: checksURL
- Clear filter constants:
- FILTER_SANITIZE_EMAIL:removes all invalid characters from the email address
- FILTER_SANITIZE_ENCODED:deleted sends / encodes special characters
- FILTER_SANITIZE_MAGIC_QUOTES:Apply function addlashes()
- FILTER_SANITIZE_NUMBER_FLOAT:remove all characters except numbers, + - and additionally., EE
- FILTER_SANITIZE_NUMBER_INT:removes all characters except numbers and + -
- FILTER_SANITIZE_SPECIAL_CHARS:removes special characters
- FILTER_SANITIZE_FULL_SPECIAL_CHARSQuote encoding can be disabled using FILTER_FLAG_NO_ENCODE_QUOTES.
- FILTER_SANITIZE_STRING:removes tags from strings li>
- FILTER_SANITIZE_STRIPPED:alias FILTER_SANITIZE_STRING
- FILTER_SANITIZE_URL:removes all invalid characters from the URL
- Other filter constants:
- FILTER_UNSAFE_RAW:do nothing, if desired cut/ encode special characters
- FILTER_CALLBACK:call a custom function to filter data
Note.Filters PHP is included by default in PHP 5. 2.0 and newer. Installation is required for older versions.Link: http: / /php.net/manual/en/filter.filters.sanitize.php
