PHP Filters

-

PHP Filters:

Filters is used to validate and filter data coming from insecure sources, like user input.


Runtime Configurations

The behavior of these functions is affected by settings in php.ini:

filter.default:

Filter all $_GET, $_POST, $_COOKIE, $_REQUEST and $_SERVER data by this filter. Accepts the name of the filter you like to use by default.  Default is "unsafe_raw".

filter.default_flags:

Default flags to apply when the default filter is set. This is set to FILTER_FLAG_NO_ENCODE_QUOTES by default for backwards compatibility reasons. Default is "NULL".
 

PHP Filter Functions

filter_has_var()  -  Checks whether a variable of a specified input type exist
filter_id()  -  Returns the filter ID of a specified filter name
filter_input()  -  Gets an external variable (e.g. from form input) and optionally filters it
filter_input_array()  -  Gets external variables (e.g. from form input) and optionally filters them
filter_list()  -  Returns a list of all supported filter names
filter_var()  -  Filters a variable with a specified filter
filter_var_array()  -  Gets multiple variables and filter them


filter_has_var():

The filter_has_var() function checks whether a variable of a specified input type exist. This function checks the content received by the PHP page, so the variable must be sent to the page via e.g a querystring

Syntax: filter_has_var(type, variable)

Example

Check if the input variable "email" is sent to the PHP page, through the "get" method:

<?php
    if (!filter_has_var(INPUT_GET, "email")) {
         echo("Email not found");
    } else {
        echo("Email found");
    }
?>


filter_id():

The filter_id() function returns filter ID of a specified filter name.

Syntax:  filter_id(filter_name)

Example

Return the filter ID of the VALIDATE_EMAIL filter:

<?php
    $echo(filter_id("validate_email"));
?>


filter_input(): 

The filter_input() function gets an external variable (e.g. from form input) and optionally filters it. This function is used to validate variables from insecure sources, such as user input.

Syntax:  filter_input(type, variable, filter, options)

Example
Check if the external variable "email" is sent to the PHP page, through the "get" method, and also check if it is a valid email address:

<?php
if (!filter_input(INPUT_GET, "email", FILTER_VALIDATE_EMAIL)) {
    echo("Email is not valid");
} else {
    echo("Email is valid");
}
?>


filter_input_array():

The filter_input_array() function gets external variables (e.g. from form input) and optionally filters them. This function is useful for retrieving/filtering many values instead of calling filter_input() many times.

Syntax: filter_input_array(type, definition, add_empty)

Example

Use the filter_input_array() function to filter three POST variables. The received POST variables is name, age and e-mail:

<?php
    $filters = array (
                             "name" => array ("filter"=>FILTER_CALLBACK,
                             "flags"=>FILTER_FORCE_ARRAY,
                             "options"=>"ucwords"
                            ),
      "age"   => array ( "filter"=>FILTER_VALIDATE_INT,
                              "options"=>array("min_range"=>1,"max_range"=>120)
                            ),
       "email" => FILTER_VALIDATE_EMAIL
       );
     print_r(filter_input_array(INPUT_POST, $filters));
?>


The output of the code above will be:

Array
  (
      [name] => Peter
      [age] => 41
      [email] => peter@example.com
  )


filter_list():

The filter_list() function returns a list of all the supported filter names.

Syntax:  filter_list()

Example
List all supported filter names:

<?php
    print_r(filter_list());
?>


filter_var():

The filter_var() function filters a variable with the specified filter.


Syntax:  filter_var(var, filtername, options)

Example

Check if $email is a valid email address:

<?php
    $email = "john.doe@example.com";

    if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
      echo("$email is a valid email address");
    } else {
       echo("$email is not a valid email address");
    }
?>


filter_var_array():

The filter_var_array() function gets multiple variables and optionally filters them. This function is useful for filtering many values without calling filter_var() many times.

Syntax:  filter_var_array(data_array, args, add_empty)

Example

Use the filter_var_array() function to get multiple variables:

<?php
$data = array(
  'fullname' => 'Peter Griffin',
  'age' => '41',
  'email' => 'peter@example.com',
);

$mydata = filter_var_array($data);
var_dump($mydata);

?>


The output of the code should be:

array(3) {
  ["fullname"]=> string(13) "Peter Griffin"
  ["age"]=> string(2) "41"
  ["email"]=> string(17) "peter@example.com"
}

Comments

Post a Comment

Popular posts from this blog

Create Desktop Application with PHP

-
Image
Here we will show you how you can create a web-based desktop application using PHP, CSS, HTML, and JavaScript with the help of PHP Desktop. In fact, PHP Desktop is an easy and simple solution we can use to create very powerful and complex desktop application. What Is PHP Desktop? PHP Desktop is an open source project founded by Czarek Tomczak in 2012 to provide a way for developing native desktop GUI applications using web technologies such as PHP, HTML5, JavaScript and SQLite. Mind you, the development workflow you are used to while creating web applications remains the same. The step of turning an existing website into a desktop application is basically a matter of copy and paste. PHPDesktop is an all-made container that will just swallow your project. With that, you can easily transform an existing website into a desktop application without any modification. When you download PHP Desktop , you will have some set of files and folders; among them you will have a ...
Read more

Python Interview Questions and Answers for Freshers

-
1. What are the key features of Python? If it makes for an introductory language to programming, Python must mean something. These are its qualities: Interpreted Dynamically-typed Object-oriented Concise and simple Free Has a large community 2. Differentiate between lists and tuples. The major difference is that a list is mutable, but a tuple is immutable. Examples: >>> mylist=[1,3,3] >>> mylist[1]=2 >>> mytuple=(1,3,3) >>> mytuple[1]=2 Traceback (most recent call last): File “<pyshell#97>”, line 1, in <module> mytuple[1]=2 TypeError: ‘tuple’ object does not support item assignment 3. Explain the ternary operator in Python. Unlike C++, we don’t have ?: in Python, but we have this: [on true] if [expression] else [on false] If the expression is True, the statement under [on true] is executed. Else, that under [on false] is executed. Below is how you would use it: >>> a,b=2,3 >...
Read more

Python Interview questions and answers for experienced

-
1. What is a dictionary in Python? A python dictionary is something I have never seen in other languages like C++ or Java programming. It holds key-value pairs. >>> roots={25:5,16:4,9:3,4:2,1:1} >>> type(roots) - Output: <class ‘dict’> >>> roots[9] - Output: 3 A dictionary is mutable, and we can also use a comprehension to create it. >>> roots={x**2 for x in range(5,0,-1)} >>> roots {25: 5, 16: 4, 9: 3, 4: 2, 1: 1} 2. Explain the //, %, and ** operators in Python. The // operator performs floor division. It will return the integer part of the result on division. >>> 7//2 - Output: 3 Normal division would return 3.5 here. Similarly, ** performs exponentiation. a**b returns the value of a raised to the power b. >>> 2**10 - Output: 1024 Finally, % is for modulus. This gives us the value left after the highest achievable division. >>> 13%7 - Output: 6 >...
Read more