Curriculum
Course: PHP Basic
Login

Curriculum

PHP Basic

PHP Intro

0/1

PHP Install

0/1

PHP Syntax

0/1

PHP Comments

0/2

PHP Variables

0/4

PHP echo / print

0/3

PHP Data Types

0/7

PHP Strings

0/5

PHP Numbers

0/2

PHP Casting

0/1

PHP Math

0/1

PHP Constants

0/1

PHP Magic Constants

0/1

PHP Operators

0/1

PHP if...Else...Elseif

0/5

PHP switch

0/1

PHP Loops

0/7

PHP Functions

0/6

PHP Arrays

0/11

PHP Superglobals

0/7

PHP RegEx

0/1

PHP Form

0/9

PHP Advanced

0/15

PHP OOP

0/14

MySQL Database

0/14

PHP XML

0/5

PHP Reference

0/276
Text lesson

PHP Filter

PHP Filter Introduction

PHP filters are used to validate and sanitize data from insecure sources, such as user input.

Installation

Since PHP 5.2.0, filter functions are enabled by default and require no additional installation to use.

Runtime Configurations

The behavior of these functions is influenced by settings in the php.ini file.

Name

Description

Default

Changeable

filter.default

Apply a filter to all $_GET, $_POST, $_COOKIE, $_REQUEST, and $_SERVER data. You can specify the default filter name to use. Refer to the filter list for available filter names.

“unsafe_raw”

PHP_INI_PERDIR

filter.default_flags

Default flags applied when the default filter is set. By default, it is set to FILTER_FLAG_NO_ENCODE_QUOTES for backward compatibility.

NULL

PHP_INI_PERDIR

PHP Filter Functions

 

Function

Description

filter_has_var()

Checks if a variable of a specified input type exists.

filter_id()

Returns the ID of a specified filter name.

filter_input()

Retrieves an external variable (e.g., from form input) and optionally applies a filter to it.

filter_input_array()

Retrieves external variables (e.g., from form input) and optionally applies filters to them.

filter_list()

Provides a list of all supported filter names.

filter_var()

Applies a specified filter to a variable.

filter_var_array()

Retrieves multiple variables and applies filters to them.

PHP Predefined Filter Constants

Constant

Description

INPUT_POST

POST variables

INPUT_GET

GET variables

INPUT_COOKIE

COOKIE variables

INPUT_ENV

ENV variables

INPUT_SERVER

SERVER variables

FILTER_DEFAULT

Does nothing by default but can optionally strip or encode special characters. Equivalent to FILTER_UNSAFE_RAW.

FILTER_FLAG_NONE

Disallows flags.

FILTER_FLAG_ALLOW_OCTAL

Applicable only to inputs that start with a zero (0) as octal numbers, allowing only the digits 0-7 to follow.

FILTER_FLAG_ALLOW_HEX

Applicable only to inputs that begin with 0x or 0X as hexadecimal numbers, allowing only the characters a-f, A-F, and 0-9 to follow.

FILTER_FLAG_STRIP_LOW

Strip characters with ASCII values less than 32.

FILTER_FLAG_STRIP_HIGH

Strip characters with ASCII values greater than 127.

FILTER_FLAG_ENCODE_LOW

Encode characters with ASCII values less than 32.

FILTER_FLAG_ENCODE_HIGH

Encode characters with ASCII values exceeding 127.

FILTER_FLAG_ENCODE_AMP

Encode &

FILTER_FLAG_NO_ENCODE_QUOTES

Do not encode ‘ and “

FILTER_FLAG_EMPTY_STRING_NULL

Not in use

FILTER_FLAG_ALLOW_FRACTION

Allows a period (.) as a decimal separator in numbers.

FILTER_FLAG_ALLOW_THOUSAND

Allows a comma (,) as a thousands separator in numbers.

FILTER_FLAG_ALLOW_SCIENTIFIC

Allows the use of e or E for scientific notation in numbers.

FILTER_FLAG_PATH_REQUIRED

The URL must include a path component.

FILTER_FLAG_QUERY_REQUIRED

The URL must include a query string.

FILTER_FLAG_IPV4

Allows the IP address to be in IPv4 format.

FILTER_FLAG_IPV6

Allows the IP address to be in IPv6 format.

FILTER_FLAG_NO_RES_RANGE

Fails validation for reserved IPv4 ranges such as 0.0.0.0/8, 169.254.0.0/16, 127.0.0.0/8, and 240.0.0.0/4, as well as for reserved IPv6 ranges including ::1/128, ::/128, ::ffff:0:0/96, and fe80::/10.

FILTER_FLAG_NO_PRIV_RANGE

Fails validation for private IPv4 ranges like 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16, as well as for IPv6 addresses beginning with FD or FC.

FILTER_FLAG_EMAIL_UNICODE

Allows the local part of the email address to include Unicode characters.

FILTER_REQUIRE_SCALAR

The value must be a scalar.

FILTER_REQUIRE_ARRAY

The value must be an array.

FILTER_FORCE_ARRAY

Treats a scalar value as an array with the scalar value as its only element.

FILTER_NULL_ON_FAILURE

Returns NULL on failure for unrecognized boolean values.

FILTER_VALIDATE_BOOLEAN

Validates a boolean value.

FILTER_VALIDATE_EMAIL

Validates the value as a valid email address.

FILTER_VALIDATE_FLOAT

Validates the value as a float.

FILTER_VALIDATE_INT

Validates the value as an integer.

FILTER_VALIDATE_IP

Validates the value as an IP address.

FILTER_VALIDATE_MAC

Validates the value as a MAC address.

FILTER_VALIDATE_REGEXP

Validates the value against a regular expression.

FILTER_VALIDATE_URL

Validates the value as a URL.

FILTER_SANITIZE_ADD_SLASHES

Introduced as a replacement for FILTER_SANITIZE_MAGIC_QUOTES.

FILTER_SANITIZE_EMAIL

Removes all invalid characters from an email address.

FILTER_SANITIZE_ENCODED

Removes or encodes special characters.

FILTER_SANITIZE_MAGIC_QUOTES

Applies addslashes(). Deprecated as of PHP 7.3.0 and removed in PHP 8.0.0.

FILTER_SANITIZE_NUMBER_FLOAT

Removes all characters except digits, +, -, and optionally . and eE.

FILTER_SANITIZE_NUMBER_INT

Removes all characters except digits and the + and - signs.

FILTER_SANITIZE_SPECIAL_CHARS

Removes special characters.

FILTER_SANITIZE_STRING

Removes tags and special characters from a string; deprecated as of PHP 8.1.0.

FILTER_SANITIZE_STRIPPED

An alias for FILTER_SANITIZE_STRING, deprecated as of PHP 8.1.0.

FILTER_SANITIZE_URL

Removes all invalid characters from a URL.

FILTER_UNSAFE_RAW

Do nothing, with an option to strip or encode special characters.

FILTER_CALLBACK

Invoke a user-defined function to filter data.

 

 

 

 

 

Previous
Next