Filter Functions

PHP Manual
Prev		Next

XL. Filter Functions

Introduction

This extension serves for validating and filtering data coming usually from some insecure source such as user input.

Warning

This extension is EXPERIMENTAL. The behaviour of this extension -- including the names of its functions and anything else documented about this extension -- may change without notice in a future release of PHP. Use this extension at your own risk.

Following filters currently exist:

Table 1. Existing filters

ID	Name	Options	Flags	Description
`FILTER_VALIDATE_INT`	"int"	`min_range`, `max_range`	`FILTER_FLAG_ALLOW_OCTAL`, `FILTER_FLAG_ALLOW_HEX`	Validates value as integer, optionally from the specified range.
`FILTER_VALIDATE_BOOLEAN`	"boolean"			Returns `TRUE` for "1", "true", "on" and "yes", `FALSE` for "0", "false", "off", "no", and "", `NULL` otherwise.
`FILTER_VALIDATE_FLOAT`	"float"			Validates value as float.
`FILTER_VALIDATE_REGEXP`	"validate_regexp"	`regexp`		Validates value against `regexp`, a Perl-compatible regular expression.
`FILTER_VALIDATE_URL`	"validate_url"		`FILTER_FLAG_SCHEME_REQUIRED`, `FILTER_FLAG_HOST_REQUIRED`, `FILTER_FLAG_PATH_REQUIRED`, `FILTER_FLAG_QUERY_REQUIRED`	Validates value as URL, optionally with required components.
`FILTER_VALIDATE_EMAIL`	"validate_email"			Validates value as e-mail.
`FILTER_VALIDATE_IP`	"validate_ip"		`FILTER_FLAG_IPV4`, `FILTER_FLAG_IPV6`, `FILTER_FLAG_NO_PRIV_RANGE`, `FILTER_FLAG_NO_RES_RANGE`	Validates value as IP address, optionally only IPv4 or IPv6 or not from private or reserved ranges.
`FILTER_SANITIZE_STRING`	"string"		`FILTER_FLAG_NO_ENCODE_QUOTES`, `FILTER_FLAG_STRIP_LOW`, `FILTER_FLAG_STRIP_HIGH`, `FILTER_FLAG_ENCODE_LOW`, `FILTER_FLAG_ENCODE_HIGH`, `FILTER_FLAG_ENCODE_AMP`	Strip tags, optionally strip or encode special characters.
`FILTER_SANITIZE_STRIPPED`	"stripped"			Alias of "string" filter.
`FILTER_SANITIZE_ENCODED`	"encoded"		`FILTER_FLAG_STRIP_LOW`, `FILTER_FLAG_STRIP_HIGH`, `FILTER_FLAG_ENCODE_LOW`, `FILTER_FLAG_ENCODE_HIGH`	URL-encode string, optionally strip or encode special characters.
`FILTER_SANITIZE_SPECIAL_CHARS`	"special_chars"		`FILTER_FLAG_STRIP_LOW`, `FILTER_FLAG_STRIP_HIGH`, `FILTER_FLAG_ENCODE_HIGH`	HTML-escape `'"<>&` and characters with ASCII value less than 32, optionally strip or encode other special characters.
`FILTER_UNSAFE_RAW`	"unsafe_raw"		`FILTER_FLAG_STRIP_LOW`, `FILTER_FLAG_STRIP_HIGH`, `FILTER_FLAG_ENCODE_LOW`, `FILTER_FLAG_ENCODE_HIGH`, `FILTER_FLAG_ENCODE_AMP`	Do nothing, optionally strip or encode special characters.
`FILTER_SANITIZE_EMAIL`	"email"			Remove all characters except letters, digits and !#$%&'*+-/=?^_`{\|}~@.[].
`FILTER_SANITIZE_URL`	"url"			Remove all characters except letters, digits and $-_.+!*'(),{}\|\\^~[]`<>#%";/?:@&=.
`FILTER_SANITIZE_NUMBER_INT`	"number_int"			Remove all characters except digits and `+-`.
`FILTER_SANITIZE_NUMBER_FLOAT`	"number_float"		`FILTER_FLAG_ALLOW_FRACTION`, `FILTER_FLAG_ALLOW_THOUSAND`, `FILTER_FLAG_ALLOW_SCIENTIFIC`	Remove all characters except digits, `+-` and optionally `.,eE`.
`FILTER_SANITIZE_MAGIC_QUOTES`	"magic_quotes"			Apply addslashes().
`FILTER_CALLBACK`	"callback"		callback function or method	Call user-defined function to filter data.

Requirements

No external libraries are needed to build this extension.

Installation

A short installation note: just type
$ pear install filter
in your console.

Runtime Configuration

The behaviour of these functions is affected by settings in php.ini.

Table 2. Filter Configuration Options

Name	Default	Changeable	Changelog
filter.default	unsafe_raw	PHP_INI_PERDIR
filter.default_flags		PHP_INI_PERDIR

For further details and definitions of the PHP_INI_* constants, see the Appendix G.

Here's a short explanation of the configuration directives.

filter.default string: Filter all $_GET, $_POST, $_COOKIE and $_REQUEST data by this filter. Original data can be accessed through input_get().
filter.default_flags integer: Default flags for filter_data().

Resource Types

This extension has no resource types defined.

Predefined Constants

The constants below are defined by this extension, and will only be available when the extension has either been compiled into PHP or dynamically loaded at runtime.

INPUT_POST (integer): POST variables.
INPUT_GET (integer): GET variables.
INPUT_COOKIE (integer): COOKIE variables.
INPUT_ENV (integer): ENV variables.
INPUT_SERVER (integer): SERVER variables.
INPUT_SESSION (integer): SESSION variables.
INPUT_DATA (integer): User-defined set of variables.
FILTER_FLAG_NONE (integer): No flags.
FILTER_VALIDATE_INT (integer): ID of "int" filter.
FILTER_VALIDATE_BOOLEAN (integer): ID of "boolean" filter.
FILTER_VALIDATE_FLOAT (integer): ID of "float" filter.
FILTER_VALIDATE_REGEXP (integer): ID of "validate_regexp" filter.
FILTER_VALIDATE_URL (integer): ID of "validate_url" filter.
FILTER_VALIDATE_EMAIL (integer): ID of "validate_email" filter.
FILTER_VALIDATE_IP (integer): ID of "validate_ip" filter.
FILTER_DEFAULT (integer): ID of default ("string") filter.
FILTER_UNSAFE_RAW (integer): ID of "unsafe_raw" filter.
FILTER_SANITIZE_STRING (integer): ID of "string" filter.
FILTER_SANITIZE_STRIPPED (integer): ID of "stripped" filter.
FILTER_SANITIZE_ENCODED (integer): ID of "encoded" filter.
FILTER_SANITIZE_SPECIAL_CHARS (integer): ID of "special_chars" filter.
FILTER_SANITIZE_EMAIL (integer): ID of "email" filter.
FILTER_SANITIZE_URL (integer): ID of "url" filter.
FILTER_SANITIZE_NUMBER_INT (integer): ID of "number_int" filter.
FILTER_SANITIZE_NUMBER_FLOAT (integer): ID of "number_float" filter.
FILTER_SANITIZE_MAGIC_QUOTES (integer): ID of "magic_quotes" filter.
FILTER_CALLBACK (integer): ID of "callback" filter.
FILTER_FLAG_SCALAR (integer): Allow scalar types (non-array) only in filter. Currently used by input_get_args().
FILTER_FLAG_ARRAY (integer): Only allow array type in filter. Currently used by input_get_args().
FILTER_FLAG_ALLOW_OCTAL (integer): Allow octal notation (0[0-7]+) in "int" filter.
FILTER_FLAG_ALLOW_HEX (integer): Allow hex notation (0x[0-9a-fA-F]+) in "int" filter.
FILTER_FLAG_STRIP_LOW (integer): Strip characters with ASCII value less than 32.
FILTER_FLAG_STRIP_HIGH (integer): Strip characters with ASCII value greater than 127.
FILTER_FLAG_ENCODE_LOW (integer): Encode characters with ASCII value less than 32.
FILTER_FLAG_ENCODE_HIGH (integer): Encode characters with ASCII value greater than 127.
FILTER_FLAG_ENCODE_AMP (integer): Encode &.
FILTER_FLAG_NO_ENCODE_QUOTES (integer): Don't encode ' and ".
FILTER_FLAG_EMPTY_STRING_NULL (integer): (No use for now.)
FILTER_FLAG_ALLOW_FRACTION (integer): Allow fractional part in "number_float" filter.
FILTER_FLAG_ALLOW_THOUSAND (integer): Allow thousand separator (,) in "number_float" filter.
FILTER_FLAG_ALLOW_SCIENTIFIC (integer): Allow scientific notation (e, E) in "number_float" filter.
FILTER_FLAG_SCHEME_REQUIRED (integer): Require scheme in "validate_url" filter.
FILTER_FLAG_HOST_REQUIRED (integer): Require host in "validate_url" filter.
FILTER_FLAG_PATH_REQUIRED (integer): Require path in "validate_url" filter.
FILTER_FLAG_QUERY_REQUIRED (integer): Require query in "validate_url" filter.
FILTER_FLAG_IPV4 (integer): Allow only IPv4 address in "validate_ip" filter.
FILTER_FLAG_IPV6 (integer): Allow only IPv6 address in "validate_ip" filter.
FILTER_FLAG_NO_RES_RANGE (integer): Deny reserved addresses in "validate_ip" filter.
FILTER_FLAG_NO_PRIV_RANGE (integer): Deny private addresses in "validate_ip" filter.

Table of Contents
filter_data -- Filters data with a specified filter
input_filters_list -- Returns a list of all supported filters
input_get_args -- Gets multiple variables from outside PHP and optionally filters them
input_get -- Gets variable from outside PHP and optionally filters it
input_has_variable -- Checks if variable of specified type exists
input_name_to_filter -- Returns the filter ID belonging to a named filter

Prev	Home	Next
unlink	Up	filter_data

	Links
Dot5 Hosting $4.95/mo 200GB Diskspace 2000GB Bandwidth Host 5 Domains CGI Ruby Perl PHP MySQL Free Domain Forever IX Web Hosting $6.45/mo 400GB Diskspace 2500GB Bandwidth Host 8 Domains PHP Perl CGI SSI MySQL PostgreSQL 3 Free Domain For Life Additional costs for Windows plan + $2.50:ASP/.NET, Cold Fusion, ODBC/DSN, MSSQL AN Hosting $6.95/mo 250GB Diskspace 2500GB Bandwidth Host 20 Domains PHP RoR Python CGI SSI Unlimited MySQL DB Free Domain for Life 30 Day Money Back 99% Uptime Guarantee

	Hosting Companies
eHostDirect Gauge Hosting HostGadget G.C. Solutions 1Host Web Hosting Emnetsolutions Ltd Sphosting.com CyberWurx LLC HostingFest Limited SharedRack

	Partners
AllReseller.com ApolloHosting.com Galaxyvisions.com HostForWeb.com Lunarpages.com ServerDispatch.com SingleHop Dedicated Servers XLHost.com Dedicated Hosting ByetHost.com Free Web Hosting Resources CCTV Camera Free Computer Recycling ID Printer Cheap Web Hosting & Website Design Best UK Web Hosting Cheap Web Hosting Web Hosting Reviews Windows Dedicated Server Cheap web hosting VPS Hosting

	Quick Search
Platform Price Diskspace Bandwidth Advance Search Show All Companies

	Reference & Manual
CSS 2.1 Hosting Glossary HTML 4.01 MySQL Manual PHP Manual

If you are looking for dedicated servers, look no further. HostPulse.com is a site devoted to help web users find cheap web hosting and dedicated servers.


	Host Login/Register \| Contact Us \| Terms \| Add Links Thumbnails by Thumbshots.org © 2002-2010 CheapHostDir.com


Home Share Hosting News Articles Reference & Manual Discount Zone Resources