PHP Filters are used to determine if the data is valid or not and it also removes if used any illegal data is present. Many functions are depicted by PHP filters to check the input given by the user which makes the form validation easier. To check this list of functions, use filter_list() function.

Below is the php code that shows the list of PHP Filter functions. [php] <!DOCTYPE html> <html> <body> <table> <tr> <td>Filter Name</td> <td>Filter ID</td> </tr> <?php foreach (filter_list() as $id =>$filter) { echo '<tr> <td>' .$filter. '</td> <td>' .filter_id($filter). '</td> </tr>'; } ?> </table> </body> </html> [/php] Output: [html] Filter Name Filter ID int 257 boolean 258 float 259 validate_regexp 272 validate_url 273 validate_email 274 validate_ip 275 validate_mac 276 string 513 stripped 513 encoded 514 special_chars 515 full_special_chars 522 unsafe_raw 516 email 517 url 518 number_int 519 number_float 520 magic_quotes 521 callback 1024 [/html]

Sanitizing is removing unwanted characters from the given data. Below is an example that removes the script tags assigned inside the string. [php] <!DOCTYPE html> <html> <body> <?php $str="<script>\"SPLessons PHP Tutorial\"</script>"; echo filter_var($str,FILTER_SANITIZE_STRING,FILTER_FLAG_NO_ENCODE_QUOTES); /* OUTPUT "SPLessons PHP Tutorial" */ ?> </body> </html> [/php] Output: [html]"SPLessons PHP Tutorial"[/html]

In the below example, filter_var() function is used to filter out a value that is saved in a variable. It has parameters as the variables to be filtered, the filter used to validate/sanitize the variable, options/flags. [php] <!DOCTYPE html> <html> <body> <?php $no=67; $min=10; $max=100; echo filter_var($no,FILTER_VALIDATE_INT,array("options"=>array("min_range"=>$min,"max_range"=>$max))); ?> </body> </html> [/php] Output: 67

Below example utilizes the filter_var() function to initially delete all illegal characters from the variable $email, then verify if it is a valid email address. [php] <!DOCTYPE html> <html> <body> <?php $email1 = "hello world"; $email2 = "splessons@gmail.com"; // Remove all illegal characters from email $email1 = filter_var($email1, FILTER_SANITIZE_EMAIL); $email2 = filter_var($email2, FILTER_SANITIZE_EMAIL); // Validate e-mail1 if (!filter_var($email1, FILTER_VALIDATE_EMAIL) === false) { echo("$email1 is a valid email address"); } else { echo("$email1 is not a valid email address<br>"); } // Validate e-mail2 if (!filter_var($email2, FILTER_VALIDATE_EMAIL) === false) { echo("$email2 is a valid email address"); } else { echo("$email2 is not a valid email address"); } ?> </body> </html> [/php] Output: [php] helloworld is not a valid email address splessons@gmail.com is a valid email address [/php]

Below example utilizes the filter_var() function to initially delete all illegal characters from the variable $url, then verify if it is a valid URL. [php] <!DOCTYPE html> <html> <body> <?php $url1 = "http://www.splessons.com"; $url2 = "splessons.com"; // Remove all illegal characters from a url $url1 = filter_var($url1, FILTER_SANITIZE_URL); $url2 = filter_var($url2, FILTER_SANITIZE_URL); // Validate url1 if (!filter_var($url1, FILTER_VALIDATE_URL) === false) { echo("$url1 is a valid URL<br>"); } else { echo("$url1 is not a valid URL"); } // Validate url2 if (!filter_var($url2, FILTER_VALIDATE_URL) === false) { echo("$url2 is a valid URL"); } else { echo("$url2 is not a valid URL"); } ?> </body> </html> [/php] Output: [php] http://www.splessons.com is a valid URL splessons.com is not a valid URL [/php]

• filter_list() function gives the list of filter functions.
• filter_var() function is used to filter out a value that is saved in a variable.