WEB DEVELOPER SITE
HTMLCSSJAVASCRIPTSQLPHPBOOTSTRAPJQUERYANGULARXML
 

PHP Filters


Validating information = Determine if the information is in appropriate form.

Sanitizing information = Remove any illicit character from the data.


The PHP Filter Extension

PHP channels are utilized to approve and sterilize outside input.

The PHP channel augmentation has a large number of the capacities required for checking client input, what's more, is intended to make information approval less demanding and quicker.

The filter_list() capacity can be utilized to list what the PHP channel expansion offers:

Example

<table>
  <tr>
    <td>Filter Name</td>
    <td>Filter ID</td>
  </tr>
  <?php
  foreach (filter_list() as $id =>$filter) {
      reverberation '<tr><td>' . $filter . '</td><td>' . filter_id($filter) . '</td></tr>';
  }
  ?>
</table>
Run model »

Why Use Filters?

Many web applications get outer info. Outer information/information can be:

  • User contribution from a form
  • Cookies
  • Web administrations data
  • Server variables
  • Database inquiry results

PHP filter_var() Function

The filter_var() work both endorse and clean data.

The filter_var() work channels a solitary variable with a predetermined channel. It takes two bits of data:

  • The variable you need to check
  • The sort of check to use

Sanitize a String

The following precedent uses the filter_var() capacity to evacuate all HTML labels from a string:

Example

<?php
$str = "<h1>Hello World!</h1>";
$newstr = filter_var($str, FILTER_SANITIZE_STRING);
echo $newstr;
?>
Run model »

Validate an Integer

The following model uses the filter_var() capacity to check if the variable $int is a whole number. In the event that $int is a whole number, the yield of the code above will be: "Whole number is legitimate". In the event that $int isn't a whole number, the yield will be: "Whole number isn't valid":

Example

<?php
$int = 100;

if (!filter_var($int, FILTER_VALIDATE_INT) === false) {
    echo("Integer is valid");
} else {
    echo("Integer isn't valid");
}
?>
Run precedent »

Tip: filter_var() and Problem With 0

In the precedent above, if $int was set to 0, the capacity above will return "Whole number isn't legitimate". To take care of this issue, utilize the code below:

Example

<?php
$int = 0;

if (filter_var($int, FILTER_VALIDATE_INT) === 0 || !filter_var($int, FILTER_VALIDATE_INT) === false) {
    echo("Integer is valid");
} else {
    echo("Integer isn't valid");
}
?>
Run model »

Validate an IP Address

The following model uses the filter_var() capacity to check if the variable $ip is a substantial IP address:

Example

<?php
$ip = "127.0.0.1";

if (!filter_var($ip, FILTER_VALIDATE_IP) === false) {
    echo("$ip is a substantial IP address");
} else {
    echo("$ip is certifiably not a substantial IP address");
}
?>
Run model »

Sanitize and Validate an Email Address

The following model uses the filter_var() capacity to initially evacuate all illicit characters from the $email variable, at that point check in the event that it is a legitimate email address:

Example

<?php
$email = "john.doe@example.com";

//Remove all illicit characters from email
$email = filter_var($email, FILTER_SANITIZE_EMAIL);

//Validate e-mail
if (!filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
    echo("$email is a legitimate email address");
} else {
    echo("$email is certainly not a substantial email address");
}
?>
Run precedent »

Sanitize and Validate a URL

The following precedent uses the filter_var() capacity to initially evacuate all unlawful characters from a URL, at that point check if $url is a legitimate URL:

Example

<?php
$url = "http://www.welookups.com";

//Remove every illicit character from a url
$url = filter_var($url, FILTER_SANITIZE_URL);

//Validate url
if (!filter_var($url, FILTER_VALIDATE_URL) === false) {
    echo("$url is a legitimate URL");
} else {
    echo("$url is certainly not a legitimate URL");
}
?>
Run precedent »