PHP filters are used to validate and sanitize external input.

Validating data is determine if the data is in proper form.

Sanitizing data is remove any illegal character from the data.

The PHP filter extension has many of the functions needed for checking user input, and is designed to make data validation easier and quicker.

The filter_list() function can be used to list what the PHP filter extension offers

<table>

  <tr>

    <td>Filter Name</td>

    <td>Filter ID</td>

  </tr>

  <?php

    foreach(filter_list() as $id => $filter){

      echo '<tr><td>' .$filter .'</td><td>' .filter_id($filter) . '</td></tr>';

    }

  ?>

</table>

Many  web application recieve external input.External input/data can be:

User input from a form

Cookies

Web Services data

Server variables

Database query results

The filter_var() function both validate and sanitize data.

The filter_var() function filters a single variable with a specified filter.It takes two pieces of data:

  •  The Variable you want to check
  • The type of check to use

The following example uses the filter_var() funcion to remove all HTML tags from a string:

<?php

  $str = "<h1>Hello World</h1>";

  $newStr = filter_var($str, FILTER_SANITIZE_STRING);

  echo $newStr; //Hello World

?>

The following example uses the filter_var() function to check if the variable $int is an integer.

<?php

  $int = 100;

  // if $int was set to 0, the function will return "Integer is not valid"

  // filter_var($int, FILTER_VALIDATE_INT) ===0 it will work when you set 0 to $int

  if(!filter_var($int, FILTER_VALIDATE_INT) === false){

    echo("Integer is valid");

  }else{

    echo("Integer is not valid");

  }

?>

The following example uses the filter_var() function to check if the variable $ip is a valid IP address

<?php

  $ip = "127.0.0.1";

  if(!filter_var(FILTER_VALIDATE_IP) === false){

    echo("$ip is a valid IP address");

  }else{

    echo("$ip is not a valid IP address");

  }

?>

The following example uses the filter_var() function to first remove all illegal characters from the $email variable, then check if it is a valid email address

<?php

  $email = "john.doe@example.com";

  //remove all illegal characters from email

  $email = filter_var($email, FILTER_SANITIZE_EMAIL);

  // validate e-mail

  if(!filter_var($email, FILTER_VALIDATE_EMAIL) === false){

    echo("$email is a valid email address");

  }else{

    echo("$email is not a valid email address");

  }

?>

The following example uses the filter_var() function to first remove all illegal characters from a URL, then check if $url is a valid URL

<?php

  $url = "http://www.w3schools.com";

  //remove all illegal characters from a url

  $url = filter_var($url, FILTER_SANITIZE_URL);

    

  // validate url 

  if(!filter_var($url, FILTET_VALIDATE_URL) === false){

    echo("$url is a valid URL");

  }else{

    echo("$url is not a valid URL");

  }

?>

The following example uses the filter_var() function to check if a variable is both of type INT, and between 1 and 200

<?php

  $int = 122;

  $min = 1;

  $max = 200;

  if(filter_var($int, FILTER_VALIDATE_INT, array("options" => array("min_range" => $min, "max_range" => $max))) === false){

    echo("Variable value is not within the legal range");

  }else{

    echo("Variable value is within the legal range");

  }

?>

The following example uses the filter_var() function to checkt if the variable $ip is a valid IPv6 address:

<?php

  $ip = "2001:0db8:85a3:08d3:1319:8a2e:0370:7334";

  if(!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false){

    echo("$ip is a valid IPv6 address");

  }else{

    echo("$ip is not a valid IPv6 address");

  }

?>

The following example uses the filter_var() function to check if the variable $url is a URL with a querystring:

<?php

  $url = "http://www.w3schools.com";

  if(!filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_QUERY_REQUIRED) === false){

    echo("$url is a valid URL");

  }else{

    echo($url is not a valid URL);

  }

?>

The following example uses the filter_var() function to sanitize a string.It will both remove all HTML tags, and all characters with ASCII value > 127, from the string:

<?php

  $str = "<h1>Hello WorldØÅ</h1>";

  $newStr = filter_var($str, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH);

  echo $newStr;

?>

PHP Filter的更多相关文章

  1. django 操作数据库--orm(object relation mapping)---models

    思想 django为使用一种新的方式,即:关系对象映射(Object Relational Mapping,简称ORM). PHP:activerecord Java:Hibernate C#:Ent ...

  2. JavaWeb——Filter

    一.基本概念 之前我们用一篇博文介绍了Servlet相关的知识,有了那篇博文的知识积淀,今天我们学习Filter将会非常轻松,因为Filter有很多地方和Servlet类似,下面在讲Filter的时候 ...

  3. 以bank account 数据为例,认识elasticsearch query 和 filter

    Elasticsearch 查询语言(Query DSL)认识(一) 一.基本认识 查询子句的行为取决于 query context filter context 也就是执行的是查询(query)还是 ...

  4. AngularJS过滤器filter-保留小数,小数点-$filter

    AngularJS      保留小数 默认是保留3位 固定的套路是 {{deom | number:4}} 意思就是保留小数点 的后四位 在渲染页面的时候 加入这儿个代码 用来精确浮点数,指定小数点 ...

  5. 挑子学习笔记:特征选择——基于假设检验的Filter方法

    转载请标明出处: http://www.cnblogs.com/tiaozistudy/p/hypothesis_testing_based_feature_selection.html Filter ...

  6. [模拟电路] 2、Passive Band Pass Filter

    note: Some articles are very good in http://www.electronics-tutorials.ws/,I share them in the Cnblog ...

  7. AngularJS过滤器filter-时间日期格式-渲染日期格式-$filter

    今天遇到了这些问题索性就 写篇文章吧 话不多说直接上栗子 不管任何是HTML格式还是JS格式必须要在  controller 里面写 // new Date() 获取当前时间 yyyy-MM-ddd ...

  8. 《ES6基础教程》之 map、forEach、filter indexOf 用法

    1,map,对数组的每个元素进行一定操作,返回一个新的数组. var oldArr = [{first_name:"Colin",last_name:"Toh" ...

  9. 1. 使用Filter 作为控制器

    最近整理一下学习笔记,并且准备放到自己的博客上.也顺便把Struts2 复习一遍 1. MVC 设计模式概览 实现 MVC(Model.View.Controller) 模式的应用程序由 3 大部分构 ...

  10. angularjs之filter过滤器

    现在公司用ionic,就是基于angularjs封装了一些api用于webapp,最近用的angularjs的filter确实省了很多代码,现在总结一下! ng比较鸡肋的过滤器,这里就一笔带过吧!鸡汤 ...

随机推荐

  1. MVC中处理Json和JS中处理Json对象

    MVC中处理Json和JS中处理Json对象 ASP.NET MVC 很好的封装了Json,本文介绍MVC中处理Json和JS中处理Json对象,并提供详细的示例代码供参考. MVC中已经很好的封装了 ...

  2. dubug

    1.设置断点 2.启动servers端的debug模式 3.运行程序,在后台遇到断点时,进入debug调试状态 ============================= 作用域 功能 快捷键 全局 ...

  3. 使用git上传项目

    1. 安装Git 2. 安装TortoiseGit 3.任意文件夹选择「TortoiseGit」>「settings」,打开如下界面. 3. 生成SSH公钥 3.1运行Git Bash,如下命令 ...

  4. 5月25日 DOM

    练习一:输入答案,弹出是否正确. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "h ...

  5. 500 TypeError: Cannot read property 'connect.sid' of undefined

    1:在写passport验证测试用例时,发现有几个引用中间件顺序的错误,检查发现,passport验证写的是session,在传错误信息的时候req.flash调用也需要用到session中间件,否则 ...

  6. fr

    8.3 credit sales(bad debt , ar) method1:direct write off method2:allowance method for bad debt allow ...

  7. Code First Migrations更新数据库结构的具体步骤

    一.打开程序包管理器控制台 当你的实体模型与数据库架构不一致时,引发以下错误:The model backingthe 'SchoolContext' context has changed sinc ...

  8. CSS 垂直居中。

    1,display: table; display: table-cell <div style="border:solid red 1px ;height:200px;width:2 ...

  9. Chart For Asp.Net ----Overview

    一个图表有很多元素构成,所有元素都能通过图表API控制.图表API是面向对象的,可扩展的,高复用的.支持很多图表元素如:data series,data points in a series,char ...

  10. Cisco IOS Debug Command Reference Command E through H

    debug eap through debug he-module subslot periodic debug eap : to display information about Extensib ...