PHP Filters

-

PHP Filters:

Filters is used to validate and filter data coming from insecure sources, like user input.


Runtime Configurations

The behavior of these functions is affected by settings in php.ini:

filter.default:

Filter all $_GET, $_POST, $_COOKIE, $_REQUEST and $_SERVER data by this filter. Accepts the name of the filter you like to use by default.  Default is "unsafe_raw".

filter.default_flags:

Default flags to apply when the default filter is set. This is set to FILTER_FLAG_NO_ENCODE_QUOTES by default for backwards compatibility reasons. Default is "NULL".
 

PHP Filter Functions

filter_has_var()  -  Checks whether a variable of a specified input type exist
filter_id()  -  Returns the filter ID of a specified filter name
filter_input()  -  Gets an external variable (e.g. from form input) and optionally filters it
filter_input_array()  -  Gets external variables (e.g. from form input) and optionally filters them
filter_list()  -  Returns a list of all supported filter names
filter_var()  -  Filters a variable with a specified filter
filter_var_array()  -  Gets multiple variables and filter them


filter_has_var():

The filter_has_var() function checks whether a variable of a specified input type exist. This function checks the content received by the PHP page, so the variable must be sent to the page via e.g a querystring

Syntax: filter_has_var(type, variable)

Example

Check if the input variable "email" is sent to the PHP page, through the "get" method:

<?php
    if (!filter_has_var(INPUT_GET, "email")) {
         echo("Email not found");
    } else {
        echo("Email found");
    }
?>


filter_id():

The filter_id() function returns filter ID of a specified filter name.

Syntax:  filter_id(filter_name)

Example

Return the filter ID of the VALIDATE_EMAIL filter:

<?php
    $echo(filter_id("validate_email"));
?>


filter_input(): 

The filter_input() function gets an external variable (e.g. from form input) and optionally filters it. This function is used to validate variables from insecure sources, such as user input.

Syntax:  filter_input(type, variable, filter, options)

Example
Check if the external variable "email" is sent to the PHP page, through the "get" method, and also check if it is a valid email address:

<?php
if (!filter_input(INPUT_GET, "email", FILTER_VALIDATE_EMAIL)) {
    echo("Email is not valid");
} else {
    echo("Email is valid");
}
?>


filter_input_array():

The filter_input_array() function gets external variables (e.g. from form input) and optionally filters them. This function is useful for retrieving/filtering many values instead of calling filter_input() many times.

Syntax: filter_input_array(type, definition, add_empty)

Example

Use the filter_input_array() function to filter three POST variables. The received POST variables is name, age and e-mail:

<?php
    $filters = array (
                             "name" => array ("filter"=>FILTER_CALLBACK,
                             "flags"=>FILTER_FORCE_ARRAY,
                             "options"=>"ucwords"
                            ),
      "age"   => array ( "filter"=>FILTER_VALIDATE_INT,
                              "options"=>array("min_range"=>1,"max_range"=>120)
                            ),
       "email" => FILTER_VALIDATE_EMAIL
       );
     print_r(filter_input_array(INPUT_POST, $filters));
?>


The output of the code above will be:

Array
  (
      [name] => Peter
      [age] => 41
      [email] => peter@example.com
  )


filter_list():

The filter_list() function returns a list of all the supported filter names.

Syntax:  filter_list()

Example
List all supported filter names:

<?php
    print_r(filter_list());
?>


filter_var():

The filter_var() function filters a variable with the specified filter.


Syntax:  filter_var(var, filtername, options)

Example

Check if $email is a valid email address:

<?php
    $email = "john.doe@example.com";

    if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
      echo("$email is a valid email address");
    } else {
       echo("$email is not a valid email address");
    }
?>


filter_var_array():

The filter_var_array() function gets multiple variables and optionally filters them. This function is useful for filtering many values without calling filter_var() many times.

Syntax:  filter_var_array(data_array, args, add_empty)

Example

Use the filter_var_array() function to get multiple variables:

<?php
$data = array(
  'fullname' => 'Peter Griffin',
  'age' => '41',
  'email' => 'peter@example.com',
);

$mydata = filter_var_array($data);
var_dump($mydata);

?>


The output of the code should be:

array(3) {
  ["fullname"]=> string(13) "Peter Griffin"
  ["age"]=> string(2) "41"
  ["email"]=> string(17) "peter@example.com"
}

Comments

Post a Comment

Popular posts from this blog

Create Desktop Application with PHP

-
Image
Here we will show you how you can create a web-based desktop application using PHP, CSS, HTML, and JavaScript with the help of PHP Desktop. In fact, PHP Desktop is an easy and simple solution we can use to create very powerful and complex desktop application. What Is PHP Desktop? PHP Desktop is an open source project founded by Czarek Tomczak in 2012 to provide a way for developing native desktop GUI applications using web technologies such as PHP, HTML5, JavaScript and SQLite. Mind you, the development workflow you are used to while creating web applications remains the same. The step of turning an existing website into a desktop application is basically a matter of copy and paste. PHPDesktop is an all-made container that will just swallow your project. With that, you can easily transform an existing website into a desktop application without any modification. When you download PHP Desktop , you will have some set of files and folders; among them you will have a
Read more

Insert pandas dataframe into Mongodb

-
Image
Insert pandas dataframe into Mongodb Pandas is most commonly used open-source Python Library for data manipulation, it provides high-performance data manipulation and analysis using its powerful data structures. Here we use pandas library to insert dataframe into Mongodb. I am taking Yahoo finance library to get dataset for a ticker and save that data into Mongo. First, we import all the necessary libraries from pandas_datareader import data as pdr import pandas as pd from pymongo import MongoClient import yfinance as yf yf.pdr_override() We get data from yahoo finance  # download dataframe data1 = pdr.get_data_yahoo("SPY", start="2017-01-01", end="2017-01-15") Now, we make a connection to Mongodb. Here I am connecting to local MongoDb Server on port 27018 and then creating a database with the name `finance`. MongoDB has a collection(table) and I name it as `mycollection`. #Step 1: Connec
Read more

Python desktop application

-
Image
Simple Python desktop application This is a continuation to my previous tutorial ( Python GUI using PyQt ). Anyway I will recap the tutorial on how to develop Python Desktop Application using PyQt5. PyQt is a GUI widgets toolkit. It is a Python interface for Qt, one of the most powerful, and popular cross-platform GUI library.  PyQt API is a set of modules containing a large number of classes and functions. While QtCore module contains non-GUI functionality for working with file and directory etc.,  Environments: PyQt is compatible with all the popular operating systems including Windows, Linux, and Mac OS.  Pip Install: The latest version of PyQt is PyQt5 5.14.1.  You can install pyqt using pip install PyQt5 In this tutorial, we are going to create a simple GUI app to add and delete records in a table using SQLite database. First, we need to create a database connection file with name `create_db.py`. A connection with a SQLite database i
Read more