2009-03-12 21:09:00 +00:00
<?xml version="1.0" encoding="utf-8"?>
2009-07-11 07:05:15 +00:00
<!-- $Revision$ -->
2009-03-12 21:09:00 +00:00
<chapter xml:id= "filter.filters" xmlns= "http://docbook.org/ns/docbook" xmlns:xlink= "http://www.w3.org/1999/xlink" >
<title > Types of filters</title>
2010-03-24 14:07:53 +00:00
<!-- Validate filters: {{{ -->
2009-06-23 04:06:52 +00:00
<section xml:id= 'filter.filters.validate' >
2009-03-12 21:09:00 +00:00
<title > Validate filters</title>
<para >
<table >
<title > Listing of filters for validation</title>
<tgroup cols= "5" >
<thead >
<row >
<entry > ID</entry>
<entry > Name</entry>
<entry > Options</entry>
<entry > Flags</entry>
<entry > Description</entry>
</row>
</thead>
<tbody >
<row >
<entry > <constant > FILTER_VALIDATE_BOOLEAN</constant> </entry>
<entry > "boolean"</entry>
<entry > </entry>
<entry >
<constant > FILTER_NULL_ON_FAILURE</constant>
</entry>
<entry >
<para >
Returns &true; for "1", "true", "on" and "yes".
Returns &false; otherwise.
</para>
<para >
If <constant > FILTER_NULL_ON_FAILURE</constant> is set, &false; is
returned only for "0", "false", "off", "no", and "", and
&null; is returned for all non-boolean values.
</para>
</entry>
</row>
<row >
<entry > <constant > FILTER_VALIDATE_EMAIL</constant> </entry>
<entry > "validate_email"</entry>
<entry > </entry>
<entry > </entry>
<entry > Validates value as e-mail.</entry>
</row>
<row >
<entry > <constant > FILTER_VALIDATE_FLOAT</constant> </entry>
<entry > "float"</entry>
<entry >
<parameter > decimal</parameter>
</entry>
<entry >
<constant > FILTER_FLAG_ALLOW_THOUSAND</constant>
</entry>
<entry > Validates value as float.</entry>
</row>
<row >
<entry > <constant > FILTER_VALIDATE_INT</constant> </entry>
<entry > "int"</entry>
<entry >
<parameter > min_range</parameter> ,
<parameter > max_range</parameter>
</entry>
<entry >
<constant > FILTER_FLAG_ALLOW_OCTAL</constant> ,
<constant > FILTER_FLAG_ALLOW_HEX</constant>
</entry>
<entry > Validates value as integer, optionally from the specified range.</entry>
</row>
<row >
<entry > <constant > FILTER_VALIDATE_IP</constant> </entry>
<entry > "validate_ip"</entry>
<entry > </entry>
<entry >
<constant > FILTER_FLAG_IPV4</constant> ,
<constant > FILTER_FLAG_IPV6</constant> ,
<constant > FILTER_FLAG_NO_PRIV_RANGE</constant> ,
<constant > FILTER_FLAG_NO_RES_RANGE</constant>
</entry>
<entry >
Validates value as IP address, optionally only IPv4 or IPv6 or not
from private or reserved ranges.
</entry>
</row>
<row >
<entry > <constant > FILTER_VALIDATE_REGEXP</constant> </entry>
<entry > "validate_regexp"</entry>
<entry >
<parameter > regexp</parameter>
</entry>
<entry > </entry>
<entry >
Validates value against <parameter > regexp</parameter> , a
<link linkend= "book.pcre" > Perl-compatible</link> regular expression.
</entry>
</row>
<row >
<entry > <constant > FILTER_VALIDATE_URL</constant> </entry>
<entry > "validate_url"</entry>
<entry > </entry>
<entry >
<constant > FILTER_FLAG_PATH_REQUIRED</constant> ,
2010-05-27 13:50:37 +00:00
<constant > FILTER_FLAG_QUERY_REQUIRED</constant>
2009-03-12 21:09:00 +00:00
</entry>
2010-08-09 21:40:58 +00:00
<entry > Validates value as URL (according to <link xlink:href= "&url.rfc;2396" > &url.rfc; 2396</link> ), optionally with required components. Note that the function will only find ASCII URLs to be valid; internationalized domain names (containing non-ASCII characters) will fail.</entry>
2009-03-12 21:09:00 +00:00
</row>
</tbody>
</tgroup>
</table>
</para>
2009-11-25 10:41:56 +00:00
<note >
<para >
Numbers +0 and -0 are not valid integers but validate as floats.
</para>
</note>
2009-03-12 21:09:00 +00:00
</section>
2010-03-24 14:07:53 +00:00
<!-- }}} -->
2009-03-12 21:09:00 +00:00
2010-03-24 14:07:53 +00:00
<!-- Sanitize filters: {{{ -->
2009-03-12 21:09:00 +00:00
<section xml:id= 'filter.filters.sanitize' >
<title > Sanitize filters</title>
<para >
<table >
<title > List of filters for sanitization</title>
<tgroup cols= "5" >
<thead >
<row >
<entry > ID</entry>
<entry > Name</entry>
<entry > Options</entry>
<entry > Flags</entry>
<entry > Description</entry>
</row>
</thead>
<tbody >
<row >
<entry > <constant > FILTER_SANITIZE_EMAIL</constant> </entry>
<entry > "email"</entry>
<entry > </entry>
<entry > </entry>
<entry >
Remove all characters except letters, digits and
<literal > !#$%& '*+-/=?^_`{|}~@.[]</literal> .
</entry>
</row>
<row >
<entry > <constant > FILTER_SANITIZE_ENCODED</constant> </entry>
<entry > "encoded"</entry>
<entry > </entry>
<entry >
<constant > FILTER_FLAG_STRIP_LOW</constant> ,
<constant > FILTER_FLAG_STRIP_HIGH</constant> ,
<constant > FILTER_FLAG_ENCODE_LOW</constant> ,
<constant > FILTER_FLAG_ENCODE_HIGH</constant>
</entry>
<entry > URL-encode string, optionally strip or encode special characters.</entry>
</row>
<row >
<entry > <constant > FILTER_SANITIZE_MAGIC_QUOTES</constant> </entry>
<entry > "magic_quotes"</entry>
<entry > </entry>
<entry > </entry>
<entry > Apply <function > addslashes</function> .</entry>
</row>
<row >
<entry > <constant > FILTER_SANITIZE_NUMBER_FLOAT</constant> </entry>
<entry > "number_float"</entry>
<entry > </entry>
<entry >
<constant > FILTER_FLAG_ALLOW_FRACTION</constant> ,
<constant > FILTER_FLAG_ALLOW_THOUSAND</constant> ,
<constant > FILTER_FLAG_ALLOW_SCIENTIFIC</constant>
</entry>
<entry >
Remove all characters except digits, <literal > +-</literal> and
optionally <literal > .,eE</literal> .
</entry>
</row>
<row >
<entry > <constant > FILTER_SANITIZE_NUMBER_INT</constant> </entry>
<entry > "number_int"</entry>
<entry > </entry>
<entry > </entry>
<entry >
Remove all characters except digits, plus and minus sign.
</entry>
</row>
<row >
<entry > <constant > FILTER_SANITIZE_SPECIAL_CHARS</constant> </entry>
<entry > "special_chars"</entry>
<entry > </entry>
<entry >
<constant > FILTER_FLAG_STRIP_LOW</constant> ,
<constant > FILTER_FLAG_STRIP_HIGH</constant> ,
<constant > FILTER_FLAG_ENCODE_HIGH</constant>
</entry>
<entry >
HTML-escape <literal > '"< > & </literal> and characters with
ASCII value less than 32, optionally strip or encode other special
characters.
</entry>
</row>
<row >
<entry > <constant > FILTER_SANITIZE_STRING</constant> </entry>
<entry > "string"</entry>
<entry > </entry>
<entry >
<constant > FILTER_FLAG_NO_ENCODE_QUOTES</constant> ,
<constant > FILTER_FLAG_STRIP_LOW</constant> ,
<constant > FILTER_FLAG_STRIP_HIGH</constant> ,
<constant > FILTER_FLAG_ENCODE_LOW</constant> ,
<constant > FILTER_FLAG_ENCODE_HIGH</constant> ,
<constant > FILTER_FLAG_ENCODE_AMP</constant>
</entry>
<entry > Strip tags, optionally strip or encode special characters.</entry>
</row>
<row >
<entry > <constant > FILTER_SANITIZE_STRIPPED</constant> </entry>
<entry > "stripped"</entry>
<entry > </entry>
<entry > </entry>
<entry > Alias of "string" filter.</entry>
</row>
<row >
<entry > <constant > FILTER_SANITIZE_URL</constant> </entry>
<entry > "url"</entry>
<entry > </entry>
<entry > </entry>
<entry >
Remove all characters except letters, digits and
<literal > $-_.+!*'(),{}|\\^~[]`< > #%";/?:@& =</literal> .
</entry>
</row>
<row >
<entry > <constant > FILTER_UNSAFE_RAW</constant> </entry>
<entry > "unsafe_raw"</entry>
<entry > </entry>
<entry >
<constant > FILTER_FLAG_STRIP_LOW</constant> ,
<constant > FILTER_FLAG_STRIP_HIGH</constant> ,
<constant > FILTER_FLAG_ENCODE_LOW</constant> ,
<constant > FILTER_FLAG_ENCODE_HIGH</constant> ,
<constant > FILTER_FLAG_ENCODE_AMP</constant>
</entry>
<entry > Do nothing, optionally strip or encode special characters.</entry>
</row>
</tbody>
</tgroup>
</table>
</para>
</section>
2010-03-24 14:07:53 +00:00
<!-- }}} -->
2009-03-12 21:09:00 +00:00
2010-03-24 14:07:53 +00:00
<!-- Other filters: {{{ -->
2009-03-12 21:09:00 +00:00
<section xml:id= 'filter.filters.misc' >
<title > Other filters</title>
<para >
<table >
<title > List of miscellaneous filters</title>
<tgroup cols= "5" >
<thead >
<row >
<entry > ID</entry>
<entry > Name</entry>
<entry > Options</entry>
<entry > Flags</entry>
<entry > Description</entry>
</row>
</thead>
<tbody >
<row >
<entry > <constant > FILTER_CALLBACK</constant> </entry>
<entry > "callback"</entry>
<entry > <type > callback</type> function or method</entry>
<entry > </entry>
<entry > Call user-defined function to filter data.</entry>
</row>
</tbody>
</tgroup>
</table>
</para>
</section>
2010-03-24 14:07:53 +00:00
<!-- }}} -->
<!-- Filter flags: {{{ -->
<section xml:id= "filter.filters.flags" >
<title > Filter flags</title>
<para >
<table >
<title > List of filter flags</title>
<tgroup cols= "3" >
<thead >
<row >
<entry > ID</entry>
<entry > Used with</entry>
<entry > Description</entry>
</row>
</thead>
<tbody >
<row >
<entry > <constant > FILTER_FLAG_STRIP_LOW</constant> </entry>
<entry >
<constant > FILTER_SANITIZE_ENCODED</constant> ,
<constant > FILTER_SANITIZE_SPECIAL_CHARS</constant> ,
<constant > FILTER_SANITIZE_STRING</constant> ,
<constant > FILTER_UNSAFE_RAW</constant>
</entry>
<entry >
Strips characters that has a numerical value < 32.
</entry>
</row>
<row >
<entry > <constant > FILTER_FLAG_STRIP_HIGH</constant> </entry>
<entry >
<constant > FILTER_SANITIZE_ENCODED</constant> ,
<constant > FILTER_SANITIZE_SPECIAL_CHARS</constant> ,
<constant > FILTER_SANITIZE_STRING</constant> ,
<constant > FILTER_UNSAFE_RAW</constant>
</entry>
<entry >
Strips characters that has a numerical value > 127.
</entry>
</row>
<row >
<entry > <constant > FILTER_FLAG_ALLOW_FRACTION</constant> </entry>
<entry >
<constant > FILTER_SANITIZE_NUMBER_FLOAT</constant>
</entry>
<entry >
Allows a period (<literal > .</literal> ) as a fractional separator in
numbers.
</entry>
</row>
<row >
<entry > <constant > FILTER_FLAG_ALLOW_THOUSAND</constant> </entry>
<entry >
<constant > FILTER_SANITIZE_NUMBER_FLOAT</constant> ,
<constant > FILTER_VALIDATE_FLOAT</constant>
</entry>
<entry >
Allows a comma (<literal > ,</literal> ) as a thousands separator in
numbers.
</entry>
</row>
<row >
<entry > <constant > FILTER_FLAG_ALLOW_SCIENTIFIC</constant> </entry>
<entry >
<constant > FILTER_SANITIZE_NUMBER_FLOAT</constant>
</entry>
<entry >
Allows an <literal > e</literal> or <literal > E</literal> for scientific
notation in numbers.
</entry>
</row>
<row >
<entry > <constant > FILTER_FLAG_NO_ENCODE_QUOTES</constant> </entry>
<entry >
<constant > FILTER_SANITIZE_STRING</constant>
</entry>
<entry >
If this flag is present, single (<literal > '</literal> ) and double
(<literal > "</literal> ) quotes will not be encoded.
</entry>
</row>
<row >
<entry > <constant > FILTER_FLAG_ENCODE_LOW</constant> </entry>
<entry >
<constant > FILTER_SANITIZE_ENCODED</constant> ,
<constant > FILTER_SANITIZE_STRING</constant> ,
<constant > FILTER_SANITIZE_RAW</constant>
</entry>
<entry >
Encodes all characters with a numerical value < 32.
</entry>
</row>
<row >
<entry > <constant > FILTER_FLAG_NO_ENCODE_HIGH</constant> </entry>
<entry >
<constant > FILTER_SANITIZE_ENCODED</constant> ,
<constant > FILTER_SANITIZE_SPECIAL_CHARS</constant> ,
<constant > FILTER_SANITIZE_STRING</constant> ,
<constant > FILTER_SANITIZE_RAW</constant>
</entry>
<entry >
Encodes all characters with a numerical value > 127.
</entry>
</row>
<row >
<entry > <constant > FILTER_FLAG_NO_ENCODE_AMP</constant> </entry>
<entry >
<constant > FILTER_SANITIZE_STRING</constant> ,
<constant > FILTER_SANITIZE_RAW</constant>
</entry>
<entry >
Encodes ampersands (<literal > & </literal> ).
</entry>
</row>
<row >
<entry > <constant > FILTER_NULL_ON_FAILURE</constant> </entry>
<entry >
<constant > FILTER_VALIDATE_BOOLEAN</constant>
</entry>
<entry >
Returns &null; for unrecognized boolean values.
</entry>
</row>
<row >
<entry > <constant > FILTER_FLAG_ALLOW_OCTAL</constant> </entry>
<entry >
<constant > FILTER_VALIDATE_INT</constant>
</entry>
<entry >
Regards inputs starting with a zero (<literal > 0</literal> ) as octal
2010-03-25 09:51:10 +00:00
numbers. This only allows the succeeding digits to be
2010-03-24 14:07:53 +00:00
<literal > 0-7</literal> .
</entry>
</row>
<row >
<entry > <constant > FILTER_FLAG_ALLOW_HEX</constant> </entry>
<entry >
<constant > FILTER_VALIDATE_INT</constant>
</entry>
<entry >
Regards inputs starting with <literal > 0x</literal> or
<literal > 0X</literal> as hexadecimal numbers. This only allows
2010-03-25 10:19:07 +00:00
succeeding characters to be <literal > a-fA-F0-9</literal> .
2010-03-24 14:07:53 +00:00
</entry>
</row>
<row >
<entry > <constant > FILTER_FLAG_IPV4</constant> </entry>
<entry >
<constant > FILTER_VALIDATE_IP</constant>
</entry>
<entry >
Allows the IP address to be in IPv4 format.
</entry>
</row>
<row >
<entry > <constant > FILTER_FLAG_IPV6</constant> </entry>
<entry >
<constant > FILTER_VALIDATE_IP</constant>
</entry>
<entry >
Allows the IP address to be in IPv6 format.
</entry>
</row>
<row >
<entry > <constant > FILTER_FLAG_NO_PRIV_RANGE</constant> </entry>
<entry >
<constant > FILTER_VALIDATE_IP</constant>
</entry>
<entry >
<para >
Fails validation for the following private IPv4 ranges:
<literal > 10.0.0.0/8</literal> , <literal > 172.16.0.0/12</literal> and
<literal > 192.168.0.0/16</literal> .
</para>
<para >
Fails validation for the IPv6 addresses starting with
<literal > FD</literal> or <literal > FC</literal> .
</para>
</entry>
</row>
<row >
<entry > <constant > FILTER_FLAG_NO_RES_RANGE</constant> </entry>
<entry >
<constant > FILTER_VALIDATE_IP</constant>
</entry>
<entry >
Fails validation for the following reserved IPv4 ranges:
<literal > 0.0.0.0/8</literal> , <literal > 169.254.0.0/16</literal> ,
<literal > 192.0.2.0/24</literal> and <literal > 224.0.0.0/4</literal> .
This flag does not apply to IPv6 addresses.
</entry>
</row>
<row >
<entry > <constant > FILTER_FLAG_PATH_REQUIRED</constant> </entry>
<entry >
<constant > FILTER_VALIDATE_URL</constant>
</entry>
<entry >
Requires the <acronym > URL</acronym> to contain a path part.
</entry>
</row>
<row >
<entry > <constant > FILTER_FLAG_QUERY_REQUIRED</constant> </entry>
<entry >
<constant > FILTER_VALIDATE_URL</constant>
</entry>
<entry >
Requires the <acronym > URL</acronym> to contain a query string.
</entry>
</row>
</tbody>
</tgroup>
</table>
</para>
</section>
<!-- }}} -->
2009-03-12 21:09:00 +00:00
</chapter>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
2009-09-25 07:04:39 +00:00
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
2009-03-12 21:09:00 +00:00
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
2010-03-24 14:07:53 +00:00
vim600: syn=xml fen fdm=marker fdl=2 si
2009-03-12 21:09:00 +00:00
vim: et tw=78 syn=sgml
vi: ts=1 sw=1
-->
