PHP filters are used to validate and sanitize external input.

Validating data is determine if the data is in proper form.

Sanitizing data is remove any illegal character from the data.

The PHP filter extension has many of the functions needed for checking user input, and is designed to make data validation easier and quicker.

The filter_list() function can be used to list what the PHP filter extension offers

<table>

  <tr>

    <td>Filter Name</td>

    <td>Filter ID</td>

  </tr>

  <?php

    foreach(filter_list() as $id => $filter){

      echo '<tr><td>' .$filter .'</td><td>' .filter_id($filter) . '</td></tr>';

    }

  ?>

</table>

Many  web application recieve external input.External input/data can be:

User input from a form

Cookies

Web Services data

Server variables

Database query results

The filter_var() function both validate and sanitize data.

The filter_var() function filters a single variable with a specified filter.It takes two pieces of data:

  •  The Variable you want to check
  • The type of check to use

The following example uses the filter_var() funcion to remove all HTML tags from a string:

<?php

  $str = "<h1>Hello World</h1>";

  $newStr = filter_var($str, FILTER_SANITIZE_STRING);

  echo $newStr; //Hello World

?>

The following example uses the filter_var() function to check if the variable $int is an integer.

<?php

  $int = 100;

  // if $int was set to 0, the function will return "Integer is not valid"

  // filter_var($int, FILTER_VALIDATE_INT) ===0 it will work when you set 0 to $int

  if(!filter_var($int, FILTER_VALIDATE_INT) === false){

    echo("Integer is valid");

  }else{

    echo("Integer is not valid");

  }

?>

The following example uses the filter_var() function to check if the variable $ip is a valid IP address

<?php

  $ip = "127.0.0.1";

  if(!filter_var(FILTER_VALIDATE_IP) === false){

    echo("$ip is a valid IP address");

  }else{

    echo("$ip is not a valid IP address");

  }

?>

The following example uses the filter_var() function to first remove all illegal characters from the $email variable, then check if it is a valid email address

<?php

  $email = "john.doe@example.com";

  //remove all illegal characters from email

  $email = filter_var($email, FILTER_SANITIZE_EMAIL);

  // validate e-mail

  if(!filter_var($email, FILTER_VALIDATE_EMAIL) === false){

    echo("$email is a valid email address");

  }else{

    echo("$email is not a valid email address");

  }

?>

The following example uses the filter_var() function to first remove all illegal characters from a URL, then check if $url is a valid URL

<?php

  $url = "http://www.w3schools.com";

  //remove all illegal characters from a url

  $url = filter_var($url, FILTER_SANITIZE_URL);

    

  // validate url 

  if(!filter_var($url, FILTET_VALIDATE_URL) === false){

    echo("$url is a valid URL");

  }else{

    echo("$url is not a valid URL");

  }

?>

The following example uses the filter_var() function to check if a variable is both of type INT, and between 1 and 200

<?php

  $int = 122;

  $min = 1;

  $max = 200;

  if(filter_var($int, FILTER_VALIDATE_INT, array("options" => array("min_range" => $min, "max_range" => $max))) === false){

    echo("Variable value is not within the legal range");

  }else{

    echo("Variable value is within the legal range");

  }

?>

The following example uses the filter_var() function to checkt if the variable $ip is a valid IPv6 address:

<?php

  $ip = "2001:0db8:85a3:08d3:1319:8a2e:0370:7334";

  if(!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false){

    echo("$ip is a valid IPv6 address");

  }else{

    echo("$ip is not a valid IPv6 address");

  }

?>

The following example uses the filter_var() function to check if the variable $url is a URL with a querystring:

<?php

  $url = "http://www.w3schools.com";

  if(!filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_QUERY_REQUIRED) === false){

    echo("$url is a valid URL");

  }else{

    echo($url is not a valid URL);

  }

?>

The following example uses the filter_var() function to sanitize a string.It will both remove all HTML tags, and all characters with ASCII value > 127, from the string:

<?php

  $str = "<h1>Hello WorldØÅ</h1>";

  $newStr = filter_var($str, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH);

  echo $newStr;

?>

PHP Filter的更多相关文章

  1. django 操作数据库--orm(object relation mapping)---models

    思想 django为使用一种新的方式,即:关系对象映射(Object Relational Mapping,简称ORM). PHP:activerecord Java:Hibernate C#:Ent ...

  2. JavaWeb——Filter

    一.基本概念 之前我们用一篇博文介绍了Servlet相关的知识,有了那篇博文的知识积淀,今天我们学习Filter将会非常轻松,因为Filter有很多地方和Servlet类似,下面在讲Filter的时候 ...

  3. 以bank account 数据为例,认识elasticsearch query 和 filter

    Elasticsearch 查询语言(Query DSL)认识(一) 一.基本认识 查询子句的行为取决于 query context filter context 也就是执行的是查询(query)还是 ...

  4. AngularJS过滤器filter-保留小数,小数点-$filter

    AngularJS      保留小数 默认是保留3位 固定的套路是 {{deom | number:4}} 意思就是保留小数点 的后四位 在渲染页面的时候 加入这儿个代码 用来精确浮点数,指定小数点 ...

  5. 挑子学习笔记:特征选择——基于假设检验的Filter方法

    转载请标明出处: http://www.cnblogs.com/tiaozistudy/p/hypothesis_testing_based_feature_selection.html Filter ...

  6. [模拟电路] 2、Passive Band Pass Filter

    note: Some articles are very good in http://www.electronics-tutorials.ws/,I share them in the Cnblog ...

  7. AngularJS过滤器filter-时间日期格式-渲染日期格式-$filter

    今天遇到了这些问题索性就 写篇文章吧 话不多说直接上栗子 不管任何是HTML格式还是JS格式必须要在  controller 里面写 // new Date() 获取当前时间 yyyy-MM-ddd ...

  8. 《ES6基础教程》之 map、forEach、filter indexOf 用法

    1,map,对数组的每个元素进行一定操作,返回一个新的数组. var oldArr = [{first_name:"Colin",last_name:"Toh" ...

  9. 1. 使用Filter 作为控制器

    最近整理一下学习笔记,并且准备放到自己的博客上.也顺便把Struts2 复习一遍 1. MVC 设计模式概览 实现 MVC(Model.View.Controller) 模式的应用程序由 3 大部分构 ...

  10. angularjs之filter过滤器

    现在公司用ionic,就是基于angularjs封装了一些api用于webapp,最近用的angularjs的filter确实省了很多代码,现在总结一下! ng比较鸡肋的过滤器,这里就一笔带过吧!鸡汤 ...

随机推荐

  1. 如何处理PHP和MYSQL的并发以及优化

    sql优化,数据缓存和页面静态化首先各种优化程序逻辑优化数据库优化硬件横向扩展数据hash.服务器提升性能.表hash.出钱找oraclec出解决方案页面静态化:Php页面静态化有两种,第一,php模 ...

  2. Best Time to Buy and Sell Stock II [LeetCode]

    Problem Description: http://oj.leetcode.com/problems/best-time-to-buy-and-sell-stock-ii/ Basic idea: ...

  3. HTTP && socket

    http://blog.csdn.net/zeng622peng/article/details/5546384 1.TCP连接 手机能够使用联网功能是因为手机底层实现了TCP/IP协议,可以使手机终 ...

  4. OC self和super

    在OC中 1 self是一个指针,在每一个方法中都有一个self指针 2 self可以出现在所有的方法中(对象方法和类方法),不能在函数中 3 self指向调用者.(谁调用它就指向谁) 4 可以使用s ...

  5. 转python编码问题

    python的编码问题 http://blog.csdn.net/fuadam/article/details/5547504 分类: .net以外的东东 2010-04-30 21:16 747人阅 ...

  6. php header setcookie headers_sent函数 函数检查 HTTP 标头是否已被发送以及在哪里被发送

    这里需要注意的 header() 最常被拿來送 header('Location: /'); 等等, 做网页重定向的动作. 在使用 setcookie(), header()... 等函数前 不可以用 ...

  7. Maven 系列 二 :Maven 常用命令,手动创建第一个 Maven 项目【转】

    1.根据 Maven 的约定,我们在D盘根目录手动创建如下目录及文件结构: 2.打开 pom.xml 文件,添加如下内容: <project xmlns="http://maven.a ...

  8. mysql 5.7 zip 文件在 windows下的安装

    1.下载mysql最新版本. http://cdn.mysql.com//Downloads/MySQL-5.7/mysql-5.7.15-winx64.zip 2.解压到文件夹. D:\softwa ...

  9. QPS

    你想建设一个能承受500万PV/每天的网站吗? 博客分类: 移动行业 PV  转自:http://elf8848.iteye.com/blog/967049 你想建设一个能承受500万PV/每天的网站 ...

  10. php base64_decode 解码方法

    <?php header('Content-Type:text/html;charset=utf-8'); function encode_file_contents($filename) { ...