The PHP filters are used to sanitize and validate data coming from insecure roots, like user input.
Validate filters
filters for validation
ID | Description | |
FILTER_VALIDATE_BOOLEAN | Returns true for "1", "true", "on" and "yes". Returns false otherwise. | |
FILTER_VALIDATE_DOMAIN | Validates whether the domain name label lengths are valid. | |
FILTER_VALIDATE_EMAIL | Validates whether the value is a valid e-mail address. | |
FILTER_VALIDATE_FLOAT | Validates value as float, optionally from the specified range, and converts to float on success. | |
FILTER_VALIDATE_INT | Validates value as integer, optionally from the specified range, and converts to int on success. | |
FILTER_VALIDATE_IP | Validates value as IP address, optionally only IPv4 or IPv6 or not from private or reserved ranges. | |
FILTER_VALIDATE_REGEXP | validates value againstĀ regular expression. | |
FILTER_VALIDATE_URL | Validates URL |
Sanitize filters
The sanitize filters are used to sanitize or clean the user inputs.
ID | Description |
FILTER_SANITIZE_EMAIL | Remove all characters except letters, digits and !#$%&'*+-=?^_`{|}~@.[]. |
FILTER_SANITIZE_ENCODED | URL-encode string, optionally strip or encode special characters. |
FILTER_SANITIZE_MAGIC_QUOTES | Apply addslashes(). |
FILTER_SANITIZE_NUMBER_FLOAT | Remove all characters except digits, +- and optionally .,eE |
FILTER_SANITIZE_NUMBER_INT | Remove all characters except digits, plus and minus sign. |
FILTER_SANITIZE_SPECIAL_CHARS | HTML-escape '"<>& and characters with ASCII value less than 32, optionally strip or encode other special characters. |
FILTER_SANITIZE_FULL_SPECIAL_CHARS | Equivalent to calling htmlspecialchars() with ENT_QUOTES set. Encoding quotes can be disabled by setting FILTER_FLAG_NO_ENCODE_QUOTES. Like htmlspecialchars(), this filter is aware of the default_charset and if a sequence of bytes is detected that makes up an invalid character in the current character set then the entire string is rejected resulting in a 0-length string. When using this filter as a default filter, see the warning below about setting the default flags to 0. |