This article mainly introduces the PHP built-in FILTER use example, lists the verification function and error correction function code examples to explain how to use the FILTER. For more information, see the following section, let's take a look at a less commonly used but powerful PHP feature: FILTERS, which can be used for validation and error correction (sanitization)
When the data source contains unknown or uncertain data, it becomes very useful. it is used at most to process the data submitted by the customer from the HTML form (form ).
The extension contains two main filtering types: validation and error correction)
Validation is mainly used to check whether the data meets certain conditions. for example, when FILTER_VALIDATE_EMAIL is passed in, it will check whether the email address is valid. if the email address is found to be invalid, no error correction will be performed.
Sanitization processes the data and converts or removes non-conforming characters. for example, when FILTER_SANITIZE_EMAIL is passed in, it processes invalid characters in the email address, but does not check whether the email address is valid.
Visibility: http://in.php.net/manual/en/book.filter.php
Tip: FILTER is added to PHP 5.2.
Here we will introduce the validation Filters
The code is as follows:
FILTER_VALIDATE_BOOLEAN: verify the value as a boolean option. true is returned for "1", "TRUE", "on", and "yes", and FALSE is returned for all others.
FILTER_VALIDATE_EMAIL: verify the value as the email address.
FILTER_VALIDATE_FLOAT: verify the value as a floating point number.
FILTER_VALIDATE_INT: an integer to verify the value. you can select a range.
FILTER_VALIDATE_IP: verify the value as an IP address.
FILTER_VALIDATE_REGEXP: verifies the value based on regular expressions compatible with Perl.
FILTER_VALIDATE_URL: verify the value as a URL
Example:
Verify Email Address ):
The code is as follows:
<? Php
$ Email_a = 'onedayin2013 @ shawn.com ';
$ Email_ B = 'invalid @ e-mail ';
If (filter_var ($ email_a, FILTER_VALIDATE_EMAIL )){
Echo "This ($ email_a) email address is valid .";
} Else {
Echo "This ($ email_a) email address is invalid .";
}
If (filter_var ($ email_ B, FILTER_VALIDATE_EMAIL )){
Echo "This ($ email_ B) email address is valid .";
} Else {
Echo "This ($ email_ B) email address is invalid .";
}
// Output the following content:
This (onedayin2013@shawn.com) email address is valid.
This (invalid @ email) email address is invalid.
?>
Verify the IP address:
The code is as follows:
<? Php
$ Ip_a = '2017. 0.0.1 ';
$ Ip_ B = '52. 69 ';
If (filter_var ($ ip_a, FILTER_VALIDATE_IP )){
Echo "This ($ ip_a) IP address is valid .";
} Else {
Echo "This ($ ip_a) IP address is invalid .";
}
If (filter_var ($ ip_ B, FILTER_VALIDATE_IP )){
Echo "This ($ ip_ B) IP address is valid .";
} Else {
Echo "This ($ ip_ B) IP address is invalid .";
}
// Output the following content:
This (127.0.0.1) IP address is valid.
This (52.69) IP address is invalid.
?>
Sanitization Filters
The code is as follows:
FILTER_SANITIZE_EMAIL: removes all characters except letters, numbers, and! # $ % & '* +-/=? ^ _ '{| }~ @. [].
FILTER_SANITIZE_ENCODED: Removes unnecessary characters in URL encoding, which is similar to the urlencode () function.
FILTER_SANITIZE_MAGIC_QUOTES: add a backslash ('), double quotation mark ("), backslash (), and NULL before the specified predefined characters.
FILTER_SANITIZE_NUMBER_FLOAT: removes all characters except numbers, +-, and optional (.,)
FILTER_SANITIZE_NUMBER_INT: removes all characters except numbers and +-
FILTER_SANITIZE_SPECIAL_CHARS: used to escape "<> & and characters with ASCII values below 32
FILTER_SANITIZE_STRING: delete data that may be harmful to applications. It is used to remove tags and delete or encode unnecessary characters.
FILTER_SANITIZE_STRIPPED: Remove or encode unnecessary characters. it is the alias of FILTER_SANITIZE_STRING.
FILTER_SANITIZE_URL: removes all characters except letters, numbers, and $-_. +! * '(), {}|\\^ ~ [] '<> # % ";/? : @ & =.
FILTER_UNSAFE_RAW: removes or encodes special characters without any filtering.
Example:
The code is as follows:
<? Php
$ Invalid_email = "(successfully upted @ foo dot com )";
If (! Filter_var ($ invalid_email, FILTER_VALIDATE_EMAIL )){
$ Sanitized_email = filter_var ($ invalid_email, FILTER_SANITIZE_EMAIL );
Echo "This ($ invalid_email) email address is invalid .";
Echo "Sanitized Email is: $ sanitized_email ";
}
// Output the following content:
This (corrupted @ foo dot com) email address is invalid.
Sanitized Email is: corrupted@foo.com
?>
Filter GET and POST variables
The code is as follows:
Filter_input (input_type, variable, filter, options)
// The function obtains input from outside the script to verify variables from unsafe sources, such as user input.
// You can obtain the input from the following sources:
INPUT_GET INPUT_POST INPUT_COOKIE INPUT_ENV INPUT_SERVER
The code is as follows:
Input_type specifies the Input type. For more information, see the preceding possible types.
Variable specified for filtering
Optional. Specifies the ID of the filter to be used. The default value is FILTER_SANITIZE_STRING.
Example:
The code is as follows:
<? Php
$ Search_html = filter_input (INPUT_GET, 'search', FILTER_SANITIZE_SPECIAL_CHARS );
$ Search_url = filter_input (INPUT_GET, 'search', FILTER_SANITIZE_ENCODED );
Echo "You have searched for $ search_html .";
Echo "Search again .";
?>