PHP - SPLessons

PHP Filters

Chapter 27

SPLessons 5 Steps, 3 Clicks
5 Steps - 3 Clicks

PHP Filters

PHP Filters

shape Description

PHP Filters are used to determine if the data is valid or not and it also removes if used any illegal data is present.

Many functions are depicted by PHP filters to check the input given by the user which makes the form validation easier. To check this list of functions, use filter_list() function.

shape Example

Below is the php code that shows the list of PHP Filter functions.

<!DOCTYPE html>
<html>
	<body>
		<table>
		  <tr>
			<td>Filter Name</td>
			<td>Filter ID</td>
		  </tr>
		  <?php
			  foreach (filter_list() as $id =>$filter) {
				  echo '<tr>
							<td>' .$filter. '</td>
							<td>' .filter_id($filter). '</td>
						</tr>';
			  }
		  ?>
		</table>
	</body>
</html>

Output:


Filter Name	Filter ID
int	257
boolean	258
float	259
validate_regexp	272
validate_url	273
validate_email	274
validate_ip	275
validate_mac	276
string	513
stripped	513
encoded	514
special_chars	515
full_special_chars	522
unsafe_raw	516
email	517
url	518
number_int	519
number_float	520
magic_quotes	521
callback	1024

Sanitizing a String

shape Example

Sanitizing is removing unwanted characters from the given data. Below is an example that removes the script tags assigned inside the string.

<!DOCTYPE html>
<html>
	<body>
		<?php	
			$str="<script>\"SPLessons PHP Tutorial\"</script>";
				
				echo filter_var($str,FILTER_SANITIZE_STRING,FILTER_FLAG_NO_ENCODE_QUOTES);
				/*
					OUTPUT
					"SPLessons PHP Tutorial"
				*/
		?>
	</body>
</html>

Output:

"SPLessons PHP Tutorial"

Validating Integer values

shape Example

In the below example, filter_var() function is used to filter out a value that is saved in a variable. It has parameters as the variables to be filtered, the filter used to validate/sanitize the variable, options/flags.

<!DOCTYPE html>
<html>
	<body>
		<?php
			$no=67;
			$min=10;
			$max=100;
			
			echo filter_var($no,FILTER_VALIDATE_INT,array("options"=>array("min_range"=>$min,"max_range"=>$max)));
		?>
	</body>
</html>

Output: 67

Sanitize and Validate an Email Address

shape Example

Below example utilizes the filter_var() function to initially delete all illegal characters from the variable $email, then verify if it is a valid email address.

<!DOCTYPE html>
<html>
	<body>
		<?php
			$email1 = "hello world";
			$email2 = "splessons@gmail.com";

			// Remove all illegal characters from email
			$email1 = filter_var($email1, FILTER_SANITIZE_EMAIL);
			$email2 = filter_var($email2, FILTER_SANITIZE_EMAIL);

			// Validate e-mail1
			if (!filter_var($email1, FILTER_VALIDATE_EMAIL) === false) {
				echo("$email1 is a valid email address");
			} else {
				echo("$email1 is not a valid email address<br>");
			}
						
			// Validate e-mail2
			if (!filter_var($email2, FILTER_VALIDATE_EMAIL) === false) {
				echo("$email2 is a valid email address");
			} else {
				echo("$email2 is not a valid email address");
			}
		?>
	</body>
</html>

Output:

helloworld is not a valid email address
splessons@gmail.com is a valid email address

Sanitize and Validate a URL

shape Example

Below example utilizes the filter_var() function to initially delete all illegal characters from the variable $url, then verify if it is a valid URL.

<!DOCTYPE html>
<html>
	<body>
		<?php
			$url1 = "https://www.splessons.com";
			$url2 = "splessons.com";

			// Remove all illegal characters from a url
			$url1 = filter_var($url1, FILTER_SANITIZE_URL);
			$url2 = filter_var($url2, FILTER_SANITIZE_URL);

			// Validate url1
			if (!filter_var($url1, FILTER_VALIDATE_URL) === false) {
				echo("$url1 is a valid URL<br>");
			} else {
				echo("$url1 is not a valid URL");
			}
			
			// Validate url2
			if (!filter_var($url2, FILTER_VALIDATE_URL) === false) {
				echo("$url2 is a valid URL");
			} else {
				echo("$url2 is not a valid URL");
			}
		?>
	</body>
</html>

Output:

https://www.splessons.com is a valid URL
splessons.com is not a valid URL

Summary

shape Key Points

  • filter_list() function gives the list of filter functions.
  • filter_var() function is used to filter out a value that is saved in a variable.