PHP Filter
PHP filters are used to validate and sanitize external input.
Validating data is determine if the data is in proper form.
Sanitizing data is remove any illegal character from the data.
The PHP filter extension has many of the functions needed for checking user input, and is designed to make data validation easier and quicker.
The filter_list() function can be used to list what the PHP filter extension offers
<table>
<tr>
<td>Filter Name</td>
<td>Filter ID</td>
</tr>
<?php
foreach(filter_list() as $id => $filter){
echo '<tr><td>' .$filter .'</td><td>' .filter_id($filter) . '</td></tr>';
}
?>
</table>
Many web application recieve external input.External input/data can be:
User input from a form
Cookies
Web Services data
Server variables
Database query results
The filter_var() function both validate and sanitize data.
The filter_var() function filters a single variable with a specified filter.It takes two pieces of data:
- The Variable you want to check
- The type of check to use
The following example uses the filter_var() funcion to remove all HTML tags from a string:
<?php
$str = "<h1>Hello World</h1>";
$newStr = filter_var($str, FILTER_SANITIZE_STRING);
echo $newStr; //Hello World
?>
The following example uses the filter_var() function to check if the variable $int is an integer.
<?php
$int = 100;
// if $int was set to 0, the function will return "Integer is not valid"
// filter_var($int, FILTER_VALIDATE_INT) ===0 it will work when you set 0 to $int
if(!filter_var($int, FILTER_VALIDATE_INT) === false){
echo("Integer is valid");
}else{
echo("Integer is not valid");
}
?>
The following example uses the filter_var() function to check if the variable $ip is a valid IP address
<?php
$ip = "127.0.0.1";
if(!filter_var(FILTER_VALIDATE_IP) === false){
echo("$ip is a valid IP address");
}else{
echo("$ip is not a valid IP address");
}
?>
The following example uses the filter_var() function to first remove all illegal characters from the $email variable, then check if it is a valid email address
<?php
$email = "john.doe@example.com";
//remove all illegal characters from email
$email = filter_var($email, FILTER_SANITIZE_EMAIL);
// validate e-mail
if(!filter_var($email, FILTER_VALIDATE_EMAIL) === false){
echo("$email is a valid email address");
}else{
echo("$email is not a valid email address");
}
?>
The following example uses the filter_var() function to first remove all illegal characters from a URL, then check if $url is a valid URL
<?php
$url = "http://www.w3schools.com";
//remove all illegal characters from a url
$url = filter_var($url, FILTER_SANITIZE_URL);
// validate url
if(!filter_var($url, FILTET_VALIDATE_URL) === false){
echo("$url is a valid URL");
}else{
echo("$url is not a valid URL");
}
?>
The following example uses the filter_var() function to check if a variable is both of type INT, and between 1 and 200
<?php
$int = 122;
$min = 1;
$max = 200;
if(filter_var($int, FILTER_VALIDATE_INT, array("options" => array("min_range" => $min, "max_range" => $max))) === false){
echo("Variable value is not within the legal range");
}else{
echo("Variable value is within the legal range");
}
?>
The following example uses the filter_var() function to checkt if the variable $ip is a valid IPv6 address:
<?php
$ip = "2001:0db8:85a3:08d3:1319:8a2e:0370:7334";
if(!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false){
echo("$ip is a valid IPv6 address");
}else{
echo("$ip is not a valid IPv6 address");
}
?>
The following example uses the filter_var() function to check if the variable $url is a URL with a querystring:
<?php
$url = "http://www.w3schools.com";
if(!filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_QUERY_REQUIRED) === false){
echo("$url is a valid URL");
}else{
echo($url is not a valid URL);
}
?>
The following example uses the filter_var() function to sanitize a string.It will both remove all HTML tags, and all characters with ASCII value > 127, from the string:
<?php
$str = "<h1>Hello WorldØÅ</h1>";
$newStr = filter_var($str, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH);
echo $newStr;
?>
PHP Filter的更多相关文章
- django 操作数据库--orm(object relation mapping)---models
思想 django为使用一种新的方式,即:关系对象映射(Object Relational Mapping,简称ORM). PHP:activerecord Java:Hibernate C#:Ent ...
- JavaWeb——Filter
一.基本概念 之前我们用一篇博文介绍了Servlet相关的知识,有了那篇博文的知识积淀,今天我们学习Filter将会非常轻松,因为Filter有很多地方和Servlet类似,下面在讲Filter的时候 ...
- 以bank account 数据为例,认识elasticsearch query 和 filter
Elasticsearch 查询语言(Query DSL)认识(一) 一.基本认识 查询子句的行为取决于 query context filter context 也就是执行的是查询(query)还是 ...
- AngularJS过滤器filter-保留小数,小数点-$filter
AngularJS 保留小数 默认是保留3位 固定的套路是 {{deom | number:4}} 意思就是保留小数点 的后四位 在渲染页面的时候 加入这儿个代码 用来精确浮点数,指定小数点 ...
- 挑子学习笔记:特征选择——基于假设检验的Filter方法
转载请标明出处: http://www.cnblogs.com/tiaozistudy/p/hypothesis_testing_based_feature_selection.html Filter ...
- [模拟电路] 2、Passive Band Pass Filter
note: Some articles are very good in http://www.electronics-tutorials.ws/,I share them in the Cnblog ...
- AngularJS过滤器filter-时间日期格式-渲染日期格式-$filter
今天遇到了这些问题索性就 写篇文章吧 话不多说直接上栗子 不管任何是HTML格式还是JS格式必须要在 controller 里面写 // new Date() 获取当前时间 yyyy-MM-ddd ...
- 《ES6基础教程》之 map、forEach、filter indexOf 用法
1,map,对数组的每个元素进行一定操作,返回一个新的数组. var oldArr = [{first_name:"Colin",last_name:"Toh" ...
- 1. 使用Filter 作为控制器
最近整理一下学习笔记,并且准备放到自己的博客上.也顺便把Struts2 复习一遍 1. MVC 设计模式概览 实现 MVC(Model.View.Controller) 模式的应用程序由 3 大部分构 ...
- angularjs之filter过滤器
现在公司用ionic,就是基于angularjs封装了一些api用于webapp,最近用的angularjs的filter确实省了很多代码,现在总结一下! ng比较鸡肋的过滤器,这里就一笔带过吧!鸡汤 ...
随机推荐
- java中的异常和处理
算术异常类:ArithmeticExecption 空指针异常类:NullPointerException 类型强制转换异常:ClassCastException 数组负下标异常:NegativeAr ...
- Hibernate缓存机制
缓存是介于应用程序和物理数据源之间,其作用是为了降低应用程序对物理数据源访问的频次,从而提高了应用的运行性能.缓存内的数据是对物理数据源中的数据的复制,应用程序在运行时从缓存读写数据,在特定的时刻或事 ...
- HDU 4123(树的直径+单调队列)
Bob’s Race Time Limit: 5000/2000 MS (Java/Others) Memory Limit: 32768/32768 K (Java/Others)Total ...
- perl 正则匹配代码
36 chomp $line; 37 my @vec = split /\t/, $line; 38 my @vec2 = ($vec[1]=~/[a-z]+/g); 39 ...
- Storm(1) - Setting Up Development Environment
Setting up your development environment 1. download j2se 6 SDK from http://www.oracle.com/technetwor ...
- JavaScript基础---作用域,匿名函数和闭包【转】
匿名函数就是没有名字的函数,闭包是可访问一个函数作用域里变量的函数. 一.匿名函数 //普通函数 function box() { //函数名是 box return 'TT'; } //匿名函数 f ...
- C#图书资源【更新中...】喜欢的就转存吧
百度分享暂时取消了,需要的朋友可以直接关注我,我发给你. 重点篇 1.C#与.NET3.5高级程序设计 2.C#与.NET3.5高级程序设计.rar 3.Effective_C#_中文版_改善C#程序 ...
- Sharepoint2010突然之间不能打开页面,报503错误The service is unavailable
原因:安装Sahrepoint时的账号出现故障,可能是密码过期等等. 解决方案: 新建windows用户ada,密码设置为永不过期,隶属于:administrators/IIS-WPG/WSS-WPG ...
- changepassword.c 0.9:一个通过WEB界面更改LINUX用户密码的程序
偶然看到一个用C语言写的CGI程序,可以以WEB界面(无需单独再写HTML)的方式修改用户自己的密码.该程序具有同时修改samba及squid密码的能力. 步骤: 1.下载并解压,并读一下README ...
- 常用三方,Reachability 检测网络连接
常用三方 Reachability 检 测网络连接 用来检查网络连接是否可用:包括WIFI和 WWAN(3G/EDGE/CDMA等)两种工作模式. 可以从Apple网站下载到: http://deve ...