PHP filters are used to validate and sanitize external input.

Validating data is determine if the data is in proper form.

Sanitizing data is remove any illegal character from the data.

The PHP filter extension has many of the functions needed for checking user input, and is designed to make data validation easier and quicker.

The filter_list() function can be used to list what the PHP filter extension offers

<table>

  <tr>

    <td>Filter Name</td>

    <td>Filter ID</td>

  </tr>

  <?php

    foreach(filter_list() as $id => $filter){

      echo '<tr><td>' .$filter .'</td><td>' .filter_id($filter) . '</td></tr>';

    }

  ?>

</table>

Many  web application recieve external input.External input/data can be:

User input from a form

Cookies

Web Services data

Server variables

Database query results

The filter_var() function both validate and sanitize data.

The filter_var() function filters a single variable with a specified filter.It takes two pieces of data:

  •  The Variable you want to check
  • The type of check to use

The following example uses the filter_var() funcion to remove all HTML tags from a string:

<?php

  $str = "<h1>Hello World</h1>";

  $newStr = filter_var($str, FILTER_SANITIZE_STRING);

  echo $newStr; //Hello World

?>

The following example uses the filter_var() function to check if the variable $int is an integer.

<?php

  $int = 100;

  // if $int was set to 0, the function will return "Integer is not valid"

  // filter_var($int, FILTER_VALIDATE_INT) ===0 it will work when you set 0 to $int

  if(!filter_var($int, FILTER_VALIDATE_INT) === false){

    echo("Integer is valid");

  }else{

    echo("Integer is not valid");

  }

?>

The following example uses the filter_var() function to check if the variable $ip is a valid IP address

<?php

  $ip = "127.0.0.1";

  if(!filter_var(FILTER_VALIDATE_IP) === false){

    echo("$ip is a valid IP address");

  }else{

    echo("$ip is not a valid IP address");

  }

?>

The following example uses the filter_var() function to first remove all illegal characters from the $email variable, then check if it is a valid email address

<?php

  $email = "john.doe@example.com";

  //remove all illegal characters from email

  $email = filter_var($email, FILTER_SANITIZE_EMAIL);

  // validate e-mail

  if(!filter_var($email, FILTER_VALIDATE_EMAIL) === false){

    echo("$email is a valid email address");

  }else{

    echo("$email is not a valid email address");

  }

?>

The following example uses the filter_var() function to first remove all illegal characters from a URL, then check if $url is a valid URL

<?php

  $url = "http://www.w3schools.com";

  //remove all illegal characters from a url

  $url = filter_var($url, FILTER_SANITIZE_URL);

    

  // validate url 

  if(!filter_var($url, FILTET_VALIDATE_URL) === false){

    echo("$url is a valid URL");

  }else{

    echo("$url is not a valid URL");

  }

?>

The following example uses the filter_var() function to check if a variable is both of type INT, and between 1 and 200

<?php

  $int = 122;

  $min = 1;

  $max = 200;

  if(filter_var($int, FILTER_VALIDATE_INT, array("options" => array("min_range" => $min, "max_range" => $max))) === false){

    echo("Variable value is not within the legal range");

  }else{

    echo("Variable value is within the legal range");

  }

?>

The following example uses the filter_var() function to checkt if the variable $ip is a valid IPv6 address:

<?php

  $ip = "2001:0db8:85a3:08d3:1319:8a2e:0370:7334";

  if(!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false){

    echo("$ip is a valid IPv6 address");

  }else{

    echo("$ip is not a valid IPv6 address");

  }

?>

The following example uses the filter_var() function to check if the variable $url is a URL with a querystring:

<?php

  $url = "http://www.w3schools.com";

  if(!filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_QUERY_REQUIRED) === false){

    echo("$url is a valid URL");

  }else{

    echo($url is not a valid URL);

  }

?>

The following example uses the filter_var() function to sanitize a string.It will both remove all HTML tags, and all characters with ASCII value > 127, from the string:

<?php

  $str = "<h1>Hello WorldØÅ</h1>";

  $newStr = filter_var($str, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH);

  echo $newStr;

?>

PHP Filter的更多相关文章

  1. django 操作数据库--orm(object relation mapping)---models

    思想 django为使用一种新的方式,即:关系对象映射(Object Relational Mapping,简称ORM). PHP:activerecord Java:Hibernate C#:Ent ...

  2. JavaWeb——Filter

    一.基本概念 之前我们用一篇博文介绍了Servlet相关的知识,有了那篇博文的知识积淀,今天我们学习Filter将会非常轻松,因为Filter有很多地方和Servlet类似,下面在讲Filter的时候 ...

  3. 以bank account 数据为例,认识elasticsearch query 和 filter

    Elasticsearch 查询语言(Query DSL)认识(一) 一.基本认识 查询子句的行为取决于 query context filter context 也就是执行的是查询(query)还是 ...

  4. AngularJS过滤器filter-保留小数,小数点-$filter

    AngularJS      保留小数 默认是保留3位 固定的套路是 {{deom | number:4}} 意思就是保留小数点 的后四位 在渲染页面的时候 加入这儿个代码 用来精确浮点数,指定小数点 ...

  5. 挑子学习笔记:特征选择——基于假设检验的Filter方法

    转载请标明出处: http://www.cnblogs.com/tiaozistudy/p/hypothesis_testing_based_feature_selection.html Filter ...

  6. [模拟电路] 2、Passive Band Pass Filter

    note: Some articles are very good in http://www.electronics-tutorials.ws/,I share them in the Cnblog ...

  7. AngularJS过滤器filter-时间日期格式-渲染日期格式-$filter

    今天遇到了这些问题索性就 写篇文章吧 话不多说直接上栗子 不管任何是HTML格式还是JS格式必须要在  controller 里面写 // new Date() 获取当前时间 yyyy-MM-ddd ...

  8. 《ES6基础教程》之 map、forEach、filter indexOf 用法

    1,map,对数组的每个元素进行一定操作,返回一个新的数组. var oldArr = [{first_name:"Colin",last_name:"Toh" ...

  9. 1. 使用Filter 作为控制器

    最近整理一下学习笔记,并且准备放到自己的博客上.也顺便把Struts2 复习一遍 1. MVC 设计模式概览 实现 MVC(Model.View.Controller) 模式的应用程序由 3 大部分构 ...

  10. angularjs之filter过滤器

    现在公司用ionic,就是基于angularjs封装了一些api用于webapp,最近用的angularjs的filter确实省了很多代码,现在总结一下! ng比较鸡肋的过滤器,这里就一笔带过吧!鸡汤 ...

随机推荐

  1. php使用位与运算符【&】位或运算符【|】实现权限管理

    权限值是这样的2^0=1,相应2进数为”0001″(在这里^我表示成”次方”,即:2的0次方,下同)2^1=2,相应2进数为”0010″2^2=4,相应2进数为”0100″2^3=8,相应2进数为”1 ...

  2. IOS-错误总结

    1,警告:"xoxoxoxo"  is deprecated解决办法:查看xoxoxoxo的这个方法的文档,替换掉这个方法即可.2,警告:Declaration of " ...

  3. Java 集合系列 11 hashmap 和 hashtable 的区别

    java 集合系列目录: Java 集合系列 01 总体框架 Java 集合系列 02 Collection架构 Java 集合系列 03 ArrayList详细介绍(源码解析)和使用示例 Java ...

  4. 深入理解ServletRequest与ServletResponse

       请求和相应是Web交互最基本的模式,在Servlet中,分别用HttpServletRequest与HttpServletResponse来表示Http请求和响应.这两个类均来自javax.se ...

  5. oracle优化原则(二)

    SQL优化原则 二.SQL语句编写注意问题 www.2cto.com 下面就某些SQL语句的where子句编写中需要注意的问题作详细介绍.在这些where子句中,即使某些列存在索引,但是由于编写了劣质 ...

  6. windows直接安装

  7. Snappy压缩

    Snappy压缩时,碰到不能解压问题,所用服务器Tomcat8.经验证,降低Tomcat版本为7,才可正常解压文件. 若碰到偶尔不能解压的问题,试着换个浏览器试试.

  8. 十大谷歌Google搜索技巧分享

    前言:多数人在使用Google搜索的过程是非常低效和无谓的,如果你只是输入几个关键词,然后按搜索按钮,你将是那些无法得到Google全部信息的用户,在这篇文章中,Google搜索专家迈克尔.米勒将向您 ...

  9. POJ 1850 Code 字符串 难度:1

    题意: 1 如果是严格升序的字母字符串,那么可以输出非0解码,否则不能译码输出0 2 字符串解码 遵循递增原则,其值为 到现在为止的所有按字母序小于该字符串的数量 + 1; #include < ...

  10. CodeForces 546A-Soldier and Bananas

    题意: 有n dollar,the first banana cost  k dollars,第i个就需cost k*i,问买w个bananas是否需要借钱:借钱需要多少? 分析:首先计算w个bana ...